Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/8vFkEkWZbP1iHls7Wu0-ZUxyIi8.roa
File: 8vFkEkWZbP1iHls7Wu0-ZUxyIi8.roa (raw, json)
Hash identifier: O0hsFIVv0rFmJM5F4zRVPsb53fuNie1OknS3bV214CA=
Subject key identifier: F2:F1:64:12:45:99:6C:FD:62:1E:5B:3B:5A:ED:3E:65:4C:72:22:2F
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 018B292255FF380F4BC8EBEE8AAF7531ECED
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/8vFkEkWZbP1iHls7Wu0-ZUxyIi8.roa
Signing time: Fri 13 Oct 2023 13:03:17 +0000
ROA not before: Fri 13 Oct 2023 13:03:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202228
IP address blocks: 94.240.60.0/24 maxlen: 24
94.240.60.0/23 maxlen: 23
94.240.61.0/24 maxlen: 24
91.106.26.0/23 maxlen: 23
91.106.26.0/24 maxlen: 24
91.106.27.0/24 maxlen: 24
94.240.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:22:55:ff:38:0f:4b:c8:eb:ee:8a:af:75:31:ec:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Oct 13 13:03:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2f1641245996cfd621e5b3b5aed3e654c72222f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:47:e4:ef:d8:f5:1a:28:79:4c:40:26:c7:eb:
2e:1f:fe:85:d1:1e:b8:29:42:e1:55:31:ba:26:42:
14:3d:dc:73:d6:f9:c5:eb:20:ab:bd:95:b6:8c:3f:
16:fb:43:75:94:0c:28:01:98:93:5a:42:56:83:52:
31:fc:49:7f:82:21:cf:d6:46:7f:10:e6:7c:36:d3:
10:93:af:77:e0:d8:87:e6:3e:58:a7:0a:bb:8a:92:
eb:e1:4d:b6:47:71:db:a0:6c:c7:8c:22:72:fe:5e:
f9:d9:1c:32:53:d7:9e:82:87:61:0f:9a:88:50:7f:
f4:f2:bc:db:00:ad:f5:a2:ca:aa:8c:b4:d1:87:cb:
0b:7a:14:36:1a:15:bc:39:84:68:fb:79:47:d3:2d:
34:9a:c7:b2:59:bf:00:e9:1a:43:bd:ed:6b:4b:de:
2b:a4:b7:ed:c3:86:0f:aa:14:7a:a9:b2:8a:c0:68:
0d:3e:af:22:42:5a:dc:6f:8e:b9:3c:ec:87:6f:d3:
79:40:dc:a0:b7:2a:07:50:bd:ae:22:1f:8a:f6:64:
a6:ed:f5:bf:db:2d:b9:85:f2:ad:24:47:28:5d:00:
62:f9:de:9e:47:12:20:8a:d9:e7:05:9f:8b:42:74:
da:63:07:ed:c8:85:c9:6e:58:86:20:bb:38:87:41:
db:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F1:64:12:45:99:6C:FD:62:1E:5B:3B:5A:ED:3E:65:4C:72:22:2F
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/8vFkEkWZbP1iHls7Wu0-ZUxyIi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.26.0/23
94.240.16.0/22
94.240.60.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e6:88:80:d6:04:7b:39:a1:b2:25:bb:b3:3a:55:e0:ba:d4:
55:6a:cb:b0:dc:b4:34:9b:a1:f5:6b:89:c5:4a:6b:e4:8e:38:
67:0a:32:2f:aa:8b:ab:60:80:99:54:85:0a:ca:84:3a:ea:b4:
a6:ab:1f:77:a1:93:83:05:f8:28:92:e4:ae:09:c5:79:94:e7:
f0:c8:d5:1a:27:b4:1c:7d:d5:6e:8d:0e:c6:a6:39:2f:1d:e2:
87:4c:8b:1f:f7:81:e4:71:ab:fe:c5:54:90:35:f7:f6:eb:7d:
59:b3:27:b1:4f:e8:20:4b:89:55:ce:dd:08:3e:6b:ad:6a:59:
14:61:ee:99:9d:50:62:45:5c:2f:2c:c7:4c:1c:22:c7:da:20:
8e:ad:53:3b:a5:a9:15:4f:74:83:5f:78:ba:0c:75:c9:6b:40:
b7:84:73:fb:41:8b:51:31:e9:8b:29:f8:8d:ff:74:f1:6f:06:
cf:bb:a0:b4:33:00:00:eb:ad:fa:38:1b:fb:e1:87:28:b5:ec:
22:ac:57:a8:84:86:84:9b:c7:b2:74:52:7d:d8:6a:69:fe:2a:
5d:20:bd:76:20:12:be:51:2d:49:cd:97:da:b0:7c:21:3b:0e:
c6:e9:eb:05:8b:b1:99:72:d3:94:da:7a:77:55:00:18:70:b5:
4f:98:09:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYspIlX/OA9LyOvuiq91MeztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjMxMDEzMTMwMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmYxNjQxMjQ1OTk2Y2ZkNjIxZTViM2I1YWVkM2U2NTRjNzIyMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEfk79j1Gih5TEAmx+suH/6F0R64
KULhVTG6JkIUPdxz1vnF6yCrvZW2jD8W+0N1lAwoAZiTWkJWg1Ix/El/giHP1kZ/
EOZ8NtMQk6934NiH5j5Ypwq7ipLr4U22R3HboGzHjCJy/l752RwyU9eegodhD5qI
UH/08rzbAK31osqqjLTRh8sLehQ2GhW8OYRo+3lH0y00mseyWb8A6RpDve1rS94r
pLftw4YPqhR6qbKKwGgNPq8iQlrcb465POyHb9N5QNygtyoHUL2uIh+K9mSm7fW/
2y25hfKtJEcoXQBi+d6eRxIgitnnBZ+LQnTaYwftyIXJbliGILs4h0HbzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPLxZBJFmWz9Yh5bO1rtPmVMciIvMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvOHZGa0VrV1piUDFpSGxzN1d1MC1aVXh5SWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW2oaAwQC
XvAQAwQBXvA8MA0GCSqGSIb3DQEBCwUAA4IBAQB15oiA1gR7OaGyJbuzOlXgutRV
asuw3LQ0m6H1a4nFSmvkjjhnCjIvqourYICZVIUKyoQ66rSmqx93oZODBfgokuSu
CcV5lOfwyNUaJ7QcfdVujQ7GpjkvHeKHTIsf94Hkcav+xVSQNff2631ZsyexT+gg
S4lVzt0IPmutalkUYe6ZnVBiRVwvLMdMHCLH2iCOrVM7pakVT3SDX3i6DHXJa0C3
hHP7QYtRMemLKfiN/3TxbwbPu6C0MwAA6636OBv74YcotewirFeohIaEm8eydFJ9
2Gpp/ipdIL12IBK+US1JzZfasHwhOw7G6esFi7GZctOU2np3VQAYcLVPmAlN
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:15:49 2025 by rpki-client