Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/b8HD0F6K3gFvVQhlMUHkxPcWptI.roa
File: b8HD0F6K3gFvVQhlMUHkxPcWptI.roa (raw, json)
Hash identifier: ZJIToodG22+S/FpmMdYB/mGfz9qi/O/i1qYXdhBPn30=
Subject key identifier: 6F:C1:C3:D0:5E:8A:DE:01:6F:55:08:65:31:41:E4:C4:F7:16:A6:D2
Certificate issuer: /CN=ae209c92646ae342caa5d46dc1d3735a0d2e7b14
Certificate serial: 05B9C2
Authority key identifier: AE:20:9C:92:64:6A:E3:42:CA:A5:D4:6D:C1:D3:73:5A:0D:2E:7B:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/riCckmRq40LKpdRtwdNzWg0uexQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/b8HD0F6K3gFvVQhlMUHkxPcWptI.roa
Signing time: Fri 21 Jan 2022 11:54:45 +0000
ROA not before: Fri 21 Jan 2022 11:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58188
IP address blocks: 193.27.42.0/24 maxlen: 24
91.193.244.0/22 maxlen: 22
91.193.244.0/24 maxlen: 24
91.193.245.0/24 maxlen: 24
91.193.246.0/24 maxlen: 24
91.193.247.0/24 maxlen: 24
2a0e:9ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375234 (0x5b9c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae209c92646ae342caa5d46dc1d3735a0d2e7b14
Validity
Not Before: Jan 21 11:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6fc1c3d05e8ade016f5508653141e4c4f716a6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e2:e7:8c:d5:2c:d8:a3:de:c8:fe:5d:12:a0:
4e:1e:c8:9b:cd:cf:af:09:be:ca:be:68:ce:3b:e3:
df:3f:a3:0d:2f:66:bd:7e:e2:eb:3f:cb:03:49:bf:
80:2e:59:65:cb:a4:92:6f:3b:73:5d:1f:63:74:5c:
df:c6:65:70:75:bf:7b:bf:ff:e0:e1:df:68:92:6a:
86:01:d6:fc:f0:18:3f:17:50:ce:f6:2b:3b:c3:98:
98:84:45:38:08:47:a9:1b:41:2a:e9:f9:10:79:a3:
fa:82:23:9f:a6:29:a4:3c:89:a2:7f:68:75:d0:a7:
16:bc:dc:6a:ff:bc:a9:60:de:cc:90:7f:7b:fc:2d:
08:fe:b3:92:3b:34:14:cd:99:f4:ee:b0:03:86:0d:
13:f2:b7:7d:07:06:1b:28:46:d7:bd:fb:d5:04:8a:
4b:b8:69:57:4c:f4:f3:db:0c:0d:8f:bc:73:50:13:
60:d2:b2:1e:14:f5:7d:2b:0e:ad:5c:ce:07:86:1a:
7a:72:78:8d:23:6f:30:3c:99:ad:fc:48:c2:04:29:
ba:bd:bd:55:62:15:11:5c:c7:b8:01:88:c6:53:df:
20:b6:9e:e0:fa:09:da:b1:1c:c5:64:1d:ff:90:9c:
1b:f7:6e:7f:fd:88:bf:f5:15:df:a4:c1:a4:1d:0d:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C1:C3:D0:5E:8A:DE:01:6F:55:08:65:31:41:E4:C4:F7:16:A6:D2
X509v3 Authority Key Identifier:
keyid:AE:20:9C:92:64:6A:E3:42:CA:A5:D4:6D:C1:D3:73:5A:0D:2E:7B:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riCckmRq40LKpdRtwdNzWg0uexQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/b8HD0F6K3gFvVQhlMUHkxPcWptI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3f3a30-3e64-4380-a148-e0a23da5e628/1/riCckmRq40LKpdRtwdNzWg0uexQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.244.0/22
193.27.42.0/24
IPv6:
2a0e:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
10:d7:f6:d7:58:6d:57:c8:58:65:58:c3:b9:23:4d:b8:0f:34:
e3:b1:99:bd:ee:b3:d0:61:f7:10:b3:5b:a4:47:5e:c0:96:98:
dd:6e:cf:be:2d:f8:b2:45:66:ea:02:64:fa:b5:77:8e:c3:24:
96:3e:d3:ee:f0:e1:00:c9:50:f8:44:7c:19:26:03:7f:02:cd:
1f:aa:43:e3:60:71:ce:b7:44:4f:9c:d4:7d:f2:2c:95:db:cd:
94:1f:c3:63:1d:2c:20:a5:d6:a8:1f:92:75:c5:65:66:49:97:
b6:45:5e:14:b3:61:dd:fa:15:80:03:55:7d:7c:57:ce:45:de:
f6:bb:70:21:eb:15:d0:28:57:0c:d1:32:31:60:0a:40:9f:65:
4e:33:a9:97:85:be:a6:7a:c9:1e:ca:ae:2e:ce:4c:f8:e6:73:
18:51:61:1c:6a:8a:94:db:9a:e5:2c:98:ee:6a:5c:a3:1a:6e:
87:83:68:35:33:f8:ca:d8:d4:57:31:65:1e:65:58:b6:5e:c4:
e6:b8:ea:96:a7:ef:cb:3d:9e:97:8a:77:cc:88:7c:7e:de:41:
a7:7e:e8:a7:f1:67:84:c6:45:d2:5c:1f:9c:14:59:37:a0:38:
f0:8c:ad:f3:85:26:62:7a:ae:fa:f7:ce:7a:cf:e2:2a:88:b7:
bf:e9:5c:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDBbnCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFl
MjA5YzkyNjQ2YWUzNDJjYWE1ZDQ2ZGMxZDM3MzVhMGQyZTdiMTQwHhcNMjIwMTIx
MTE1NDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZmMxYzNkMDVlOGFk
ZTAxNmY1NTA4NjUzMTQxZTRjNGY3MTZhNmQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA3OLnjNUs2KPeyP5dEqBOHsibzc+vCb7KvmjOO+PfP6MNL2a9
fuLrP8sDSb+ALllly6SSbztzXR9jdFzfxmVwdb97v//g4d9okmqGAdb88Bg/F1DO
9is7w5iYhEU4CEepG0Eq6fkQeaP6giOfpimkPImif2h10KcWvNxq/7ypYN7MkH97
/C0I/rOSOzQUzZn07rADhg0T8rd9BwYbKEbXvfvVBIpLuGlXTPTz2wwNj7xzUBNg
0rIeFPV9Kw6tXM4Hhhp6cniNI28wPJmt/EjCBCm6vb1VYhURXMe4AYjGU98gtp7g
+gnasRzFZB3/kJwb925//Yi/9RXfpMGkHQ1eywIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFG/Bw9Beit4Bb1UIZTFB5MT3FqbSMB8GA1UdIwQYMBaAFK4gnJJkauNCyqXU
bcHTc1oNLnsUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cmlDY2ttUnE0MExLcGRSdHdkTnpXZzB1ZXhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iMC8zZjNhMzAtM2U2NC00MzgwLWExNDgtZTBhMjNkYTVlNjI4LzEv
YjhIRDBGNkszZ0Z2VlFobE1VSGt4UGNXcHRJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8z
ZjNhMzAtM2U2NC00MzgwLWExNDgtZTBhMjNkYTVlNjI4LzEvcmlDY2ttUnE0MExL
cGRSdHdkTnpXZzB1ZXhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8H0AwQAwRsqMA0EAgACMAcDBQAq
DprAMA0GCSqGSIb3DQEBCwUAA4IBAQAQ1/bXWG1XyFhlWMO5I024DzTjsZm97rPQ
YfcQs1ukR17Alpjdbs++LfiyRWbqAmT6tXeOwySWPtPu8OEAyVD4RHwZJgN/As0f
qkPjYHHOt0RPnNR98iyV282UH8NjHSwgpdaoH5J1xWVmSZe2RV4Us2Hd+hWAA1V9
fFfORd72u3Ah6xXQKFcM0TIxYApAn2VOM6mXhb6meskeyq4uzkz45nMYUWEcaoqU
25rlLJjualyjGm6Hg2g1M/jK2NRXMWUeZVi2XsTmuOqWp+/LPZ6XinfMiHx+3kGn
fuin8WeExkXSXB+cFFk3oDjwjK3zhSZieq769856z+IqiLe/6VzS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:09 2025 by rpki-client