Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/4ba973-0e9f-4352-9838-642dc9127680/1/42MlcVD9LmFK3pJuAZWX6K4o3_A.roa
File: 42MlcVD9LmFK3pJuAZWX6K4o3_A.roa (raw, json)
Hash identifier: 76Qhfh+B1XlpjFXo/0p+sIWPjdIrv7lBFrdX+YRXeb0=
Subject key identifier: E3:63:25:71:50:FD:2E:61:4A:DE:92:6E:01:95:97:E8:AE:28:DF:F0
Certificate issuer: /CN=4b89d87f8e41b5082d38916015e059e56dd0114e
Certificate serial: 01856E6FA2CF8B923A0756E8427BFD050B5F
Authority key identifier: 4B:89:D8:7F:8E:41:B5:08:2D:38:91:60:15:E0:59:E5:6D:D0:11:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S4nYf45BtQgtOJFgFeBZ5W3QEU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/4ba973-0e9f-4352-9838-642dc9127680/1/42MlcVD9LmFK3pJuAZWX6K4o3_A.roa
Signing time: Sun 01 Jan 2023 17:44:47 +0000
ROA not before: Sun 01 Jan 2023 17:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56697
IP address blocks: 185.130.216.0/22 maxlen: 24
2a06:e2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a2:cf:8b:92:3a:07:56:e8:42:7b:fd:05:0b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b89d87f8e41b5082d38916015e059e56dd0114e
Validity
Not Before: Jan 1 17:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e363257150fd2e614ade926e019597e8ae28dff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a1:e9:d3:a3:b6:08:20:0f:04:22:f1:d2:eb:
fd:d6:e0:77:4d:71:d6:d4:01:e5:6f:e0:79:e0:07:
52:36:13:e0:3d:1c:88:bb:2a:ff:b1:76:04:1d:d8:
45:71:f7:38:6f:24:73:42:66:f7:70:e8:a3:02:28:
49:30:37:d1:d3:9b:86:9f:3f:26:e0:22:2c:33:66:
6e:e8:e6:47:b9:59:a6:3b:f6:3e:34:f7:21:ca:9e:
7f:d9:a3:5f:13:5a:46:1b:d8:90:6a:c3:25:47:91:
b9:4d:c9:4a:13:4b:ae:22:9d:7b:3b:df:ed:6a:78:
b2:e3:0b:37:1d:bb:f5:61:97:6a:80:00:6a:96:14:
ba:92:9e:23:1a:e9:a8:69:88:a5:3a:c2:14:c9:61:
ac:bd:27:97:36:60:d8:a7:1f:82:e5:17:c7:13:a9:
81:f7:27:2d:47:ad:d2:2f:ba:7c:95:ea:74:9b:f5:
e9:64:d7:e7:83:47:39:e6:5c:b9:49:e1:5e:c5:f3:
1a:f8:09:47:24:73:62:51:5a:ed:f4:91:b3:52:2e:
9e:08:2e:f6:7e:76:81:bd:68:3b:b3:43:95:2d:88:
16:46:86:e7:94:f2:a6:c8:6b:78:dc:2d:1a:c0:64:
cf:8f:32:f7:96:53:83:fb:4c:18:d3:35:21:ee:5a:
d5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:63:25:71:50:FD:2E:61:4A:DE:92:6E:01:95:97:E8:AE:28:DF:F0
X509v3 Authority Key Identifier:
keyid:4B:89:D8:7F:8E:41:B5:08:2D:38:91:60:15:E0:59:E5:6D:D0:11:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S4nYf45BtQgtOJFgFeBZ5W3QEU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4ba973-0e9f-4352-9838-642dc9127680/1/42MlcVD9LmFK3pJuAZWX6K4o3_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/4ba973-0e9f-4352-9838-642dc9127680/1/S4nYf45BtQgtOJFgFeBZ5W3QEU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.216.0/22
IPv6:
2a06:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:5e:c4:82:72:9f:09:25:7a:40:19:f8:d1:cf:a0:6e:88:2c:
6b:ea:c1:7a:5d:b3:ff:47:b6:0e:e0:83:ea:eb:90:b5:65:4f:
b9:3c:e2:52:09:65:67:6f:5b:ec:cc:ae:68:0d:f0:63:24:01:
c1:9d:79:3e:d1:b7:1f:32:d9:48:5e:79:27:87:d8:1f:7a:57:
e5:fe:c0:09:23:9b:24:3d:7d:70:04:e0:24:93:07:88:44:76:
24:04:94:59:f8:0c:39:2a:a2:cc:70:cf:5f:b5:0a:f8:9c:66:
d8:93:25:79:58:ff:38:ab:e4:d9:7f:11:41:41:d6:e5:2f:c8:
94:4b:35:82:46:2b:ec:cb:3e:84:2f:f7:3a:5c:7f:b9:44:79:
d2:03:08:7b:9c:27:e8:bf:6b:ef:b4:02:bf:75:76:fe:06:62:
a4:90:89:d5:21:36:30:e3:a2:3c:4a:d8:05:fe:2b:ac:2d:31:
8e:4f:1a:15:a7:e1:2e:02:41:38:cc:50:7c:d9:41:5e:e2:6e:
8b:29:d1:cc:f1:48:32:28:f9:a2:ae:17:2a:78:58:d2:97:59:
fc:71:f2:53:c9:53:3f:06:10:b2:cd:8f:3b:56:48:41:25:1c:
03:a6:2f:de:ac:2c:f5:37:ae:5e:8e:48:ad:9a:9d:45:ee:02:
25:ac:d9:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub6LPi5I6B1boQnv9BQtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiODlkODdmOGU0MWI1MDgyZDM4OTE2MDE1ZTA1OWU1NmRk
MDExNGUwHhcNMjMwMTAxMTc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzYzMjU3MTUwZmQyZTYxNGFkZTkyNmUwMTk1OTdlOGFlMjhkZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaHp06O2CCAPBCLx0uv91uB3TXHW
1AHlb+B54AdSNhPgPRyIuyr/sXYEHdhFcfc4byRzQmb3cOijAihJMDfR05uGnz8m
4CIsM2Zu6OZHuVmmO/Y+NPchyp5/2aNfE1pGG9iQasMlR5G5TclKE0uuIp17O9/t
aniy4ws3Hbv1YZdqgABqlhS6kp4jGumoaYilOsIUyWGsvSeXNmDYpx+C5RfHE6mB
9yctR63SL7p8lep0m/XpZNfng0c55ly5SeFexfMa+AlHJHNiUVrt9JGzUi6eCC72
fnaBvWg7s0OVLYgWRobnlPKmyGt43C0awGTPjzL3llOD+0wY0zUh7lrV/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFONjJXFQ/S5hSt6SbgGVl+iuKN/wMB8GA1UdIwQY
MBaAFEuJ2H+OQbUILTiRYBXgWeVt0BFOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzRuWWY0NUJ0UWd0T0pGZ0ZlQlo1VzNRRVU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi80YmE5NzMtMGU5Zi00MzUyLTk4Mzgt
NjQyZGM5MTI3NjgwLzEvNDJNbGNWRDlMbUZLM3BKdUFaV1g2SzRvM19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi80YmE5NzMtMGU5Zi00MzUyLTk4MzgtNjQyZGM5MTI3Njgw
LzEvUzRuWWY0NUJ0UWd0T0pGZ0ZlQlo1VzNRRVU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYLYMA0E
AgACMAcDBQMqBuLAMA0GCSqGSIb3DQEBCwUAA4IBAQCkXsSCcp8JJXpAGfjRz6Bu
iCxr6sF6XbP/R7YO4IPq65C1ZU+5POJSCWVnb1vszK5oDfBjJAHBnXk+0bcfMtlI
Xnknh9gfelfl/sAJI5skPX1wBOAkkweIRHYkBJRZ+Aw5KqLMcM9ftQr4nGbYkyV5
WP84q+TZfxFBQdblL8iUSzWCRivsyz6EL/c6XH+5RHnSAwh7nCfov2vvtAK/dXb+
BmKkkInVITYw46I8StgF/iusLTGOTxoVp+EuAkE4zFB82UFe4m6LKdHM8UgyKPmi
rhcqeFjSl1n8cfJTyVM/BhCyzY87VkhBJRwDpi/erCz1N65ejkitmp1F7gIlrNmG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:26 2025 by rpki-client