Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/pDnrxKEGXLvdhZwfZ5R0aWuu5W8.roa
File: pDnrxKEGXLvdhZwfZ5R0aWuu5W8.roa (raw, json)
Hash identifier: g8RfjSt7+vBXju3ynxhg90gxSqcgEzqnEJYMnAKUs7s=
Subject key identifier: A4:39:EB:C4:A1:06:5C:BB:DD:85:9C:1F:67:94:74:69:6B:AE:E5:6F
Certificate issuer: /CN=913836859c6ce1869340edf1f273709b8094d9d4
Certificate serial: 058761E4
Authority key identifier: 91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/pDnrxKEGXLvdhZwfZ5R0aWuu5W8.roa
Signing time: Sat 01 Jan 2022 05:57:40 +0000
ROA not before: Sat 01 Jan 2022 05:57:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200727
IP address blocks: 185.98.68.0/22 maxlen: 22
2a00:7bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92758500 (0x58761e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=913836859c6ce1869340edf1f273709b8094d9d4
Validity
Not Before: Jan 1 05:57:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a439ebc4a1065cbbdd859c1f679474696baee56f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:59:31:e6:c0:af:35:70:e2:d3:0f:28:3c:
0b:4a:48:a6:b5:c6:06:ad:e1:7b:59:ec:d1:ee:61:
85:ae:34:26:d8:6e:d4:ca:ab:a2:4b:cd:2f:c7:02:
89:65:4f:27:9c:38:cb:c3:fd:92:dc:44:f2:71:9f:
ec:34:3f:00:c3:4f:f6:e8:14:0b:e1:fa:5d:c1:8a:
b9:d7:1a:e0:ce:c2:be:46:8b:b8:86:ed:94:86:27:
bf:5c:ee:bd:cf:a7:90:8c:34:af:73:8d:09:b6:d5:
84:36:c8:e5:30:74:4c:92:be:8e:28:99:63:f7:18:
b5:79:aa:68:2f:a9:13:82:9f:b9:62:f0:26:b8:d3:
7a:f5:9f:98:f8:68:46:e6:09:a5:70:b4:fd:8b:12:
35:23:24:c7:03:7b:60:96:4c:df:c4:c7:80:fc:d0:
fe:10:71:ad:35:c2:4a:3b:7d:55:d2:89:ae:72:31:
24:2e:da:15:b0:be:18:56:b7:c3:cd:0b:28:70:9a:
cc:9d:b8:dc:61:f6:59:23:b0:da:8c:c8:78:76:ef:
1d:79:69:ad:fd:1e:b2:15:f8:95:46:a0:85:96:b8:
05:4e:9f:44:94:d4:80:08:ad:cf:05:3b:75:73:72:
61:96:bc:04:e6:1e:d3:02:e1:54:8a:0a:bc:ea:32:
59:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:39:EB:C4:A1:06:5C:BB:DD:85:9C:1F:67:94:74:69:6B:AE:E5:6F
X509v3 Authority Key Identifier:
keyid:91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/pDnrxKEGXLvdhZwfZ5R0aWuu5W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.68.0/22
IPv6:
2a00:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
2c:0d:3c:97:5d:0f:d6:8a:c8:36:ce:8b:1f:4c:12:7a:9f:2f:
06:e6:d1:ee:ff:c6:6c:6c:3f:10:f3:a0:5f:83:1f:83:49:0d:
59:cd:a1:a4:bf:54:64:06:60:cc:1d:4a:d5:3a:ed:30:b0:ee:
ec:22:2c:8a:60:a0:c5:69:6c:be:20:0e:49:d9:03:0f:29:f0:
f8:31:67:06:2e:78:50:3e:21:1e:c7:ea:1f:a5:7f:4e:f5:d1:
94:b2:75:b5:b5:46:b6:be:5d:2a:b9:9b:fe:6c:22:94:ee:e9:
5f:7a:f5:26:ec:64:b7:b4:89:c9:54:63:45:92:6c:3f:7f:bb:
a8:3e:c1:4b:8f:cb:a0:2e:a8:66:53:d7:2d:21:7c:6c:69:89:
65:22:8b:66:11:07:f2:4d:f8:1c:1f:95:91:b3:ca:02:ee:86:
be:63:aa:98:ed:47:9d:50:a6:60:8f:0a:db:6c:20:36:83:76:
e5:fe:1b:4b:8c:ae:7a:43:dd:76:fa:84:9b:43:28:4e:2a:20:
6a:b2:4a:db:20:4c:92:ff:92:f0:5b:5b:5a:e3:5b:67:be:5c:
53:1c:73:64:27:3f:e0:57:82:81:d9:af:22:5d:cc:3f:26:6b:
20:f7:50:33:f9:42:05:4a:7a:9c:e5:28:da:64:a0:95:80:a0:
45:df:9d:c4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBYdh5DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MTM4MzY4NTljNmNlMTg2OTM0MGVkZjFmMjczNzA5YjgwOTRkOWQ0MB4XDTIyMDEw
MTA1NTc0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQzOWViYzRhMTA2
NWNiYmRkODU5YzFmNjc5NDc0Njk2YmFlZTU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+tWTHmwK81cOLTDyg8C0pIprXGBq3he1ns0e5hha40Jthu
1MqrokvNL8cCiWVPJ5w4y8P9ktxE8nGf7DQ/AMNP9ugUC+H6XcGKudca4M7CvkaL
uIbtlIYnv1zuvc+nkIw0r3ONCbbVhDbI5TB0TJK+jiiZY/cYtXmqaC+pE4KfuWLw
JrjTevWfmPhoRuYJpXC0/YsSNSMkxwN7YJZM38THgPzQ/hBxrTXCSjt9VdKJrnIx
JC7aFbC+GFa3w80LKHCazJ243GH2WSOw2ozIeHbvHXlprf0eshX4lUaghZa4BU6f
RJTUgAitzwU7dXNyYZa8BOYe0wLhVIoKvOoyWYECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSkOevEoQZcu92FnB9nlHRpa67lbzAfBgNVHSMEGDAWgBSRODaFnGzhhpNA
7fHyc3CbgJTZ1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tUZzJoWnhzNFlhVFFPM3g4bk53bTRDVTJkUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvZThmMzQ0LWVkYjItNDQwMC1iM2NhLTUyN2FjNTRjMjM1Ny8x
L3BEbnJ4S0VHWEx2ZGhad2ZaNVIwYVd1dTVXOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
ZThmMzQ0LWVkYjItNDQwMC1iM2NhLTUyN2FjNTRjMjM1Ny8xL2tUZzJoWnhzNFlh
VFFPM3g4bk53bTRDVTJkUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArliRDANBAIAAjAHAwUAKgB7wDAN
BgkqhkiG9w0BAQsFAAOCAQEALA08l10P1orINs6LH0wSep8vBubR7v/GbGw/EPOg
X4Mfg0kNWc2hpL9UZAZgzB1K1TrtMLDu7CIsimCgxWlsviAOSdkDDynw+DFnBi54
UD4hHsfqH6V/TvXRlLJ1tbVGtr5dKrmb/mwilO7pX3r1Juxkt7SJyVRjRZJsP3+7
qD7BS4/LoC6oZlPXLSF8bGmJZSKLZhEH8k34HB+VkbPKAu6GvmOqmO1HnVCmYI8K
22wgNoN25f4bS4yuekPddvqEm0MoTiogarJK2yBMkv+S8FtbWuNbZ75cUxxzZCc/
4FeCgdmvIl3MPyZrIPdQM/lCBUp6nOUo2mSglYCgRd+dxA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:48 2025 by rpki-client