Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/noFfAO63-Kqdtl5DUw1ubQay_MM.roa
File: noFfAO63-Kqdtl5DUw1ubQay_MM.roa (raw, json)
Hash identifier: 2ECt8zrbYcKZkcLFkqaaFuEB7+xYy5s79WrCwSWbuys=
Subject key identifier: 9E:81:5F:00:EE:B7:F8:AA:9D:B6:5E:43:53:0D:6E:6D:06:B2:FC:C3
Certificate issuer: /CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Certificate serial: 01887B6933D080D04145223F98A850889C7E
Authority key identifier: 47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/noFfAO63-Kqdtl5DUw1ubQay_MM.roa
Signing time: Fri 02 Jun 2023 09:21:11 +0000
ROA not before: Fri 02 Jun 2023 09:21:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208097
IP address blocks: 84.38.245.0/24 maxlen: 24
192.122.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:69:33:d0:80:d0:41:45:22:3f:98:a8:50:88:9c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Validity
Not Before: Jun 2 09:21:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e815f00eeb7f8aa9db65e43530d6e6d06b2fcc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:80:cc:c6:20:47:a6:86:80:dc:42:f1:5d:27:
3c:2c:e1:af:39:a6:9b:54:06:ce:0f:c9:2d:d4:09:
d5:aa:fb:52:35:48:db:d5:f5:2c:c3:79:a6:30:6d:
76:15:7f:dd:d9:1e:7f:d5:77:7c:eb:37:df:22:26:
6e:a7:71:c4:83:6e:de:19:7a:4a:36:b5:9a:a7:3b:
d9:98:77:87:6d:c8:66:da:c2:e9:c0:fa:8c:92:2a:
80:c5:27:ce:20:5b:be:bd:68:e9:5c:95:f6:bf:0d:
04:83:37:8b:ff:b8:e9:af:f3:7c:e2:25:b3:ee:ae:
89:fa:c1:e4:71:af:4a:d7:7e:7f:ef:32:63:5c:9e:
8e:b7:fd:dc:df:47:b8:e7:9d:86:c6:dd:17:ef:9f:
30:b6:ba:e6:2b:cf:18:92:3b:2c:58:2c:d6:2b:5f:
4c:b5:1e:10:30:68:7a:25:2d:b2:30:29:c3:10:fb:
64:e5:3b:0e:25:d5:d1:9c:11:94:6e:7e:7e:9a:60:
02:65:53:a9:57:dc:92:1e:a5:05:f3:5b:3c:06:43:
c4:fb:f3:8a:15:67:f4:6a:3b:cd:a6:93:46:76:e9:
fe:4c:49:53:b3:3b:55:d7:97:b8:fe:6e:cf:36:b2:
23:e2:ed:a6:db:9e:99:11:96:2b:59:c4:c8:2f:b6:
45:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:81:5F:00:EE:B7:F8:AA:9D:B6:5E:43:53:0D:6E:6D:06:B2:FC:C3
X509v3 Authority Key Identifier:
keyid:47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/noFfAO63-Kqdtl5DUw1ubQay_MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.245.0/24
192.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:70:55:87:2e:c2:5f:7f:53:49:fc:dc:88:1d:75:c5:80:a1:
03:a1:e8:1c:7d:82:11:c1:9f:41:c6:cd:ac:d2:87:6d:d6:08:
f3:6e:e5:87:a5:af:e1:e3:e1:a8:6d:08:e9:ee:5a:99:54:06:
c9:d4:c7:0d:57:f1:f5:59:71:f3:86:c2:fe:a0:dc:a4:ba:40:
38:91:ad:26:c1:ba:d0:d0:73:ec:15:30:88:f1:2b:5d:23:ac:
39:c2:ef:c5:b9:8e:42:b6:e2:9f:8e:eb:4f:97:a0:c9:dc:ad:
82:83:30:10:d5:f1:2e:0d:22:c0:ec:1e:09:1a:95:68:f7:de:
1c:16:4e:03:04:2c:8d:39:cf:0e:9f:57:56:e0:8f:ec:77:66:
e8:3b:55:d2:46:24:04:20:17:f4:c9:60:8c:f0:ae:19:ca:ac:
bd:06:cd:b0:12:56:09:21:85:a1:fd:90:e4:e3:60:a7:92:e6:
08:50:ec:ca:22:06:48:43:6f:29:70:c7:27:1c:8a:32:76:82:
6b:bc:31:e9:c3:a9:32:e1:a8:ec:7f:5d:80:a8:e5:36:5b:29:
f2:0a:a9:8b:66:a7:28:9a:b2:62:34:1c:bf:e7:2d:c0:cf:1e:
d1:ac:b6:3c:7b:40:95:24:af:71:f4:23:65:97:c0:56:44:e2:
a9:45:27:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh7aTPQgNBBRSI/mKhQiJx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcwNTRkNjU2MTUzZDJkNTVhZGQ4YjlkZmUzZjZkMTM3
YWQyN2UwHhcNMjMwNjAyMDkyMTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTgxNWYwMGVlYjdmOGFhOWRiNjVlNDM1MzBkNmU2ZDA2YjJmY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYDMxiBHpoaA3ELxXSc8LOGvOaab
VAbOD8kt1AnVqvtSNUjb1fUsw3mmMG12FX/d2R5/1Xd86zffIiZup3HEg27eGXpK
NrWapzvZmHeHbchm2sLpwPqMkiqAxSfOIFu+vWjpXJX2vw0EgzeL/7jpr/N84iWz
7q6J+sHkca9K135/7zJjXJ6Ot/3c30e4552Gxt0X758wtrrmK88YkjssWCzWK19M
tR4QMGh6JS2yMCnDEPtk5TsOJdXRnBGUbn5+mmACZVOpV9ySHqUF81s8BkPE+/OK
FWf0ajvNppNGdun+TElTsztV15e4/m7PNrIj4u2m256ZEZYrWcTIL7ZFCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ6BXwDut/iqnbZeQ1MNbm0GsvzDMB8GA1UdIwQY
MBaAFEe3BU1lYVPS1Vrdi53+P20TetJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYt
MGZkODYyZGEzYWUxLzEvbm9GZkFPNjMtS3FkdGw1RFV3MXViUWF5X01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYtMGZkODYyZGEzYWUx
LzEvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCb1AwQA
wHr9MA0GCSqGSIb3DQEBCwUAA4IBAQAvcFWHLsJff1NJ/NyIHXXFgKEDoegcfYIR
wZ9Bxs2s0odt1gjzbuWHpa/h4+GobQjp7lqZVAbJ1McNV/H1WXHzhsL+oNykukA4
ka0mwbrQ0HPsFTCI8StdI6w5wu/FuY5CtuKfjutPl6DJ3K2CgzAQ1fEuDSLA7B4J
GpVo994cFk4DBCyNOc8On1dW4I/sd2boO1XSRiQEIBf0yWCM8K4Zyqy9Bs2wElYJ
IYWh/ZDk42CnkuYIUOzKIgZIQ28pcMcnHIoydoJrvDHpw6ky4ajsf12AqOU2Wyny
CqmLZqcomrJiNBy/5y3Azx7RrLY8e0CVJK9x9CNll8BWROKpRSej
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:53 2025 by rpki-client