Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/fDimgLTk-ryO1pG10T7OE0Roq_8.roa
File: fDimgLTk-ryO1pG10T7OE0Roq_8.roa (raw, json)
Hash identifier: gIz8xHLq7DJ3NYYYEF7s43EuF77DZQ+Fn4dycPi739s=
Subject key identifier: 7C:38:A6:80:B4:E4:FA:BC:8E:D6:91:B5:D1:3E:CE:13:44:68:AB:FF
Certificate issuer: /CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Certificate serial: 0186CC0CF8850787A23CC6D305D2E00ECB9A
Authority key identifier: CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/fDimgLTk-ryO1pG10T7OE0Roq_8.roa
Signing time: Fri 10 Mar 2023 15:04:07 +0000
ROA not before: Fri 10 Mar 2023 15:04:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205099
IP address blocks: 185.194.202.0/23 maxlen: 24
185.230.80.0/22 maxlen: 24
2a0c:900::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:0c:f8:85:07:87:a2:3c:c6:d3:05:d2:e0:0e:cb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd757e913aace434e6dd6d6d50a7edf72ce888c
Validity
Not Before: Mar 10 15:04:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c38a680b4e4fabc8ed691b5d13ece134468abff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:36:ee:36:e5:7a:3d:ed:8b:fb:5c:80:1b:11:
4e:b1:e5:99:8e:ef:53:ac:6b:a2:5e:49:f4:5c:bc:
8a:ee:ec:db:17:bf:9c:c7:18:61:f3:6b:b4:25:88:
4c:24:7e:3a:fb:39:20:37:00:38:ea:a6:f5:9d:37:
02:fa:71:c5:17:b5:41:c4:7e:88:ff:2c:98:55:0c:
95:7d:dc:e9:ec:41:63:2a:cf:64:74:d3:0a:c5:f6:
a1:71:98:4b:bc:36:0a:b1:d1:e3:fb:13:ad:48:00:
3d:39:1b:74:0c:44:a0:05:56:c7:7f:96:7e:e6:b8:
d7:d6:83:d3:6c:1a:c5:7f:11:d0:e6:93:72:87:ee:
4a:c1:71:64:30:be:e0:da:23:b3:dc:4c:2f:0c:64:
5b:ff:b4:f5:12:28:96:a0:c0:8b:4f:48:b8:89:04:
17:09:9d:58:3f:77:fb:9a:84:4a:e8:a8:2c:75:91:
d0:19:c8:b1:e0:37:d5:0b:54:d1:01:76:92:2d:1b:
93:f9:c8:28:ea:0d:e4:17:46:70:82:8a:64:48:46:
b3:77:c5:33:f4:d8:29:c8:67:b6:e0:97:6c:2b:9c:
9c:4f:7d:3f:8a:39:1e:fd:29:5a:2f:79:0c:a9:11:
8f:1e:0e:fd:fc:fd:a6:33:c2:c5:3c:d4:8e:bc:aa:
9e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:38:A6:80:B4:E4:FA:BC:8E:D6:91:B5:D1:3E:CE:13:44:68:AB:FF
X509v3 Authority Key Identifier:
keyid:CB:D7:57:E9:13:AA:CE:43:4E:6D:D6:D6:D5:0A:7E:DF:72:CE:88:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dX6ROqzkNObdbW1Qp-33LOiIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/fDimgLTk-ryO1pG10T7OE0Roq_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/bdc09a-2b2a-4797-a296-9cfdf3c2b348/1/y9dX6ROqzkNObdbW1Qp-33LOiIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.202.0/23
185.230.80.0/22
IPv6:
2a0c:900::/29
Signature Algorithm: sha256WithRSAEncryption
44:7b:f6:0d:25:13:60:98:80:07:70:3d:0f:81:4a:b6:fd:89:
7d:fd:59:b9:2c:34:50:2e:42:49:31:b7:6b:ca:bd:00:90:b0:
ca:fc:56:b8:3c:b9:b6:32:53:27:0e:e0:91:fa:ea:88:a8:9a:
10:9e:0f:75:7a:a8:2d:ea:e4:13:8f:bf:77:ea:38:b2:e3:dd:
b7:4c:25:60:48:e4:90:19:76:4f:a3:f0:88:6f:4a:89:a9:09:
37:f3:82:70:7a:96:e8:f0:07:50:38:77:8b:80:8a:f5:be:83:
eb:f6:28:09:6b:25:49:d2:86:df:a1:b0:df:9e:c7:9f:11:31:
02:61:a1:56:e7:fb:ea:43:60:a7:97:15:84:d4:a7:e4:2d:70:
e1:97:48:91:b6:96:e8:56:b8:ae:47:82:7e:2e:e6:a6:28:f8:
b5:06:d3:80:8a:83:58:13:f6:10:91:3b:8c:57:c2:6b:c8:c2:
9c:74:d7:2a:d8:e3:9b:16:d5:d0:d8:1a:db:ed:ba:ce:e9:81:
8d:79:7c:a0:7c:2c:40:c3:84:ec:8f:6e:17:7f:2c:ef:d2:52:
a9:32:88:ad:e6:f1:94:2e:43:ab:86:d3:cb:c3:7b:ea:e5:e0:
e5:43:f5:bf:54:2d:e7:0a:7f:bf:6e:aa:12:3a:a6:bc:12:aa:
b4:a2:6d:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbMDPiFB4eiPMbTBdLgDsuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc1N2U5MTNhYWNlNDM0ZTZkZDZkNmQ1MGE3ZWRmNzJj
ZTg4OGMwHhcNMjMwMzEwMTUwNDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM4YTY4MGI0ZTRmYWJjOGVkNjkxYjVkMTNlY2UxMzQ0NjhhYmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzbuNuV6Pe2L+1yAGxFOseWZju9T
rGuiXkn0XLyK7uzbF7+cxxhh82u0JYhMJH46+zkgNwA46qb1nTcC+nHFF7VBxH6I
/yyYVQyVfdzp7EFjKs9kdNMKxfahcZhLvDYKsdHj+xOtSAA9ORt0DESgBVbHf5Z+
5rjX1oPTbBrFfxHQ5pNyh+5KwXFkML7g2iOz3EwvDGRb/7T1EiiWoMCLT0i4iQQX
CZ1YP3f7moRK6KgsdZHQGcix4DfVC1TRAXaSLRuT+cgo6g3kF0ZwgopkSEazd8Uz
9NgpyGe24JdsK5ycT30/ijke/SlaL3kMqRGPHg79/P2mM8LFPNSOvKqeVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHw4poC05Pq8jtaRtdE+zhNEaKv/MB8GA1UdIwQY
MBaAFMvXV+kTqs5DTm3W1tUKft9yzoiMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYt
OWNmZGYzYzJiMzQ4LzEvZkRpbWdMVGstcnlPMXBHMTBUN09FMFJvcV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9iZGMwOWEtMmIyYS00Nzk3LWEyOTYtOWNmZGYzYzJiMzQ4
LzEveTlkWDZST3F6a05PYmRiVzFRcC0zM0xPaUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBucLKAwQC
ueZQMA0EAgACMAcDBQMqDAkAMA0GCSqGSIb3DQEBCwUAA4IBAQBEe/YNJRNgmIAH
cD0PgUq2/Yl9/Vm5LDRQLkJJMbdryr0AkLDK/Fa4PLm2MlMnDuCR+uqIqJoQng91
eqgt6uQTj7936jiy4923TCVgSOSQGXZPo/CIb0qJqQk384Jwepbo8AdQOHeLgIr1
voPr9igJayVJ0obfobDfnsefETECYaFW5/vqQ2CnlxWE1KfkLXDhl0iRtpboVriu
R4J+LuamKPi1BtOAioNYE/YQkTuMV8JryMKcdNcq2OObFtXQ2Brb7brO6YGNeXyg
fCxAw4Tsj24Xfyzv0lKpMoit5vGULkOrhtPLw3vq5eDlQ/W/VC3nCn+/bqoSOqa8
Eqq0om2f
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:55 2025 by rpki-client