Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/C2yHHYAJk3CwaL-nNpRMoKsno3o.roa
File: C2yHHYAJk3CwaL-nNpRMoKsno3o.roa (raw, json)
Hash identifier: fqLS7Lmtzdss7EGnaTCsJe1pPgJebHvU4vCojI+iTmQ=
Subject key identifier: 0B:6C:87:1D:80:09:93:70:B0:68:BF:A7:36:94:4C:A0:AB:27:A3:7A
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 018BB8C36D4A1386C22A0F27511C0399026C
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/C2yHHYAJk3CwaL-nNpRMoKsno3o.roa
Signing time: Fri 10 Nov 2023 10:24:57 +0000
ROA not before: Fri 10 Nov 2023 10:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201642
IP address blocks: 185.249.100.0/23 maxlen: 23
185.249.100.0/22 maxlen: 22
2a14:3200::/32 maxlen: 32
2a14:3200:2a14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:c3:6d:4a:13:86:c2:2a:0f:27:51:1c:03:99:02:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Nov 10 10:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b6c871d80099370b068bfa736944ca0ab27a37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d4:f8:6e:36:79:be:d0:e3:45:33:ee:72:86:
fc:0a:d6:cd:5a:35:00:3f:47:c9:3d:10:f6:47:24:
ad:f9:9c:d4:a1:73:86:71:22:09:84:54:e7:fe:f2:
9b:70:00:49:23:2f:cf:1c:93:03:6c:9c:73:09:fb:
97:a2:c1:ce:9c:0e:78:63:e4:4d:33:c6:2e:b8:14:
92:bf:38:3a:a4:19:ce:2d:04:dc:ce:ca:c0:15:03:
cd:02:9f:68:e5:e8:96:8a:a6:e6:fe:47:f8:83:bb:
3e:31:da:b0:a2:70:13:3f:d9:c6:c5:a6:91:19:ab:
4d:5a:cd:4d:a2:c8:ef:16:bf:d3:f5:9f:11:c4:1b:
e8:5a:1d:5c:c7:3e:b8:03:88:c8:3e:1e:8c:73:ef:
75:57:b8:2c:0a:8c:e8:cc:c8:e2:85:d2:ee:62:81:
9a:0e:61:1c:a3:cf:e5:49:21:35:e4:0b:ec:e3:69:
b7:ba:7b:7e:47:a6:57:66:38:41:f1:e2:2f:5b:81:
05:41:ff:f0:83:be:ef:31:e4:4d:39:45:77:35:35:
fd:2a:0d:bb:27:64:95:e4:21:91:f0:54:fe:b3:6d:
bb:3f:42:28:c5:09:df:de:7a:fe:45:4f:d6:cd:e5:
34:f4:05:37:de:40:95:03:99:4a:87:8c:f4:61:30:
31:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6C:87:1D:80:09:93:70:B0:68:BF:A7:36:94:4C:A0:AB:27:A3:7A
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/C2yHHYAJk3CwaL-nNpRMoKsno3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.100.0/22
IPv6:
2a14:3200::/32
Signature Algorithm: sha256WithRSAEncryption
42:bb:8e:1b:ec:3e:41:b1:79:e8:da:03:1e:a6:27:a1:e6:c6:
32:db:67:a4:43:0b:5e:09:4f:71:66:9b:c7:0a:85:30:10:76:
2f:af:a2:fc:fb:de:2c:fc:89:ba:84:6b:49:87:d2:2f:0e:63:
72:b8:45:70:63:c9:18:07:e9:39:47:a0:13:1a:26:b3:ce:a0:
9b:f5:76:41:1a:03:fd:28:68:c5:33:f0:01:57:7a:2b:16:66:
6b:4c:79:87:fe:5e:c0:16:ab:60:0a:8b:d8:b2:b2:46:7a:34:
ba:81:49:a5:96:79:7d:1d:19:76:82:01:e2:ec:15:79:1d:46:
73:2b:3b:78:45:28:62:e3:e9:a9:99:68:d4:5d:13:c6:be:bc:
5c:2a:16:5c:b7:d5:f1:56:67:eb:30:49:e4:a8:34:2a:8a:44:
e1:12:ca:80:5c:ee:a6:26:c4:5f:4c:69:c3:73:41:a4:b9:e3:
26:fd:d7:b4:bf:1a:ba:a0:2c:60:fa:ad:8f:f6:9b:89:1d:59:
7f:f4:7c:4d:17:31:16:8b:fb:df:db:e2:fd:5c:5a:b3:b1:9c:
42:b1:34:cf:74:39:de:84:62:54:46:7d:66:34:a3:a6:e3:46:
42:1f:d7:5c:03:1f:02:a7:b8:54:7f:b0:81:b7:30:d3:bc:af:
b7:df:06:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu4w21KE4bCKg8nURwDmQJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjMxMTEwMTAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZjODcxZDgwMDk5MzcwYjA2OGJmYTczNjk0NGNhMGFiMjdhMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9T4bjZ5vtDjRTPucob8CtbNWjUA
P0fJPRD2RySt+ZzUoXOGcSIJhFTn/vKbcABJIy/PHJMDbJxzCfuXosHOnA54Y+RN
M8YuuBSSvzg6pBnOLQTczsrAFQPNAp9o5eiWiqbm/kf4g7s+MdqwonATP9nGxaaR
GatNWs1NosjvFr/T9Z8RxBvoWh1cxz64A4jIPh6Mc+91V7gsCozozMjihdLuYoGa
DmEco8/lSSE15Avs42m3unt+R6ZXZjhB8eIvW4EFQf/wg77vMeRNOUV3NTX9Kg27
J2SV5CGR8FT+s227P0IoxQnf3nr+RU/WzeU09AU33kCVA5lKh4z0YTAxkwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAtshx2ACZNwsGi/pzaUTKCrJ6N6MB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvQzJ5SEhZQUprM0N3YUwtbk5wUk1vS3NubzNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuflkMA0E
AgACMAcDBQAqFDIAMA0GCSqGSIb3DQEBCwUAA4IBAQBCu44b7D5BsXno2gMepieh
5sYy22ekQwteCU9xZpvHCoUwEHYvr6L8+94s/Im6hGtJh9IvDmNyuEVwY8kYB+k5
R6ATGiazzqCb9XZBGgP9KGjFM/ABV3orFmZrTHmH/l7AFqtgCovYsrJGejS6gUml
lnl9HRl2ggHi7BV5HUZzKzt4RShi4+mpmWjUXRPGvrxcKhZct9XxVmfrMEnkqDQq
ikThEsqAXO6mJsRfTGnDc0GkueMm/de0vxq6oCxg+q2P9puJHVl/9HxNFzEWi/vf
2+L9XFqzsZxCsTTPdDnehGJURn1mNKOm40ZCH9dcAx8Cp7hUf7CBtzDTvK+33wbj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:10 2025 by rpki-client