Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a05617-e808-4aed-be26-b87235b4d763/1/u2_vHJr1U8VSSIdAJjJCCHeFGnU.roa
File: u2_vHJr1U8VSSIdAJjJCCHeFGnU.roa (raw, json)
Hash identifier: 2NDEgGVAPjBj2ckWwhUYwk2kpQo8Fekes8DW+C60xZo=
Subject key identifier: BB:6F:EF:1C:9A:F5:53:C5:52:48:87:40:26:32:42:08:77:85:1A:75
Certificate issuer: /CN=cd55b425fecf79f09e074b2d6f3a616c7b685700
Certificate serial: 01856F82389632F47984B3451EEFAA01CF2D
Authority key identifier: CD:55:B4:25:FE:CF:79:F0:9E:07:4B:2D:6F:3A:61:6C:7B:68:57:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zVW0Jf7PefCeB0stbzphbHtoVwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a05617-e808-4aed-be26-b87235b4d763/1/u2_vHJr1U8VSSIdAJjJCCHeFGnU.roa
Signing time: Sun 01 Jan 2023 22:44:43 +0000
ROA not before: Sun 01 Jan 2023 22:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39007
IP address blocks: 86.100.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:38:96:32:f4:79:84:b3:45:1e:ef:aa:01:cf:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd55b425fecf79f09e074b2d6f3a616c7b685700
Validity
Not Before: Jan 1 22:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb6fef1c9af553c5524887402632420877851a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a5:1d:89:62:cc:41:84:3f:5e:54:96:66:b4:
cc:13:c7:3a:7d:fb:81:1e:47:40:d9:ec:07:eb:c1:
9e:59:e7:5d:f6:6c:17:5f:25:19:05:b2:19:b7:d9:
c9:6b:90:c8:f1:13:78:7a:79:34:05:34:ef:0a:f1:
fb:dc:77:39:62:c9:1f:2e:f5:ee:5a:a4:80:a6:6c:
ac:20:60:e1:7f:11:c7:f7:8e:a5:77:62:f5:b4:ce:
d6:3a:11:8a:62:24:a9:a0:30:60:09:b7:db:82:80:
68:da:55:f2:12:b1:b1:ab:0f:aa:4c:00:25:6c:08:
f6:2e:f3:8c:58:78:a9:85:72:76:bb:7f:8a:e0:d2:
3c:34:b3:f6:d4:dd:53:75:a0:f5:07:4b:f6:8e:6b:
33:19:83:d4:81:c4:1b:4b:c2:39:90:4b:20:b7:34:
43:bc:3e:bc:f4:84:ba:4b:8c:21:2d:8a:ec:6e:fd:
ec:bd:56:76:7f:63:ea:ef:9a:1c:15:a5:dc:1f:08:
f5:94:22:de:57:1e:4b:11:98:da:bf:56:1f:cc:8f:
c6:03:06:a3:9c:10:ba:73:6a:ea:48:e4:bd:be:06:
14:aa:b0:b7:13:f9:a1:d7:f9:9c:1f:1e:0b:14:52:
cf:fe:16:ec:0c:b2:c1:d1:d8:55:67:02:28:f6:67:
ec:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:6F:EF:1C:9A:F5:53:C5:52:48:87:40:26:32:42:08:77:85:1A:75
X509v3 Authority Key Identifier:
keyid:CD:55:B4:25:FE:CF:79:F0:9E:07:4B:2D:6F:3A:61:6C:7B:68:57:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zVW0Jf7PefCeB0stbzphbHtoVwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a05617-e808-4aed-be26-b87235b4d763/1/u2_vHJr1U8VSSIdAJjJCCHeFGnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a05617-e808-4aed-be26-b87235b4d763/1/zVW0Jf7PefCeB0stbzphbHtoVwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.100.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:cb:a3:5a:02:9a:8e:22:50:bd:10:3d:5e:d9:9f:d7:31:ba:
a6:7c:01:06:aa:84:64:6c:38:6a:90:71:c7:b4:8f:8b:db:01:
9e:17:1e:03:11:56:ee:12:1b:01:07:75:52:0f:59:96:06:36:
39:7a:19:05:26:c7:1c:9f:82:d0:a4:a7:9f:c1:32:da:3b:91:
52:d2:c6:b7:e4:e5:a9:3e:66:74:2b:76:8a:f4:8a:65:90:90:
45:13:02:82:ad:1b:69:4f:9a:1f:6b:34:86:5f:d6:4f:73:91:
47:42:27:b9:d3:8d:b2:de:a0:3a:dd:d4:52:f9:a1:75:1d:ff:
ac:2d:54:e3:2e:a9:df:f0:9e:c5:3b:50:e1:d6:25:25:bb:cf:
a9:01:ac:cf:5a:cf:b4:64:08:5b:8d:29:31:23:42:d8:66:38:
02:b5:ba:f4:47:5a:2c:94:63:09:09:f5:82:0c:c1:d9:0c:0a:
f1:ad:c4:59:c7:34:ef:c8:ed:02:a4:79:5b:83:03:4c:b6:2d:
c5:ef:0a:09:4c:ae:92:72:71:e7:2a:2a:ff:7b:69:0d:ef:95:
8b:83:63:46:0a:1f:95:23:32:93:d2:7d:27:ad:19:3b:89:eb:
fa:f4:93:8e:f4:98:a9:f1:38:67:ee:a7:1e:4d:02:5d:29:2e:
1c:7f:ff:47
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvgjiWMvR5hLNFHu+qAc8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNTViNDI1ZmVjZjc5ZjA5ZTA3NGIyZDZmM2E2MTZjN2I2
ODU3MDAwHhcNMjMwMTAxMjI0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjZmZWYxYzlhZjU1M2M1NTI0ODg3NDAyNjMyNDIwODc3ODUxYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaUdiWLMQYQ/XlSWZrTME8c6ffuB
HkdA2ewH68GeWedd9mwXXyUZBbIZt9nJa5DI8RN4enk0BTTvCvH73Hc5YskfLvXu
WqSApmysIGDhfxHH946ld2L1tM7WOhGKYiSpoDBgCbfbgoBo2lXyErGxqw+qTAAl
bAj2LvOMWHiphXJ2u3+K4NI8NLP21N1TdaD1B0v2jmszGYPUgcQbS8I5kEsgtzRD
vD689IS6S4whLYrsbv3svVZ2f2Pq75ocFaXcHwj1lCLeVx5LEZjav1YfzI/GAwaj
nBC6c2rqSOS9vgYUqrC3E/mh1/mcHx4LFFLP/hbsDLLB0dhVZwIo9mfsxwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLtv7xya9VPFUkiHQCYyQgh3hRp1MB8GA1UdIwQY
MBaAFM1VtCX+z3nwngdLLW86YWx7aFcAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelZXMEpmN1BlZkNlQjBzdGJ6cGhiSHRvVndBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hMDU2MTctZTgwOC00YWVkLWJlMjYt
Yjg3MjM1YjRkNzYzLzEvdTJfdkhKcjFVOFZTU0lkQUpqSkNDSGVGR25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hMDU2MTctZTgwOC00YWVkLWJlMjYtYjg3MjM1YjRkNzYz
LzEvelZXMEpmN1BlZkNlQjBzdGJ6cGhiSHRvVndBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAVmQwDQYJ
KoZIhvcNAQELBQADggEBAEjLo1oCmo4iUL0QPV7Zn9cxuqZ8AQaqhGRsOGqQcce0
j4vbAZ4XHgMRVu4SGwEHdVIPWZYGNjl6GQUmxxyfgtCkp5/BMto7kVLSxrfk5ak+
ZnQrdor0imWQkEUTAoKtG2lPmh9rNIZf1k9zkUdCJ7nTjbLeoDrd1FL5oXUd/6wt
VOMuqd/wnsU7UOHWJSW7z6kBrM9az7RkCFuNKTEjQthmOAK1uvRHWiyUYwkJ9YIM
wdkMCvGtxFnHNO/I7QKkeVuDA0y2LcXvCglMrpJycecqKv97aQ3vlYuDY0YKH5Uj
MpPSfSetGTuJ6/r0k470mKnxOGfupx5NAl0pLhx//0c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:43 2025 by rpki-client