Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/a204a5-1950-4b44-ac90-81a2b347da84/1/pM8j44QT90YWCDOq6hBr6kodXS0.roa
File: pM8j44QT90YWCDOq6hBr6kodXS0.roa (raw, json)
Hash identifier: vtcAdCPBw3aRq8MUEO45Hod7DYLavdYUYkKkYNhbn1U=
Subject key identifier: A4:CF:23:E3:84:13:F7:46:16:08:33:AA:EA:10:6B:EA:4A:1D:5D:2D
Certificate issuer: /CN=be84ae7c0503ac450934c9f6cff39a1537a5126d
Certificate serial: 018572BA51952EE29A7562B5C80B0B161999
Authority key identifier: BE:84:AE:7C:05:03:AC:45:09:34:C9:F6:CF:F3:9A:15:37:A5:12:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/voSufAUDrEUJNMn2z_OaFTelEm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/a204a5-1950-4b44-ac90-81a2b347da84/1/pM8j44QT90YWCDOq6hBr6kodXS0.roa
Signing time: Mon 02 Jan 2023 13:44:51 +0000
ROA not before: Mon 02 Jan 2023 13:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45021
IP address blocks: 86.104.228.0/24 maxlen: 24
2a12:8e40:5668::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:51:95:2e:e2:9a:75:62:b5:c8:0b:0b:16:19:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be84ae7c0503ac450934c9f6cff39a1537a5126d
Validity
Not Before: Jan 2 13:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4cf23e38413f746160833aaea106bea4a1d5d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:37:74:cd:d4:8d:7c:e1:ec:82:c7:42:34:
27:2e:ae:5b:5d:1c:a4:61:a3:e2:c0:f4:4f:80:12:
1a:10:30:2e:99:5a:df:5f:2d:09:0d:43:9d:91:5d:
8e:87:a5:58:bd:86:eb:bf:d5:62:9d:9f:c5:96:ff:
86:45:0e:2e:1b:94:b2:83:4d:12:18:12:61:17:35:
46:74:17:12:8d:da:46:1f:af:c7:33:87:9b:6f:95:
98:c6:ac:a9:cc:66:05:47:f0:68:d5:38:1d:c5:f0:
43:53:bc:7a:3c:58:08:c6:5b:be:bc:0d:ec:69:fa:
e2:7b:04:55:08:c2:b9:67:2e:0f:6a:7a:9a:5e:d3:
bc:df:7a:f4:c1:34:13:7b:1e:e4:53:ba:eb:60:db:
58:c9:14:03:f9:fe:0f:2c:b1:2e:5b:88:96:4b:b2:
cd:8a:89:4c:e9:68:79:a3:af:3a:4a:0c:c7:6c:e1:
34:05:9b:26:f4:e3:9b:d6:75:b1:64:af:f3:ac:ef:
73:21:fc:b5:b9:cb:85:b9:0d:5c:65:a7:69:68:6d:
22:c8:ff:44:c9:52:75:e8:85:2e:00:0b:4b:0f:81:
bd:08:4e:2b:e3:c4:99:b0:41:45:bd:45:6c:cf:49:
77:ea:36:19:c0:cc:0a:58:fb:b0:ec:a4:a5:6b:73:
61:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:CF:23:E3:84:13:F7:46:16:08:33:AA:EA:10:6B:EA:4A:1D:5D:2D
X509v3 Authority Key Identifier:
keyid:BE:84:AE:7C:05:03:AC:45:09:34:C9:F6:CF:F3:9A:15:37:A5:12:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/voSufAUDrEUJNMn2z_OaFTelEm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a204a5-1950-4b44-ac90-81a2b347da84/1/pM8j44QT90YWCDOq6hBr6kodXS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/a204a5-1950-4b44-ac90-81a2b347da84/1/voSufAUDrEUJNMn2z_OaFTelEm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.228.0/24
IPv6:
2a12:8e40:5668::/48
Signature Algorithm: sha256WithRSAEncryption
07:a9:4a:1b:13:48:d8:e7:63:07:18:15:da:6a:15:0e:8a:c4:
01:2b:ef:0b:fb:65:cc:a0:b4:81:4c:43:22:a9:8d:ff:2e:3e:
92:23:c7:df:3e:03:1e:9a:ff:f6:9d:2c:30:c5:23:ef:35:d9:
15:4a:2f:83:4b:e6:2a:0c:59:0f:de:eb:f7:1e:ca:c2:56:ba:
04:d2:5e:cf:44:51:23:1c:79:70:7c:39:78:6d:5d:0f:c4:15:
c8:52:e0:c9:e5:42:b6:74:f4:6a:b3:84:24:ad:5b:cf:41:0d:
3c:8a:45:d3:98:7f:35:2f:4c:53:a8:a3:a9:83:50:5f:de:cf:
98:b9:5f:86:6c:e1:d5:0e:6d:6c:b1:15:6b:57:1e:c2:68:64:
51:21:51:a0:86:a6:1e:3c:72:e1:fa:28:06:c2:87:9f:9a:f8:
2f:06:a4:f9:71:3a:49:05:7f:1c:23:ec:ed:55:9e:cc:16:3c:
48:c9:4a:bd:ea:9d:5a:40:37:81:49:6b:c2:39:5f:be:e6:e8:
15:28:98:4a:7c:7d:de:d0:b3:cd:07:df:24:0c:fc:a9:7e:ec:
69:50:39:e3:d8:46:13:0b:a6:65:f6:e6:1a:39:f3:dd:e7:f0:
8a:a9:76:af:6a:13:d4:60:d8:39:a4:15:f9:61:a5:26:d6:a1:
96:51:04:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyulGVLuKadWK1yAsLFhmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlODRhZTdjMDUwM2FjNDUwOTM0YzlmNmNmZjM5YTE1Mzdh
NTEyNmQwHhcNMjMwMTAyMTM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGNmMjNlMzg0MTNmNzQ2MTYwODMzYWFlYTEwNmJlYTRhMWQ1ZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Jk3dM3UjXzh7ILHQjQnLq5bXRyk
YaPiwPRPgBIaEDAumVrfXy0JDUOdkV2Oh6VYvYbrv9VinZ/Flv+GRQ4uG5Syg00S
GBJhFzVGdBcSjdpGH6/HM4ebb5WYxqypzGYFR/Bo1TgdxfBDU7x6PFgIxlu+vA3s
afriewRVCMK5Zy4PanqaXtO833r0wTQTex7kU7rrYNtYyRQD+f4PLLEuW4iWS7LN
iolM6Wh5o686SgzHbOE0BZsm9OOb1nWxZK/zrO9zIfy1ucuFuQ1cZadpaG0iyP9E
yVJ16IUuAAtLD4G9CE4r48SZsEFFvUVsz0l36jYZwMwKWPuw7KSla3NhiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKTPI+OEE/dGFggzquoQa+pKHV0tMB8GA1UdIwQY
MBaAFL6ErnwFA6xFCTTJ9s/zmhU3pRJtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm9TdWZBVURyRVVKTk1uMnpfT2FGVGVsRW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hMjA0YTUtMTk1MC00YjQ0LWFjOTAt
ODFhMmIzNDdkYTg0LzEvcE04ajQ0UVQ5MFlXQ0RPcTZoQnI2a29kWFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hMjA0YTUtMTk1MC00YjQ0LWFjOTAtODFhMmIzNDdkYTg0
LzEvdm9TdWZBVURyRVVKTk1uMnpfT2FGVGVsRW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVmjkMA8E
AgACMAkDBwAqEo5AVmgwDQYJKoZIhvcNAQELBQADggEBAAepShsTSNjnYwcYFdpq
FQ6KxAEr7wv7ZcygtIFMQyKpjf8uPpIjx98+Ax6a//adLDDFI+812RVKL4NL5ioM
WQ/e6/ceysJWugTSXs9EUSMceXB8OXhtXQ/EFchS4MnlQrZ09GqzhCStW89BDTyK
RdOYfzUvTFOoo6mDUF/ez5i5X4Zs4dUObWyxFWtXHsJoZFEhUaCGph48cuH6KAbC
h5+a+C8GpPlxOkkFfxwj7O1VnswWPEjJSr3qnVpAN4FJa8I5X77m6BUomEp8fd7Q
s80H3yQM/Kl+7GlQOePYRhMLpmX25ho5893n8Iqpdq9qE9Rg2DmkFflhpSbWoZZR
BEg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:23 2025 by rpki-client