Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/y0T97uBUiaEYD_gwSAi6E8pQGTk.roa
File: y0T97uBUiaEYD_gwSAi6E8pQGTk.roa (raw, json)
Hash identifier: 2mOCAxcn0a0/9y7O/DraxIPmg1SeUFY9USRSYKy2s6Q=
Subject key identifier: CB:44:FD:EE:E0:54:89:A1:18:0F:F8:30:48:08:BA:13:CA:50:19:39
Certificate issuer: /CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Certificate serial: 12090BDC
Authority key identifier: BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/y0T97uBUiaEYD_gwSAi6E8pQGTk.roa
Signing time: Sat 01 Jan 2022 04:04:28 +0000
ROA not before: Sat 01 Jan 2022 04:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58080
IP address blocks: 185.128.164.0/22 maxlen: 22
185.136.192.0/22 maxlen: 22
185.128.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302582748 (0x12090bdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Validity
Not Before: Jan 1 04:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb44fdeee05489a1180ff8304808ba13ca501939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:51:44:16:34:6f:d3:b1:07:67:1c:65:e1:bc:
db:66:27:b4:dc:58:8a:6f:a8:dd:c8:8b:06:1d:60:
eb:aa:f1:0e:89:6e:1c:3c:a3:1c:25:c7:14:8d:62:
9c:11:32:eb:69:fd:ea:36:a6:95:5e:62:3b:6b:10:
4e:d3:aa:4a:6d:86:2b:3c:d6:d7:59:dc:53:55:0e:
cf:1b:f9:3a:f7:2d:22:20:eb:e1:b9:5f:6b:3d:b6:
a5:34:6f:48:13:20:0f:b0:ad:76:18:23:7e:02:03:
9d:c0:a2:c7:b1:eb:ba:e3:71:9b:9f:63:66:4d:42:
c8:7d:93:65:fc:8b:f8:a7:49:ab:c6:4d:e7:ba:e6:
70:74:d0:ef:8a:2b:7f:65:58:97:8a:61:78:1e:d3:
91:45:7a:ee:92:cc:fe:4c:2d:ba:84:2f:14:f7:97:
d9:54:23:f5:55:81:ed:6c:52:4f:ba:ed:3e:4a:43:
2e:25:c5:42:16:45:1e:a8:30:6c:b3:6d:98:24:5c:
8b:24:55:1c:9b:09:a1:e1:7f:ac:64:73:f4:e5:8e:
1c:e1:f0:5d:41:f5:ad:72:af:81:f3:29:ea:8b:ae:
b6:38:31:48:1b:04:8c:bc:b1:e3:7e:dd:a8:68:ed:
38:84:db:fd:6a:49:85:84:bc:13:8b:02:0a:16:c1:
02:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:44:FD:EE:E0:54:89:A1:18:0F:F8:30:48:08:BA:13:CA:50:19:39
X509v3 Authority Key Identifier:
keyid:BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/y0T97uBUiaEYD_gwSAi6E8pQGTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/vE8eawEfTWMxoSeVWlSPpQUlgKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.154.0/23
185.128.164.0/22
185.136.192.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:f9:3c:fc:51:07:d9:5d:d3:b4:17:79:25:f3:f8:24:9b:a8:
cd:b5:61:f6:04:b2:f3:fc:37:4c:6f:56:ca:fc:3e:60:23:3d:
03:d6:9a:3f:f9:45:29:13:bd:4d:d5:dc:04:36:37:73:f7:18:
9d:a9:f2:7a:90:05:d7:9c:08:8d:38:28:d3:ef:75:46:c7:60:
5e:b8:0d:7c:c0:97:c0:ea:fd:cb:f2:a9:77:bf:d9:a8:a4:d7:
6f:ed:b6:9b:fd:ca:33:38:0c:0c:59:2c:6a:db:1a:60:dc:ce:
dd:57:91:99:62:39:e6:b0:59:0c:a1:44:e0:20:b8:1b:fc:5e:
5a:f5:04:b4:27:06:18:29:d4:63:db:71:9d:bd:e5:d9:57:bd:
1a:1e:d9:64:21:3c:53:3c:6a:a3:4b:be:58:50:a3:3e:2b:88:
ec:11:d1:ae:cb:a4:09:ef:1c:17:b4:44:61:52:c9:6a:14:7d:
81:2c:d0:a1:04:f2:78:db:c9:70:43:ad:7d:33:95:7f:82:92:
72:25:c1:96:b3:45:ac:4a:d2:9a:e6:73:f7:8c:c0:d5:ef:ab:
ff:2f:8f:f3:a2:9f:6d:02:aa:51:fc:6a:53:e0:c2:95:08:b7:
b4:57:95:e3:5f:6c:fc:92:aa:72:f9:e5:b3:38:d0:c2:24:4b:
18:0b:46:45
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEEgkL3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzRmMWU2YjAxMWY0ZDYzMzFhMTI3OTU1YTU0OGZhNTA1MjU4MGE1MB4XDTIyMDEw
MTA0MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2I0NGZkZWVlMDU0
ODlhMTE4MGZmODMwNDgwOGJhMTNjYTUwMTkzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZRRBY0b9OxB2ccZeG822YntNxYim+o3ciLBh1g66rxDolu
HDyjHCXHFI1inBEy62n96jamlV5iO2sQTtOqSm2GKzzW11ncU1UOzxv5OvctIiDr
4blfaz22pTRvSBMgD7CtdhgjfgIDncCix7HruuNxm59jZk1CyH2TZfyL+KdJq8ZN
57rmcHTQ74orf2VYl4pheB7TkUV67pLM/kwtuoQvFPeX2VQj9VWB7WxST7rtPkpD
LiXFQhZFHqgwbLNtmCRciyRVHJsJoeF/rGRz9OWOHOHwXUH1rXKvgfMp6ouutjgx
SBsEjLyx437dqGjtOITb/WpJhYS8E4sCChbBArUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTLRP3u4FSJoRgP+DBICLoTylAZOTAfBgNVHSMEGDAWgBS8Tx5rAR9NYzGh
J5VaVI+lBSWApTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZFOGVhd0VmVFdNeG9TZVZXbFNQcFFVbGdLVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvNjZhMjM3LTliYzUtNGFiZC05YjhiLWM1NTQ3Njc1OWQwYy8x
L3kwVDk3dUJVaWFFWURfZ3dTQWk2RThwUUdUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
NjZhMjM3LTliYzUtNGFiZC05YjhiLWM1NTQ3Njc1OWQwYy8xL3ZFOGVhd0VmVFdN
eG9TZVZXbFNQcFFVbGdLVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAbmAmgMEArmApAMEArmIwDANBgkq
hkiG9w0BAQsFAAOCAQEAC/k8/FEH2V3TtBd5JfP4JJuozbVh9gSy8/w3TG9Wyvw+
YCM9A9aaP/lFKRO9TdXcBDY3c/cYnanyepAF15wIjTgo0+91RsdgXrgNfMCXwOr9
y/Kpd7/ZqKTXb+22m/3KMzgMDFksatsaYNzO3VeRmWI55rBZDKFE4CC4G/xeWvUE
tCcGGCnUY9txnb3l2Ve9Gh7ZZCE8Uzxqo0u+WFCjPiuI7BHRrsukCe8cF7REYVLJ
ahR9gSzQoQTyeNvJcEOtfTOVf4KSciXBlrNFrErSmuZz94zA1e+r/y+P86KfbQKq
UfxqU+DClQi3tFeV419s/JKqcvnlszjQwiRLGAtGRQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:24 2025 by rpki-client