Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/b7yPlSggusLQ8GAKz536syrFYSA.roa
File: b7yPlSggusLQ8GAKz536syrFYSA.roa (raw, json)
Hash identifier: 4ed6BnU8VNzJ7nPUenaD3Ix13B6Ym4xwhkISYf5zQgw=
Subject key identifier: 6F:BC:8F:95:28:20:BA:C2:D0:F0:60:0A:CF:9D:FA:B3:2A:C5:61:20
Certificate issuer: /CN=3501772457e0f827b9e920b00cd114824a5fa621
Certificate serial: 018572034EC6D509E2E565865EDE8766D1FF
Authority key identifier: 35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/b7yPlSggusLQ8GAKz536syrFYSA.roa
Signing time: Mon 02 Jan 2023 10:24:57 +0000
ROA not before: Mon 02 Jan 2023 10:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200911
IP address blocks: 185.88.122.0/23 maxlen: 23
185.88.120.0/23 maxlen: 23
185.88.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:4e:c6:d5:09:e2:e5:65:86:5e:de:87:66:d1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3501772457e0f827b9e920b00cd114824a5fa621
Validity
Not Before: Jan 2 10:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fbc8f952820bac2d0f0600acf9dfab32ac56120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:71:bd:89:04:67:93:ee:5e:ec:67:35:d1:
e6:b1:ea:2a:7f:6e:a4:6f:b5:e8:b8:3c:fc:d4:0e:
71:35:09:57:3f:25:22:0a:1c:06:79:40:cc:c2:de:
71:e6:03:aa:51:da:34:e4:94:18:91:d4:31:d8:1a:
59:72:bc:df:74:64:cc:c8:1d:e6:6f:03:ee:1f:fd:
5f:d4:fe:3f:b2:53:20:0a:77:21:24:07:2f:c3:31:
3b:bf:70:9c:97:1a:c8:1b:ce:8c:03:65:32:f3:3f:
f5:4f:57:a8:df:c0:86:1e:dd:a4:5b:0e:b4:b4:65:
1a:63:dd:8c:61:14:75:85:a2:f4:88:e7:b1:1e:fc:
c9:17:a8:ca:ec:d6:e9:ea:a7:be:74:e1:76:88:61:
dc:2d:c6:f4:07:43:12:ac:e8:bc:ae:69:45:0c:ae:
7d:fb:90:af:45:bf:eb:77:22:c1:e5:24:f1:f9:b3:
be:1a:bd:f5:23:8f:35:3b:d7:31:43:57:b0:8f:15:
9c:2f:2f:4f:29:d2:e9:a0:8d:b8:79:1c:1c:0c:bd:
7b:eb:b8:c1:0e:ba:7d:48:06:b0:4e:d2:c1:63:14:
6b:71:cc:25:6b:09:c3:73:fe:e6:b4:a4:c4:de:10:
8f:6b:03:d1:f6:10:10:93:88:d5:24:d1:14:da:dc:
6a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BC:8F:95:28:20:BA:C2:D0:F0:60:0A:CF:9D:FA:B3:2A:C5:61:20
X509v3 Authority Key Identifier:
keyid:35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/b7yPlSggusLQ8GAKz536syrFYSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.120.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:c1:a9:8f:a8:60:bf:2c:d0:ad:53:22:d6:5b:f6:dc:d8:8f:
96:ca:d7:cd:cf:63:87:de:04:c4:6f:dc:44:46:44:8a:2a:0b:
4b:49:b9:57:4a:ad:63:af:a7:5c:ec:98:48:70:cd:41:7d:f4:
02:00:64:ec:4a:74:1a:5c:04:8f:18:c7:6d:46:7b:4a:82:7c:
2d:7a:54:dd:13:6c:8f:4d:f4:02:1e:de:ee:bc:2b:87:43:41:
57:2d:c8:69:b3:aa:53:e9:f7:1a:92:9d:80:71:a1:e1:44:fa:
15:f1:e7:a3:0d:d4:e5:72:42:70:1e:70:c8:df:2e:4d:c4:e6:
33:8d:4d:9b:ad:42:43:82:ad:23:24:62:a8:f1:8c:05:8a:00:
cc:2c:1a:26:9a:c8:11:df:36:c0:a2:e3:69:f8:33:3a:28:89:
a4:f5:2b:c0:b3:71:b2:6d:5c:be:3f:41:82:14:e9:f6:cc:2a:
06:c0:1b:7f:0f:27:6f:83:e4:81:5a:b4:2d:c3:3b:db:77:27:
50:0a:50:e1:a7:a3:df:c2:38:73:c3:b5:83:cf:84:31:5a:a2:
43:af:b4:28:42:06:c5:d9:e0:21:f8:21:c6:93:68:5f:0e:7d:
58:35:6f:81:5c:d4:0a:81:ec:43:ed:5c:cc:c5:0b:21:57:1c:
09:e8:59:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyA07G1Qni5WWGXt6HZtH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDE3NzI0NTdlMGY4MjdiOWU5MjBiMDBjZDExNDgyNGE1
ZmE2MjEwHhcNMjMwMTAyMTAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJjOGY5NTI4MjBiYWMyZDBmMDYwMGFjZjlkZmFiMzJhYzU2MTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqadxvYkEZ5PuXuxnNdHmseoqf26k
b7XouDz81A5xNQlXPyUiChwGeUDMwt5x5gOqUdo05JQYkdQx2BpZcrzfdGTMyB3m
bwPuH/1f1P4/slMgCnchJAcvwzE7v3CclxrIG86MA2Uy8z/1T1eo38CGHt2kWw60
tGUaY92MYRR1haL0iOexHvzJF6jK7Nbp6qe+dOF2iGHcLcb0B0MSrOi8rmlFDK59
+5CvRb/rdyLB5STx+bO+Gr31I481O9cxQ1ewjxWcLy9PKdLpoI24eRwcDL1767jB
Drp9SAawTtLBYxRrccwlawnDc/7mtKTE3hCPawPR9hAQk4jVJNEU2txqUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+8j5UoILrC0PBgCs+d+rMqxWEgMB8GA1UdIwQY
MBaAFDUBdyRX4PgnuekgsAzRFIJKX6YhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQt
OWRkODI3MzVkYTNkLzEvYjd5UGxTZ2d1c0xROEdBS3o1MzZzeXJGWVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi85MDM5MzEtMTY5OC00MWI3LWFmMzQtOWRkODI3MzVkYTNk
LzEvTlFGM0pGZmctQ2U1NlNDd0RORVVna3BmcGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVh4MA0G
CSqGSIb3DQEBCwUAA4IBAQCPwamPqGC/LNCtUyLWW/bc2I+WytfNz2OH3gTEb9xE
RkSKKgtLSblXSq1jr6dc7JhIcM1BffQCAGTsSnQaXASPGMdtRntKgnwtelTdE2yP
TfQCHt7uvCuHQ0FXLchps6pT6fcakp2AcaHhRPoV8eejDdTlckJwHnDI3y5NxOYz
jU2brUJDgq0jJGKo8YwFigDMLBommsgR3zbAouNp+DM6KImk9SvAs3GybVy+P0GC
FOn2zCoGwBt/Dydvg+SBWrQtwzvbdydQClDhp6Pfwjhzw7WDz4QxWqJDr7QoQgbF
2eAh+CHGk2hfDn1YNW+BXNQKgexD7VzMxQshVxwJ6Flk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:10 2025 by rpki-client