Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/doNMQHVmiTtgvHEOW_61hI25pqE.roa
File: doNMQHVmiTtgvHEOW_61hI25pqE.roa (raw, json)
Hash identifier: Zup0CJ459xrxLnoBfRhh2RbfwMfpy8XlsE3BjpvFIDA=
Subject key identifier: 76:83:4C:40:75:66:89:3B:60:BC:71:0E:5B:FE:B5:84:8D:B9:A6:A1
Certificate issuer: /CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Certificate serial: 01856E78EE8029C86F40411CF1A162AAE19D
Authority key identifier: F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/doNMQHVmiTtgvHEOW_61hI25pqE.roa
Signing time: Sun 01 Jan 2023 17:54:57 +0000
ROA not before: Sun 01 Jan 2023 17:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31726
IP address blocks: 94.139.64.0/19 maxlen: 19
185.211.72.0/22 maxlen: 22
31.204.72.0/21 maxlen: 21
109.109.64.0/19 maxlen: 19
2a00:1680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:ee:80:29:c8:6f:40:41:1c:f1:a1:62:aa:e1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Validity
Not Before: Jan 1 17:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76834c407566893b60bc710e5bfeb5848db9a6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:8e:19:f1:80:ef:68:02:83:ce:c6:0d:ef:
07:93:ed:d7:0a:1b:1b:a3:34:16:ba:72:3e:f7:73:
79:fd:54:27:c0:91:97:7c:19:12:c7:eb:6b:35:f4:
f7:bd:7d:db:53:f9:bd:f7:12:fd:34:a7:8e:ae:87:
d2:34:c0:95:d9:08:2c:36:ce:73:f5:af:75:a9:9a:
77:06:fc:d3:a7:83:72:a9:ac:50:f3:be:ba:80:f0:
b6:f7:43:f3:96:c0:82:80:42:d1:3b:59:58:a3:df:
85:5a:be:92:e2:2a:e4:91:46:7a:26:26:c9:cb:f4:
d0:ae:37:f3:4e:89:3d:2d:c7:18:56:59:da:98:31:
2e:61:62:1a:1b:12:37:f2:06:11:a3:36:26:83:a7:
0f:08:6c:6e:42:5c:fa:3e:e6:ce:5c:3e:e7:98:f4:
bd:11:59:30:7b:f3:70:e2:ca:14:fd:99:d2:5b:be:
13:41:12:34:db:34:5d:a8:4f:31:b3:3e:d5:36:c5:
c1:ba:83:ba:dd:cb:0d:13:bb:b3:1d:88:5a:56:68:
b2:12:91:5d:71:99:a5:0e:31:ca:6d:cb:02:bf:8b:
4c:55:96:81:5b:27:45:a1:a5:ef:d0:4d:bf:bf:58:
46:e3:1e:03:95:85:ba:93:27:a9:cd:d0:a1:d1:97:
fa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:83:4C:40:75:66:89:3B:60:BC:71:0E:5B:FE:B5:84:8D:B9:A6:A1
X509v3 Authority Key Identifier:
keyid:F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/doNMQHVmiTtgvHEOW_61hI25pqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/9p-LzyouwQ-eS2MC4bNQnz0DNu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.72.0/21
94.139.64.0/19
109.109.64.0/19
185.211.72.0/22
IPv6:
2a00:1680::/32
Signature Algorithm: sha256WithRSAEncryption
06:7b:f8:70:97:b4:c6:f2:c1:06:f5:7d:e2:84:77:cb:4a:77:
75:04:46:79:83:6e:04:e0:10:c9:2f:79:e3:c8:9f:af:e5:d9:
55:3b:58:e1:22:e3:6d:42:0e:b9:7d:8c:81:2f:d3:c8:a6:8c:
bd:b7:7f:a2:f9:73:98:ff:88:33:57:23:f5:5e:94:e5:eb:fd:
85:a1:4b:d8:28:ea:b6:c9:a4:68:1a:02:12:e6:b2:0a:90:a2:
93:eb:33:a3:8c:a2:b1:33:b5:42:a1:02:b0:e9:ef:2d:d7:4f:
f6:db:f8:55:8d:1c:01:91:09:cb:fc:21:f4:e9:6c:a5:fa:6c:
c8:cf:36:37:37:f8:df:7d:0d:79:b6:21:82:e1:4a:82:f5:91:
49:03:24:91:c7:9a:50:86:48:14:c2:ad:b6:15:a1:f7:44:5f:
d3:20:af:cd:b3:c4:45:9c:ea:22:6b:90:5a:23:ec:02:a3:dd:
03:36:d4:91:4c:0d:b9:58:3b:88:da:be:bd:67:8d:38:d5:26:
80:30:76:5a:32:c6:a6:d9:8f:21:c4:24:b5:3c:3f:96:89:7d:
d8:7a:b6:51:ce:0a:fa:24:56:b0:4b:bb:e6:f7:c9:bc:fb:5d:
67:90:df:49:5c:2c:ed:f0:80:49:b5:fd:74:a5:64:82:9b:3e:
6a:f5:77:09
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVueO6AKchvQEEc8aFiquGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWY4YmNmMmEyZWMxMGY5ZTRiNjMwMmUxYjM1MDlmM2Qw
MzM2ZWUwHhcNMjMwMTAxMTc1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjgzNGM0MDc1NjY4OTNiNjBiYzcxMGU1YmZlYjU4NDhkYjlhNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4aOGfGA72gCg87GDe8Hk+3XChsb
ozQWunI+93N5/VQnwJGXfBkSx+trNfT3vX3bU/m99xL9NKeOrofSNMCV2QgsNs5z
9a91qZp3BvzTp4NyqaxQ8766gPC290PzlsCCgELRO1lYo9+FWr6S4irkkUZ6JibJ
y/TQrjfzTok9LccYVlnamDEuYWIaGxI38gYRozYmg6cPCGxuQlz6PubOXD7nmPS9
EVkwe/Nw4soU/ZnSW74TQRI02zRdqE8xsz7VNsXBuoO63csNE7uzHYhaVmiyEpFd
cZmlDjHKbcsCv4tMVZaBWydFoaXv0E2/v1hG4x4DlYW6kyepzdCh0Zf6pQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHaDTEB1Zok7YLxxDlv+tYSNuaahMB8GA1UdIwQY
MBaAFPafi88qLsEPnktjAuGzUJ89AzbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEt
MDBhNzcwNDc3NGUxLzEvZG9OTVFIVm1pVHRndkhFT1dfNjFoSTI1cHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEtMDBhNzcwNDc3NGUx
LzEvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH8xIAwQF
XotAAwQFbW1AAwQCudNIMA0EAgACMAcDBQAqABaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAGe/hwl7TG8sEG9X3ihHfLSnd1BEZ5g24E4BDJL3njyJ+v5dlVO1jhIuNtQg65
fYyBL9PIpoy9t3+i+XOY/4gzVyP1XpTl6/2FoUvYKOq2yaRoGgIS5rIKkKKT6zOj
jKKxM7VCoQKw6e8t10/22/hVjRwBkQnL/CH06Wyl+mzIzzY3N/jffQ15tiGC4UqC
9ZFJAySRx5pQhkgUwq22FaH3RF/TIK/Ns8RFnOoia5BaI+wCo90DNtSRTA25WDuI
2r69Z4041SaAMHZaMsam2Y8hxCS1PD+WiX3YerZRzgr6JFawS7vm98m8+11nkN9J
XCzt8IBJtf10pWSCmz5q9XcJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:33 2025 by rpki-client