Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/b7aaaAXbuKSk6tDraddZeTy5Wj4.roa
File: b7aaaAXbuKSk6tDraddZeTy5Wj4.roa (raw, json)
Hash identifier: 4qL8Ew1csDNk93UhRDcLi4Zld4ciUQ8hZwRqPXVs7MI=
Subject key identifier: 6F:B6:9A:68:05:DB:B8:A4:A4:EA:D0:EB:69:D7:59:79:3C:B9:5A:3E
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018A884F9046697C56C8628E5006C761EC33
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/b7aaaAXbuKSk6tDraddZeTy5Wj4.roa
Signing time: Tue 12 Sep 2023 07:33:50 +0000
ROA not before: Tue 12 Sep 2023 07:33:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56534
IP address blocks: 92.255.96.0/21 maxlen: 21
45.135.215.0/24 maxlen: 24
93.174.72.0/21 maxlen: 21
185.47.52.0/22 maxlen: 22
185.47.54.0/24 maxlen: 24
92.255.60.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.88.0/21 maxlen: 32
2a04:ac00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:4f:90:46:69:7c:56:c8:62:8e:50:06:c7:61:ec:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Sep 12 07:33:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fb69a6805dbb8a4a4ead0eb69d759793cb95a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:72:35:41:f7:4f:e5:1f:cd:93:d1:a4:5c:89:
6f:6d:71:3b:73:f0:49:4e:4b:59:61:75:5f:17:3b:
54:40:15:98:d6:5d:76:0c:37:6d:01:c4:db:1a:d2:
48:b9:ca:6e:9b:ea:90:cc:0b:e6:41:6b:e8:dd:b7:
1d:af:58:b4:ca:f8:d9:ef:e6:fb:1b:91:0c:ea:2d:
7d:18:d6:c4:38:b8:0b:e6:78:84:7e:a0:a3:a0:bb:
40:bb:b8:75:b0:25:0c:79:d6:c1:8c:a9:f0:bc:5d:
09:8c:e3:0b:11:87:eb:0a:57:64:19:d4:10:6f:cc:
bc:84:6e:ca:d1:9a:bf:ec:82:96:ca:28:77:cc:cf:
ef:dd:04:5e:8a:1b:dc:0b:ca:b1:80:4f:40:b7:9b:
aa:99:e4:71:d0:e0:85:2d:90:ef:25:c5:59:ad:b4:
20:a4:5b:0c:55:47:8d:16:c2:a9:16:f2:d4:55:9a:
7d:55:f8:08:38:df:20:01:0c:a9:7f:4c:9b:31:37:
81:a6:1e:81:67:3f:db:d7:9f:a3:e1:23:d6:c7:77:
15:55:24:b8:fd:c2:55:34:bc:a1:eb:e0:95:0a:71:
ad:b5:07:8f:cc:80:79:f8:42:b0:0c:c0:9a:c7:cf:
cd:a6:ed:d9:8a:ba:34:1d:21:45:a4:5c:a3:6d:6d:
c2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B6:9A:68:05:DB:B8:A4:A4:EA:D0:EB:69:D7:59:79:3C:B9:5A:3E
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/b7aaaAXbuKSk6tDraddZeTy5Wj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.215.0/24
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
93.174.72.0/21
185.47.52.0/22
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
40:67:36:b7:72:3d:42:d2:93:3a:97:08:4f:8a:a0:8c:b4:78:
0c:7b:c0:8b:70:33:22:cd:92:34:d8:f6:6b:e9:fb:62:66:13:
eb:73:86:f2:b5:9a:0b:95:82:d2:8b:b7:56:58:d6:78:ab:2e:
40:50:df:45:4c:ff:d7:d5:cf:35:6e:62:0a:d3:0a:4b:59:38:
c5:01:14:c2:1a:65:35:61:0f:45:b1:8b:5e:da:a6:02:3a:7f:
48:de:ee:30:a4:4a:d7:67:9a:32:72:67:dc:f3:1c:66:98:93:
6d:96:7b:d9:ab:df:0b:b5:a4:35:67:08:e9:eb:b4:f3:5f:18:
76:ad:37:dc:8d:c7:2c:cb:c6:a7:f5:a1:64:72:df:64:33:c9:
d3:f4:a3:6f:c7:c7:d1:13:77:45:34:09:c1:aa:62:1f:1b:19:
30:f5:84:49:fd:87:be:0c:d6:f3:49:07:00:65:a3:2d:05:aa:
4c:03:34:e5:6e:10:12:9d:f0:0d:a6:06:fe:a0:69:87:9c:94:
5c:96:2e:e2:6f:07:17:cb:fa:07:80:6e:a5:6e:35:13:90:a1:
54:0f:c7:9d:39:01:2a:27:08:11:13:ab:9b:49:78:47:98:13:
f6:71:2c:8d:ee:9b:43:d9:ec:94:83:cb:ce:da:0f:bd:cf:37:
0a:4a:4a:9c
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYqIT5BGaXxWyGKOUAbHYewzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwOTEyMDczMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI2OWE2ODA1ZGJiOGE0YTRlYWQwZWI2OWQ3NTk3OTNjYjk1YTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3I1QfdP5R/Nk9GkXIlvbXE7c/BJ
TktZYXVfFztUQBWY1l12DDdtAcTbGtJIucpum+qQzAvmQWvo3bcdr1i0yvjZ7+b7
G5EM6i19GNbEOLgL5niEfqCjoLtAu7h1sCUMedbBjKnwvF0JjOMLEYfrCldkGdQQ
b8y8hG7K0Zq/7IKWyih3zM/v3QReihvcC8qxgE9At5uqmeRx0OCFLZDvJcVZrbQg
pFsMVUeNFsKpFvLUVZp9VfgION8gAQypf0ybMTeBph6BZz/b15+j4SPWx3cVVSS4
/cJVNLyh6+CVCnGttQePzIB5+EKwDMCax8/Npu3Ziro0HSFFpFyjbW3CfwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFG+2mmgF27ikpOrQ62nXWXk8uVo+MB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvYjdhYWFBWGJ1S1NrNnREcmFkZFplVHk1V2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQALYfXAwQD
Wd9QAwQAXP88MAwDBANc/1gDBANc/2ADBANdrkgDBAK5LzQwDQQCAAIwBwMFAyoE
rAAwDQYJKoZIhvcNAQELBQADggEBAEBnNrdyPULSkzqXCE+KoIy0eAx7wItwMyLN
kjTY9mvp+2JmE+tzhvK1mguVgtKLt1ZY1nirLkBQ30VM/9fVzzVuYgrTCktZOMUB
FMIaZTVhD0Wxi17apgI6f0je7jCkStdnmjJyZ9zzHGaYk22We9mr3wu1pDVnCOnr
tPNfGHatN9yNxyzLxqf1oWRy32QzydP0o2/Hx9ETd0U0CcGqYh8bGTD1hEn9h74M
1vNJBwBloy0FqkwDNOVuEBKd8A2mBv6gaYeclFyWLuJvBxfL+geAbqVuNROQoVQP
x505ASonCBETq5tJeEeYE/ZxLI3um0PZ7JSDy87aD73PNwpKSpw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:08 2025 by rpki-client