Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/o8ksDsnA9pzKu_Zq5VtMtmPAdk0.roa
File: o8ksDsnA9pzKu_Zq5VtMtmPAdk0.roa (raw, json)
Hash identifier: hNW7CEpFOkO6xYQ+SvFhgCANDRkR9c/Bbzs6UPCZ7jQ=
Subject key identifier: A3:C9:2C:0E:C9:C0:F6:9C:CA:BB:F6:6A:E5:5B:4C:B6:63:C0:76:4D
Certificate issuer: /CN=64ff41a24fc48271b992327a2dae5a433bded050
Certificate serial: 0AB44B09
Authority key identifier: 64:FF:41:A2:4F:C4:82:71:B9:92:32:7A:2D:AE:5A:43:3B:DE:D0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZP9Bok_EgnG5kjJ6La5aQzve0FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/o8ksDsnA9pzKu_Zq5VtMtmPAdk0.roa
Signing time: Sat 01 Jan 2022 13:56:20 +0000
ROA not before: Sat 01 Jan 2022 13:56:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200600
IP address blocks: 185.101.220.0/22 maxlen: 22
2a06:2140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179587849 (0xab44b09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ff41a24fc48271b992327a2dae5a433bded050
Validity
Not Before: Jan 1 13:56:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3c92c0ec9c0f69ccabbf66ae55b4cb663c0764d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cf:43:30:f1:6f:c0:82:16:d8:85:22:cc:56:
cc:9e:f4:a3:5a:2c:69:59:9c:11:30:2c:19:90:05:
44:ee:95:69:55:55:0d:3e:55:de:9c:39:10:f9:3c:
5d:30:22:65:e7:cc:93:c5:4d:a6:c0:00:fa:e2:94:
db:72:e6:15:fb:6e:cb:a5:3e:ad:26:a9:8b:89:d2:
b6:d4:76:71:fd:3d:d8:f5:7e:ff:2b:c4:63:e8:94:
1f:86:d4:72:23:c5:79:cb:b6:c3:20:54:60:02:6f:
5b:86:09:e3:98:cb:9c:6f:29:e4:93:60:58:d6:ff:
c5:30:36:5a:0f:30:8e:a6:59:d6:c9:54:9b:20:e4:
d5:c4:30:67:c5:26:18:dd:52:a2:f0:8b:2c:12:1a:
87:7e:17:75:a9:27:48:95:77:80:30:2b:6c:28:b5:
00:d0:38:1c:1c:93:45:e9:bf:a3:57:01:49:48:bc:
05:28:92:62:b9:49:79:74:a8:66:11:63:9e:19:37:
13:e3:8e:be:25:88:52:e2:62:eb:1e:39:98:4b:a9:
d0:ad:24:65:4b:9c:e9:de:a5:92:2d:e1:09:fb:d5:
17:b3:be:0f:ad:de:df:b4:92:b8:d7:89:ba:d5:ea:
57:d0:1e:58:23:06:4a:58:d5:2b:49:2e:75:40:b9:
ea:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C9:2C:0E:C9:C0:F6:9C:CA:BB:F6:6A:E5:5B:4C:B6:63:C0:76:4D
X509v3 Authority Key Identifier:
keyid:64:FF:41:A2:4F:C4:82:71:B9:92:32:7A:2D:AE:5A:43:3B:DE:D0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZP9Bok_EgnG5kjJ6La5aQzve0FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/o8ksDsnA9pzKu_Zq5VtMtmPAdk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/d796e4-d654-4e7b-84d4-f01a62400821/1/ZP9Bok_EgnG5kjJ6La5aQzve0FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.220.0/22
IPv6:
2a06:2140::/29
Signature Algorithm: sha256WithRSAEncryption
3d:62:73:35:aa:09:eb:40:1d:51:cd:9e:da:aa:8a:53:d0:25:
43:8f:0e:66:fd:45:35:e1:9b:42:18:95:db:eb:75:ef:6a:ea:
b1:32:0b:f2:91:33:7c:6b:2d:ec:79:b9:b0:5a:10:8d:8d:fb:
df:09:60:17:2b:fb:6d:cb:a7:0c:29:bf:2d:b4:51:f6:40:4b:
93:a2:2a:82:98:8f:02:ce:36:aa:ee:70:fa:37:85:68:68:d5:
8a:ed:15:8b:48:7c:6e:53:f8:59:e0:f9:91:57:91:32:c2:fe:
55:0f:2e:51:c5:98:2d:34:f8:ce:f1:43:45:21:cd:69:c0:fa:
5c:85:57:06:f9:2f:96:16:1a:e9:8d:56:a1:cd:62:0a:76:b5:
9b:ee:84:d7:e4:a0:38:2d:07:4b:6e:99:c9:61:22:eb:48:a1:
b1:0b:e8:3f:e8:16:7a:48:b9:5c:39:f7:96:42:e8:36:f9:81:
78:06:31:ad:53:fb:b3:3f:9b:54:9c:d0:a4:c4:0d:d0:01:74:
0f:80:95:4a:e3:d5:a7:9d:6a:0b:eb:f3:17:4e:3a:5a:8e:cd:
fc:9e:16:f8:3e:21:09:82:5d:42:0f:34:d6:d6:90:b7:28:72:
01:55:75:8e:70:74:ae:64:02:2c:7c:6f:ad:4e:c4:05:81:42:
0f:6e:44:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECrRLCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGZmNDFhMjRmYzQ4MjcxYjk5MjMyN2EyZGFlNWE0MzNiZGVkMDUwMB4XDTIyMDEw
MTEzNTYyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNjOTJjMGVjOWMw
ZjY5Y2NhYmJmNjZhZTU1YjRjYjY2M2MwNzY0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfPQzDxb8CCFtiFIsxWzJ70o1osaVmcETAsGZAFRO6VaVVV
DT5V3pw5EPk8XTAiZefMk8VNpsAA+uKU23LmFftuy6U+rSapi4nSttR2cf092PV+
/yvEY+iUH4bUciPFecu2wyBUYAJvW4YJ45jLnG8p5JNgWNb/xTA2Wg8wjqZZ1slU
myDk1cQwZ8UmGN1SovCLLBIah34XdaknSJV3gDArbCi1ANA4HByTRem/o1cBSUi8
BSiSYrlJeXSoZhFjnhk3E+OOviWIUuJi6x45mEup0K0kZUuc6d6lki3hCfvVF7O+
D63e37SSuNeJutXqV9AeWCMGSljVK0kudUC56m0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSjySwOycD2nMq79mrlW0y2Y8B2TTAfBgNVHSMEGDAWgBRk/0GiT8SCcbmS
MnotrlpDO97QUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pQOUJva19FZ25HNWtqSjZMYTVhUXp2ZTBGQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvZDc5NmU0LWQ2NTQtNGU3Yi04NGQ0LWYwMWE2MjQwMDgyMS8x
L284a3NEc25BOXB6S3VfWnE1VnRNdG1QQWRrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
ZDc5NmU0LWQ2NTQtNGU3Yi04NGQ0LWYwMWE2MjQwMDgyMS8xL1pQOUJva19FZ25H
NWtqSjZMYTVhUXp2ZTBGQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArll3DANBAIAAjAHAwUDKgYhQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPWJzNaoJ60AdUc2e2qqKU9AlQ48OZv1FNeGbQhiV
2+t172rqsTIL8pEzfGst7Hm5sFoQjY373wlgFyv7bcunDCm/LbRR9kBLk6IqgpiP
As42qu5w+jeFaGjViu0Vi0h8blP4WeD5kVeRMsL+VQ8uUcWYLTT4zvFDRSHNacD6
XIVXBvkvlhYa6Y1Woc1iCna1m+6E1+SgOC0HS26ZyWEi60ihsQvoP+gWeki5XDn3
lkLoNvmBeAYxrVP7sz+bVJzQpMQN0AF0D4CVSuPVp51qC+vzF046Wo7N/J4W+D4h
CYJdQg801taQtyhyAVV1jnB0rmQCLHxvrU7EBYFCD25EDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:29 2024 by rpki-client on console-fra.rpki-client.org