Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/cg6xJhWUMAJrBJ8DqDBpfCx9OEA.roa
File: cg6xJhWUMAJrBJ8DqDBpfCx9OEA.roa (raw, json)
Hash identifier: bgvV8RVmTwNoLvwqgzEBYUjKhmfvwbbdSp9mUMNRgAY=
Subject key identifier: 72:0E:B1:26:15:94:30:02:6B:04:9F:03:A8:30:69:7C:2C:7D:38:40
Certificate issuer: /CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Certificate serial: 018A835F411C048430FF6E25547B592A00FB
Authority key identifier: 2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/cg6xJhWUMAJrBJ8DqDBpfCx9OEA.roa
Signing time: Mon 11 Sep 2023 08:32:52 +0000
ROA not before: Mon 11 Sep 2023 08:32:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3209
IP address blocks: 2.200.0.0/13 maxlen: 24
109.44.0.0/15 maxlen: 15
90.186.0.0/16 maxlen: 24
80.226.0.0/16 maxlen: 24
109.40.0.0/14 maxlen: 24
109.46.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:83:5f:41:1c:04:84:30:ff:6e:25:54:7b:59:2a:00:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Validity
Not Before: Sep 11 08:32:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=720eb126159430026b049f03a830697c2c7d3840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4b:04:60:4e:8d:2a:32:82:d4:5a:bc:f4:9c:
a5:6b:61:53:26:13:16:21:66:f6:4c:8f:62:0f:3d:
3b:2b:f8:3c:e2:f8:13:0e:97:d4:4e:a0:45:ea:b1:
3c:6b:96:ee:ed:9c:44:32:f4:d2:42:fd:33:ec:d7:
9e:49:6f:fa:5c:73:63:f7:7e:66:8a:32:26:0c:4f:
50:ed:45:9f:6a:0e:76:d7:c5:0c:03:49:08:d5:73:
b1:0c:1b:d1:ac:e8:21:07:0e:13:34:ac:70:46:18:
75:96:d2:3d:38:a7:4a:82:55:4a:54:81:60:9c:dd:
97:c0:2a:6b:53:4e:21:1f:b1:ac:6d:59:22:9e:49:
a7:a6:10:ad:3c:77:2b:f7:ac:ed:38:b4:0b:6c:f9:
5e:4e:22:f4:5a:03:13:1f:8d:53:29:5c:44:8f:15:
74:be:7e:29:09:33:4c:9b:81:07:81:b3:c5:1a:56:
55:26:f1:fe:81:bd:cc:23:3c:4a:c6:3a:9a:7d:03:
9c:c3:c4:88:95:c7:78:d2:83:b6:21:09:4b:45:64:
c3:fe:55:5d:e8:67:8c:a0:5c:3d:65:fc:16:70:4a:
63:73:b6:6b:40:18:6e:88:b5:7e:2f:f1:80:65:f7:
6b:87:9d:eb:03:a6:d5:74:87:b6:2d:d3:cd:54:4b:
ac:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0E:B1:26:15:94:30:02:6B:04:9F:03:A8:30:69:7C:2C:7D:38:40
X509v3 Authority Key Identifier:
keyid:2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/cg6xJhWUMAJrBJ8DqDBpfCx9OEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.200.0.0/13
80.226.0.0/16
90.186.0.0/16
109.40.0.0-109.46.255.255
Signature Algorithm: sha256WithRSAEncryption
a0:35:d4:ee:06:af:77:ab:89:f1:ad:c5:a4:dd:ae:81:44:99:
72:47:94:70:2c:53:cd:5d:0a:ca:3c:04:87:c2:c1:1b:fe:b9:
6e:3c:4a:e4:bd:0b:10:e5:40:d5:fa:37:2a:4a:eb:c4:dd:93:
cd:3c:88:3e:a2:bc:2d:d3:aa:15:7a:c6:60:5d:d6:52:cc:57:
36:74:00:5d:b9:23:54:6a:13:10:b2:fc:3a:e0:f4:c7:15:f6:
bd:fe:8e:e9:36:18:5b:04:9f:e8:2a:5a:c5:ff:9e:af:9f:26:
32:5d:78:ad:85:9c:da:8b:1a:73:aa:ae:f6:95:df:8a:68:54:
54:f2:db:c7:5b:4b:52:cd:95:70:dc:ba:0b:a3:70:c7:59:41:
3c:75:e6:26:31:7a:d7:6a:39:f7:1c:96:5d:0f:cd:9f:a5:4d:
00:3e:ec:06:a6:86:a8:53:3c:3b:e1:e9:74:a0:97:9c:88:94:
7a:8a:59:91:67:6b:96:99:10:f7:c5:45:0b:3c:d6:af:5e:9d:
de:01:b2:38:67:61:a8:77:1a:16:fa:b8:51:d9:90:55:12:62:
c1:0c:06:bd:b3:e8:e8:49:eb:86:43:89:22:4f:c5:f1:e5:a9:
7c:2a:f0:4e:7a:61:39:73:c8:02:93:9f:61:7c:e4:3c:5e:17:
63:7b:6e:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqDX0EcBIQw/24lVHtZKgD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNjk4YmFmOWZmM2VlZWJlNjYyODQ4ODlmYmY2ODlkNGU2
ODNjODEwHhcNMjMwOTExMDgzMjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBlYjEyNjE1OTQzMDAyNmIwNDlmMDNhODMwNjk3YzJjN2QzODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjksEYE6NKjKC1Fq89Jyla2FTJhMW
IWb2TI9iDz07K/g84vgTDpfUTqBF6rE8a5bu7ZxEMvTSQv0z7NeeSW/6XHNj935m
ijImDE9Q7UWfag5218UMA0kI1XOxDBvRrOghBw4TNKxwRhh1ltI9OKdKglVKVIFg
nN2XwCprU04hH7GsbVkinkmnphCtPHcr96ztOLQLbPleTiL0WgMTH41TKVxEjxV0
vn4pCTNMm4EHgbPFGlZVJvH+gb3MIzxKxjqafQOcw8SIlcd40oO2IQlLRWTD/lVd
6GeMoFw9ZfwWcEpjc7ZrQBhuiLV+L/GAZfdrh53rA6bVdIe2LdPNVEusqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHIOsSYVlDACawSfA6gwaXwsfThAMB8GA1UdIwQY
MBaAFC1pi6+f8+7r5mKEiJ+/aJ1OaDyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzkt
ZGZmNWEwOWE4MmNiLzEvY2c2eEpoV1VNQUpyQko4RHFEQnBmQ3g5T0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzktZGZmNWEwOWE4MmNi
LzEvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbAwMDAsgDAwBQ
4gMDAFq6MAoDAwNtKAMDAG0uMA0GCSqGSIb3DQEBCwUAA4IBAQCgNdTuBq93q4nx
rcWk3a6BRJlyR5RwLFPNXQrKPASHwsEb/rluPErkvQsQ5UDV+jcqSuvE3ZPNPIg+
orwt06oVesZgXdZSzFc2dABduSNUahMQsvw64PTHFfa9/o7pNhhbBJ/oKlrF/56v
nyYyXXithZzaixpzqq72ld+KaFRU8tvHW0tSzZVw3LoLo3DHWUE8deYmMXrXajn3
HJZdD82fpU0APuwGpoaoUzw74el0oJeciJR6ilmRZ2uWmRD3xUULPNavXp3eAbI4
Z2GodxoW+rhR2ZBVEmLBDAa9s+joSeuGQ4kiT8Xx5al8KvBOemE5c8gCk59hfOQ8
Xhdje257
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:08 2025 by rpki-client