Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/st_aNGg1nfoJH2NDOBNqa3BAKIA.roa
File: st_aNGg1nfoJH2NDOBNqa3BAKIA.roa (raw, json)
Hash identifier: Mm04OfL9Hx0pArIseWCYbQHJEolYcmUYw9A/tV5aoco=
Subject key identifier: B2:DF:DA:34:68:35:9D:FA:09:1F:63:43:38:13:6A:6B:70:40:28:80
Certificate issuer: /CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Certificate serial: 018A932EC3669CCC37F48059C3CDF4C881EB
Authority key identifier: 02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/st_aNGg1nfoJH2NDOBNqa3BAKIA.roa
Signing time: Thu 14 Sep 2023 10:13:50 +0000
ROA not before: Thu 14 Sep 2023 10:13:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8697
IP address blocks: 212.34.0.0/19 maxlen: 24
185.98.224.0/22 maxlen: 24
213.139.32.0/19 maxlen: 24
2a00:18d8::/29 maxlen: 64
2a00:18d8:2::/48 maxlen: 48
2a00:18d8::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:2e:c3:66:9c:cc:37:f4:80:59:c3:cd:f4:c8:81:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=029e98336f6a6cc9dbcf1ecb4895580f094e3e2b
Validity
Not Before: Sep 14 10:13:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2dfda3468359dfa091f634338136a6b70402880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:25:e2:50:8e:4f:8d:1e:57:f4:95:a8:32:59:
71:8b:e3:22:41:0c:55:63:a5:ad:ed:ce:32:05:f4:
be:2f:dc:a5:d8:2d:26:e1:22:d1:50:2d:07:17:df:
09:85:f2:3d:2f:dc:a1:5d:45:d7:f1:c5:d1:21:6d:
55:a4:55:4e:65:32:68:de:dd:a4:c4:03:36:c2:68:
54:8b:88:ce:52:e8:b0:34:15:eb:a7:1f:e9:2e:f2:
e2:7f:25:3c:5b:7a:db:0b:e5:36:73:c0:fb:39:1f:
85:3b:f3:29:a1:1d:1b:1c:49:07:cf:5d:ac:69:97:
c8:44:c9:b9:66:3a:69:5c:6a:c9:bf:40:dd:d5:4e:
be:22:ca:31:57:66:8d:71:ea:2f:1f:85:76:92:a5:
5f:93:8e:1f:b8:aa:d6:07:4d:76:6a:ad:85:a6:ba:
23:ff:2c:2d:f8:b5:83:ea:03:c8:1b:29:5a:88:5b:
34:61:4c:9f:9e:12:9d:45:31:8b:46:82:c8:21:bb:
43:f5:15:48:c5:82:bf:92:d7:e7:db:c3:ca:24:c1:
61:fc:dd:b4:3b:5b:2f:80:c2:d5:ab:ec:d3:ab:f3:
38:e8:d5:d1:f7:72:e1:0a:0b:68:d1:f4:b2:f5:b4:
df:93:59:0f:ab:0e:e2:8a:52:0e:7b:80:0f:b5:dc:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DF:DA:34:68:35:9D:FA:09:1F:63:43:38:13:6A:6B:70:40:28:80
X509v3 Authority Key Identifier:
keyid:02:9E:98:33:6F:6A:6C:C9:DB:CF:1E:CB:48:95:58:0F:09:4E:3E:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ap6YM29qbMnbzx7LSJVYDwlOPis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/st_aNGg1nfoJH2NDOBNqa3BAKIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/fbc141-99fc-4f83-b585-0fe6f55db3f6/1/Ap6YM29qbMnbzx7LSJVYDwlOPis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.224.0/22
212.34.0.0/19
213.139.32.0/19
IPv6:
2a00:18d8::/29
Signature Algorithm: sha256WithRSAEncryption
37:c6:8f:68:66:02:b8:0f:84:e5:f8:3f:f0:4d:4c:b4:d5:8f:
cb:20:28:3c:27:78:89:40:60:e1:83:c8:f7:eb:ed:cb:1e:41:
09:53:9d:91:8e:74:35:21:22:1f:73:99:54:f9:e7:76:af:65:
e7:fc:24:d4:eb:07:63:47:f8:a3:13:b7:6c:9e:e6:a1:27:45:
d3:dc:c0:bc:c1:88:2c:96:0c:b7:7d:ef:9d:21:5c:38:5b:8f:
be:b0:a6:54:80:4e:b8:f1:45:e1:bb:76:67:54:22:cc:e5:e9:
c2:1d:13:36:0e:a6:47:cf:9c:98:56:4e:47:84:ac:f4:e9:8b:
9d:e0:a6:8b:6a:ec:9d:77:10:e9:29:a2:50:86:bf:0c:df:61:
a2:cc:3c:9b:9b:71:07:a9:f7:78:f4:0f:b0:83:b8:46:20:f6:
2d:3e:da:2f:65:af:14:ee:29:ab:9e:31:72:8d:db:41:ef:ed:
bd:9a:6d:04:c0:0d:82:5e:27:39:5c:95:77:c7:e7:c4:b1:45:
4e:02:04:38:7e:68:41:e3:e9:fb:ef:a8:fe:8c:0f:45:90:e2:
a0:bb:df:31:24:12:1e:68:c6:50:a6:7b:a0:09:86:20:44:3e:
e5:f1:30:d2:c5:f3:47:db:95:dc:28:bc:86:a1:79:fa:90:e0:
38:91:5d:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqTLsNmnMw39IBZw830yIHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOWU5ODMzNmY2YTZjYzlkYmNmMWVjYjQ4OTU1ODBmMDk0
ZTNlMmIwHhcNMjMwOTE0MTAxMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRmZGEzNDY4MzU5ZGZhMDkxZjYzNDMzODEzNmE2YjcwNDAyODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSXiUI5PjR5X9JWoMllxi+MiQQxV
Y6Wt7c4yBfS+L9yl2C0m4SLRUC0HF98JhfI9L9yhXUXX8cXRIW1VpFVOZTJo3t2k
xAM2wmhUi4jOUuiwNBXrpx/pLvLifyU8W3rbC+U2c8D7OR+FO/MpoR0bHEkHz12s
aZfIRMm5ZjppXGrJv0Dd1U6+IsoxV2aNceovH4V2kqVfk44fuKrWB012aq2Fproj
/ywt+LWD6gPIGylaiFs0YUyfnhKdRTGLRoLIIbtD9RVIxYK/ktfn28PKJMFh/N20
O1svgMLVq+zTq/M46NXR93LhCgto0fSy9bTfk1kPqw7iilIOe4APtdwuwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLLf2jRoNZ36CR9jQzgTamtwQCiAMB8GA1UdIwQY
MBaAFAKemDNvamzJ288ey0iVWA8JTj4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUt
MGZlNmY1NWRiM2Y2LzEvc3RfYU5HZzFuZm9KSDJORE9CTnFhM0JBS0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mYmMxNDEtOTlmYy00ZjgzLWI1ODUtMGZlNmY1NWRiM2Y2
LzEvQXA2WU0yOXFiTW5ieng3TFNKVllEd2xPUGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWLgAwQF
1CIAAwQF1YsgMA0EAgACMAcDBQMqABjYMA0GCSqGSIb3DQEBCwUAA4IBAQA3xo9o
ZgK4D4Tl+D/wTUy01Y/LICg8J3iJQGDhg8j36+3LHkEJU52RjnQ1ISIfc5lU+ed2
r2Xn/CTU6wdjR/ijE7dsnuahJ0XT3MC8wYgslgy3fe+dIVw4W4++sKZUgE648UXh
u3ZnVCLM5enCHRM2DqZHz5yYVk5HhKz06Yud4KaLauyddxDpKaJQhr8M32GizDyb
m3EHqfd49A+wg7hGIPYtPtovZa8U7imrnjFyjdtB7+29mm0EwA2CXic5XJV3x+fE
sUVOAgQ4fmhB4+n776j+jA9FkOKgu98xJBIeaMZQpnugCYYgRD7l8TDSxfNH25Xc
KLyGoXn6kOA4kV1o
-----END CERTIFICATE-----
Generated at Wed May 7 10:44:36 2025 by rpki-client