Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/6nS1lgzOa69RSDS2R56lnnU_NUw.roa
File: 6nS1lgzOa69RSDS2R56lnnU_NUw.roa (raw, json)
Hash identifier: KqyAJCJXRJgjsYHHixP73q95B2LYUpu+i8Ov8jRQ9Is=
Subject key identifier: EA:74:B5:96:0C:CE:6B:AF:51:48:34:B6:47:9E:A5:9E:75:3F:35:4C
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 018ABDA49FC15CD9622E4AA225CF80411086
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/6nS1lgzOa69RSDS2R56lnnU_NUw.roa
Signing time: Fri 22 Sep 2023 16:06:37 +0000
ROA not before: Fri 22 Sep 2023 16:06:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201935
IP address blocks: 84.254.137.0/24 maxlen: 24
84.254.144.0/24 maxlen: 24
84.254.144.0/23 maxlen: 24
84.254.145.0/24 maxlen: 24
84.254.146.0/24 maxlen: 24
84.254.164.0/24 maxlen: 24
95.210.133.0/24 maxlen: 24
176.227.131.0/24 maxlen: 24
84.254.130.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
95.210.111.0/24 maxlen: 24
95.210.132.0/24 maxlen: 24
95.210.132.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:a4:9f:c1:5c:d9:62:2e:4a:a2:25:cf:80:41:10:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Sep 22 16:06:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea74b5960cce6baf514834b6479ea59e753f354c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:5b:6f:a5:0d:ff:1b:04:12:7b:b5:df:d9:
b5:85:71:63:12:99:74:83:9a:6e:b4:d3:9c:72:03:
b2:5f:95:1b:cb:40:22:c2:34:1a:80:4b:00:aa:8b:
fa:2b:d2:fd:41:77:7a:ed:c4:bf:7b:c2:1b:9b:c6:
dd:10:85:e1:c5:63:d9:07:de:88:a0:b8:0c:07:cf:
93:65:be:9e:8d:ed:a0:df:45:05:8d:88:36:91:15:
3b:2b:0d:d2:e7:11:64:e7:ab:65:6a:71:c6:23:81:
72:e3:d8:ca:95:bd:98:1b:05:db:56:65:66:1e:dc:
04:f7:b3:ee:6e:a5:1a:bb:df:aa:b2:d6:18:fd:11:
1c:0c:0d:b3:c0:f2:0a:95:b5:17:95:c9:0b:ae:da:
bb:6c:a0:c4:3e:5d:a0:d7:5b:50:29:d7:3e:51:74:
72:85:a9:36:04:e5:6e:2d:28:58:51:fd:e7:34:7b:
e1:60:f7:c5:36:d1:6b:6d:0d:5e:0c:98:ae:45:24:
49:c5:1c:58:49:e6:3a:66:f5:18:bd:fb:af:d3:b4:
a4:e1:0f:97:91:ff:05:81:eb:7e:84:85:21:bb:26:
32:64:f3:87:cf:dc:82:03:48:06:ba:32:de:58:4c:
83:ac:6b:0a:79:b6:dd:19:13:1e:d5:8a:6c:7d:fa:
85:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:74:B5:96:0C:CE:6B:AF:51:48:34:B6:47:9E:A5:9E:75:3F:35:4C
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/6nS1lgzOa69RSDS2R56lnnU_NUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.130.0/23
84.254.137.0/24
84.254.144.0-84.254.146.255
84.254.164.0/24
95.210.111.0/24
95.210.132.0/23
176.227.131.0/24
Signature Algorithm: sha256WithRSAEncryption
26:6a:ce:71:e2:95:6e:d1:78:2d:c2:5f:aa:f0:57:48:d2:95:
98:fe:2f:5f:3c:9b:d9:1e:83:b5:6b:e5:db:b2:14:98:ae:e3:
94:71:2c:59:9a:3c:6c:92:2a:26:99:5a:54:10:d9:29:b7:6f:
a8:19:20:43:1d:b5:16:d6:91:d3:55:80:ff:47:7e:de:fb:e8:
fa:41:8f:d2:55:b4:0d:12:53:e7:10:70:ba:e6:77:6e:d9:5d:
07:bb:63:eb:60:5a:1b:93:1c:37:8c:f0:0a:b4:dd:a5:0d:31:
b7:7b:65:1c:55:53:6f:9b:49:0c:b3:b7:34:62:db:9e:be:f7:
4a:57:d8:e5:0a:50:b5:65:53:95:3c:08:99:16:26:93:19:44:
7f:b3:92:12:44:db:8a:75:3d:76:e1:ee:6f:22:00:32:a5:00:
c0:21:6a:27:22:12:a3:34:0b:cd:c0:c9:13:a4:a5:3b:a3:7c:
a4:4c:1a:db:4b:56:71:f3:7e:29:64:fa:76:42:dc:e9:5a:f4:
7e:14:60:f4:6e:2a:e7:d8:42:03:fa:c6:22:9d:c1:de:2c:c1:
08:d2:f5:5f:26:44:b9:7a:f2:c6:8a:dd:c9:0b:e1:42:a4:34:
b7:19:7d:ab:c8:a7:42:28:45:13:83:c6:38:dd:14:3a:2a:d1:
3f:fc:20:d2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYq9pJ/BXNliLkqiJc+AQRCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjMwOTIyMTYwNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc0YjU5NjBjY2U2YmFmNTE0ODM0YjY0NzllYTU5ZTc1M2YzNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF1bb6UN/xsEEnu139m1hXFjEpl0
g5putNOccgOyX5Uby0AiwjQagEsAqov6K9L9QXd67cS/e8Ibm8bdEIXhxWPZB96I
oLgMB8+TZb6eje2g30UFjYg2kRU7Kw3S5xFk56tlanHGI4Fy49jKlb2YGwXbVmVm
HtwE97PubqUau9+qstYY/REcDA2zwPIKlbUXlckLrtq7bKDEPl2g11tQKdc+UXRy
hak2BOVuLShYUf3nNHvhYPfFNtFrbQ1eDJiuRSRJxRxYSeY6ZvUYvfuv07Sk4Q+X
kf8Fget+hIUhuyYyZPOHz9yCA0gGujLeWEyDrGsKebbdGRMe1YpsffqFpQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOp0tZYMzmuvUUg0tkeepZ51PzVMMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvNm5TMWxnek9hNjlSU0RTMlI1NmxublVfTlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBVP6CAwQA
VP6JMAwDBARU/pADBABU/pIDBABU/qQDBABf0m8DBAFf0oQDBACw44MwDQYJKoZI
hvcNAQELBQADggEBACZqznHilW7ReC3CX6rwV0jSlZj+L188m9keg7Vr5duyFJiu
45RxLFmaPGySKiaZWlQQ2Sm3b6gZIEMdtRbWkdNVgP9Hft776PpBj9JVtA0SU+cQ
cLrmd27ZXQe7Y+tgWhuTHDeM8Aq03aUNMbd7ZRxVU2+bSQyztzRi256+90pX2OUK
ULVlU5U8CJkWJpMZRH+zkhJE24p1PXbh7m8iADKlAMAhaiciEqM0C83AyROkpTuj
fKRMGttLVnHzfilk+nZC3Ola9H4UYPRuKufYQgP6xiKdwd4swQjS9V8mRLl68saK
3ckL4UKkNLcZfavIp0IoRRODxjjdFDoq0T/8INI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:44 2025 by rpki-client