Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/ag1t0U-Q_KA_lN0rr5ym4bvzXyA.roa
File: ag1t0U-Q_KA_lN0rr5ym4bvzXyA.roa (raw, json)
Hash identifier: OYlFNVx3o5C6mIEMwDV9ECqUnFjcPcDP955k03vk++o=
Subject key identifier: 6A:0D:6D:D1:4F:90:FC:A0:3F:94:DD:2B:AF:9C:A6:E1:BB:F3:5F:20
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 018570F06F991A0F221324AAB67E91B6052D
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/ag1t0U-Q_KA_lN0rr5ym4bvzXyA.roa
Signing time: Mon 02 Jan 2023 05:24:43 +0000
ROA not before: Mon 02 Jan 2023 05:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49436
IP address blocks: 195.42.158.0/23 maxlen: 23
185.250.168.0/22 maxlen: 22
2a0c:f47::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:6f:99:1a:0f:22:13:24:aa:b6:7e:91:b6:05:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 2 05:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a0d6dd14f90fca03f94dd2baf9ca6e1bbf35f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:82:d5:47:ce:7d:b3:f5:6b:05:62:c6:56:37:
f2:e3:9f:da:bd:24:f1:52:35:bb:6f:33:cf:fa:1b:
80:8a:44:9a:76:d1:48:0b:03:9a:42:71:37:7f:e7:
fe:a6:17:d0:fa:f5:70:5c:fb:c8:87:0c:0f:fb:8d:
64:7b:3c:54:63:2f:a4:33:f2:28:a9:10:98:b5:0a:
02:31:9e:34:a9:05:8a:22:9e:ed:4e:71:ec:d4:28:
40:0d:3c:dd:db:d2:10:d5:70:e2:45:51:18:22:32:
50:98:3f:fa:bc:94:b7:e4:0f:cd:6d:24:ae:14:1c:
17:c9:09:0e:08:41:87:94:10:1b:e3:2d:93:69:b2:
25:05:ef:79:ab:d3:df:2d:6c:e9:b9:02:08:6c:a3:
20:67:fe:29:3d:70:af:00:c3:1c:dd:ba:45:b0:a8:
09:fc:1a:cd:64:b8:4f:eb:5f:5d:7b:06:59:98:65:
a6:2f:b9:57:97:de:d8:fb:72:01:56:35:8b:02:de:
03:c3:6d:c2:5a:98:c7:03:10:70:28:cd:ea:a6:cd:
42:b7:67:29:98:a4:79:86:62:fd:68:1e:92:1c:de:
82:37:1b:8b:eb:3c:35:23:52:5b:0d:0e:e0:ee:c4:
07:c5:15:ac:c5:ab:7a:52:c9:c3:dd:ae:1f:32:e6:
95:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0D:6D:D1:4F:90:FC:A0:3F:94:DD:2B:AF:9C:A6:E1:BB:F3:5F:20
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/ag1t0U-Q_KA_lN0rr5ym4bvzXyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.168.0/22
195.42.158.0/23
IPv6:
2a0c:f47::/32
Signature Algorithm: sha256WithRSAEncryption
25:0d:8b:3c:e4:47:05:be:2b:24:2d:b1:4a:5c:d0:e6:a6:6d:
d0:c0:fa:71:21:ee:14:3f:bb:34:8e:29:16:2c:04:42:ed:f5:
f8:fe:12:d3:00:d2:b1:95:ea:2e:9f:2f:52:f4:25:6f:b5:e6:
13:dd:d6:16:27:dc:da:0c:e0:09:db:2f:13:86:3e:7b:17:04:
84:69:05:eb:db:c1:a8:1d:c8:4f:db:5a:6c:e5:51:dc:0b:c4:
bd:ed:41:15:2c:52:75:55:d0:85:13:b3:4c:16:e8:c6:90:4a:
cc:f5:86:d6:ed:2f:73:be:6f:93:29:24:d9:7f:e8:c8:50:1c:
f5:ad:2e:da:59:06:ce:c4:03:a4:c7:9e:0d:73:54:4a:27:09:
35:9c:21:b2:9a:a7:12:4e:e1:8d:7e:84:43:77:3c:dc:45:9c:
12:1f:c9:a4:70:07:61:df:7b:3e:fc:1c:72:7e:a3:27:f8:e9:
e8:71:fd:c9:e6:3d:f6:ac:bf:4a:35:15:29:01:b2:79:b2:46:
16:97:37:84:fd:3d:48:61:0d:43:07:92:7a:2c:25:c0:b4:72:
33:8e:94:ea:ed:a8:0d:92:08:c8:c6:11:12:37:b3:bf:08:d7:
3c:34:6d:0f:2b:fa:39:d2:3a:d8:60:6e:cf:ac:0f:59:ba:9f:
ca:52:c3:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw8G+ZGg8iEySqtn6RtgUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjMwMTAyMDUyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBkNmRkMTRmOTBmY2EwM2Y5NGRkMmJhZjljYTZlMWJiZjM1ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoLVR859s/VrBWLGVjfy45/avSTx
UjW7bzPP+huAikSadtFICwOaQnE3f+f+phfQ+vVwXPvIhwwP+41kezxUYy+kM/Io
qRCYtQoCMZ40qQWKIp7tTnHs1ChADTzd29IQ1XDiRVEYIjJQmD/6vJS35A/NbSSu
FBwXyQkOCEGHlBAb4y2TabIlBe95q9PfLWzpuQIIbKMgZ/4pPXCvAMMc3bpFsKgJ
/BrNZLhP619dewZZmGWmL7lXl97Y+3IBVjWLAt4Dw23CWpjHAxBwKM3qps1Ct2cp
mKR5hmL9aB6SHN6CNxuL6zw1I1JbDQ7g7sQHxRWsxat6UsnD3a4fMuaVDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGoNbdFPkPygP5TdK6+cpuG7818gMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvYWcxdDBVLVFfS0FfbE4wcnI1eW00YnZ6WHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufqoAwQB
wyqeMA0EAgACMAcDBQAqDA9HMA0GCSqGSIb3DQEBCwUAA4IBAQAlDYs85EcFvisk
LbFKXNDmpm3QwPpxIe4UP7s0jikWLARC7fX4/hLTANKxleouny9S9CVvteYT3dYW
J9zaDOAJ2y8Thj57FwSEaQXr28GoHchP21ps5VHcC8S97UEVLFJ1VdCFE7NMFujG
kErM9YbW7S9zvm+TKSTZf+jIUBz1rS7aWQbOxAOkx54Nc1RKJwk1nCGymqcSTuGN
foRDdzzcRZwSH8mkcAdh33s+/BxyfqMn+Onocf3J5j32rL9KNRUpAbJ5skYWlzeE
/T1IYQ1DB5J6LCXAtHIzjpTq7agNkgjIxhESN7O/CNc8NG0PK/o50jrYYG7PrA9Z
up/KUsPF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:18 2025 by rpki-client