Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/a4Zi6X4JrdFWlBZseztXyvnTxMM.roa
File: a4Zi6X4JrdFWlBZseztXyvnTxMM.roa (raw, json)
Hash identifier: DwAlyKclh5SV0LQ1buiKcPg8HAZtTpF4QDu2mAv3wY0=
Subject key identifier: 6B:86:62:E9:7E:09:AD:D1:56:94:16:6C:7B:3B:57:CA:F9:D3:C4:C3
Certificate issuer: /CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Certificate serial: 0186B87B1C3A65F260C414384A6730150861
Authority key identifier: 7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/a4Zi6X4JrdFWlBZseztXyvnTxMM.roa
Signing time: Mon 06 Mar 2023 19:52:01 +0000
ROA not before: Mon 06 Mar 2023 19:52:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57316
IP address blocks: 85.204.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b8:7b:1c:3a:65:f2:60:c4:14:38:4a:67:30:15:08:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7aef069e7e3ed5bf70f682ce40c5810ff3e5e378
Validity
Not Before: Mar 6 19:52:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b8662e97e09add15694166c7b3b57caf9d3c4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9a:56:3f:1e:6e:19:37:c7:1e:82:82:17:3c:
71:d6:dc:74:11:da:99:49:80:6e:2d:9b:fb:60:ee:
07:e6:d1:90:86:60:8e:d3:82:44:f3:2d:2a:95:ae:
5d:c1:45:8c:14:77:82:b6:6b:ff:e6:b5:da:75:51:
14:04:7a:86:29:82:92:83:96:70:c7:3c:92:10:f1:
79:96:98:da:fb:f6:46:c0:c5:e5:63:2c:ea:c8:2a:
a0:5a:b5:5c:72:e3:d1:0a:69:bf:46:5a:f6:e5:bf:
7c:db:e5:ef:80:e1:31:47:f3:58:7a:2a:7f:62:83:
bb:63:74:2a:cf:ef:8a:26:54:5d:bb:d8:50:00:94:
56:01:c4:cf:49:4f:0d:2d:ec:8a:d3:49:45:1e:2a:
cf:f3:f4:0a:07:9e:ce:ce:48:8c:d7:9b:04:2c:42:
8c:a8:e7:b2:ac:28:04:57:5a:d7:9a:20:60:fc:33:
ff:a8:c4:16:b3:91:5a:81:6e:3e:73:1e:17:ba:bb:
30:65:01:72:d8:8f:d3:b9:21:81:70:39:cc:ba:eb:
13:f5:fb:0d:aa:3c:4b:17:b3:c2:ea:71:fe:e9:a9:
78:13:d0:0f:2a:84:fa:31:37:dc:97:25:5a:58:01:
93:87:93:74:9b:a5:39:ab:75:66:fc:15:50:de:cd:
d3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:86:62:E9:7E:09:AD:D1:56:94:16:6C:7B:3B:57:CA:F9:D3:C4:C3
X509v3 Authority Key Identifier:
keyid:7A:EF:06:9E:7E:3E:D5:BF:70:F6:82:CE:40:C5:81:0F:F3:E5:E3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/a4Zi6X4JrdFWlBZseztXyvnTxMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/c0bb52-70de-4af0-a9fb-900034f00d9e/1/eu8Gnn4-1b9w9oLOQMWBD_Pl43g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.47.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:10:81:1b:10:93:6c:64:7d:3f:3e:3a:5f:6b:b8:56:51:06:
a1:a7:6f:29:7e:39:02:27:8d:cd:6e:b5:a0:9c:4b:1d:e5:8f:
31:aa:3c:6e:b7:58:1f:35:6e:80:e7:9c:45:38:76:2e:fd:2c:
66:ae:42:55:ca:a4:2c:fe:8b:cb:f1:c1:81:57:73:31:fa:0b:
ac:62:a4:cc:e4:79:35:c2:71:91:b6:fe:2e:9d:c2:c3:07:7f:
78:12:da:6c:52:4e:52:94:fe:38:1f:98:07:25:9d:c1:a2:58:
dd:0e:3f:84:79:ff:7b:b3:b4:7b:53:c5:19:62:f5:6e:40:a5:
d9:05:bc:d7:ff:25:50:1f:68:33:e9:d6:85:f5:4c:73:54:09:
ec:3d:73:48:81:b8:34:b9:6e:4c:a1:75:de:37:ad:14:2c:17:
01:7b:91:9d:b5:dd:1b:20:36:91:96:03:d1:c0:b4:39:35:8f:
67:65:a0:38:44:19:3b:aa:c6:9f:38:8c:75:ef:59:6a:fb:56:
0c:35:66:99:cb:b7:d9:27:f8:0f:bb:70:62:d8:96:2b:80:e2:
91:e5:e9:e3:9b:f4:bc:2f:c2:34:f4:3e:b9:1c:47:94:f4:d7:
4f:d0:4f:7d:81:6f:5d:4d:da:90:02:4f:64:81:73:b1:a6:72:
db:f3:b8:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa4exw6ZfJgxBQ4SmcwFQhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZWYwNjllN2UzZWQ1YmY3MGY2ODJjZTQwYzU4MTBmZjNl
NWUzNzgwHhcNMjMwMzA2MTk1MjAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg2NjJlOTdlMDlhZGQxNTY5NDE2NmM3YjNiNTdjYWY5ZDNjNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5pWPx5uGTfHHoKCFzxx1tx0EdqZ
SYBuLZv7YO4H5tGQhmCO04JE8y0qla5dwUWMFHeCtmv/5rXadVEUBHqGKYKSg5Zw
xzySEPF5lpja+/ZGwMXlYyzqyCqgWrVccuPRCmm/Rlr25b982+XvgOExR/NYeip/
YoO7Y3Qqz++KJlRdu9hQAJRWAcTPSU8NLeyK00lFHirP8/QKB57OzkiM15sELEKM
qOeyrCgEV1rXmiBg/DP/qMQWs5FagW4+cx4XurswZQFy2I/TuSGBcDnMuusT9fsN
qjxLF7PC6nH+6al4E9APKoT6MTfclyVaWAGTh5N0m6U5q3Vm/BVQ3s3TQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuGYul+Ca3RVpQWbHs7V8r508TDMB8GA1UdIwQY
MBaAFHrvBp5+PtW/cPaCzkDFgQ/z5eN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmIt
OTAwMDM0ZjAwZDllLzEvYTRaaTZYNEpyZEZXbEJac2V6dFh5dm5UeE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9jMGJiNTItNzBkZS00YWYwLWE5ZmItOTAwMDM0ZjAwZDll
LzEvZXU4R25uNC0xYjl3OW9MT1FNV0JEX1BsNDNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcwvMA0G
CSqGSIb3DQEBCwUAA4IBAQCwEIEbEJNsZH0/Pjpfa7hWUQahp28pfjkCJ43NbrWg
nEsd5Y8xqjxut1gfNW6A55xFOHYu/SxmrkJVyqQs/ovL8cGBV3Mx+gusYqTM5Hk1
wnGRtv4uncLDB394EtpsUk5SlP44H5gHJZ3BoljdDj+Eef97s7R7U8UZYvVuQKXZ
BbzX/yVQH2gz6daF9UxzVAnsPXNIgbg0uW5MoXXeN60ULBcBe5Gdtd0bIDaRlgPR
wLQ5NY9nZaA4RBk7qsafOIx171lq+1YMNWaZy7fZJ/gPu3Bi2JYrgOKR5enjm/S8
L8I09D65HEeU9NdP0E99gW9dTdqQAk9kgXOxpnLb87jj
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:30:47 2025 by rpki-client