Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/G3p4L8oUh1NF7jn6dSfUZy5Ou8Y.roa
File: G3p4L8oUh1NF7jn6dSfUZy5Ou8Y.roa (raw, json)
Hash identifier: snVcruSg8VYqOG+SaTf3enKVZyBYuWu3UkjWKYfR5bw=
Subject key identifier: 1B:7A:78:2F:CA:14:87:53:45:EE:39:FA:75:27:D4:67:2E:4E:BB:C6
Certificate issuer: /CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Certificate serial: 018571DE7AB3E8783428D390B7AA4D489281
Authority key identifier: A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/G3p4L8oUh1NF7jn6dSfUZy5Ou8Y.roa
Signing time: Mon 02 Jan 2023 09:44:43 +0000
ROA not before: Mon 02 Jan 2023 09:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47724
IP address blocks: 94.124.200.0/21 maxlen: 21
94.124.200.0/22 maxlen: 24
94.124.206.0/23 maxlen: 24
2a0d:bd80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:7a:b3:e8:78:34:28:d3:90:b7:aa:4d:48:92:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3aa8dd118766aed3b09ed69f2e47dc1d2c16159
Validity
Not Before: Jan 2 09:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b7a782fca14875345ee39fa7527d4672e4ebbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:30:cc:eb:de:45:36:64:66:dd:c4:52:29:
4f:24:9e:d1:36:dc:bf:5c:52:ee:44:81:f5:3c:1a:
b1:68:36:ae:81:19:04:c1:02:b4:6e:5e:58:9b:59:
16:8b:05:c5:86:b9:f7:e9:19:b0:3a:6f:ab:58:fa:
7b:54:0c:d7:bc:5c:8d:2a:45:f0:1a:29:03:fd:28:
08:4f:6c:a2:81:ab:59:78:23:ce:73:3b:b2:db:be:
2b:b7:97:d9:75:6d:6b:ee:3a:b3:5e:fd:73:62:1e:
42:51:5e:3b:81:8d:7d:8f:ab:c6:47:73:7c:12:5f:
15:1d:00:f3:28:95:5b:ef:4f:41:17:d8:af:7b:15:
1d:12:d7:79:70:b8:39:01:59:d1:21:a3:72:2e:57:
86:56:f0:28:c8:84:c2:e1:72:1c:3b:31:22:4e:58:
83:fe:54:c9:06:b9:39:c9:a5:66:ea:db:2e:78:6c:
87:34:10:61:f2:fe:a2:aa:12:30:32:90:02:fc:45:
08:52:ff:3f:f9:40:82:7c:c9:a2:04:17:5e:73:80:
08:3c:60:99:26:d3:d4:d9:7d:ff:99:53:98:fa:ef:
df:66:88:6d:3d:2c:a0:6f:b1:25:7d:0f:06:ed:1e:
0f:d9:22:6a:08:72:bf:b3:7c:5f:21:7f:1e:2d:9a:
0c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:7A:78:2F:CA:14:87:53:45:EE:39:FA:75:27:D4:67:2E:4E:BB:C6
X509v3 Authority Key Identifier:
keyid:A3:AA:8D:D1:18:76:6A:ED:3B:09:ED:69:F2:E4:7D:C1:D2:C1:61:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6qN0Rh2au07Ce1p8uR9wdLBYVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/G3p4L8oUh1NF7jn6dSfUZy5Ou8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/391e54-c21a-405a-88aa-6079789100ca/1/o6qN0Rh2au07Ce1p8uR9wdLBYVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.200.0/21
IPv6:
2a0d:bd80::/29
Signature Algorithm: sha256WithRSAEncryption
47:54:06:c7:86:6a:a2:c9:77:b2:d0:12:cb:67:ad:7c:c3:f5:
a5:07:26:4e:48:d0:80:9d:d8:89:a8:02:72:19:70:f2:68:06:
ce:f5:f7:08:af:91:4a:8f:28:7e:54:42:60:91:f9:06:b0:c6:
6d:ff:9a:8f:c4:88:c3:a5:f2:17:29:a5:c2:05:40:05:95:fe:
64:57:79:93:94:99:bf:72:b8:81:03:b0:8d:c3:e4:9d:79:58:
d8:31:5f:fd:5b:4f:b2:28:08:ea:0c:1a:f3:01:67:6b:98:de:
81:01:b9:fa:18:4c:a2:92:1e:4a:d8:b9:e2:2b:d0:c3:93:bd:
aa:eb:fc:5b:78:af:e4:6b:14:72:5b:dd:22:af:71:bc:22:63:
26:98:9f:ce:e0:e6:bb:f9:d6:a5:ab:44:5c:c5:a5:d0:49:be:
bb:aa:53:1e:fa:80:54:6f:ff:6a:da:88:94:5d:bd:96:ad:99:
6e:32:ea:dc:11:e1:03:c7:b8:f3:a7:70:e6:74:7d:3f:85:10:
d6:dc:85:a4:27:77:bf:5b:d1:b3:dc:30:0c:68:32:57:c7:0d:
26:da:85:9e:e2:32:69:4c:76:ba:32:02:c0:d6:85:d2:3e:fc:
56:2c:19:3e:8e:c9:2c:e8:8a:e1:65:24:a0:2b:ea:02:72:8e:
29:5a:80:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3nqz6Hg0KNOQt6pNSJKBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYWE4ZGQxMTg3NjZhZWQzYjA5ZWQ2OWYyZTQ3ZGMxZDJj
MTYxNTkwHhcNMjMwMTAyMDk0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjdhNzgyZmNhMTQ4NzUzNDVlZTM5ZmE3NTI3ZDQ2NzJlNGViYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluMwzOveRTZkZt3EUilPJJ7RNty/
XFLuRIH1PBqxaDaugRkEwQK0bl5Ym1kWiwXFhrn36RmwOm+rWPp7VAzXvFyNKkXw
GikD/SgIT2yigatZeCPOczuy274rt5fZdW1r7jqzXv1zYh5CUV47gY19j6vGR3N8
El8VHQDzKJVb709BF9ivexUdEtd5cLg5AVnRIaNyLleGVvAoyITC4XIcOzEiTliD
/lTJBrk5yaVm6tsueGyHNBBh8v6iqhIwMpAC/EUIUv8/+UCCfMmiBBdec4AIPGCZ
JtPU2X3/mVOY+u/fZohtPSygb7ElfQ8G7R4P2SJqCHK/s3xfIX8eLZoM+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBt6eC/KFIdTRe45+nUn1GcuTrvGMB8GA1UdIwQY
MBaAFKOqjdEYdmrtOwntafLkfcHSwWFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEt
NjA3OTc4OTEwMGNhLzEvRzNwNEw4b1VoMU5GN2puNmRTZlVaeTVPdThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8zOTFlNTQtYzIxYS00MDVhLTg4YWEtNjA3OTc4OTEwMGNh
LzEvbzZxTjBSaDJhdTA3Q2UxcDh1Ujl3ZExCWVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXnzIMA0E
AgACMAcDBQMqDb2AMA0GCSqGSIb3DQEBCwUAA4IBAQBHVAbHhmqiyXey0BLLZ618
w/WlByZOSNCAndiJqAJyGXDyaAbO9fcIr5FKjyh+VEJgkfkGsMZt/5qPxIjDpfIX
KaXCBUAFlf5kV3mTlJm/criBA7CNw+SdeVjYMV/9W0+yKAjqDBrzAWdrmN6BAbn6
GEyikh5K2LniK9DDk72q6/xbeK/kaxRyW90ir3G8ImMmmJ/O4Oa7+dalq0RcxaXQ
Sb67qlMe+oBUb/9q2oiUXb2WrZluMurcEeEDx7jzp3DmdH0/hRDW3IWkJ3e/W9Gz
3DAMaDJXxw0m2oWe4jJpTHa6MgLA1oXSPvxWLBk+jsks6IrhZSSgK+oCco4pWoDK
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:50 2025 by rpki-client