Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/RKhLiagzaVnlBYqibb_KitxqJiU.roa
File: RKhLiagzaVnlBYqibb_KitxqJiU.roa (raw, json)
Hash identifier: YaHqNpcUqNBx7mDI+EQVNij/yDsROU/ZAhHJX5XWChg=
Subject key identifier: 44:A8:4B:89:A8:33:69:59:E5:05:8A:A2:6D:BF:CA:8A:DC:6A:26:25
Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial: 0606CF96
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/RKhLiagzaVnlBYqibb_KitxqJiU.roa
Signing time: Sat 01 Jan 2022 11:01:50 +0000
ROA not before: Sat 01 Jan 2022 11:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.64.6.0/24 maxlen: 24
2a10:2307:fffd::/48 maxlen: 48
2a10:2307:ffff::/48 maxlen: 48
2a10:2307:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101109654 (0x606cf96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Validity
Not Before: Jan 1 11:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44a84b89a8336959e5058aa26dbfca8adc6a2625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:58:c3:be:1a:42:5f:94:84:8c:f7:8d:4a:f1:
c6:7a:d2:ea:43:d2:4e:5a:20:02:75:97:9f:67:65:
ee:01:30:53:b2:2e:64:e8:25:58:ed:a7:0d:f4:1e:
3d:73:9d:68:34:a9:8a:8f:66:08:e9:72:bf:ca:82:
1d:54:20:2e:66:a8:2d:3b:73:70:9e:e5:f2:ea:27:
a6:c9:72:6d:21:de:ec:8e:88:50:7e:42:6a:d5:27:
96:1b:a9:92:9d:ce:3c:8b:67:a3:9c:3b:65:f7:ac:
59:ea:7f:74:b9:9f:05:81:61:7c:83:21:94:0f:5c:
d8:23:cd:b5:06:3c:ac:2d:65:31:11:dd:76:33:0d:
e6:86:eb:36:d7:95:5b:88:35:41:31:59:a7:cc:10:
91:7e:f2:52:97:73:46:c8:c9:27:e9:36:7b:54:bf:
a0:96:5f:38:53:e1:54:7f:c2:4b:0c:b0:90:20:06:
38:66:22:70:32:bc:d7:76:ad:c5:41:8d:02:3d:23:
ce:1c:2b:14:5d:a2:69:83:99:22:f9:1e:57:8b:6a:
1a:da:f6:4c:f8:bb:7b:b5:ff:02:32:ae:ed:d9:07:
7f:34:e5:ab:8f:ec:4b:ce:51:59:45:0b:ef:96:5b:
6f:92:da:d9:61:9f:ef:83:5e:40:68:a8:a3:14:ff:
c7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A8:4B:89:A8:33:69:59:E5:05:8A:A2:6D:BF:CA:8A:DC:6A:26:25
X509v3 Authority Key Identifier:
keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/RKhLiagzaVnlBYqibb_KitxqJiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.6.0/24
IPv6:
2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:c4:7a:ad:31:6d:59:35:bc:16:a2:e5:2e:ae:6d:4a:65:ed:
35:6d:34:58:a1:3b:61:2b:15:d2:4c:87:85:18:61:3e:bb:d5:
1a:96:c5:5f:98:80:95:34:92:8d:a8:fa:0e:ca:69:80:3d:84:
49:94:6c:6a:08:d9:d9:89:9f:cb:36:a7:e6:2f:c8:c6:1f:89:
3f:39:76:6a:b6:43:27:ac:5e:f7:a4:b7:9b:8b:3c:43:67:42:
db:5d:60:5e:25:76:76:fd:34:d8:bf:e9:0d:51:cd:c8:5a:f9:
8e:7a:d5:24:b0:a9:4e:1a:4b:97:fb:1b:f2:05:c9:8d:09:f8:
af:46:a9:30:15:b3:d2:e9:80:fd:90:cc:c7:d9:36:38:05:77:
21:59:87:1c:3e:f0:b9:ed:fd:f4:ec:2e:ac:5a:54:fd:bc:46:
33:51:c8:75:6b:57:da:f0:d4:b8:3e:25:c7:52:e0:21:fb:fa:
9e:0b:32:3a:22:8a:9e:53:e8:66:b9:3f:77:07:f3:38:16:44:
52:50:d5:cf:49:2b:16:15:e2:78:91:fd:e6:75:e1:3a:25:8d:
06:85:63:67:fd:db:92:46:b3:7b:b1:dc:c3:44:45:97:a9:63:
73:01:91:34:c3:71:d9:73:75:1f:e3:f6:30:f7:46:cb:1b:ae:
20:e5:91:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBgbPljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDcwNmIyYjk1NTg4ZDc4MGUzNmVmODJhOGY1NGEzMTdkNTg2OWUyMB4XDTIyMDEw
MTExMDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRhODRiODlhODMz
Njk1OWU1MDU4YWEyNmRiZmNhOGFkYzZhMjYyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJNYw74aQl+UhIz3jUrxxnrS6kPSTlogAnWXn2dl7gEwU7Iu
ZOglWO2nDfQePXOdaDSpio9mCOlyv8qCHVQgLmaoLTtzcJ7l8uonpslybSHe7I6I
UH5CatUnlhupkp3OPItno5w7ZfesWep/dLmfBYFhfIMhlA9c2CPNtQY8rC1lMRHd
djMN5obrNteVW4g1QTFZp8wQkX7yUpdzRsjJJ+k2e1S/oJZfOFPhVH/CSwywkCAG
OGYicDK813atxUGNAj0jzhwrFF2iaYOZIvkeV4tqGtr2TPi7e7X/AjKu7dkHfzTl
q4/sS85RWUUL75Zbb5La2WGf74NeQGiooxT/xwkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBREqEuJqDNpWeUFiqJtv8qK3GomJTAfBgNVHSMEGDAWgBQwcGsrlViNeA42
74Ko9UoxfVhp4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IQnJLNVZZalhnT051LUNxUFZLTVgxWWFlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvMjhkZWJiLTNhNTktNGVlMS1iZDM3LTg0ZWQ5MWVjMWM2NS8x
L1JLaExpYWd6YVZubEJZcWliYl9LaXR4cUppVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
MjhkZWJiLTNhNTktNGVlMS1iZDM3LTg0ZWQ5MWVjMWM2NS8xL01IQnJLNVZZalhn
T051LUNxUFZLTVgxWWFlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEALlABjAYBAIAAjASMBADBwAqECMH
//0DBQMqECMAMA0GCSqGSIb3DQEBCwUAA4IBAQAvxHqtMW1ZNbwWouUurm1KZe01
bTRYoTthKxXSTIeFGGE+u9UalsVfmICVNJKNqPoOymmAPYRJlGxqCNnZiZ/LNqfm
L8jGH4k/OXZqtkMnrF73pLebizxDZ0LbXWBeJXZ2/TTYv+kNUc3IWvmOetUksKlO
GkuX+xvyBcmNCfivRqkwFbPS6YD9kMzH2TY4BXchWYccPvC57f307C6sWlT9vEYz
Uch1a1fa8NS4PiXHUuAh+/qeCzI6IoqeU+hmuT93B/M4FkRSUNXPSSsWFeJ4kf3m
deE6JY0GhWNn/duSRrN7sdzDREWXqWNzAZE0w3HZc3Uf4/Yw90bLG64g5ZEl
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:05:06 2025 by rpki-client