Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Icokltenxn8H9bad6aZh1ppW364.roa
File: Icokltenxn8H9bad6aZh1ppW364.roa (raw, json)
Hash identifier: B2FyViyKO7n7+kfPIDwuEg4woHhJWobFm/aNLYcv2mI=
Subject key identifier: 21:CA:24:96:D7:A7:C6:7F:07:F5:B6:9D:E9:A6:61:D6:9A:56:DF:AE
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018921B8DD3CA62A6DB0D9AAD0847FC27D5D
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Icokltenxn8H9bad6aZh1ppW364.roa
Signing time: Tue 04 Jul 2023 16:25:10 +0000
ROA not before: Tue 04 Jul 2023 16:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42899
IP address blocks: 84.54.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:b8:dd:3c:a6:2a:6d:b0:d9:aa:d0:84:7f:c2:7d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jul 4 16:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21ca2496d7a7c67f07f5b69de9a661d69a56dfae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:e2:2e:75:8f:df:08:84:9f:85:bb:a3:04:
81:8c:57:f7:b8:dc:c0:d4:eb:ab:91:7f:e9:de:99:
b1:2c:99:aa:f3:6b:dd:f8:ff:b6:b7:f7:5c:cd:24:
62:01:90:de:80:11:a9:0c:b5:b0:bb:e7:c2:2a:02:
d0:25:35:59:a1:41:80:80:4b:d8:96:22:03:a0:04:
2f:f6:a0:82:f1:7c:c7:3a:bd:a4:8e:b0:da:bf:42:
57:e6:0c:81:db:a2:b2:06:af:b9:c3:ea:ac:16:20:
48:73:46:1f:f9:32:30:ff:1a:1b:05:2d:c5:72:d5:
49:35:30:db:e9:c7:df:de:6e:1b:25:cc:f7:1d:18:
fc:f4:32:a4:5a:89:75:06:44:0a:d7:de:99:ca:d9:
98:d7:a5:d1:f0:89:12:75:87:6e:fd:a3:f7:d7:89:
f7:aa:e2:88:f6:8c:aa:6a:43:26:29:13:b2:61:5a:
7f:01:11:dd:9f:c8:b2:2c:9b:28:70:b4:f8:56:c9:
b1:51:bd:79:83:87:24:94:48:1a:ca:fe:86:58:b5:
10:91:52:1c:f6:c9:e3:8e:07:ac:50:6b:bb:ab:51:
dc:8c:a3:25:83:e3:16:59:19:55:48:cd:79:0c:98:
c8:5d:c0:85:82:7f:a3:db:75:a2:71:3e:28:a2:d8:
01:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CA:24:96:D7:A7:C6:7F:07:F5:B6:9D:E9:A6:61:D6:9A:56:DF:AE
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Icokltenxn8H9bad6aZh1ppW364.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.52.0/24
Signature Algorithm: sha256WithRSAEncryption
56:30:6d:24:6d:48:d3:1f:ff:da:26:45:90:61:ed:88:63:bc:
e7:a3:23:12:30:f7:5d:16:5a:3a:83:d0:61:f6:d3:c6:0b:31:
7e:97:97:82:56:ea:9a:1c:be:9c:91:fd:84:2f:75:27:08:e1:
d9:f6:af:c9:26:17:bf:61:25:07:df:2f:d9:0f:f0:e5:7a:e0:
84:0c:3f:1b:e8:18:b3:d4:70:e4:b3:78:dc:49:49:4a:3c:76:
81:cd:13:7c:27:1d:e3:cf:f5:12:3a:07:b7:ae:d0:b2:0f:36:
74:18:b9:44:b0:75:62:38:66:9d:ea:7f:0a:17:f3:9b:14:aa:
62:3e:d4:cd:ca:22:c6:8f:2d:a1:d4:e4:6d:11:6b:58:13:5c:
75:ba:4b:7d:cc:6b:06:b5:30:ca:db:1b:2b:b7:5a:21:0c:f8:
2d:9d:df:23:18:ae:5d:31:cd:16:4f:43:ae:5b:f0:e4:94:d2:
42:47:36:41:f9:4f:ea:db:1e:2d:67:d7:5e:6d:d1:78:82:e5:
dd:01:d1:76:36:75:62:be:94:c3:76:c9:0c:5a:22:66:4a:7d:
ed:0d:59:b4:2a:a3:01:f6:f7:db:13:49:45:44:61:ca:4e:0f:
bd:94:3d:6b:b5:49:f1:05:bc:28:0a:9e:94:b1:c8:e4:02:88:
ff:e2:d4:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkhuN08piptsNmq0IR/wn1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjMwNzA0MTYyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWNhMjQ5NmQ3YTdjNjdmMDdmNWI2OWRlOWE2NjFkNjlhNTZkZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLiLnWP3wiEn4W7owSBjFf3uNzA
1OurkX/p3pmxLJmq82vd+P+2t/dczSRiAZDegBGpDLWwu+fCKgLQJTVZoUGAgEvY
liIDoAQv9qCC8XzHOr2kjrDav0JX5gyB26KyBq+5w+qsFiBIc0Yf+TIw/xobBS3F
ctVJNTDb6cff3m4bJcz3HRj89DKkWol1BkQK196ZytmY16XR8IkSdYdu/aP314n3
quKI9oyqakMmKROyYVp/ARHdn8iyLJsocLT4VsmxUb15g4cklEgayv6GWLUQkVIc
9snjjgesUGu7q1HcjKMlg+MWWRlVSM15DJjIXcCFgn+j23WicT4ootgBewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHKJJbXp8Z/B/W2nemmYdaaVt+uMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvSWNva2x0ZW54bjhIOWJhZDZhWmgxcHBXMzY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVDY0MA0G
CSqGSIb3DQEBCwUAA4IBAQBWMG0kbUjTH//aJkWQYe2IY7znoyMSMPddFlo6g9Bh
9tPGCzF+l5eCVuqaHL6ckf2EL3UnCOHZ9q/JJhe/YSUH3y/ZD/DleuCEDD8b6Biz
1HDks3jcSUlKPHaBzRN8Jx3jz/USOge3rtCyDzZ0GLlEsHViOGad6n8KF/ObFKpi
PtTNyiLGjy2h1ORtEWtYE1x1ukt9zGsGtTDK2xsrt1ohDPgtnd8jGK5dMc0WT0Ou
W/DklNJCRzZB+U/q2x4tZ9debdF4guXdAdF2NnVivpTDdskMWiJmSn3tDVm0KqMB
9vfbE0lFRGHKTg+9lD1rtUnxBbwoCp6UscjkAoj/4tSK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:48 2025 by rpki-client