Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/bQ8iNu0wo9aL0raLBfTEQOv5ujI.roa
File: bQ8iNu0wo9aL0raLBfTEQOv5ujI.roa (raw, json)
Hash identifier: NtAvbIWAX/1Z2pgs+pmiSuDWyCu2Z6I9Q6Wi0kJXNHY=
Subject key identifier: 6D:0F:22:36:ED:30:A3:D6:8B:D2:B6:8B:05:F4:C4:40:EB:F9:BA:32
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 0187E2C12BC2FA51F28FDE00E1F58ADA7961
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/bQ8iNu0wo9aL0raLBfTEQOv5ujI.roa
Signing time: Wed 03 May 2023 17:55:23 +0000
ROA not before: Wed 03 May 2023 17:55:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212496
IP address blocks: 141.98.184.0/22 maxlen: 22
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:c1:2b:c2:fa:51:f2:8f:de:00:e1:f5:8a:da:79:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: May 3 17:55:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d0f2236ed30a3d68bd2b68b05f4c440ebf9ba32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dc:be:7b:81:6a:24:30:63:55:2e:6d:f7:04:
23:2f:47:08:a8:53:28:33:9b:87:c0:f8:1c:e1:a0:
a4:59:ba:1a:ac:43:f3:40:90:d0:ea:41:dd:88:1d:
09:45:ab:83:99:2c:9c:1c:dc:21:0a:c7:cb:ab:fa:
68:5c:e4:f4:6b:e2:27:6f:83:59:ae:10:be:24:00:
19:e5:6b:0f:78:28:87:5e:3e:ca:63:9d:5b:1c:89:
6f:d2:2b:e0:f5:9a:31:18:f5:97:bc:f7:56:9c:83:
21:d1:8a:4e:89:6d:df:2b:0a:c4:c1:b9:55:f5:88:
a7:ee:58:bc:68:db:b6:19:ba:82:ca:64:30:22:e4:
e6:3b:c7:a3:ee:55:49:51:4e:01:20:12:6a:03:f5:
fa:3a:82:59:8e:e6:ab:b5:59:0a:3d:8e:8f:14:83:
9f:11:0e:04:25:dd:c0:c5:a3:d1:b3:78:8d:67:3d:
a2:ab:01:55:3f:95:53:ff:c3:95:c3:38:1d:a1:6e:
67:b4:e2:69:c8:2b:b7:bd:c2:14:ff:c0:ab:90:8f:
8c:33:40:84:4d:e7:33:b2:72:68:38:c9:13:5f:93:
05:15:aa:5d:e4:ed:6a:c7:e2:cb:64:c0:ec:24:8f:
4d:5d:ef:9d:76:75:9f:a5:51:d8:a8:35:91:01:7e:
33:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0F:22:36:ED:30:A3:D6:8B:D2:B6:8B:05:F4:C4:40:EB:F9:BA:32
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/bQ8iNu0wo9aL0raLBfTEQOv5ujI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.184.0/22
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
d8:ac:66:ee:fd:53:c4:26:24:2c:88:6e:dc:9c:a9:07:70:7b:
50:6a:d7:73:45:18:09:be:04:f1:0a:1a:c3:47:e5:18:02:06:
87:bf:6a:51:ac:e0:85:a5:55:0b:bb:19:37:96:27:3e:66:d8:
c3:9b:55:4c:ad:67:3f:ac:2f:76:41:d7:cc:72:5a:c7:22:23:
f4:f4:c3:c7:43:87:f8:e1:66:fc:ef:7e:b6:13:b7:c1:3d:e2:
68:e2:db:81:86:74:90:db:d9:00:3b:46:44:bd:51:70:54:40:
78:2e:64:94:84:d3:40:17:82:2c:ef:43:9f:b8:2c:e5:6e:25:
91:95:5b:9c:dc:9b:d8:fa:b3:b0:73:08:af:df:53:a8:89:82:
9a:e3:d3:2b:5c:b2:25:7f:6d:21:8f:16:d2:14:40:25:6b:65:
4f:00:c9:2e:4f:84:60:ca:a6:36:86:bf:ca:93:e9:47:c4:e9:
78:52:e1:b5:b1:fd:e6:88:cf:a3:c9:a4:fa:8a:fd:21:fe:31:
fd:86:d6:ae:20:4f:55:b4:47:87:86:b3:2f:46:55:bb:8a:7c:
fb:aa:9b:9c:40:fd:4a:fc:30:33:18:a0:c4:95:ec:d2:81:86:
2b:5d:35:4b:2d:35:64:ac:dd:33:8a:6c:ec:82:1c:ea:a8:a8:
9b:63:42:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYfiwSvC+lHyj94A4fWK2nlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjMwNTAzMTc1NTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBmMjIzNmVkMzBhM2Q2OGJkMmI2OGIwNWY0YzQ0MGViZjliYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNy+e4FqJDBjVS5t9wQjL0cIqFMo
M5uHwPgc4aCkWboarEPzQJDQ6kHdiB0JRauDmSycHNwhCsfLq/poXOT0a+Inb4NZ
rhC+JAAZ5WsPeCiHXj7KY51bHIlv0ivg9ZoxGPWXvPdWnIMh0YpOiW3fKwrEwblV
9Yin7li8aNu2GbqCymQwIuTmO8ej7lVJUU4BIBJqA/X6OoJZjuartVkKPY6PFIOf
EQ4EJd3AxaPRs3iNZz2iqwFVP5VT/8OVwzgdoW5ntOJpyCu3vcIU/8CrkI+MM0CE
TeczsnJoOMkTX5MFFapd5O1qx+LLZMDsJI9NXe+ddnWfpVHYqDWRAX4zjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG0PIjbtMKPWi9K2iwX0xEDr+boyMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvYlE4aU51MHdvOWFMMHJhTEJmVEVRT3Y1dWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCjWK4MA0E
AgACMAcDBQMqE2xAMA0GCSqGSIb3DQEBCwUAA4IBAQDYrGbu/VPEJiQsiG7cnKkH
cHtQatdzRRgJvgTxChrDR+UYAgaHv2pRrOCFpVULuxk3lic+ZtjDm1VMrWc/rC92
QdfMclrHIiP09MPHQ4f44Wb87362E7fBPeJo4tuBhnSQ29kAO0ZEvVFwVEB4LmSU
hNNAF4Is70OfuCzlbiWRlVuc3JvY+rOwcwiv31OoiYKa49MrXLIlf20hjxbSFEAl
a2VPAMkuT4RgyqY2hr/Kk+lHxOl4UuG1sf3miM+jyaT6iv0h/jH9htauIE9VtEeH
hrMvRlW7inz7qpucQP1K/DAzGKDElezSgYYrXTVLLTVkrN0zimzsghzqqKibY0K2
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:17:11 2025 by rpki-client