Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/noOqVaUH2MJcKv2figNNfhVdmow.roa
File: noOqVaUH2MJcKv2figNNfhVdmow.roa (raw, json)
Hash identifier: FNpCtS5ago3yoY1BR/V55ydkCgndzO9SSHpZsBgIq40=
Subject key identifier: 9E:83:AA:55:A5:07:D8:C2:5C:2A:FD:9F:8A:03:4D:7E:15:5D:9A:8C
Certificate issuer: /CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
Certificate serial: 018267404B9CACDDA61FE55C05322611DBEC
Authority key identifier: F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/noOqVaUH2MJcKv2figNNfhVdmow.roa
Signing time: Thu 04 Aug 2022 05:07:23 +0000
ROA not before: Thu 04 Aug 2022 05:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2635
IP address blocks: 185.64.140.0/22 maxlen: 32
2a04:fa80::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:40:4b:9c:ac:dd:a6:1f:e5:5c:05:32:26:11:db:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6acb269fa8a554f5243a3abd68d5b8d76fe5ebb
Validity
Not Before: Aug 4 05:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e83aa55a507d8c25c2afd9f8a034d7e155d9a8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:6f:76:cc:13:46:47:be:db:a3:8a:22:60:
4c:77:a8:de:ee:fe:72:49:a8:ed:41:55:58:83:1d:
af:04:05:e2:1a:ad:1b:10:0c:22:6a:42:fd:80:60:
da:1c:cd:21:71:df:91:01:55:f1:dd:a4:7e:f7:c8:
08:f5:cd:6c:43:8c:53:c8:34:21:d7:34:cb:8b:42:
61:13:2c:62:74:e9:20:34:93:f4:59:34:d3:0b:70:
17:46:40:a3:f4:83:38:92:cb:b1:ae:22:05:a4:80:
af:b0:9a:3f:4d:00:e8:c6:b7:21:61:15:89:69:24:
1c:a0:42:8e:e6:6f:63:b8:d4:6b:0c:68:3a:23:d1:
53:4e:e7:98:c3:cd:a4:f2:ef:d3:e0:4e:f6:9c:1a:
1e:2f:55:2d:d4:50:55:08:f8:30:ed:c0:0d:f9:6e:
2d:93:9f:3c:96:7f:21:be:2d:ec:65:5d:93:58:eb:
25:23:d1:5a:6d:ea:04:67:81:c7:54:90:8c:cf:9b:
89:47:c2:03:bf:da:6f:56:b5:4f:de:1d:c7:ed:ca:
a8:f3:a6:24:e6:bf:3a:ab:3c:87:f7:df:30:d5:83:
80:53:be:d6:a0:bb:63:b8:13:88:f1:e5:9b:b5:59:
dc:17:14:79:9b:57:3b:54:88:27:31:90:0c:4b:f3:
62:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:83:AA:55:A5:07:D8:C2:5C:2A:FD:9F:8A:03:4D:7E:15:5D:9A:8C
X509v3 Authority Key Identifier:
keyid:F6:AC:B2:69:FA:8A:55:4F:52:43:A3:AB:D6:8D:5B:8D:76:FE:5E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/noOqVaUH2MJcKv2figNNfhVdmow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2955fd-092a-4ecc-a92f-fbb33a54fade/1/9qyyafqKVU9SQ6Or1o1bjXb-Xrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.140.0/22
IPv6:
2a04:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
83:90:df:0b:30:fa:6a:da:b5:0c:61:cd:3a:0b:94:fc:67:4f:
5a:fc:63:89:c2:26:17:c5:84:92:5a:ca:22:23:62:c2:f8:7e:
ed:3e:38:6b:6b:29:e0:d8:9e:33:2e:1b:03:b2:e8:3c:b7:d2:
a1:3e:67:dc:ad:09:f1:73:b7:a3:b3:c3:b9:47:d1:14:4f:ab:
9b:de:f3:ea:83:36:e8:ce:84:4f:10:72:dc:17:55:48:0e:41:
1d:d7:e5:f9:32:6c:3f:56:53:08:66:5d:82:d8:76:e8:94:f7:
72:e3:58:a4:62:8e:79:e1:c1:3b:4f:69:d7:a9:1c:20:5d:09:
21:2e:8b:44:8e:4c:f7:55:da:9c:07:69:20:49:ce:1f:36:af:
34:25:2d:fc:c7:c4:8e:7b:4e:8b:e9:cb:89:7e:9b:27:30:4f:
2c:9f:aa:c3:df:fc:3c:ab:59:6c:55:4d:a3:91:eb:cd:e4:e5:
08:ae:c9:bd:90:99:f5:e4:26:3a:b9:9a:70:9c:c3:ab:6b:20:
4a:b5:ff:82:f6:f1:f9:09:78:d2:a1:04:76:89:6c:ec:4b:60:
b6:64:16:0f:02:73:d4:80:f4:e1:56:77:a7:71:02:8b:a7:06:
51:eb:bb:52:d0:d2:fe:b5:df:3b:ea:3e:bc:80:34:28:74:1e:
2d:26:0e:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJnQEucrN2mH+VcBTImEdvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWNiMjY5ZmE4YTU1NGY1MjQzYTNhYmQ2OGQ1YjhkNzZm
ZTVlYmIwHhcNMjIwODA0MDUwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTgzYWE1NWE1MDdkOGMyNWMyYWZkOWY4YTAzNGQ3ZTE1NWQ5YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqFvdswTRke+26OKImBMd6je7v5y
SajtQVVYgx2vBAXiGq0bEAwiakL9gGDaHM0hcd+RAVXx3aR+98gI9c1sQ4xTyDQh
1zTLi0JhEyxidOkgNJP0WTTTC3AXRkCj9IM4ksuxriIFpICvsJo/TQDoxrchYRWJ
aSQcoEKO5m9juNRrDGg6I9FTTueYw82k8u/T4E72nBoeL1Ut1FBVCPgw7cAN+W4t
k588ln8hvi3sZV2TWOslI9FabeoEZ4HHVJCMz5uJR8IDv9pvVrVP3h3H7cqo86Yk
5r86qzyH998w1YOAU77WoLtjuBOI8eWbtVncFxR5m1c7VIgnMZAMS/NiqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ6DqlWlB9jCXCr9n4oDTX4VXZqMMB8GA1UdIwQY
MBaAFPassmn6ilVPUkOjq9aNW412/l67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYt
ZmJiMzNhNTRmYWRlLzEvbm9PcVZhVUgyTUpjS3YyZmlnTk5maFZkbW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yOTU1ZmQtMDkyYS00ZWNjLWE5MmYtZmJiMzNhNTRmYWRl
LzEvOXF5eWFmcUtWVTlTUTZPcjFvMWJqWGItWHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCMMA0E
AgACMAcDBQMqBPqAMA0GCSqGSIb3DQEBCwUAA4IBAQCDkN8LMPpq2rUMYc06C5T8
Z09a/GOJwiYXxYSSWsoiI2LC+H7tPjhrayng2J4zLhsDsug8t9KhPmfcrQnxc7ej
s8O5R9EUT6ub3vPqgzbozoRPEHLcF1VIDkEd1+X5Mmw/VlMIZl2C2HbolPdy41ik
Yo554cE7T2nXqRwgXQkhLotEjkz3VdqcB2kgSc4fNq80JS38x8SOe06L6cuJfpsn
ME8sn6rD3/w8q1lsVU2jkevN5OUIrsm9kJn15CY6uZpwnMOrayBKtf+C9vH5CXjS
oQR2iWzsS2C2ZBYPAnPUgPThVnencQKLpwZR67tS0NL+td876j68gDQodB4tJg5Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org