Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/X8IIuh6DSxec6FE6YBZS37qHH3I.roa
File: X8IIuh6DSxec6FE6YBZS37qHH3I.roa (raw, json)
Hash identifier: aTvZUptCRKaL3bnAUmX13ukKeWzLrtS/GhuT8bd3iwE=
Subject key identifier: 5F:C2:08:BA:1E:83:4B:17:9C:E8:51:3A:60:16:52:DF:BA:87:1F:72
Certificate issuer: /CN=7d477ba40a72752bf50e42c0003765e4d7473e46
Certificate serial: 0FA00AD7
Authority key identifier: 7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/X8IIuh6DSxec6FE6YBZS37qHH3I.roa
Signing time: Sat 01 Jan 2022 12:06:33 +0000
ROA not before: Sat 01 Jan 2022 12:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206138
IP address blocks: 91.206.60.0/23 maxlen: 24
195.34.64.0/23 maxlen: 24
2001:67c:518::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 262146775 (0xfa00ad7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d477ba40a72752bf50e42c0003765e4d7473e46
Validity
Not Before: Jan 1 12:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fc208ba1e834b179ce8513a601652dfba871f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:74:54:c9:49:88:36:dc:ad:93:e8:19:fc:e9:
e3:af:3b:1e:1b:62:fc:a4:86:22:80:c0:1d:be:4f:
24:22:e5:c1:13:e4:8d:c8:dd:08:86:de:2b:ce:17:
8b:b1:5f:11:57:49:55:75:da:bd:e3:89:7f:80:ef:
9e:0b:e1:f1:17:cd:ac:fc:a5:18:b7:e0:29:f5:1d:
ba:62:f1:bc:6e:ba:b1:c7:1f:de:13:4f:11:40:df:
8c:40:e9:d7:62:75:80:66:86:f4:2b:a4:c0:95:22:
68:ab:ec:a0:e7:ab:ef:eb:bc:2a:42:fd:00:7f:e7:
8a:1c:c1:55:71:52:eb:9d:02:eb:91:d6:2f:b6:23:
ed:7b:e1:85:76:58:99:b7:8b:5d:35:30:e9:8e:90:
53:1b:a1:8f:9f:62:ab:c5:aa:ce:04:e7:f4:71:59:
16:a2:a3:bf:66:39:48:9f:5b:18:30:d6:ab:de:10:
dc:c3:e3:35:ee:06:24:95:e0:30:50:a7:89:87:9c:
9c:43:cf:37:2a:39:3a:2e:55:26:03:e3:9f:52:c0:
78:4b:07:cc:1c:7e:da:f8:b8:bd:35:65:0d:dd:d6:
31:3a:38:49:03:15:23:13:d4:6c:09:39:1f:14:3e:
7b:a3:6d:d7:19:b0:e5:0f:9e:f7:ad:b1:de:a8:9b:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C2:08:BA:1E:83:4B:17:9C:E8:51:3A:60:16:52:DF:BA:87:1F:72
X509v3 Authority Key Identifier:
keyid:7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/X8IIuh6DSxec6FE6YBZS37qHH3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/fUd7pApydSv1DkLAADdl5NdHPkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.60.0/23
195.34.64.0/23
IPv6:
2001:67c:518::/48
Signature Algorithm: sha256WithRSAEncryption
70:dd:df:bc:a0:f5:d2:68:f8:6e:7c:7f:fc:d3:d1:df:4d:86:
58:cd:85:b9:46:09:d4:1f:9a:71:65:2d:6b:c7:18:0b:1c:dc:
e2:36:2f:7f:53:52:21:00:d8:af:b5:0d:33:0a:b1:ef:28:69:
ab:55:b3:8a:6f:e9:d3:76:ec:4d:ba:6d:e5:07:4f:f4:b2:19:
4f:f8:3c:e9:01:fe:b2:42:56:53:a7:dd:14:8d:f5:bb:e9:56:
f4:1d:fc:26:3d:0b:f7:65:df:ea:28:71:b1:0f:42:be:e9:c0:
fd:5c:b6:54:75:93:68:94:82:aa:39:f6:4e:1e:a8:e0:70:a4:
bb:5c:da:2a:54:ab:5e:04:3f:ec:da:fc:34:54:d5:31:f2:e2:
d7:9d:6e:62:98:9b:66:f5:26:5f:ae:19:c4:34:47:91:a4:e9:
8f:51:3e:70:dc:fb:67:b0:be:7f:72:d4:b3:7a:8d:bb:a1:f3:
e8:98:24:df:6f:40:4a:4d:c8:90:20:40:51:2e:a1:1a:e6:75:
63:13:a2:d5:a3:95:f0:c7:40:2f:00:34:90:1b:3e:b3:92:30:
75:47:73:26:75:0e:f9:c0:cd:02:2b:f5:c9:2c:06:85:2c:5e:
9f:b3:f0:7c:a4:13:a2:ba:1d:91:79:ec:96:81:23:a7:c1:e3:
da:c3:69:b7
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIED6AK1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDQ3N2JhNDBhNzI3NTJiZjUwZTQyYzAwMDM3NjVlNGQ3NDczZTQ2MB4XDTIyMDEw
MTEyMDYzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZjMjA4YmExZTgz
NGIxNzljZTg1MTNhNjAxNjUyZGZiYTg3MWY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMx0VMlJiDbcrZPoGfzp4687Hhti/KSGIoDAHb5PJCLlwRPk
jcjdCIbeK84Xi7FfEVdJVXXaveOJf4Dvngvh8RfNrPylGLfgKfUdumLxvG66sccf
3hNPEUDfjEDp12J1gGaG9CukwJUiaKvsoOer7+u8KkL9AH/nihzBVXFS650C65HW
L7Yj7XvhhXZYmbeLXTUw6Y6QUxuhj59iq8WqzgTn9HFZFqKjv2Y5SJ9bGDDWq94Q
3MPjNe4GJJXgMFCniYecnEPPNyo5Oi5VJgPjn1LAeEsHzBx+2vi4vTVlDd3WMTo4
SQMVIxPUbAk5HxQ+e6Nt1xmw5Q+e962x3qib2/MCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRfwgi6HoNLF5zoUTpgFlLfuocfcjAfBgNVHSMEGDAWgBR9R3ukCnJ1K/UO
QsAAN2Xk10c+RjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZVZDdwQXB5ZFN2MURrTEFBRGRsNU5kSFBrWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvYmE4YzI1LTQwZWYtNGJhYi1hYTNhLTlhN2UxNDY0ODYyYS8x
L1g4SUl1aDZEU3hlYzZGRTZZQlpTMzdxSEgzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
YmE4YzI1LTQwZWYtNGJhYi1hYTNhLTlhN2UxNDY0ODYyYS8xL2ZVZDdwQXB5ZFN2
MURrTEFBRGRsNU5kSFBrWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAVvOPAMEAcMiQDAPBAIAAjAJAwcA
IAEGfAUYMA0GCSqGSIb3DQEBCwUAA4IBAQBw3d+8oPXSaPhufH/809HfTYZYzYW5
RgnUH5pxZS1rxxgLHNziNi9/U1IhANivtQ0zCrHvKGmrVbOKb+nTduxNum3lB0/0
shlP+DzpAf6yQlZTp90UjfW76Vb0HfwmPQv3Zd/qKHGxD0K+6cD9XLZUdZNolIKq
OfZOHqjgcKS7XNoqVKteBD/s2vw0VNUx8uLXnW5imJtm9SZfrhnENEeRpOmPUT5w
3PtnsL5/ctSzeo27ofPomCTfb0BKTciQIEBRLqEa5nVjE6LVo5Xwx0AvADSQGz6z
kjB1R3MmdQ75wM0CK/XJLAaFLF6fs/B8pBOiuh2ReeyWgSOnwePaw2m3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:44 2025 by rpki-client