Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/i96Pr9V9MrRQKrWKaLVvXT-wq-Y.roa
File: i96Pr9V9MrRQKrWKaLVvXT-wq-Y.roa (raw, json)
Hash identifier: J/cPQaSHwaxj9e1uWgCPIWY1/brCquXfLdMn7/biR6w=
Subject key identifier: 8B:DE:8F:AF:D5:7D:32:B4:50:2A:B5:8A:68:B5:6F:5D:3F:B0:AB:E6
Certificate issuer: /CN=2aa380e230cb334361b4861e2f694124387f8529
Certificate serial: 0187DCEA1ED6647C80A1FB26A779E9FA11E0
Authority key identifier: 2A:A3:80:E2:30:CB:33:43:61:B4:86:1E:2F:69:41:24:38:7F:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqOA4jDLM0NhtIYeL2lBJDh_hSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/i96Pr9V9MrRQKrWKaLVvXT-wq-Y.roa
Signing time: Tue 02 May 2023 14:42:23 +0000
ROA not before: Tue 02 May 2023 14:42:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203022
IP address blocks: 185.213.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:ea:1e:d6:64:7c:80:a1:fb:26:a7:79:e9:fa:11:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2aa380e230cb334361b4861e2f694124387f8529
Validity
Not Before: May 2 14:42:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bde8fafd57d32b4502ab58a68b56f5d3fb0abe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:63:c4:c9:76:d4:8d:e6:10:b2:67:60:7c:
ae:c4:7b:ca:2d:83:b9:98:89:51:9d:a3:c3:4e:70:
d6:38:72:c8:e7:97:3c:ca:98:db:3b:72:ad:0b:f2:
6e:69:30:45:b4:81:fd:4f:5f:b5:54:90:1c:14:ac:
e0:03:ed:b7:9b:3b:96:80:6f:5b:69:7e:61:02:10:
36:19:5a:78:1b:2c:5a:98:04:8b:4e:dc:b1:70:36:
29:4f:e1:6d:c8:30:96:c0:46:58:e7:e1:8e:c4:d9:
66:37:18:e0:96:ad:d1:79:92:8a:1f:7a:98:6b:9b:
3f:03:41:46:22:2d:f0:e0:1b:51:75:5a:3b:c2:be:
e9:27:96:4e:8b:a1:84:64:c2:ce:20:f2:05:e9:2d:
f4:ef:63:67:55:31:53:f9:98:cd:38:5a:60:38:8d:
ea:7e:b2:be:50:27:42:6b:2f:6a:8c:aa:1e:cd:85:
b3:32:30:ab:d3:a5:07:f7:ec:f3:d3:15:5f:6c:d1:
a8:b1:0b:21:de:99:42:f3:13:5a:4b:cb:ad:3b:e7:
f9:91:49:4b:ea:4e:7d:55:8a:1a:64:3a:10:a2:b8:
ac:0d:4d:47:60:f1:2a:7e:9d:44:df:f6:8e:fc:a3:
73:c8:48:8c:c8:c1:0e:59:b7:59:9b:f5:b3:b7:66:
d1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DE:8F:AF:D5:7D:32:B4:50:2A:B5:8A:68:B5:6F:5D:3F:B0:AB:E6
X509v3 Authority Key Identifier:
keyid:2A:A3:80:E2:30:CB:33:43:61:B4:86:1E:2F:69:41:24:38:7F:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqOA4jDLM0NhtIYeL2lBJDh_hSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/i96Pr9V9MrRQKrWKaLVvXT-wq-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/f2c803-43c8-44bb-9dd0-651229830170/1/KqOA4jDLM0NhtIYeL2lBJDh_hSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.128.0/22
Signature Algorithm: sha256WithRSAEncryption
42:95:8e:a7:bd:42:68:0f:d7:66:88:2a:d0:24:0f:c4:8e:df:
a4:ff:a1:09:90:ac:be:16:c9:c8:db:2f:82:90:14:32:f8:bc:
56:66:b0:47:18:f9:a0:e1:08:81:e1:20:c4:7e:04:5c:38:24:
61:9c:31:1a:40:ee:d3:87:90:7a:96:2d:19:f5:d3:7e:ae:ed:
d3:2e:5c:c6:db:76:cd:85:65:d5:24:7d:58:5a:34:9f:37:cd:
cb:16:d3:2e:db:29:02:ba:56:79:c3:80:99:c6:04:f2:e7:ff:
8e:8c:93:f3:ce:7b:00:7b:49:f1:2c:10:c6:e6:ef:1e:85:f4:
3b:0b:9d:f6:1b:d5:71:e0:e3:e0:e2:10:31:e0:77:5c:16:ce:
e6:6e:f4:e1:08:b5:ec:fa:6c:de:a4:1c:16:da:a9:12:e2:b1:
bb:97:29:ef:f3:f8:47:7f:d2:b9:35:cc:82:94:61:a2:c3:88:
8b:f9:4c:f6:14:4c:9e:e2:86:d4:d6:37:1f:50:8b:42:fa:06:
fa:b3:ed:88:9c:c6:25:c5:2d:1e:ca:c9:b8:b1:3c:81:88:d9:
0c:51:74:97:ee:f5:99:00:a9:8b:bd:47:10:ce:18:6d:ab:b7:
5e:83:24:5c:f6:37:0f:c2:79:0c:70:2d:b7:14:26:19:7a:b4:
71:47:8e:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfc6h7WZHyAofsmp3np+hHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYTM4MGUyMzBjYjMzNDM2MWI0ODYxZTJmNjk0MTI0Mzg3
Zjg1MjkwHhcNMjMwNTAyMTQ0MjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRlOGZhZmQ1N2QzMmI0NTAyYWI1OGE2OGI1NmY1ZDNmYjBhYmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ1jxMl21I3mELJnYHyuxHvKLYO5
mIlRnaPDTnDWOHLI55c8ypjbO3KtC/JuaTBFtIH9T1+1VJAcFKzgA+23mzuWgG9b
aX5hAhA2GVp4GyxamASLTtyxcDYpT+FtyDCWwEZY5+GOxNlmNxjglq3ReZKKH3qY
a5s/A0FGIi3w4BtRdVo7wr7pJ5ZOi6GEZMLOIPIF6S3072NnVTFT+ZjNOFpgOI3q
frK+UCdCay9qjKoezYWzMjCr06UH9+zz0xVfbNGosQsh3plC8xNaS8utO+f5kUlL
6k59VYoaZDoQorisDU1HYPEqfp1E3/aO/KNzyEiMyMEOWbdZm/Wzt2bRDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIvej6/VfTK0UCq1imi1b10/sKvmMB8GA1UdIwQY
MBaAFCqjgOIwyzNDYbSGHi9pQSQ4f4UpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3FPQTRqRExNME5odElZZUwybEJKRGhfaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mMmM4MDMtNDNjOC00NGJiLTlkZDAt
NjUxMjI5ODMwMTcwLzEvaTk2UHI5VjlNclJRS3JXS2FMVnZYVC13cS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mMmM4MDMtNDNjOC00NGJiLTlkZDAtNjUxMjI5ODMwMTcw
LzEvS3FPQTRqRExNME5odElZZUwybEJKRGhfaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudWAMA0G
CSqGSIb3DQEBCwUAA4IBAQBClY6nvUJoD9dmiCrQJA/Ejt+k/6EJkKy+FsnI2y+C
kBQy+LxWZrBHGPmg4QiB4SDEfgRcOCRhnDEaQO7Th5B6li0Z9dN+ru3TLlzG23bN
hWXVJH1YWjSfN83LFtMu2ykCulZ5w4CZxgTy5/+OjJPzznsAe0nxLBDG5u8ehfQ7
C532G9Vx4OPg4hAx4HdcFs7mbvThCLXs+mzepBwW2qkS4rG7lynv8/hHf9K5NcyC
lGGiw4iL+Uz2FEye4obU1jcfUItC+gb6s+2InMYlxS0eysm4sTyBiNkMUXSX7vWZ
AKmLvUcQzhhtq7degyRc9jcPwnkMcC23FCYZerRxR44W
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:20:04 2025 by rpki-client