Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/h00eXiM15inj7p2JSAaGJl1bcD4.roa
File: h00eXiM15inj7p2JSAaGJl1bcD4.roa (raw, json)
Hash identifier: qVoCfs5aUbvLv2uEmkjoSQEmU+g3QbqeZljfa2t0kYw=
Subject key identifier: 87:4D:1E:5E:23:35:E6:29:E3:EE:9D:89:48:06:86:26:5D:5B:70:3E
Certificate issuer: /CN=6dc85b6788e450c054134ae8c365748b23f74267
Certificate serial: 0189E5EB9241B1D1EF84E18F65CB85075E06
Authority key identifier: 6D:C8:5B:67:88:E4:50:C0:54:13:4A:E8:C3:65:74:8B:23:F7:42:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bchbZ4jkUMBUE0row2V0iyP3Qmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/h00eXiM15inj7p2JSAaGJl1bcD4.roa
Signing time: Fri 11 Aug 2023 18:46:08 +0000
ROA not before: Fri 11 Aug 2023 18:46:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199889
IP address blocks: 185.207.20.0/24 maxlen: 24
2a13:ca00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e5:eb:92:41:b1:d1:ef:84:e1:8f:65:cb:85:07:5e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dc85b6788e450c054134ae8c365748b23f74267
Validity
Not Before: Aug 11 18:46:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=874d1e5e2335e629e3ee9d89480686265d5b703e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f2:55:03:97:88:30:54:b2:e6:72:37:79:1d:
07:fa:5a:96:a7:0d:d3:5d:c9:22:81:9d:98:7d:9e:
35:44:1b:89:f4:10:4e:fe:9f:20:21:e2:23:e2:89:
e7:52:c5:06:b6:dd:26:a3:f2:f5:8d:66:e0:21:0c:
2b:e0:e8:33:89:9b:49:38:40:3f:74:cc:62:10:1e:
d1:2a:e3:36:f8:af:80:7d:91:84:28:9e:7c:97:ae:
8e:89:13:12:9b:df:8b:c9:66:1e:af:3e:66:fa:cc:
37:4f:67:2e:bd:a5:ad:ce:86:25:95:b0:dc:4a:f9:
a8:08:c8:b4:ad:a6:f4:d1:90:37:ad:3b:23:48:28:
63:3e:dc:b0:f4:cf:f3:cd:52:b9:d7:0d:01:09:9f:
70:ee:0a:0c:8e:d9:ce:e7:5f:65:72:7a:cb:7d:8e:
2f:33:a2:fb:bf:bd:ca:62:e5:07:21:32:dd:86:95:
0d:07:ce:bb:af:45:b1:2c:d5:fc:b1:ad:ce:a5:c5:
40:38:61:cf:dc:29:72:cf:06:01:3d:0f:00:ba:94:
0a:ed:16:9a:1b:c4:a2:4e:d4:79:15:cd:aa:06:77:
17:c0:f4:ba:25:f2:43:b6:6f:5b:9f:16:aa:b3:48:
06:23:50:94:5c:7f:bc:be:cb:5b:9e:f9:85:47:a9:
f4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:4D:1E:5E:23:35:E6:29:E3:EE:9D:89:48:06:86:26:5D:5B:70:3E
X509v3 Authority Key Identifier:
keyid:6D:C8:5B:67:88:E4:50:C0:54:13:4A:E8:C3:65:74:8B:23:F7:42:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bchbZ4jkUMBUE0row2V0iyP3Qmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/h00eXiM15inj7p2JSAaGJl1bcD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ebf169-be17-4ce9-9275-081786ab0748/1/bchbZ4jkUMBUE0row2V0iyP3Qmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.20.0/24
IPv6:
2a13:ca00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:4b:00:b9:44:fb:71:42:f2:51:de:bd:76:9f:e9:bf:2b:64:
44:2f:9e:55:a0:f4:8e:58:24:fc:cb:76:1c:48:00:19:90:6e:
54:be:61:3a:1f:c3:24:7c:4c:87:8e:25:fd:94:8e:4b:04:71:
c7:c2:fe:35:15:3b:a2:51:a9:41:90:a7:ef:4d:3c:f6:19:38:
af:4c:4c:73:f0:9b:32:6e:b7:36:1c:8f:cb:07:18:6b:c5:eb:
d0:35:01:1c:6d:63:2f:59:c6:8c:40:2f:5a:b3:0c:e1:da:7a:
f4:1f:eb:8d:d1:67:a1:4f:92:32:e7:78:be:0a:e3:4f:77:02:
70:41:0c:c9:b1:c4:0d:e0:c5:7b:10:d8:70:2a:58:70:b6:89:
77:3b:95:7d:63:7b:d4:8d:50:5a:6f:b8:69:25:e4:a0:5d:31:
33:c8:8e:99:58:d6:74:ad:df:0e:67:c1:1f:89:94:38:8d:1e:
cc:8a:67:26:79:6f:df:63:f6:98:14:e6:ea:bb:af:25:da:e4:
7b:43:a4:70:ea:f1:7c:1b:49:14:e7:86:e9:6c:fa:2d:77:4a:
31:fa:e8:67:a8:c4:93:a4:79:37:b1:db:b6:90:c6:2a:2c:63:
df:81:05:e2:5d:71:8a:43:1a:86:ea:45:0d:97:51:e1:db:da:
fc:96:cf:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYnl65JBsdHvhOGPZcuFB14GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYzg1YjY3ODhlNDUwYzA1NDEzNGFlOGMzNjU3NDhiMjNm
NzQyNjcwHhcNMjMwODExMTg0NjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzRkMWU1ZTIzMzVlNjI5ZTNlZTlkODk0ODA2ODYyNjVkNWI3MDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvJVA5eIMFSy5nI3eR0H+lqWpw3T
XckigZ2YfZ41RBuJ9BBO/p8gIeIj4onnUsUGtt0mo/L1jWbgIQwr4OgziZtJOEA/
dMxiEB7RKuM2+K+AfZGEKJ58l66OiRMSm9+LyWYerz5m+sw3T2cuvaWtzoYllbDc
SvmoCMi0rab00ZA3rTsjSChjPtyw9M/zzVK51w0BCZ9w7goMjtnO519lcnrLfY4v
M6L7v73KYuUHITLdhpUNB867r0WxLNX8sa3OpcVAOGHP3ClyzwYBPQ8AupQK7Raa
G8SiTtR5Fc2qBncXwPS6JfJDtm9bnxaqs0gGI1CUXH+8vstbnvmFR6n0vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIdNHl4jNeYp4+6diUgGhiZdW3A+MB8GA1UdIwQY
MBaAFG3IW2eI5FDAVBNK6MNldIsj90JnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmNoYlo0amtVTUJVRTByb3cyVjBpeVAzUW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYmYxNjktYmUxNy00Y2U5LTkyNzUt
MDgxNzg2YWIwNzQ4LzEvaDAwZVhpTTE1aW5qN3AySlNBYUdKbDFiY0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYmYxNjktYmUxNy00Y2U5LTkyNzUtMDgxNzg2YWIwNzQ4
LzEvYmNoYlo0amtVTUJVRTByb3cyVjBpeVAzUW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuc8UMA0E
AgACMAcDBQMqE8oAMA0GCSqGSIb3DQEBCwUAA4IBAQAcSwC5RPtxQvJR3r12n+m/
K2REL55VoPSOWCT8y3YcSAAZkG5UvmE6H8MkfEyHjiX9lI5LBHHHwv41FTuiUalB
kKfvTTz2GTivTExz8Jsybrc2HI/LBxhrxevQNQEcbWMvWcaMQC9aswzh2nr0H+uN
0WehT5Iy53i+CuNPdwJwQQzJscQN4MV7ENhwKlhwtol3O5V9Y3vUjVBab7hpJeSg
XTEzyI6ZWNZ0rd8OZ8EfiZQ4jR7MimcmeW/fY/aYFObqu68l2uR7Q6Rw6vF8G0kU
54bpbPotd0ox+uhnqMSTpHk3sdu2kMYqLGPfgQXiXXGKQxqG6kUNl1Hh29r8ls8z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:59 2025 by rpki-client