Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/80c0a0-8539-46ed-b122-fe0ca1a7d35d/1/nExgPHHm86eqfrV1DPUDLfkO7IY.roa
File: nExgPHHm86eqfrV1DPUDLfkO7IY.roa (raw, json)
Hash identifier: 6/T3JqHCHtBIG86f40Is+i3+uepsXnFnZO0KnLDtREo=
Subject key identifier: 9C:4C:60:3C:71:E6:F3:A7:AA:7E:B5:75:0C:F5:03:2D:F9:0E:EC:86
Certificate issuer: /CN=e2b6a6ff5969a15d25ddc3bbddd6beb94f48a5f9
Certificate serial: 018572B439292A35B72189721124045FBB01
Authority key identifier: E2:B6:A6:FF:59:69:A1:5D:25:DD:C3:BB:DD:D6:BE:B9:4F:48:A5:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ram_1lpoV0l3cO73da-uU9Ipfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/80c0a0-8539-46ed-b122-fe0ca1a7d35d/1/nExgPHHm86eqfrV1DPUDLfkO7IY.roa
Signing time: Mon 02 Jan 2023 13:38:11 +0000
ROA not before: Mon 02 Jan 2023 13:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41038
IP address blocks: 185.187.124.0/22 maxlen: 22
2a0b:a180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:39:29:2a:35:b7:21:89:72:11:24:04:5f:bb:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2b6a6ff5969a15d25ddc3bbddd6beb94f48a5f9
Validity
Not Before: Jan 2 13:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c4c603c71e6f3a7aa7eb5750cf5032df90eec86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:67:94:81:a6:89:ab:4c:7b:26:6f:27:7b:9b:
67:61:d8:44:6c:95:f3:84:5d:89:96:28:5f:fb:b7:
f4:70:12:05:ca:f1:67:76:91:20:4e:2b:63:d7:7f:
bb:13:9e:6c:15:ca:09:43:c0:c6:b9:fa:2d:20:94:
28:29:22:85:f4:c6:3a:ff:d1:36:61:9e:f4:6b:91:
07:81:7c:06:a0:19:39:87:2f:b4:4d:94:6e:ce:c2:
f2:f6:73:e3:58:2e:2c:f5:f5:31:88:67:a3:99:58:
2d:3d:fb:49:74:b4:ae:66:fe:a9:59:d4:18:65:ec:
59:9b:a7:48:8c:00:e5:8d:53:64:2b:0d:c0:67:a7:
d4:38:23:a1:d7:81:1f:7c:0d:14:68:ed:23:49:c4:
00:fd:ec:b2:8f:b9:3e:5e:33:56:36:ee:bc:78:f1:
54:53:39:b7:17:09:64:9a:0b:b7:bc:36:58:b9:a1:
c8:fc:c0:f5:1c:e0:e8:4b:a4:85:d2:af:09:d6:d3:
b3:c6:ce:ac:e7:a0:6e:ba:bc:c3:20:87:8a:cb:38:
e3:86:b4:15:01:50:b6:e9:d9:c7:0f:fd:0e:a6:2a:
12:f6:aa:8e:c8:c4:87:81:07:2d:39:6b:20:68:f9:
7c:0f:36:3b:72:06:56:61:33:15:b2:f6:66:6a:e4:
dc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4C:60:3C:71:E6:F3:A7:AA:7E:B5:75:0C:F5:03:2D:F9:0E:EC:86
X509v3 Authority Key Identifier:
keyid:E2:B6:A6:FF:59:69:A1:5D:25:DD:C3:BB:DD:D6:BE:B9:4F:48:A5:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ram_1lpoV0l3cO73da-uU9Ipfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/80c0a0-8539-46ed-b122-fe0ca1a7d35d/1/nExgPHHm86eqfrV1DPUDLfkO7IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/80c0a0-8539-46ed-b122-fe0ca1a7d35d/1/4ram_1lpoV0l3cO73da-uU9Ipfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.124.0/22
IPv6:
2a0b:a180::/29
Signature Algorithm: sha256WithRSAEncryption
61:da:8d:c3:b9:ed:39:87:97:03:93:b4:48:b0:63:4a:74:2b:
e2:74:11:c7:60:eb:d4:9f:47:a7:35:c9:d1:44:7c:39:eb:70:
e2:3b:6c:d4:c4:15:fd:56:c4:b5:7f:8e:5e:9e:b8:25:b8:66:
de:5c:45:1a:0f:41:8a:6a:fc:47:54:40:85:3a:64:73:a5:61:
28:33:f5:9f:cc:57:c2:9c:9b:17:9a:76:07:19:5d:b0:b6:9b:
62:4b:ab:70:a6:67:42:81:9b:4b:bf:3e:ec:a3:85:f3:95:af:
4d:65:6c:ee:07:16:32:28:98:ac:4d:7d:16:09:7d:b7:57:fb:
84:fa:f5:9d:f1:00:58:65:58:83:7a:ef:be:eb:65:26:06:32:
a2:ba:17:d0:09:61:6d:0a:fd:8c:2b:62:5a:02:fd:7b:31:21:
c4:74:ab:4e:98:fd:d4:27:ac:0d:d5:20:ea:94:48:a3:c9:f2:
cc:8e:3f:21:21:50:10:2c:50:4f:2e:ec:de:be:df:e6:21:9e:
e2:c5:dc:d7:c4:e1:19:4f:42:8e:c7:b3:c1:72:7e:ac:9c:70:
97:e4:aa:c1:1e:7e:3d:d5:2b:1e:f2:bc:59:3e:b0:26:3d:9f:
eb:2b:38:ba:68:07:38:fc:9d:2b:02:03:f9:7b:ea:22:cb:bc:
1c:f1:95:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytDkpKjW3IYlyESQEX7sBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYjZhNmZmNTk2OWExNWQyNWRkYzNiYmRkZDZiZWI5NGY0
OGE1ZjkwHhcNMjMwMTAyMTMzODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRjNjAzYzcxZTZmM2E3YWE3ZWI1NzUwY2Y1MDMyZGY5MGVlYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmeUgaaJq0x7Jm8ne5tnYdhEbJXz
hF2Jlihf+7f0cBIFyvFndpEgTitj13+7E55sFcoJQ8DGufotIJQoKSKF9MY6/9E2
YZ70a5EHgXwGoBk5hy+0TZRuzsLy9nPjWC4s9fUxiGejmVgtPftJdLSuZv6pWdQY
ZexZm6dIjADljVNkKw3AZ6fUOCOh14EffA0UaO0jScQA/eyyj7k+XjNWNu68ePFU
Uzm3Fwlkmgu3vDZYuaHI/MD1HODoS6SF0q8J1tOzxs6s56BuurzDIIeKyzjjhrQV
AVC26dnHD/0OpioS9qqOyMSHgQctOWsgaPl8DzY7cgZWYTMVsvZmauTcNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJxMYDxx5vOnqn61dQz1Ay35DuyGMB8GA1UdIwQY
MBaAFOK2pv9ZaaFdJd3Du93WvrlPSKX5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJhbV8xbHBvVjBsM2NPNzNkYS11VTlJcGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84MGMwYTAtODUzOS00NmVkLWIxMjIt
ZmUwY2ExYTdkMzVkLzEvbkV4Z1BISG04NmVxZnJWMURQVURMZmtPN0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS84MGMwYTAtODUzOS00NmVkLWIxMjItZmUwY2ExYTdkMzVk
LzEvNHJhbV8xbHBvVjBsM2NPNzNkYS11VTlJcGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubt8MA0E
AgACMAcDBQMqC6GAMA0GCSqGSIb3DQEBCwUAA4IBAQBh2o3Due05h5cDk7RIsGNK
dCvidBHHYOvUn0enNcnRRHw563DiO2zUxBX9VsS1f45enrgluGbeXEUaD0GKavxH
VECFOmRzpWEoM/WfzFfCnJsXmnYHGV2wtptiS6twpmdCgZtLvz7so4Xzla9NZWzu
BxYyKJisTX0WCX23V/uE+vWd8QBYZViDeu++62UmBjKiuhfQCWFtCv2MK2JaAv17
MSHEdKtOmP3UJ6wN1SDqlEijyfLMjj8hIVAQLFBPLuzevt/mIZ7ixdzXxOEZT0KO
x7PBcn6snHCX5KrBHn491Sse8rxZPrAmPZ/rKzi6aAc4/J0rAgP5e+oiy7wc8ZXW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:27 2025 by rpki-client