Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/6Nw2ULchGtee-w4aPCX85eeOaLs.roa
File: 6Nw2ULchGtee-w4aPCX85eeOaLs.roa (raw, json)
Hash identifier: jdxvEFJYaR2Y3CCYM/iMsZs6Qi7eGzK+d9OuPa/ShCI=
Subject key identifier: E8:DC:36:50:B7:21:1A:D7:9E:FB:0E:1A:3C:25:FC:E5:E7:8E:68:BB
Certificate issuer: /CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Certificate serial: 018B04D0A2F158FDEE6ECBFB5595C9B6E944
Authority key identifier: 3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/6Nw2ULchGtee-w4aPCX85eeOaLs.roa
Signing time: Fri 06 Oct 2023 11:47:43 +0000
ROA not before: Fri 06 Oct 2023 11:47:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 194.31.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:d0:a2:f1:58:fd:ee:6e:cb:fb:55:95:c9:b6:e9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Validity
Not Before: Oct 6 11:47:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8dc3650b7211ad79efb0e1a3c25fce5e78e68bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0d:5c:65:80:25:45:20:b5:2b:56:53:94:63:
e7:1f:7d:ff:43:86:27:57:74:6f:6c:ff:e4:ac:bc:
3f:6d:56:ef:d5:8b:64:75:8b:93:48:8c:7e:83:ff:
75:28:09:1f:11:c0:f1:60:ca:06:65:6e:cd:2b:d5:
62:d1:00:7b:2a:97:60:9f:ea:d9:b0:0d:ab:08:7e:
23:7b:8d:d2:4b:25:65:58:27:e4:ad:1b:ef:93:a0:
7f:3f:20:87:5d:5a:2a:31:ac:29:98:17:dc:5b:87:
dd:3c:b4:5f:fc:00:f1:7e:44:38:c9:2a:2c:b7:9e:
67:a4:88:48:06:60:ea:33:bd:d0:32:c3:ab:82:45:
b7:7c:19:d0:eb:a0:8a:23:d3:57:3d:7c:39:77:6c:
23:6a:dc:0e:76:ce:29:68:32:32:0d:1c:c7:a2:c9:
02:93:33:9a:ba:53:e1:16:1f:34:f7:d1:a7:ac:1d:
c7:84:7a:22:29:fe:5a:19:8f:93:14:55:6a:2f:81:
3e:4e:c9:cf:cd:83:b0:85:02:fb:f3:52:1e:f6:3d:
88:b4:37:1c:cf:b7:2b:09:9d:fc:8e:6a:b8:b4:64:
fc:b1:fb:15:2d:58:65:9f:ed:87:b2:df:52:d3:37:
97:4f:fe:03:c1:73:ab:22:e4:9f:27:79:1f:07:21:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DC:36:50:B7:21:1A:D7:9E:FB:0E:1A:3C:25:FC:E5:E7:8E:68:BB
X509v3 Authority Key Identifier:
keyid:3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/6Nw2ULchGtee-w4aPCX85eeOaLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.11.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:c2:03:c5:f6:b0:88:30:24:91:e4:9d:82:2e:60:c7:cf:bc:
9e:45:ae:6e:21:00:98:ca:62:24:01:4c:5e:5b:da:51:d1:7d:
c6:0b:f0:ca:db:10:6d:67:f1:f9:42:55:48:f8:34:e2:9f:9b:
58:9a:3f:e2:96:a3:3a:ac:45:22:50:8f:09:9a:be:71:23:46:
c8:94:34:b6:a3:43:24:8e:b4:14:45:49:b9:4e:71:54:99:d1:
7a:fe:58:23:18:80:ad:e5:31:70:98:56:0a:c6:90:df:27:57:
52:cc:7f:c0:0a:f4:f0:21:cd:ed:0a:28:6f:4c:ab:5a:15:3c:
f2:c9:30:fb:b6:5b:02:84:37:4e:8e:7a:fc:1c:8b:bd:1e:e4:
6d:bc:a5:6b:05:7e:e1:fa:00:3c:b4:70:4f:24:de:66:95:29:
9c:2a:8b:63:af:4d:e1:f3:14:60:ec:01:80:fe:de:6d:bc:16:
6f:7d:31:9b:ea:40:00:52:17:8c:b4:da:fb:e3:e5:e1:0c:93:
e4:4a:ae:84:bb:80:cc:94:4d:c1:83:80:88:d0:87:a0:72:39:
37:ae:b0:5c:79:a1:81:4e:fa:f7:3f:23:62:73:26:01:c2:24:
84:6c:e2:7f:68:2f:5e:e6:7c:fb:71:39:89:13:90:b1:0e:9e:
bf:be:b3:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsE0KLxWP3ubsv7VZXJtulEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZlMjRjZmMwMGQyMmY0ZWZhMzlhNDIxZGFmYjdiYjFk
YTRiODMwHhcNMjMxMDA2MTE0NzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRjMzY1MGI3MjExYWQ3OWVmYjBlMWEzYzI1ZmNlNWU3OGU2OGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A1cZYAlRSC1K1ZTlGPnH33/Q4Yn
V3RvbP/krLw/bVbv1YtkdYuTSIx+g/91KAkfEcDxYMoGZW7NK9Vi0QB7Kpdgn+rZ
sA2rCH4je43SSyVlWCfkrRvvk6B/PyCHXVoqMawpmBfcW4fdPLRf/ADxfkQ4ySos
t55npIhIBmDqM73QMsOrgkW3fBnQ66CKI9NXPXw5d2wjatwOds4paDIyDRzHoskC
kzOaulPhFh8099GnrB3HhHoiKf5aGY+TFFVqL4E+TsnPzYOwhQL781Ie9j2ItDcc
z7crCZ38jmq4tGT8sfsVLVhln+2Hst9S0zeXT/4DwXOrIuSfJ3kfByHGLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOjcNlC3IRrXnvsOGjwl/OXnjmi7MB8GA1UdIwQY
MBaAFD224kz8ANIvTvo5pCHa+3ux2kuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUt
OTM4MGU1Y2MwNTgwLzEvNk53MlVMY2hHdGVlLXc0YVBDWDg1ZWVPYUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUtOTM4MGU1Y2MwNTgw
LzEvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh8LMA0G
CSqGSIb3DQEBCwUAA4IBAQDHwgPF9rCIMCSR5J2CLmDHz7yeRa5uIQCYymIkAUxe
W9pR0X3GC/DK2xBtZ/H5QlVI+DTin5tYmj/ilqM6rEUiUI8Jmr5xI0bIlDS2o0Mk
jrQURUm5TnFUmdF6/lgjGICt5TFwmFYKxpDfJ1dSzH/ACvTwIc3tCihvTKtaFTzy
yTD7tlsChDdOjnr8HIu9HuRtvKVrBX7h+gA8tHBPJN5mlSmcKotjr03h8xRg7AGA
/t5tvBZvfTGb6kAAUheMtNr74+XhDJPkSq6Eu4DMlE3Bg4CI0Iegcjk3rrBceaGB
Tvr3PyNicyYBwiSEbOJ/aC9e5nz7cTmJE5CxDp6/vrMl
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:31 2025 by rpki-client