Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/6vDFMqSPCYrgHNqj7ZnAxWwGVBw.roa
File: 6vDFMqSPCYrgHNqj7ZnAxWwGVBw.roa (raw, json)
Hash identifier: n1qe0X7OJAForDagMpgLB3ss71SlX55dA4tNkxFOsTA=
Subject key identifier: EA:F0:C5:32:A4:8F:09:8A:E0:1C:DA:A3:ED:99:C0:C5:6C:06:54:1C
Certificate issuer: /CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Certificate serial: 018534A7CE16CF7E5EC8E7FAA78597706A42
Authority key identifier: CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/6vDFMqSPCYrgHNqj7ZnAxWwGVBw.roa
Signing time: Wed 21 Dec 2022 12:28:10 +0000
ROA not before: Wed 21 Dec 2022 12:28:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201996
IP address blocks: 87.246.42.0/24 maxlen: 24
87.246.43.0/24 maxlen: 24
87.246.41.0/24 maxlen: 24
212.5.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:a7:ce:16:cf:7e:5e:c8:e7:fa:a7:85:97:70:6a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb952f9c339cabd14234d00c84a252d7ec71a2a2
Validity
Not Before: Dec 21 12:28:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eaf0c532a48f098ae01cdaa3ed99c0c56c06541c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:68:a5:f3:ac:70:76:23:27:03:69:4d:d9:eb:
50:d5:5f:ef:cb:22:b5:e6:0a:83:f3:39:bf:1d:5f:
e4:42:2d:57:ea:91:e6:f6:67:be:39:48:da:24:2f:
94:75:fa:84:7e:65:da:ae:70:ba:7a:ec:5c:f0:51:
dc:e4:ae:88:d6:2a:3a:a2:e1:6d:4e:ba:03:26:67:
10:0c:73:db:5c:e3:94:77:d2:0d:9c:fa:9e:4b:8a:
79:ff:90:e5:21:63:40:11:66:8c:df:29:25:92:ee:
fc:09:d1:0e:d3:d1:33:db:80:22:7d:4e:7c:94:1d:
ca:e8:fe:2c:70:5c:e4:97:da:13:7b:6a:58:b0:15:
f9:96:97:53:e4:97:6b:3a:47:02:15:6b:eb:03:c2:
09:8d:c2:ce:0b:ee:a4:aa:36:63:ad:f8:94:38:9b:
6f:32:e0:b3:3d:90:18:ca:da:c9:07:eb:e1:b7:ac:
77:25:1a:5d:c1:6e:39:40:22:6f:b0:c6:12:37:99:
17:54:92:c5:fe:14:67:2c:59:75:85:76:8a:d9:99:
69:39:79:4e:3e:1f:b6:2e:e7:d7:0c:fc:fd:00:81:
bc:1b:b9:d6:29:9b:4c:7b:bc:cb:56:2c:9b:13:67:
cb:88:00:a5:0e:c3:9b:3d:dc:f3:62:76:87:64:45:
dc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F0:C5:32:A4:8F:09:8A:E0:1C:DA:A3:ED:99:C0:C5:6C:06:54:1C
X509v3 Authority Key Identifier:
keyid:CB:95:2F:9C:33:9C:AB:D1:42:34:D0:0C:84:A2:52:D7:EC:71:A2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y5UvnDOcq9FCNNAMhKJS1-xxoqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/6vDFMqSPCYrgHNqj7ZnAxWwGVBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9098fd-7dc3-4e12-b893-fd22df3b57f6/1/y5UvnDOcq9FCNNAMhKJS1-xxoqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.41.0-87.246.43.255
212.5.60.0/24
Signature Algorithm: sha256WithRSAEncryption
40:20:5a:17:7f:69:55:1d:42:4e:be:41:e0:c5:d0:a6:2a:aa:
b3:7b:4f:98:0b:1b:ff:d9:59:5c:04:80:c2:a6:2a:f8:fa:50:
3e:2c:5c:1f:0d:14:5b:5c:ff:50:56:0a:54:d8:86:1b:5f:b3:
e8:e1:a6:6e:d5:37:b1:02:3a:4d:66:ea:40:36:2f:0d:2c:16:
f7:f5:8d:35:0d:17:4f:3a:2b:fa:c7:54:e0:ca:8f:f0:1a:b8:
e9:af:8c:2b:f1:41:29:2e:9a:7f:a7:d6:21:37:1e:46:69:e2:
60:7b:ba:76:2f:e0:6b:9b:bb:04:0b:33:0f:90:f0:fb:2f:c4:
9d:2f:99:db:e6:2d:73:9a:38:96:84:c8:0f:01:e7:bc:ea:38:
94:54:4b:41:b2:31:dd:35:34:64:8e:91:7b:af:c2:81:bb:42:
87:62:1a:c2:92:1a:03:8b:72:54:a5:5f:da:ad:a9:b2:c9:0e:
e6:77:8f:69:67:77:23:ec:89:dc:20:0b:f8:d0:15:f0:99:8f:
46:3b:75:e0:a2:cc:45:d9:c9:6a:97:d3:9c:8d:24:eb:ca:a3:
c7:e7:65:ce:76:c9:54:43:e2:35:99:11:d1:cb:89:47:d7:86:
70:ec:46:f7:d9:2e:c8:60:42:d5:96:64:78:77:db:39:f1:e4:
78:78:d2:22
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYU0p84Wz35eyOf6p4WXcGpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiOTUyZjljMzM5Y2FiZDE0MjM0ZDAwYzg0YTI1MmQ3ZWM3
MWEyYTIwHhcNMjIxMjIxMTIyODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWYwYzUzMmE0OGYwOThhZTAxY2RhYTNlZDk5YzBjNTZjMDY1NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGil86xwdiMnA2lN2etQ1V/vyyK1
5gqD8zm/HV/kQi1X6pHm9me+OUjaJC+UdfqEfmXarnC6euxc8FHc5K6I1io6ouFt
TroDJmcQDHPbXOOUd9INnPqeS4p5/5DlIWNAEWaM3yklku78CdEO09Ez24AifU58
lB3K6P4scFzkl9oTe2pYsBX5lpdT5JdrOkcCFWvrA8IJjcLOC+6kqjZjrfiUOJtv
MuCzPZAYytrJB+vht6x3JRpdwW45QCJvsMYSN5kXVJLF/hRnLFl1hXaK2ZlpOXlO
Ph+2LufXDPz9AIG8G7nWKZtMe7zLViybE2fLiAClDsObPdzzYnaHZEXcjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOrwxTKkjwmK4Bzao+2ZwMVsBlQcMB8GA1UdIwQY
MBaAFMuVL5wznKvRQjTQDISiUtfscaKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMt
ZmQyMmRmM2I1N2Y2LzEvNnZERk1xU1BDWXJnSE5xajdabkF4V3dHVkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85MDk4ZmQtN2RjMy00ZTEyLWI4OTMtZmQyMmRmM2I1N2Y2
LzEveTVVdm5ET2NxOUZDTk5BTWhLSlMxLXh4b3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABX9ikD
BAJX9igDBADUBTwwDQYJKoZIhvcNAQELBQADggEBAEAgWhd/aVUdQk6+QeDF0KYq
qrN7T5gLG//ZWVwEgMKmKvj6UD4sXB8NFFtc/1BWClTYhhtfs+jhpm7VN7ECOk1m
6kA2Lw0sFvf1jTUNF086K/rHVODKj/AauOmvjCvxQSkumn+n1iE3HkZp4mB7unYv
4GubuwQLMw+Q8PsvxJ0vmdvmLXOaOJaEyA8B57zqOJRUS0GyMd01NGSOkXuvwoG7
QodiGsKSGgOLclSlX9qtqbLJDuZ3j2lndyPsidwgC/jQFfCZj0Y7deCizEXZyWqX
05yNJOvKo8fnZc52yVRD4jWZEdHLiUfXhnDsRvfZLshgQtWWZHh32znx5Hh40iI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:35 2024 by rpki-client on console-fra.rpki-client.org