Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/6F7naTV986TKW1ARCpp6ody9BUw.roa
File: 6F7naTV986TKW1ARCpp6ody9BUw.roa (raw, json)
Hash identifier: WxaNv+/FYI2NmDulVpSg8tsHMdCg+r55AU/GpEtAsKE=
Subject key identifier: E8:5E:E7:69:35:7D:F3:A4:CA:5B:50:11:0A:9A:7A:A1:DC:BD:05:4C
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0183A46CEF6019312493B9525B44D261864D
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/6F7naTV986TKW1ARCpp6ody9BUw.roa
Signing time: Tue 04 Oct 2022 19:15:46 +0000
ROA not before: Tue 04 Oct 2022 19:15:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211545
IP address blocks: 82.119.71.0/24 maxlen: 24
176.67.237.0/24 maxlen: 24
176.67.236.0/24 maxlen: 24
176.67.239.0/24 maxlen: 24
89.252.204.0/24 maxlen: 24
89.252.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a4:6c:ef:60:19:31:24:93:b9:52:5b:44:d2:61:86:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Oct 4 19:15:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e85ee769357df3a4ca5b50110a9a7aa1dcbd054c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c0:0e:c0:c8:87:04:4e:d2:df:50:48:80:5c:
14:e8:94:bf:1f:3e:d2:49:da:76:23:6e:55:3e:f5:
1d:cc:e6:ee:77:67:f4:08:95:30:dc:02:5f:5d:b2:
b1:ca:3f:b2:dd:29:5a:28:23:d1:15:f9:71:94:a8:
62:83:3a:97:4a:59:d6:8b:3f:87:85:f9:4c:2f:fe:
63:c3:69:d0:34:fd:b3:d5:d3:3b:02:76:14:a6:8b:
2a:52:1a:d4:00:c3:4b:22:41:3f:91:32:28:1c:e2:
36:2f:f7:b0:a3:e8:38:50:56:17:62:d7:dc:e4:84:
a7:ff:ee:a5:60:c7:30:2c:ef:68:80:05:69:68:f4:
96:93:d3:33:2a:3f:ac:d8:ac:7b:2f:7f:c7:64:c9:
3e:5d:6a:18:d5:6e:06:2c:aa:35:20:6f:2a:96:b0:
ba:3d:96:ac:a4:9f:02:a8:0f:ff:f5:19:1b:01:8b:
87:3b:7c:89:51:d1:e4:bf:57:4c:c0:3c:15:10:c6:
5e:66:97:ec:df:63:cc:bd:58:66:0b:f4:be:9d:0c:
e3:74:ed:ff:a4:ac:05:76:d2:b5:c1:c3:c8:77:76:
a1:31:ae:a7:73:34:d8:f6:bc:f1:18:d9:bb:57:c4:
df:51:06:2b:ff:d6:57:7c:77:be:7f:36:5c:60:06:
36:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5E:E7:69:35:7D:F3:A4:CA:5B:50:11:0A:9A:7A:A1:DC:BD:05:4C
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/6F7naTV986TKW1ARCpp6ody9BUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.71.0/24
89.252.204.0/23
176.67.236.0/23
176.67.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ee:ed:80:1b:78:02:3e:7c:47:10:31:b7:68:40:4f:ba:d4:
e8:59:8e:df:6b:b6:d8:3a:eb:21:05:77:28:83:d7:b2:8c:85:
23:d5:24:15:9a:ec:00:4c:44:b1:0c:77:65:aa:fc:a3:56:6f:
cb:66:87:32:f6:f5:a8:ef:39:13:be:81:d6:20:ba:7a:77:26:
7c:d8:fb:4e:f2:0a:30:63:0c:04:fe:ff:b6:95:d4:91:bc:c7:
65:64:ca:7d:e6:8d:d2:66:a6:00:3f:0a:8b:7e:5b:22:78:5d:
2b:45:54:cf:18:8c:d2:1a:df:cc:cb:e5:cf:b9:f3:a6:b8:03:
ea:73:44:13:58:41:6f:6e:80:a1:e6:97:e3:a9:69:4e:00:90:
e0:46:84:a1:37:bf:b7:24:03:da:bb:68:ad:d2:4a:98:3b:16:
c7:33:b9:ef:d8:be:22:bb:db:2b:19:cc:30:da:ad:93:ee:fb:
25:a7:c0:5b:f8:12:7a:3e:5b:95:ae:92:43:10:3a:68:4e:b8:
e7:aa:3e:89:cb:48:77:e7:81:39:43:f2:83:f5:e4:e4:e3:8d:
5b:85:f8:72:e9:2e:e8:e8:54:38:40:6b:e1:f0:e2:02:6e:d1:
ae:ae:b6:4c:24:b1:17:9a:bb:70:76:e3:bb:36:17:5c:e1:a6:
49:8a:76:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOkbO9gGTEkk7lSW0TSYYZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjIxMDA0MTkxNTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODVlZTc2OTM1N2RmM2E0Y2E1YjUwMTEwYTlhN2FhMWRjYmQwNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsAOwMiHBE7S31BIgFwU6JS/Hz7S
Sdp2I25VPvUdzObud2f0CJUw3AJfXbKxyj+y3SlaKCPRFflxlKhigzqXSlnWiz+H
hflML/5jw2nQNP2z1dM7AnYUposqUhrUAMNLIkE/kTIoHOI2L/ewo+g4UFYXYtfc
5ISn/+6lYMcwLO9ogAVpaPSWk9MzKj+s2Kx7L3/HZMk+XWoY1W4GLKo1IG8qlrC6
PZaspJ8CqA//9RkbAYuHO3yJUdHkv1dMwDwVEMZeZpfs32PMvVhmC/S+nQzjdO3/
pKwFdtK1wcPId3ahMa6nczTY9rzxGNm7V8TfUQYr/9ZXfHe+fzZcYAY2FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOhe52k1ffOkyltQEQqaeqHcvQVMMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvNkY3bmFUVjk4NlRLVzFBUkNwcDZvZHk5QlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUndHAwQB
WfzMAwQBsEPsAwQAsEPvMA0GCSqGSIb3DQEBCwUAA4IBAQCa7u2AG3gCPnxHEDG3
aEBPutToWY7fa7bYOushBXcog9eyjIUj1SQVmuwATESxDHdlqvyjVm/LZocy9vWo
7zkTvoHWILp6dyZ82PtO8gowYwwE/v+2ldSRvMdlZMp95o3SZqYAPwqLflsieF0r
RVTPGIzSGt/My+XPufOmuAPqc0QTWEFvboCh5pfjqWlOAJDgRoShN7+3JAPau2it
0kqYOxbHM7nv2L4iu9srGcww2q2T7vslp8Bb+BJ6PluVrpJDEDpoTrjnqj6Jy0h3
54E5Q/KD9eTk441bhfhy6S7o6FQ4QGvh8OICbtGurrZMJLEXmrtwduO7Nhdc4aZJ
inYt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:46 2025 by rpki-client