Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/9pKCSSHr3Gx6naHn3Ye7pdvptm0.roa
File: 9pKCSSHr3Gx6naHn3Ye7pdvptm0.roa (raw, json)
Hash identifier: cEIBqHF9Gy8jwIFDkJgiEk82b6erq1nr3epjDz2zCvo=
Subject key identifier: F6:92:82:49:21:EB:DC:6C:7A:9D:A1:E7:DD:87:BB:A5:DB:E9:B6:6D
Certificate issuer: /CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Certificate serial: 018649FDC2785F69F343258037566F8F649F
Authority key identifier: E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/9pKCSSHr3Gx6naHn3Ye7pdvptm0.roa
Signing time: Mon 13 Feb 2023 08:56:52 +0000
ROA not before: Mon 13 Feb 2023 08:56:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211251
IP address blocks: 213.171.64.0/23 maxlen: 23
213.171.66.0/24 maxlen: 24
213.171.66.0/23 maxlen: 23
213.171.67.0/24 maxlen: 24
213.171.68.0/23 maxlen: 23
213.171.74.0/24 maxlen: 24
213.171.75.0/24 maxlen: 24
79.98.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:fd:c2:78:5f:69:f3:43:25:80:37:56:6f:8f:64:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4984f8f36ebf9f8f54c12174f463664d7b23aee
Validity
Not Before: Feb 13 08:56:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f692824921ebdc6c7a9da1e7dd87bba5dbe9b66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:e2:04:81:63:32:ed:e4:2e:58:44:87:6e:
45:a2:9b:32:cc:7e:bd:36:b9:2c:c4:88:22:a1:69:
b8:98:a1:11:0b:a0:d4:17:6f:85:bf:8c:46:41:a2:
28:6e:c1:92:c0:97:18:3a:a9:3e:9f:67:23:8e:9a:
3e:0f:12:b4:97:b8:7f:b8:95:1a:29:93:b0:9b:be:
4f:af:9d:87:d9:99:62:61:4a:d4:56:35:e9:22:da:
58:e6:ea:f0:9d:b1:49:fc:fc:85:ec:14:5e:57:c4:
bb:ac:63:7e:61:41:99:b9:3d:7d:8e:75:a8:f8:15:
df:3e:ca:e8:77:5e:09:e1:48:ea:d7:9a:c2:01:08:
c5:91:52:fd:c2:54:1d:a0:c6:b5:d7:0c:a6:f8:72:
75:40:fc:2b:fc:eb:35:46:50:e6:96:a9:7b:86:72:
b6:2b:bf:21:38:17:aa:fd:f7:91:1a:b8:e1:28:7d:
3a:df:22:77:ab:4e:0e:4c:18:b9:e8:6a:1f:8f:d7:
38:a9:3f:42:58:e3:d9:b6:23:9e:6a:e3:61:85:fe:
2a:6b:00:45:76:15:b7:2c:59:60:f3:7f:26:d9:c5:
1b:a3:68:99:7c:6b:78:36:6e:2f:29:41:84:42:9c:
06:1b:84:b5:e0:ad:ab:7a:21:06:93:91:a0:2b:dd:
1a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:92:82:49:21:EB:DC:6C:7A:9D:A1:E7:DD:87:BB:A5:DB:E9:B6:6D
X509v3 Authority Key Identifier:
keyid:E4:98:4F:8F:36:EB:F9:F8:F5:4C:12:17:4F:46:36:64:D7:B2:3A:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/9pKCSSHr3Gx6naHn3Ye7pdvptm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/57d908-207d-497c-ab18-de7be1e5c776/1/5JhPjzbr-fj1TBIXT0Y2ZNeyOu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.176.0/22
213.171.64.0-213.171.69.255
213.171.74.0/23
Signature Algorithm: sha256WithRSAEncryption
64:52:5d:92:e8:05:04:e1:c5:ef:99:45:2f:c3:c8:78:f5:c4:
b4:1f:79:af:7d:d7:9b:2d:84:fc:c5:be:d9:39:c8:e3:d3:5e:
34:e3:18:6d:68:71:de:30:1d:4e:18:11:56:ed:a9:60:1f:8b:
fc:28:3b:dc:41:5e:5b:50:e9:6d:64:0c:82:0c:11:af:68:9a:
8f:df:e6:14:64:7a:96:7b:b7:95:f3:0a:34:b3:3a:84:d1:6a:
c7:c6:47:59:a3:a0:3e:8e:7d:12:5e:2e:6a:cf:cd:ea:e2:12:
ac:61:c6:20:41:e7:52:a0:f7:84:77:bb:62:ac:e7:23:91:63:
6a:f3:30:5b:f5:87:95:40:3e:b4:60:27:cc:3d:bd:ca:6e:a6:
5c:29:58:df:d6:5f:63:76:bf:d3:89:02:f9:96:2f:aa:bc:e2:
db:64:b5:e0:01:0d:98:bb:3d:94:a0:8d:b3:bc:c7:eb:98:52:
7b:95:b7:f8:77:91:c0:c1:94:fd:b6:3d:2e:59:3e:73:c8:3d:
44:bf:32:96:de:a5:69:21:5a:52:93:b4:1e:d3:ab:db:39:16:
14:d2:ca:01:5a:fe:8f:fa:a0:3c:20:26:ed:7e:39:b9:0f:5b:
b3:4e:61:bb:86:e7:cc:c6:c2:2b:11:1c:37:ea:3f:27:29:59:
e0:b7:f6:16
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYZJ/cJ4X2nzQyWAN1Zvj2SfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0OTg0ZjhmMzZlYmY5ZjhmNTRjMTIxNzRmNDYzNjY0ZDdi
MjNhZWUwHhcNMjMwMjEzMDg1NjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkyODI0OTIxZWJkYzZjN2E5ZGExZTdkZDg3YmJhNWRiZTliNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaPiBIFjMu3kLlhEh25FopsyzH69
NrksxIgioWm4mKERC6DUF2+Fv4xGQaIobsGSwJcYOqk+n2cjjpo+DxK0l7h/uJUa
KZOwm75Pr52H2ZliYUrUVjXpItpY5urwnbFJ/PyF7BReV8S7rGN+YUGZuT19jnWo
+BXfPsrod14J4Ujq15rCAQjFkVL9wlQdoMa11wym+HJ1QPwr/Os1RlDmlql7hnK2
K78hOBeq/feRGrjhKH063yJ3q04OTBi56Gofj9c4qT9CWOPZtiOeauNhhf4qawBF
dhW3LFlg838m2cUbo2iZfGt4Nm4vKUGEQpwGG4S14K2reiEGk5GgK90afQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPaSgkkh69xsep2h592Hu6Xb6bZtMB8GA1UdIwQY
MBaAFOSYT4826/n49UwSF09GNmTXsjruMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgt
ZGU3YmUxZTVjNzc2LzEvOXBLQ1NTSHIzR3g2bmFIbjNZZTdwZHZwdG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81N2Q5MDgtMjA3ZC00OTdjLWFiMTgtZGU3YmUxZTVjNzc2
LzEvNUpoUGp6YnItZmoxVEJJWFQwWTJaTmV5T3U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCT2KwMAwD
BAbVq0ADBAHVq0QDBAHVq0owDQYJKoZIhvcNAQELBQADggEBAGRSXZLoBQThxe+Z
RS/DyHj1xLQfea9915sthPzFvtk5yOPTXjTjGG1ocd4wHU4YEVbtqWAfi/woO9xB
XltQ6W1kDIIMEa9omo/f5hRkepZ7t5XzCjSzOoTRasfGR1mjoD6OfRJeLmrPzeri
EqxhxiBB51Kg94R3u2Ks5yORY2rzMFv1h5VAPrRgJ8w9vcpuplwpWN/WX2N2v9OJ
AvmWL6q84ttkteABDZi7PZSgjbO8x+uYUnuVt/h3kcDBlP22PS5ZPnPIPUS/Mpbe
pWkhWlKTtB7Tq9s5FhTSygFa/o/6oDwgJu1+ObkPW7NOYbuG58zGwisRHDfqPycp
WeC39hY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:03:14 2025 by rpki-client