Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/6HoX1Mqa4aNKt1TlaUN0B1ToLmY.roa
File: 6HoX1Mqa4aNKt1TlaUN0B1ToLmY.roa (raw, json)
Hash identifier: 5fu7sKMztWd6rhN7D/Bi5ENpUA0SIIwwpodX/2qVHLo=
Subject key identifier: E8:7A:17:D4:CA:9A:E1:A3:4A:B7:54:E5:69:43:74:07:54:E8:2E:66
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01856EAFD9F92850A2CA63444BDBBB12E589
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/6HoX1Mqa4aNKt1TlaUN0B1ToLmY.roa
Signing time: Sun 01 Jan 2023 18:54:56 +0000
ROA not before: Sun 01 Jan 2023 18:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8290
IP address blocks: 195.28.128.0/19 maxlen: 21
185.77.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d9:f9:28:50:a2:ca:63:44:4b:db:bb:12:e5:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Jan 1 18:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e87a17d4ca9ae1a34ab754e56943740754e82e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:75:46:6d:c9:3f:34:e0:6e:c2:47:02:96:5f:
f4:c3:c1:c4:00:9d:e4:4b:a0:24:34:c5:ba:50:8e:
30:cb:35:23:e0:1c:3b:75:72:42:3b:64:be:38:99:
e9:38:d8:9e:9e:94:39:58:c6:2f:49:df:29:68:67:
98:25:09:2e:ef:d9:61:c2:ee:5d:b1:85:78:da:fa:
27:75:e3:44:39:f2:38:5c:ec:0c:1a:ad:9c:95:49:
91:fd:78:72:99:a3:c2:9c:e2:a1:d3:14:22:3a:e6:
a2:86:c1:35:4f:28:a8:e8:c5:3e:da:29:0c:c4:b7:
7d:e2:90:57:4b:c3:b1:59:fa:a7:f5:1f:21:79:d5:
70:49:56:6b:06:c8:54:6e:3b:39:b3:1a:b8:08:a0:
79:bf:a2:35:23:c0:23:25:c3:d7:ed:9f:06:4f:14:
82:46:ea:3c:9d:9f:0d:50:4f:fc:0c:f0:b4:70:bf:
73:d9:0e:51:64:9c:31:b2:9a:ee:66:28:92:74:0d:
6d:7f:82:4d:70:b5:12:4b:4e:20:82:ca:5a:c4:dc:
eb:24:97:eb:23:29:ca:26:9d:85:6e:d0:d9:2b:dc:
a7:e2:8e:15:04:c5:28:d8:4e:bd:98:4d:e3:f6:45:
c6:74:68:99:a8:48:71:52:48:ca:9c:8a:26:5f:c5:
68:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:7A:17:D4:CA:9A:E1:A3:4A:B7:54:E5:69:43:74:07:54:E8:2E:66
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/6HoX1Mqa4aNKt1TlaUN0B1ToLmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.144.0/22
195.28.128.0/19
Signature Algorithm: sha256WithRSAEncryption
33:a9:2d:e1:f2:ce:34:ea:f4:a7:64:2a:b0:28:0e:23:cb:c1:
d5:c7:25:a7:d2:ac:fc:bb:c0:bb:a7:6a:db:f2:36:eb:3b:ba:
32:37:c7:70:17:8d:56:53:eb:37:6e:c4:0a:22:29:08:ee:c8:
29:f4:ee:08:7a:5d:cb:9c:9f:6d:ed:3e:c2:07:4f:cd:51:0d:
cf:f5:8b:ed:69:85:9e:50:4c:3f:42:77:51:c3:d6:a2:d3:ef:
f6:89:63:53:c4:1f:b0:c1:dd:ec:2b:28:c6:41:22:14:0c:28:
e6:fc:52:fb:c0:d9:63:2a:29:70:5d:95:93:11:19:b5:7d:d0:
cb:13:90:0a:b8:fe:1d:0e:f0:0f:a3:a0:d7:f2:4d:85:e2:95:
6f:9c:60:65:88:b6:26:f6:22:24:db:b1:58:9b:af:dd:c1:e6:
22:32:8f:ba:b1:7d:f2:56:b6:50:63:e8:fc:e5:8f:f2:8a:e0:
3c:0d:52:3b:36:1a:62:d0:f0:cd:f6:c4:a6:4d:cb:94:c6:2e:
53:11:39:98:0a:5c:fb:91:5c:93:9d:a7:15:73:03:3c:03:ca:
2c:2b:29:a5:39:55:aa:b0:da:26:6d:cc:ed:a3:60:af:dd:41:
d3:6b:2f:7d:fd:5d:07:20:f4:a0:20:26:2e:ab:e4:db:4a:c2:
09:70:a2:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVur9n5KFCiymNES9u7EuWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTJhZTJjZDA5NDMzMzAxOGM0MWRhYWZiNDc0YzZjZmE4
MGQwN2QwHhcNMjMwMTAxMTg1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODdhMTdkNGNhOWFlMWEzNGFiNzU0ZTU2OTQzNzQwNzU0ZTgyZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3VGbck/NOBuwkcCll/0w8HEAJ3k
S6AkNMW6UI4wyzUj4Bw7dXJCO2S+OJnpONienpQ5WMYvSd8paGeYJQku79lhwu5d
sYV42vondeNEOfI4XOwMGq2clUmR/XhymaPCnOKh0xQiOuaihsE1Tyio6MU+2ikM
xLd94pBXS8OxWfqn9R8hedVwSVZrBshUbjs5sxq4CKB5v6I1I8AjJcPX7Z8GTxSC
Ruo8nZ8NUE/8DPC0cL9z2Q5RZJwxspruZiiSdA1tf4JNcLUSS04ggspaxNzrJJfr
IynKJp2FbtDZK9yn4o4VBMUo2E69mE3j9kXGdGiZqEhxUkjKnIomX8VoDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOh6F9TKmuGjSrdU5WlDdAdU6C5mMB8GA1UdIwQY
MBaAFASirizQlDMwGMQdqvtHTGz6gNB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMt
NmU2ZThkOTMwM2U5LzEvNkhvWDFNcWE0YU5LdDFUbGFVTjBCMVRvTG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MzRhMTItZTU4Yy00NTVjLTg5MzMtNmU2ZThkOTMwM2U5
LzEvQktLdUxOQ1VNekFZeEIycS0wZE1iUHFBMEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU2QAwQF
wxyAMA0GCSqGSIb3DQEBCwUAA4IBAQAzqS3h8s406vSnZCqwKA4jy8HVxyWn0qz8
u8C7p2rb8jbrO7oyN8dwF41WU+s3bsQKIikI7sgp9O4Iel3LnJ9t7T7CB0/NUQ3P
9YvtaYWeUEw/QndRw9ai0+/2iWNTxB+wwd3sKyjGQSIUDCjm/FL7wNljKilwXZWT
ERm1fdDLE5AKuP4dDvAPo6DX8k2F4pVvnGBliLYm9iIk27FYm6/dweYiMo+6sX3y
VrZQY+j85Y/yiuA8DVI7Nhpi0PDN9sSmTcuUxi5TETmYClz7kVyTnacVcwM8A8os
KymlOVWqsNombczto2Cv3UHTay99/V0HIPSgICYuq+TbSsIJcKL8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:02 2025 by rpki-client