Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/9v5PhHMN6A2S6iWkFI3wThtXhZ4.roa
File: 9v5PhHMN6A2S6iWkFI3wThtXhZ4.roa (raw, json)
Hash identifier: XQjTnhXyb1CAxfDjEQK1pHPhYYFaUZjbm2oKXr7sRPs=
Subject key identifier: F6:FE:4F:84:73:0D:E8:0D:92:EA:25:A4:14:8D:F0:4E:1B:57:85:9E
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B8CFBFBDE7A2651513AD63001779A
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/9v5PhHMN6A2S6iWkFI3wThtXhZ4.roa
Signing time: Sun 01 Jan 2023 22:54:54 +0000
ROA not before: Sun 01 Jan 2023 22:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48648
IP address blocks: 195.12.56.0/22 maxlen: 22
91.211.120.0/24 maxlen: 24
91.198.233.0/24 maxlen: 24
2a0a:2c0:2::/48 maxlen: 48
2a0a:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8c:fb:fb:de:7a:26:51:51:3a:d6:30:01:77:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6fe4f84730de80d92ea25a4148df04e1b57859e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:63:74:88:51:6b:3d:d0:b7:a6:11:c5:5e:
7d:81:63:53:5f:95:9d:e9:ba:18:35:6f:b5:64:e6:
3d:62:76:14:13:a7:ed:47:00:b9:ab:6f:a5:84:51:
7f:ad:0c:0a:8e:73:00:9e:4d:9a:5c:f8:57:7e:c4:
65:6d:21:58:c5:1f:f5:a3:c9:94:a6:01:51:33:77:
45:62:31:34:aa:50:a4:7d:9c:f3:6b:0f:6b:02:78:
29:fe:6f:65:cb:66:4c:63:ab:d5:fb:49:0c:67:08:
12:a5:6c:a9:87:88:47:2d:39:22:a4:6a:41:67:20:
2f:dc:44:49:3d:9c:0c:83:0d:4e:49:2d:c3:56:7d:
6b:e9:33:23:73:c6:f7:d5:69:16:06:65:5e:f1:22:
db:7a:ca:af:bd:9a:3c:34:26:9f:b5:8c:fa:95:a3:
ac:4a:5d:62:29:08:00:59:ee:44:9e:10:b7:e8:1a:
32:40:41:b5:d7:93:f3:64:1f:e8:77:43:33:2b:27:
bb:e2:bc:6f:2b:22:7f:fe:d0:f4:14:99:66:ec:45:
c7:57:89:a3:61:4c:4f:e0:43:c6:57:a0:91:7a:93:
53:4b:3a:b0:54:9a:c0:7d:aa:b9:a7:f5:5d:9d:96:
c2:14:f6:20:8f:32:ca:52:19:31:fa:14:c5:ae:89:
2e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FE:4F:84:73:0D:E8:0D:92:EA:25:A4:14:8D:F0:4E:1B:57:85:9E
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/9v5PhHMN6A2S6iWkFI3wThtXhZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.233.0/24
91.211.120.0/24
195.12.56.0/22
IPv6:
2a0a:2c0::/48
2a0a:2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
48:6e:94:3f:ef:5a:01:6e:15:8a:a4:be:0e:1b:1b:1a:be:81:
83:68:1e:8c:89:46:de:14:39:01:ba:e7:e4:92:ff:3d:c8:0c:
f3:2a:00:12:8c:08:b9:be:8c:c5:04:79:94:e2:d2:6a:bc:c0:
1e:fb:e7:37:46:bb:d0:25:59:b1:df:b3:ac:d0:05:df:b8:de:
9d:9c:ad:82:8e:d5:20:35:cb:c8:e1:da:9c:55:15:22:39:02:
3f:1b:05:1f:e0:32:d4:92:5a:5a:34:ee:4b:6b:95:31:3d:03:
85:6b:5c:08:17:01:91:41:da:65:d7:cc:9e:02:97:d9:1b:6b:
fd:0f:a7:c4:40:4b:60:e5:ca:bc:ea:9d:00:a7:4c:46:d0:0e:
7a:ed:33:fd:5b:7f:11:9f:31:1e:91:85:21:c3:1c:15:b5:07:
e0:2b:db:09:a3:68:f3:bb:4e:5a:83:63:8d:08:6f:40:44:cc:
26:40:fd:93:4f:54:77:0f:27:91:5e:ae:2d:dd:7f:4d:18:f4:
9d:bb:0d:6a:f4:19:8b:fb:7c:fa:41:92:bc:c1:ba:f5:d6:ff:
c0:26:33:6d:95:82:9d:4e:2e:41:41:0d:be:9b:46:b8:49:02:
f8:6d:50:c7:83:1a:71:1e:9f:6d:71:3a:91:ec:10:5d:6c:e1:
4f:1e:b2:0b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvi4z7+956JlFROtYwAXeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmZlNGY4NDczMGRlODBkOTJlYTI1YTQxNDhkZjA0ZTFiNTc4NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHdjdIhRaz3Qt6YRxV59gWNTX5Wd
6boYNW+1ZOY9YnYUE6ftRwC5q2+lhFF/rQwKjnMAnk2aXPhXfsRlbSFYxR/1o8mU
pgFRM3dFYjE0qlCkfZzzaw9rAngp/m9ly2ZMY6vV+0kMZwgSpWyph4hHLTkipGpB
ZyAv3ERJPZwMgw1OSS3DVn1r6TMjc8b31WkWBmVe8SLbesqvvZo8NCaftYz6laOs
Sl1iKQgAWe5EnhC36BoyQEG115PzZB/od0MzKye74rxvKyJ//tD0FJlm7EXHV4mj
YUxP4EPGV6CRepNTSzqwVJrAfaq5p/VdnZbCFPYgjzLKUhkx+hTFrokuXwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPb+T4RzDegNkuolpBSN8E4bV4WeMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvOXY1UGhITU42QTJTNmlXa0ZJM3dUaHRYaFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAW8bpAwQA
W9N4AwQCwww4MBgEAgACMBIDBwAqCgLAAAADBwAqCgLAAAIwDQYJKoZIhvcNAQEL
BQADggEBAEhulD/vWgFuFYqkvg4bGxq+gYNoHoyJRt4UOQG65+SS/z3IDPMqABKM
CLm+jMUEeZTi0mq8wB775zdGu9AlWbHfs6zQBd+43p2crYKO1SA1y8jh2pxVFSI5
Aj8bBR/gMtSSWlo07ktrlTE9A4VrXAgXAZFB2mXXzJ4Cl9kba/0Pp8RAS2Dlyrzq
nQCnTEbQDnrtM/1bfxGfMR6RhSHDHBW1B+Ar2wmjaPO7TlqDY40Ib0BEzCZA/ZNP
VHcPJ5Feri3df00Y9J27DWr0GYv7fPpBkrzBuvXW/8AmM22Vgp1OLkFBDb6bRrhJ
AvhtUMeDGnEen21xOpHsEF1s4U8esgs=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:15 2025 by rpki-client