Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/rALXQOsd_gqyMo39pYp92FycHyk.roa
File: rALXQOsd_gqyMo39pYp92FycHyk.roa (raw, json)
Hash identifier: 44ZHoTRjVvnn7B4ZwKVK+GjAFoZMR1boeWKg+D3e8I0=
Subject key identifier: AC:02:D7:40:EB:1D:FE:0A:B2:32:8D:FD:A5:8A:7D:D8:5C:9C:1F:29
Certificate issuer: /CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Certificate serial: 0A506A9B
Authority key identifier: 46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/rALXQOsd_gqyMo39pYp92FycHyk.roa
Signing time: Mon 21 Mar 2022 15:50:25 +0000
ROA not before: Mon 21 Mar 2022 15:50:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206894
IP address blocks: 185.212.232.0/22 maxlen: 22
185.234.155.0/24 maxlen: 24
2a0b:7e40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173042331 (0xa506a9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Validity
Not Before: Mar 21 15:50:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac02d740eb1dfe0ab2328dfda58a7dd85c9c1f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:ea:35:f1:a6:6b:c7:91:0d:04:e0:62:fc:
da:3b:30:2e:5d:9a:83:39:72:67:5a:b0:21:1c:6f:
05:e9:77:74:23:58:d9:ba:6e:8f:ef:57:cb:3d:98:
4e:44:61:d4:f0:82:11:33:3c:90:5e:b9:c5:8e:f4:
bf:80:dd:97:d4:ba:0c:9a:34:be:ed:e6:30:d2:6f:
20:bc:a7:78:be:2c:11:f9:32:ed:08:41:7f:7e:41:
19:61:8c:91:28:cc:5c:5f:4c:82:d5:70:e6:72:52:
9c:a2:79:be:4b:fa:05:e2:40:eb:07:b0:94:6a:0b:
f5:0c:ea:3c:64:37:bf:23:c1:e5:56:dc:01:b5:41:
fa:5a:6e:87:d0:13:ae:3f:c6:96:4b:45:c5:8a:0e:
68:94:c0:77:19:7f:15:7d:7f:81:40:21:ff:d2:45:
49:af:27:ca:d0:91:88:50:28:6b:7e:93:49:a4:74:
ea:a8:75:9d:b8:d9:42:5f:1b:d1:0b:c7:be:b8:3d:
60:ba:17:5d:a8:56:52:95:05:e0:80:96:e5:71:09:
ee:43:67:24:9f:47:bf:29:6e:64:0d:c7:dd:68:68:
1a:59:b9:4a:26:99:e3:d1:76:10:ca:e1:51:d0:42:
e9:1f:9d:24:3d:c6:43:7d:73:ba:b7:64:78:9f:d0:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:02:D7:40:EB:1D:FE:0A:B2:32:8D:FD:A5:8A:7D:D8:5C:9C:1F:29
X509v3 Authority Key Identifier:
keyid:46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/rALXQOsd_gqyMo39pYp92FycHyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.232.0/22
185.234.155.0/24
IPv6:
2a0b:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
58:38:db:86:f7:f2:fe:7c:61:41:d5:b3:11:0a:7f:d0:8d:4e:
74:6f:03:3c:ab:68:98:de:a5:be:a6:e4:78:34:61:02:13:4f:
3a:f4:27:09:75:b4:06:9a:50:54:ef:9f:0f:7a:82:7c:91:f2:
e9:a2:5a:00:e6:88:fe:bf:b0:c9:75:1c:db:99:b5:72:c6:d3:
59:1f:d6:c2:07:50:f7:99:7d:d6:cd:32:d5:47:42:ff:fb:07:
58:90:93:e1:e3:ed:07:a0:10:81:52:d8:ed:f3:df:43:01:8e:
50:5d:33:b9:55:0c:09:5a:59:d4:39:64:11:2b:ea:76:9c:ef:
1d:aa:90:4a:8a:9d:6f:17:2a:bc:ba:16:23:44:62:7f:e4:bc:
f9:85:72:84:5e:3b:a4:61:9a:eb:26:13:7a:60:9a:b0:4c:14:
e5:c7:80:4f:86:5c:03:76:97:8e:2a:46:ac:8b:4d:32:21:ca:
ec:53:b8:f1:fb:b6:b1:2a:49:4b:d0:7a:c7:22:13:67:63:9b:
91:e5:5a:5d:6f:f8:62:86:6e:31:a8:a8:fb:7e:8d:ae:f8:fc:
00:67:7a:fa:7b:5d:bd:6e:e5:33:5f:36:07:3b:ee:8c:e8:9a:
78:4b:7f:1d:60:18:e0:66:43:b5:32:b8:a8:f9:93:91:7a:ee:
a2:aa:db:7d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEClBqmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmNjYWI3NDc5YTRlMGQ4YTQxNzczNTBhMDBhNjliZDg4M2IwNDhkMB4XDTIyMDMy
MTE1NTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMwMmQ3NDBlYjFk
ZmUwYWIyMzI4ZGZkYTU4YTdkZDg1YzljMWYyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSL6jXxpmvHkQ0E4GL82jswLl2agzlyZ1qwIRxvBel3dCNY
2bpuj+9Xyz2YTkRh1PCCETM8kF65xY70v4Ddl9S6DJo0vu3mMNJvILyneL4sEfky
7QhBf35BGWGMkSjMXF9MgtVw5nJSnKJ5vkv6BeJA6wewlGoL9QzqPGQ3vyPB5Vbc
AbVB+lpuh9ATrj/GlktFxYoOaJTAdxl/FX1/gUAh/9JFSa8nytCRiFAoa36TSaR0
6qh1nbjZQl8b0QvHvrg9YLoXXahWUpUF4ICW5XEJ7kNnJJ9HvyluZA3H3WhoGlm5
SiaZ49F2EMrhUdBC6R+dJD3GQ31zurdkeJ/Q/i8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSsAtdA6x3+CrIyjf2lin3YXJwfKTAfBgNVHSMEGDAWgBRGzKt0eaTg2KQX
c1CgCmm9iDsEjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JzeXJkSG1rNE5pa0YzTlFvQXBwdllnN0JJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZGM1MjQzLWJiYTQtNGFjZi1hMjE4LTJmMzAyNTJlYjQ0Mi8x
L3JBTFhRT3NkX2dxeU1vMzlwWXA5MkZ5Y0h5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ZGM1MjQzLWJiYTQtNGFjZi1hMjE4LTJmMzAyNTJlYjQ0Mi8xL1JzeXJkSG1rNE5p
a0YzTlFvQXBwdllnN0JJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnU6AMEALnqmzANBAIAAjAHAwUA
Kgt+QDANBgkqhkiG9w0BAQsFAAOCAQEAWDjbhvfy/nxhQdWzEQp/0I1OdG8DPKto
mN6lvqbkeDRhAhNPOvQnCXW0BppQVO+fD3qCfJHy6aJaAOaI/r+wyXUc25m1csbT
WR/WwgdQ95l91s0y1UdC//sHWJCT4ePtB6AQgVLY7fPfQwGOUF0zuVUMCVpZ1Dlk
ESvqdpzvHaqQSoqdbxcqvLoWI0Rif+S8+YVyhF47pGGa6yYTemCasEwU5ceAT4Zc
A3aXjipGrItNMiHK7FO48fu2sSpJS9B6xyITZ2ObkeVaXW/4YoZuMaio+36Nrvj8
AGd6+ntdvW7lM182BzvujOiaeEt/HWAY4GZDtTK4qPmTkXruoqrbfQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:38 2025 by rpki-client