Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/j5IP1JXlmNIkBEDB1gA-rN3Ssv8.roa
File: j5IP1JXlmNIkBEDB1gA-rN3Ssv8.roa (raw, json)
Hash identifier: aBDgbV/+mWvrPLHtKQH6Ui4p/3xcwi2+a0Pye4N40Ak=
Subject key identifier: 8F:92:0F:D4:95:E5:98:D2:24:04:40:C1:D6:00:3E:AC:DD:D2:B2:FF
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 01856B258BA43BC572C8C60943BE661ECA37
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/j5IP1JXlmNIkBEDB1gA-rN3Ssv8.roa
Signing time: Sun 01 Jan 2023 02:25:00 +0000
ROA not before: Sun 01 Jan 2023 02:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60983
IP address blocks: 185.22.128.0/22 maxlen: 24
2a00:6060:ee37::/48 maxlen: 48
2a00:6060::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:25:8b:a4:3b:c5:72:c8:c6:09:43:be:66:1e:ca:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 1 02:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f920fd495e598d2240440c1d6003eacddd2b2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:02:75:74:5c:1a:d1:20:fe:75:4f:69:fb:fe:
74:c2:0e:08:f5:d4:8d:18:2d:1d:31:8e:ee:73:c2:
1d:1f:32:23:c5:21:29:92:a7:bf:cb:1f:dd:a4:10:
6e:db:b7:48:94:15:29:7c:71:58:49:e4:5f:7b:0e:
d2:6e:6f:96:d7:64:39:6e:84:ce:d6:48:75:bc:ba:
08:48:46:a5:c0:77:e1:d7:e3:cd:c3:b4:9d:b3:53:
fd:4a:8f:b8:e5:8e:5e:11:9f:2c:2c:65:ac:9a:9f:
2b:cb:81:50:88:83:45:c0:a1:85:06:ec:cd:f4:a7:
42:6e:07:19:e6:21:fc:5d:94:0a:6a:2c:a2:9f:a7:
f3:98:2b:ac:d3:82:20:11:46:d4:5f:f0:3b:b1:80:
d2:1a:cb:d9:9d:e7:88:5a:1b:a5:85:c7:fc:25:47:
c8:0a:b9:b0:79:f9:51:f2:70:72:e8:a5:df:da:1b:
b8:63:72:8f:80:40:c8:98:50:73:48:21:03:e8:d2:
0c:3e:4c:a4:f3:4a:fd:a5:29:2c:82:21:d1:49:ad:
35:2e:4b:79:46:97:f3:f3:9e:2d:19:38:a8:09:ac:
07:b0:45:3d:81:89:ef:b4:54:c2:d1:aa:01:0d:b6:
36:b4:f4:fe:7e:1b:18:43:6c:0a:bc:1a:34:ae:55:
0b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:92:0F:D4:95:E5:98:D2:24:04:40:C1:D6:00:3E:AC:DD:D2:B2:FF
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/j5IP1JXlmNIkBEDB1gA-rN3Ssv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
79:05:52:b1:ee:80:79:79:85:7a:50:4e:24:e5:d2:cf:c4:0c:
3f:16:3b:38:2b:cc:70:b5:01:a7:9f:6b:37:9d:62:0e:ea:bd:
ae:97:56:40:18:a9:3e:de:8e:0a:44:8e:d0:28:5d:5b:12:7a:
25:04:3c:46:3c:fe:b2:51:09:46:aa:27:d0:59:f7:ed:72:33:
4a:ee:00:3b:ec:ef:b6:0b:86:26:5a:37:c0:02:8e:40:e0:cc:
c1:bc:95:df:9c:95:12:55:5f:9d:99:1c:a9:b1:e9:14:2f:35:
0f:5a:15:68:c6:44:71:f2:b5:1a:47:f9:3b:8b:49:10:64:d9:
9f:0f:e1:f5:ad:a4:ad:9e:6a:7b:05:af:48:6e:d3:a3:db:45:
31:26:b1:c4:a7:1d:56:13:3f:7e:ef:56:79:48:d5:be:56:5d:
87:ef:6d:1d:1d:bb:97:92:2d:a8:c4:2d:9f:ad:be:88:ac:16:
e6:5a:e7:b7:e1:72:65:61:b1:95:c9:12:43:e3:17:da:7c:48:
04:bd:6c:92:36:72:98:5b:a4:15:af:ac:b5:d7:ef:8d:93:a6:
e0:96:94:8d:d2:08:c4:78:85:d6:88:88:20:b6:86:3a:9c:ca:
f6:89:7c:56:b4:d2:f0:3e:cb:37:56:4b:d1:3f:39:fd:b5:bd:
55:b1:02:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrJYukO8VyyMYJQ75mHso3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjMwMTAxMDIyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjkyMGZkNDk1ZTU5OGQyMjQwNDQwYzFkNjAwM2VhY2RkZDJiMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQJ1dFwa0SD+dU9p+/50wg4I9dSN
GC0dMY7uc8IdHzIjxSEpkqe/yx/dpBBu27dIlBUpfHFYSeRfew7Sbm+W12Q5boTO
1kh1vLoISEalwHfh1+PNw7Sds1P9So+45Y5eEZ8sLGWsmp8ry4FQiINFwKGFBuzN
9KdCbgcZ5iH8XZQKaiyin6fzmCus04IgEUbUX/A7sYDSGsvZneeIWhulhcf8JUfI
CrmweflR8nBy6KXf2hu4Y3KPgEDImFBzSCED6NIMPkyk80r9pSksgiHRSa01Lkt5
Rpfz854tGTioCawHsEU9gYnvtFTC0aoBDbY2tPT+fhsYQ2wKvBo0rlULMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI+SD9SV5ZjSJARAwdYAPqzd0rL/MB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvajVJUDFKWGxtTklrQkVEQjFnQS1yTjNTc3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRaAMA0E
AgACMAcDBQAqAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQB5BVKx7oB5eYV6UE4k5dLP
xAw/Fjs4K8xwtQGnn2s3nWIO6r2ul1ZAGKk+3o4KRI7QKF1bEnolBDxGPP6yUQlG
qifQWfftcjNK7gA77O+2C4YmWjfAAo5A4MzBvJXfnJUSVV+dmRypsekULzUPWhVo
xkRx8rUaR/k7i0kQZNmfD+H1raStnmp7Ba9IbtOj20UxJrHEpx1WEz9+71Z5SNW+
Vl2H720dHbuXki2oxC2frb6IrBbmWue34XJlYbGVyRJD4xfafEgEvWySNnKYW6QV
r6y11++Nk6bglpSN0gjEeIXWiIggtoY6nMr2iXxWtNLwPss3VkvRPzn9tb1VsQKT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:03 2025 by rpki-client