Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/b_IOOjlFu_mii5iUlWXZLJoUr1M.roa
File: b_IOOjlFu_mii5iUlWXZLJoUr1M.roa (raw, json)
Hash identifier: lQMm5fpO3rSqKY/Qy6KFk6JweUzwNLz0a5v6sQZ4Uec=
Subject key identifier: 6F:F2:0E:3A:39:45:BB:F9:A2:8B:98:94:95:65:D9:2C:9A:14:AF:53
Certificate issuer: /CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Certificate serial: 01856CF8490F287B636442D1803F6F90C4F1
Authority key identifier: D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/b_IOOjlFu_mii5iUlWXZLJoUr1M.roa
Signing time: Sun 01 Jan 2023 10:54:48 +0000
ROA not before: Sun 01 Jan 2023 10:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210103
IP address blocks: 146.19.11.0/24 maxlen: 24
2a12:1d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:49:0f:28:7b:63:64:42:d1:80:3f:6f:90:c4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7faf3a3f2140cb7c6ff0cd6a7f5614a05e4e467
Validity
Not Before: Jan 1 10:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ff20e3a3945bbf9a28b98949565d92c9a14af53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:12:63:26:0d:fa:c0:77:62:54:e2:6a:8b:30:
ad:1c:ec:14:77:e9:eb:37:3f:c6:eb:af:d1:f5:b6:
3c:46:7a:05:19:ca:a1:4f:9e:6b:4c:7a:a1:c2:0b:
cd:f3:55:e0:b8:23:13:ad:15:8a:05:e7:52:6b:c5:
80:c4:5a:bd:7c:db:70:a9:e3:d2:51:8f:03:3e:3a:
64:c7:a2:20:4a:ab:cc:50:be:ab:9f:8e:0e:79:4b:
9b:2f:ce:9a:0f:6f:02:a8:9d:71:0f:e9:5c:86:25:
17:55:14:b1:8c:17:12:e5:68:2f:19:4a:91:43:a6:
fe:6e:43:59:e0:36:6c:d0:47:f4:99:8a:f7:8d:1c:
ba:21:42:18:5c:e6:87:98:82:83:c3:0b:18:79:12:
d4:a1:62:fe:9d:b5:6c:db:ff:b9:22:a7:96:25:f2:
ff:f5:09:16:0c:04:35:1f:67:9d:27:31:5f:25:a3:
c7:6d:9d:a0:39:31:d2:74:e1:61:3f:60:61:44:1a:
33:17:aa:e7:9c:db:26:22:c8:0c:a7:5a:46:27:ed:
23:27:44:57:93:6e:54:0e:f5:d6:43:68:87:c8:48:
c4:4f:b9:51:e3:35:48:4d:40:5b:08:3c:63:93:1d:
08:52:4d:09:b2:cd:71:87:b0:eb:fb:f8:42:76:f4:
a6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F2:0E:3A:39:45:BB:F9:A2:8B:98:94:95:65:D9:2C:9A:14:AF:53
X509v3 Authority Key Identifier:
keyid:D7:FA:F3:A3:F2:14:0C:B7:C6:FF:0C:D6:A7:F5:61:4A:05:E4:E4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/b_IOOjlFu_mii5iUlWXZLJoUr1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/df94e2-7cc9-41a1-952f-f3797cfd65ae/1/1_rzo_IUDLfG_wzWp_VhSgXk5Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.11.0/24
IPv6:
2a12:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
ad:81:bf:49:94:bb:b5:6d:c2:7b:e2:31:0b:72:73:1f:41:cd:
c7:47:ec:5d:67:75:e4:3f:ee:a9:63:1f:9d:a6:73:88:ef:06:
aa:fe:67:fd:17:c1:eb:be:df:4a:65:7b:c9:55:bd:5f:96:ed:
db:1d:20:7e:2c:c5:7f:7b:fd:75:d0:53:4d:b4:b8:75:b8:95:
a4:d8:9c:a4:34:24:3b:66:0e:4b:8d:5f:7c:c0:f1:a4:85:5c:
54:81:7c:d8:34:1a:1e:80:4f:7f:79:6d:04:c1:40:f2:de:a9:
6d:71:64:02:d2:81:21:cc:ee:4d:59:79:f3:f4:b7:70:07:51:
ef:43:05:47:4f:56:e6:de:9d:84:b8:14:b9:90:91:18:e0:9a:
bb:8a:eb:cc:84:ba:43:2c:cc:0f:81:5e:a5:1f:a1:74:59:0f:
c0:85:f1:96:5e:00:f2:ff:a3:10:67:ae:eb:3c:46:7a:8b:aa:
56:42:3a:d5:18:c3:95:d9:43:9a:48:9d:6b:ae:a6:0c:4a:7a:
5e:4f:c2:cb:ad:0e:2e:c2:92:60:9a:e2:f8:b5:ed:6e:3c:73:
5f:dd:5e:e9:d4:c5:81:f4:83:e0:ab:9c:9d:fd:3c:a7:c0:fa:
04:46:af:38:a6:52:c6:ec:57:b1:63:52:4f:01:24:0d:8d:f8:
69:58:77:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVs+EkPKHtjZELRgD9vkMTxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZmFmM2EzZjIxNDBjYjdjNmZmMGNkNmE3ZjU2MTRhMDVl
NGU0NjcwHhcNMjMwMTAxMTA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmYyMGUzYTM5NDViYmY5YTI4Yjk4OTQ5NTY1ZDkyYzlhMTRhZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihJjJg36wHdiVOJqizCtHOwUd+nr
Nz/G66/R9bY8RnoFGcqhT55rTHqhwgvN81XguCMTrRWKBedSa8WAxFq9fNtwqePS
UY8DPjpkx6IgSqvMUL6rn44OeUubL86aD28CqJ1xD+lchiUXVRSxjBcS5WgvGUqR
Q6b+bkNZ4DZs0Ef0mYr3jRy6IUIYXOaHmIKDwwsYeRLUoWL+nbVs2/+5IqeWJfL/
9QkWDAQ1H2edJzFfJaPHbZ2gOTHSdOFhP2BhRBozF6rnnNsmIsgMp1pGJ+0jJ0RX
k25UDvXWQ2iHyEjET7lR4zVITUBbCDxjkx0IUk0Jss1xh7Dr+/hCdvSmhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/yDjo5Rbv5oouYlJVl2SyaFK9TMB8GA1UdIwQY
MBaAFNf686PyFAy3xv8M1qf1YUoF5ORnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYt
ZjM3OTdjZmQ2NWFlLzEvYl9JT09qbEZ1X21paTVpVWxXWFpMSm9VcjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9kZjk0ZTItN2NjOS00MWExLTk1MmYtZjM3OTdjZmQ2NWFl
LzEvMV9yem9fSVVETGZHX3d6V3BfVmhTZ1hrNUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhMLMA0E
AgACMAcDBQMqEh0AMA0GCSqGSIb3DQEBCwUAA4IBAQCtgb9JlLu1bcJ74jELcnMf
Qc3HR+xdZ3XkP+6pYx+dpnOI7waq/mf9F8Hrvt9KZXvJVb1flu3bHSB+LMV/e/11
0FNNtLh1uJWk2JykNCQ7Zg5LjV98wPGkhVxUgXzYNBoegE9/eW0EwUDy3qltcWQC
0oEhzO5NWXnz9LdwB1HvQwVHT1bm3p2EuBS5kJEY4Jq7iuvMhLpDLMwPgV6lH6F0
WQ/AhfGWXgDy/6MQZ67rPEZ6i6pWQjrVGMOV2UOaSJ1rrqYMSnpeT8LLrQ4uwpJg
muL4te1uPHNf3V7p1MWB9IPgq5yd/TynwPoERq84plLG7FexY1JPASQNjfhpWHfS
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:57 2025 by rpki-client