Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/d6E5-YNFV32yG9Io1kV3jOb58Ag.roa
File: d6E5-YNFV32yG9Io1kV3jOb58Ag.roa (raw, json)
Hash identifier: St/8WWNrg7PE52JKUH2LmYeWa8TSvdGK2AtjQuk4uAc=
Subject key identifier: 77:A1:39:F9:83:45:57:7D:B2:1B:D2:28:D6:45:77:8C:E6:F9:F0:08
Certificate issuer: /CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Certificate serial: 01857246B401DF2BCC13C6CD3FF803A7442E
Authority key identifier: 80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/d6E5-YNFV32yG9Io1kV3jOb58Ag.roa
Signing time: Mon 02 Jan 2023 11:38:34 +0000
ROA not before: Mon 02 Jan 2023 11:38:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207143
IP address blocks: 193.135.58.0/24 maxlen: 24
2001:67c:3d4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:b4:01:df:2b:cc:13:c6:cd:3f:f8:03:a7:44:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8050504f4b1776e80b8ad9f8b356e613b585b35a
Validity
Not Before: Jan 2 11:38:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a139f98345577db21bd228d645778ce6f9f008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:76:a5:76:e1:7f:12:66:35:c9:5c:fe:35:d2:
f9:cb:21:7d:50:34:0c:7c:41:a5:b6:b4:1d:91:ab:
81:30:f7:7c:e5:4e:3c:ad:92:36:0f:78:65:dd:2c:
fe:9e:38:5d:c4:8a:21:09:00:a1:65:69:23:88:02:
3c:ad:30:9e:b4:02:14:b1:31:55:26:b6:55:c0:f2:
0c:56:2f:3b:48:77:57:6c:de:4d:09:8d:7a:13:84:
d0:d2:af:9a:b8:ae:a0:94:e5:83:b3:c4:d0:ab:64:
c0:47:2c:cd:a1:84:e3:16:42:d5:c6:83:d7:97:3a:
08:d7:92:8b:bf:09:07:03:3a:e0:6f:87:31:b9:ca:
36:82:d5:5c:1a:f7:a4:c0:d3:f8:9a:94:8b:d0:7c:
5e:8e:d4:7e:ac:59:31:8a:03:0e:0f:d1:e8:2b:a9:
c2:e1:a1:a0:52:4f:7a:8c:76:ef:97:a1:c1:95:59:
d9:2b:07:65:d3:82:90:f9:1e:97:38:70:6a:c0:4f:
18:ae:f0:63:34:65:89:f7:7a:ec:56:b1:8d:81:35:
69:f7:d7:b0:88:58:66:fa:76:a0:0f:32:9a:38:45:
58:0a:87:ec:b7:52:87:66:8c:a6:ed:08:57:22:0a:
9f:09:3e:13:b8:5d:83:41:e8:33:a0:71:dd:df:af:
34:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A1:39:F9:83:45:57:7D:B2:1B:D2:28:D6:45:77:8C:E6:F9:F0:08
X509v3 Authority Key Identifier:
keyid:80:50:50:4F:4B:17:76:E8:0B:8A:D9:F8:B3:56:E6:13:B5:85:B3:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFBQT0sXdugLitn4s1bmE7WFs1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/d6E5-YNFV32yG9Io1kV3jOb58Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/b59715-b05a-4b4a-a922-0144a3282a2e/1/gFBQT0sXdugLitn4s1bmE7WFs1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.58.0/24
IPv6:
2001:67c:3d4::/48
Signature Algorithm: sha256WithRSAEncryption
85:c4:8a:25:4b:e7:4c:32:a8:f7:91:54:5a:8a:28:2d:00:a5:
1d:0c:b7:21:73:c1:52:0b:9a:a6:f3:79:ee:f1:ae:df:4b:b5:
0b:9f:91:c3:82:e9:79:00:42:5b:8e:a7:3b:75:4d:e2:90:b6:
14:f8:f9:41:9c:2e:8d:68:e3:9d:16:8e:b9:14:2f:74:a4:12:
2f:78:52:29:d8:79:ec:fc:2d:09:cf:cc:18:0a:fa:55:0c:a7:
b0:aa:6e:e9:2c:d2:0a:48:ca:17:20:e8:62:7f:15:07:b6:93:
f2:a2:cd:f8:40:57:ff:46:b9:da:3e:d0:53:a9:97:84:99:19:
32:57:f1:c1:fb:0c:eb:0f:bf:c7:6a:0b:03:e7:83:7f:84:1f:
4e:ae:54:75:ad:01:f1:9e:f0:53:1c:81:7a:0c:f3:6b:1d:11:
87:75:90:d7:dc:d1:01:c1:77:80:f1:fb:ad:c8:41:61:52:4d:
f3:2b:c0:2a:f2:5a:89:be:05:a8:3b:ac:8a:b4:d7:fe:c7:ce:
67:09:01:ad:de:3d:8a:eb:6e:21:90:c4:d0:8c:e9:61:39:6c:
13:40:06:91:36:1e:ee:cf:c8:8a:a0:51:7b:51:73:ef:89:bb:
0e:2f:c7:30:2c:8d:c3:a1:e3:10:07:33:a3:9c:1b:41:7b:fc:
5a:3a:19:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVyRrQB3yvME8bNP/gDp0QuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNTA1MDRmNGIxNzc2ZTgwYjhhZDlmOGIzNTZlNjEzYjU4
NWIzNWEwHhcNMjMwMTAyMTEzODM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ExMzlmOTgzNDU1NzdkYjIxYmQyMjhkNjQ1Nzc4Y2U2ZjlmMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3alduF/EmY1yVz+NdL5yyF9UDQM
fEGltrQdkauBMPd85U48rZI2D3hl3Sz+njhdxIohCQChZWkjiAI8rTCetAIUsTFV
JrZVwPIMVi87SHdXbN5NCY16E4TQ0q+auK6glOWDs8TQq2TARyzNoYTjFkLVxoPX
lzoI15KLvwkHAzrgb4cxuco2gtVcGvekwNP4mpSL0HxejtR+rFkxigMOD9HoK6nC
4aGgUk96jHbvl6HBlVnZKwdl04KQ+R6XOHBqwE8YrvBjNGWJ93rsVrGNgTVp99ew
iFhm+nagDzKaOEVYCofst1KHZoym7QhXIgqfCT4TuF2DQegzoHHd3680owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHehOfmDRVd9shvSKNZFd4zm+fAIMB8GA1UdIwQY
MBaAFIBQUE9LF3boC4rZ+LNW5hO1hbNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjIt
MDE0NGEzMjgyYTJlLzEvZDZFNS1ZTkZWMzJ5RzlJbzFrVjNqT2I1OEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9iNTk3MTUtYjA1YS00YjRhLWE5MjItMDE0NGEzMjgyYTJl
LzEvZ0ZCUVQwc1hkdWdMaXRuNHMxYm1FN1dGczFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwYc6MA8E
AgACMAkDBwAgAQZ8A9QwDQYJKoZIhvcNAQELBQADggEBAIXEiiVL50wyqPeRVFqK
KC0ApR0MtyFzwVILmqbzee7xrt9LtQufkcOC6XkAQluOpzt1TeKQthT4+UGcLo1o
450WjrkUL3SkEi94UinYeez8LQnPzBgK+lUMp7Cqbuks0gpIyhcg6GJ/FQe2k/Ki
zfhAV/9Gudo+0FOpl4SZGTJX8cH7DOsPv8dqCwPng3+EH06uVHWtAfGe8FMcgXoM
82sdEYd1kNfc0QHBd4Dx+63IQWFSTfMrwCryWom+Bag7rIq01/7HzmcJAa3ePYrr
biGQxNCM6WE5bBNABpE2Hu7PyIqgUXtRc++Juw4vxzAsjcOh4xAHM6OcG0F7/Fo6
Gaw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:41:20 2025 by rpki-client