Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/6g7-Qa8yZqg_QpPser6kTsGM9GY.roa
File: 6g7-Qa8yZqg_QpPser6kTsGM9GY.roa (raw, json)
Hash identifier: kVcHgnVxlJN+HtVYV06bpRkAfnF1UnoZ08fX7ItG18E=
Subject key identifier: EA:0E:FE:41:AF:32:66:A8:3F:42:93:EC:7A:BE:A4:4E:C1:8C:F4:66
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B8C39C4A64FD12DF230FDD10CA9A2
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/6g7-Qa8yZqg_QpPser6kTsGM9GY.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44006
IP address blocks: 194.28.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8c:39:c4:a6:4f:d1:2d:f2:30:fd:d1:0c:a9:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea0efe41af3266a83f4293ec7abea44ec18cf466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:23:da:57:b5:03:e0:c8:8e:e8:75:5b:7d:9f:
07:e5:9d:85:6d:38:25:cb:5a:55:34:20:02:7d:42:
8d:8e:8f:8d:6a:ec:e9:39:19:1a:38:b1:5b:8c:56:
d0:e4:c5:6a:09:a8:87:63:4c:9b:a7:4c:4e:e4:f0:
55:9d:4e:a8:8c:b5:8c:cd:31:e8:15:e5:7f:f1:e2:
c2:8e:d2:55:36:c0:a9:29:82:ed:9c:54:2a:c8:43:
c9:ee:f1:49:11:6f:d4:5e:a8:97:c5:3b:b3:0b:e0:
12:40:b4:bb:24:a4:de:c1:4a:7d:40:fa:87:3b:4b:
e7:74:c8:bb:0e:f5:f6:d1:09:08:ca:34:1e:3e:c0:
d9:f5:de:30:83:0f:4a:b8:1c:15:92:30:d9:0d:67:
d3:9b:66:31:31:10:b7:b0:91:c4:b7:cc:c2:51:bd:
b4:ab:1a:f2:3d:43:ae:1d:f7:e1:3a:db:f3:e5:fa:
60:8c:05:5e:28:3b:ec:d9:59:aa:cd:29:b0:39:e6:
5f:e5:9e:ed:cb:55:d1:f0:a5:ea:4b:c5:28:71:0b:
30:69:09:0a:e0:da:b8:63:ad:e1:e6:fa:1c:6b:88:
db:d4:74:df:ed:82:3f:08:f5:de:3e:2f:1e:6d:75:
29:a9:05:fb:9a:8a:66:c7:f4:28:f7:4f:ca:e9:01:
36:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0E:FE:41:AF:32:66:A8:3F:42:93:EC:7A:BE:A4:4E:C1:8C:F4:66
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/6g7-Qa8yZqg_QpPser6kTsGM9GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.100.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:31:f5:09:ae:d8:e1:aa:c9:96:6c:00:5d:b6:6a:61:a3:f7:
b9:d5:93:97:92:bb:32:ed:e9:36:a6:36:4f:b7:64:9d:2b:32:
9c:88:5f:f0:c7:5a:42:29:0e:12:d1:5d:8f:e6:b2:ac:73:ef:
6c:4d:ab:c4:f6:c1:a9:31:32:e1:b6:66:44:8b:fc:d0:99:e3:
8a:3f:86:c3:d9:28:d4:2e:cf:e5:67:3f:4e:91:b1:ce:57:eb:
67:a5:87:96:27:a3:ff:1c:28:8f:15:58:1f:c3:8f:47:e4:5e:
79:2a:94:d1:05:9e:e3:96:65:66:d6:5f:e5:89:de:74:e5:33:
1b:99:f0:06:54:cb:a1:dd:0e:d0:91:0f:ad:51:89:67:c2:76:
13:d3:fc:de:76:29:e8:63:22:cf:a9:f2:5b:b3:8d:6c:25:b0:
10:b0:3d:19:14:52:43:bb:77:a5:6b:b3:19:fa:7b:8b:bd:57:
19:4c:bb:9b:94:9f:c5:d3:3c:a1:88:34:e4:ca:b3:46:ce:f2:
0b:7f:1a:10:60:23:9e:68:4b:df:a9:5c:5c:65:1f:17:4b:bc:
8e:bc:e8:bd:fe:98:44:93:2d:9d:83:2a:5c:96:04:12:86:47:
c4:83:32:fd:8b:37:97:b2:c4:63:53:53:6c:27:87:a5:90:78:
59:4b:67:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi4w5xKZP0S3yMP3RDKmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBlZmU0MWFmMzI2NmE4M2Y0MjkzZWM3YWJlYTQ0ZWMxOGNmNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyPaV7UD4MiO6HVbfZ8H5Z2FbTgl
y1pVNCACfUKNjo+NauzpORkaOLFbjFbQ5MVqCaiHY0ybp0xO5PBVnU6ojLWMzTHo
FeV/8eLCjtJVNsCpKYLtnFQqyEPJ7vFJEW/UXqiXxTuzC+ASQLS7JKTewUp9QPqH
O0vndMi7DvX20QkIyjQePsDZ9d4wgw9KuBwVkjDZDWfTm2YxMRC3sJHEt8zCUb20
qxryPUOuHffhOtvz5fpgjAVeKDvs2VmqzSmwOeZf5Z7ty1XR8KXqS8UocQswaQkK
4Nq4Y63h5voca4jb1HTf7YI/CPXePi8ebXUpqQX7mopmx/Qo90/K6QE2fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOoO/kGvMmaoP0KT7Hq+pE7BjPRmMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvNmc3LVFhOHlacWdfUXBQc2VyNmtUc0dNOUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhxkMA0G
CSqGSIb3DQEBCwUAA4IBAQCLMfUJrtjhqsmWbABdtmpho/e51ZOXkrsy7ek2pjZP
t2SdKzKciF/wx1pCKQ4S0V2P5rKsc+9sTavE9sGpMTLhtmZEi/zQmeOKP4bD2SjU
Ls/lZz9OkbHOV+tnpYeWJ6P/HCiPFVgfw49H5F55KpTRBZ7jlmVm1l/lid505TMb
mfAGVMuh3Q7QkQ+tUYlnwnYT0/zedinoYyLPqfJbs41sJbAQsD0ZFFJDu3ela7MZ
+nuLvVcZTLublJ/F0zyhiDTkyrNGzvILfxoQYCOeaEvfqVxcZR8XS7yOvOi9/phE
ky2dgypclgQShkfEgzL9izeXssRjU1NsJ4elkHhZS2ek
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:29:18 2025 by rpki-client