Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/P6F3rgJym123_fjPVgfbAPMFjZE.roa
File: P6F3rgJym123_fjPVgfbAPMFjZE.roa (raw, json)
Hash identifier: fU3o2m0tb5Cq8KfZCNSAo5joD2eTyggRQ97lVZH0teI=
Subject key identifier: 3F:A1:77:AE:02:72:9B:5D:B7:FD:F8:CF:56:07:DB:00:F3:05:8D:91
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0831B9C0
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/P6F3rgJym123_fjPVgfbAPMFjZE.roa
Signing time: Sat 01 Jan 2022 04:58:52 +0000
ROA not before: Sat 01 Jan 2022 04:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33823
IP address blocks: 212.87.200.0/22 maxlen: 24
89.39.203.0/24 maxlen: 24
95.214.38.0/23 maxlen: 24
193.168.186.0/24 maxlen: 24
2a0e:4844::/32 maxlen: 48
2a0e:4840::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137476544 (0x831b9c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 04:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fa177ae02729b5db7fdf8cf5607db00f3058d91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f5:64:39:18:34:b6:5c:8a:b9:a0:73:32:ac:
bd:3a:b7:97:07:a6:1f:76:48:df:8f:63:06:5c:1f:
59:9c:a4:b0:9b:8f:8e:05:09:6f:8e:3c:99:9b:5c:
06:89:ea:29:34:46:38:33:6d:a0:78:d8:bb:8d:93:
c2:69:85:d8:7a:76:20:d3:d0:42:d9:be:68:99:47:
30:64:6f:1b:64:b4:d4:bd:77:15:52:a8:bf:92:4c:
48:41:99:85:66:64:de:80:7f:4c:04:a6:70:aa:d4:
0b:41:3f:e4:0a:6d:61:98:0c:11:42:fa:6b:9c:12:
a6:45:61:fd:fa:e1:c4:6a:81:43:b5:b1:92:f9:01:
93:d5:9e:c1:8e:f6:35:d7:b7:bf:99:2a:21:04:34:
6c:4f:f9:03:68:db:38:9b:44:a0:31:72:ef:57:53:
9e:f6:92:9f:64:e1:36:e9:e3:04:a4:df:c5:2f:0e:
0b:5b:f1:4d:b9:a7:1c:4d:4f:90:19:9f:d9:32:1d:
bc:2a:27:67:4a:fe:58:35:de:ea:8e:5c:09:13:c2:
b1:ca:75:83:d6:46:f5:0d:b1:a9:70:38:97:9c:36:
bf:8f:07:5d:a6:5b:ae:a5:9b:fc:c2:42:83:72:b3:
5c:38:d7:dd:08:66:6e:37:58:79:b5:f1:ae:a1:6e:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A1:77:AE:02:72:9B:5D:B7:FD:F8:CF:56:07:DB:00:F3:05:8D:91
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/P6F3rgJym123_fjPVgfbAPMFjZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.203.0/24
95.214.38.0/23
193.168.186.0/24
212.87.200.0/22
IPv6:
2a0e:4840::/32
2a0e:4844::/32
Signature Algorithm: sha256WithRSAEncryption
3a:09:0d:8b:a0:de:81:73:e1:4a:2c:33:a2:1c:e7:98:9d:d8:
67:0f:5b:ae:1b:3c:b0:59:9c:d6:f5:2b:9c:86:81:d5:df:35:
18:db:b5:a0:9b:1b:f6:ea:b6:31:34:fe:14:e4:c9:a6:27:c5:
b8:70:7b:78:5d:49:3b:cc:66:d0:fe:1d:99:c7:e1:fe:79:2b:
ad:3c:13:1f:f9:0c:85:25:a0:05:7e:19:27:4c:83:ab:9b:a6:
6c:e0:9c:f9:6b:0d:ca:04:32:a3:dc:42:14:af:72:99:19:d8:
64:72:e1:ba:83:02:99:7a:48:24:82:fd:d8:df:64:c9:2b:a1:
07:05:4b:84:cf:ab:25:91:df:a0:12:83:b2:51:43:df:a6:e6:
72:f4:e2:ec:68:05:3b:ca:2d:aa:71:12:f9:ad:7a:c5:55:ed:
ba:25:cb:4c:bd:8c:11:25:15:c7:82:3b:cc:dc:07:ee:04:d0:
53:d2:0f:3e:a5:17:8d:c7:36:da:67:45:93:a6:61:ef:79:b3:
6d:95:a3:63:55:fd:e3:71:c0:f1:b6:79:a4:ef:9d:ec:1d:24:
41:c5:31:b9:61:b0:e8:d3:ba:84:b2:31:76:a3:57:6f:a7:5c:
5b:a9:4f:9d:ae:e8:c4:7b:9e:7a:6a:57:cf:1e:4c:1a:7c:26:
f6:bf:68:68
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECDG5wDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjgyMzA5YTY4MTQ2NzhhZDcyZTNmMzFhNGZlMDI3MmY0MGJkOTg2MB4XDTIyMDEw
MTA0NTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZhMTc3YWUwMjcy
OWI1ZGI3ZmRmOGNmNTYwN2RiMDBmMzA1OGQ5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv1ZDkYNLZcirmgczKsvTq3lwemH3ZI349jBlwfWZyksJuP
jgUJb448mZtcBonqKTRGODNtoHjYu42TwmmF2Hp2INPQQtm+aJlHMGRvG2S01L13
FVKov5JMSEGZhWZk3oB/TASmcKrUC0E/5AptYZgMEUL6a5wSpkVh/frhxGqBQ7Wx
kvkBk9WewY72Nde3v5kqIQQ0bE/5A2jbOJtEoDFy71dTnvaSn2ThNunjBKTfxS8O
C1vxTbmnHE1PkBmf2TIdvConZ0r+WDXe6o5cCRPCscp1g9ZG9Q2xqXA4l5w2v48H
XaZbrqWb/MJCg3KzXDjX3QhmbjdYebXxrqFu/98CAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQ/oXeuAnKbXbf9+M9WB9sA8wWNkTAfBgNVHSMEGDAWgBT/gjCaaBRnitcu
PzGk/gJy9AvZhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L180SXdtbWdVWjRyWExqOHhwUDRDY3ZRTDJZWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvOWZhODNkLWIyYTMtNDVlNC04NDk5LWY1MjU4MTY0MDJiZC8x
L1A2RjNyZ0p5bTEyM19malBWZ2ZiQVBNRmpaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
OWZhODNkLWIyYTMtNDVlNC04NDk5LWY1MjU4MTY0MDJiZC8xL180SXdtbWdVWjRy
WExqOHhwUDRDY3ZRTDJZWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAFknywMEAV/WJgMEAMGougMEAtRX
yDAUBAIAAjAOAwUAKg5IQAMFACoOSEQwDQYJKoZIhvcNAQELBQADggEBADoJDYug
3oFz4UosM6Ic55id2GcPW64bPLBZnNb1K5yGgdXfNRjbtaCbG/bqtjE0/hTkyaYn
xbhwe3hdSTvMZtD+HZnH4f55K608Ex/5DIUloAV+GSdMg6ubpmzgnPlrDcoEMqPc
QhSvcpkZ2GRy4bqDApl6SCSC/djfZMkroQcFS4TPqyWR36ASg7JRQ9+m5nL04uxo
BTvKLapxEvmtesVV7boly0y9jBElFceCO8zcB+4E0FPSDz6lF43HNtpnRZOmYe95
s22Vo2NV/eNxwPG2eaTvnewdJEHFMblhsOjTuoSyMXajV2+nXFupT52u6MR7nnpq
V88eTBp8Jva/aGg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:46 2025 by rpki-client