Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/IPmjx5dAqe-iYJ49HFNwFygpWIA.roa
File: IPmjx5dAqe-iYJ49HFNwFygpWIA.roa (raw, json)
Hash identifier: TH2W/4CDTjzBHuFnt1q+NJacmCzmbie/ws1xjn3UlTI=
Subject key identifier: 20:F9:A3:C7:97:40:A9:EF:A2:60:9E:3D:1C:53:70:17:28:29:58:80
Certificate issuer: /CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Certificate serial: 0182B6A5CEA23834BAA5F0B102ED751E042C
Authority key identifier: 6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/IPmjx5dAqe-iYJ49HFNwFygpWIA.roa
Signing time: Fri 19 Aug 2022 15:08:15 +0000
ROA not before: Fri 19 Aug 2022 15:08:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204778
IP address blocks: 185.120.141.0/24 maxlen: 24
2a13:2180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b6:a5:ce:a2:38:34:ba:a5:f0:b1:02:ed:75:1e:04:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Validity
Not Before: Aug 19 15:08:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20f9a3c79740a9efa2609e3d1c53701728295880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e7:08:0f:5a:64:48:d0:ec:2d:34:04:fc:6b:
af:a5:a5:2e:6a:93:d0:03:75:93:2d:8a:b6:33:f7:
b9:8e:a6:21:1d:d5:45:fb:a0:ef:be:c9:f7:27:a1:
99:f2:96:55:8e:90:62:5e:11:e0:60:7d:78:c5:20:
f8:a5:1a:fd:7b:d2:67:48:3a:fd:bc:79:2f:43:fc:
65:63:23:54:32:44:7b:b7:fd:ec:b4:30:fb:3b:51:
f9:8d:bf:3d:06:75:52:81:64:d5:46:ac:bd:59:4c:
2f:bc:24:85:67:1a:73:01:80:cb:84:e5:b4:3b:e7:
d7:b3:47:05:77:ec:24:90:c9:71:57:f1:5d:fd:30:
10:66:ea:97:25:49:34:07:ea:10:92:f8:05:e3:40:
38:5a:3e:b2:fe:41:73:9d:12:90:09:84:75:a6:49:
59:f1:9e:18:45:62:f1:b4:2d:01:05:58:a9:48:46:
fa:2b:4a:88:e6:a6:eb:c7:66:35:56:ad:c3:83:74:
bb:ff:3b:ea:83:00:57:25:9c:93:d9:47:d0:a7:fe:
83:2c:e3:15:07:5f:fe:e3:6a:45:8b:97:50:02:24:
ba:ec:4e:f4:3e:7a:a9:e5:d4:07:8d:8b:dc:c3:48:
07:d8:a5:f6:31:bb:a2:b0:1c:33:68:74:47:4f:13:
55:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F9:A3:C7:97:40:A9:EF:A2:60:9E:3D:1C:53:70:17:28:29:58:80
X509v3 Authority Key Identifier:
keyid:6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/IPmjx5dAqe-iYJ49HFNwFygpWIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.141.0/24
IPv6:
2a13:2180::/48
Signature Algorithm: sha256WithRSAEncryption
b2:2c:20:ea:44:f8:45:3e:b2:8e:ce:50:de:12:11:fe:85:e4:
1f:11:24:92:aa:1f:1e:9f:7b:72:a2:f6:38:7e:10:5b:9f:9e:
9e:64:d9:13:61:56:fc:fe:f2:d8:04:2d:e1:b5:8c:d3:5f:86:
51:f0:9e:cb:6a:26:95:7c:53:fc:b3:ee:88:28:a9:5d:88:00:
1c:c6:98:67:f9:b9:16:6d:73:ef:04:d3:d9:36:69:f4:d1:76:
b1:32:49:3f:07:8d:21:7f:7d:2a:98:97:6c:37:c7:da:40:22:
5d:48:5e:56:94:2c:1d:39:73:a8:84:c4:66:84:7d:d1:9e:95:
07:ce:2c:0a:14:6b:c2:94:5d:cf:d7:74:1c:38:f5:70:32:af:
a9:a0:c8:dd:8f:df:27:b0:e2:38:b8:1a:32:35:87:4b:3d:cd:
a0:68:fa:f0:17:83:a6:8f:00:26:4d:62:e9:5d:d0:a0:43:ec:
cd:a3:e6:7b:f3:43:c1:fe:f5:14:f4:57:3d:c5:d2:2b:67:3d:
84:88:19:e0:d4:b1:16:51:b2:7e:83:f9:6d:fa:b6:bf:8a:32:
e6:93:0e:7a:64:fa:4a:63:e0:94:21:af:e6:73:58:d2:ef:33:
35:c4:ae:4a:75:bf:d4:32:11:70:cb:f5:df:1f:e6:59:48:53:
29:c9:73:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYK2pc6iODS6pfCxAu11HgQsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzAwNmRjZDI4OWM0N2Y5ZjU4ZTEyOGViMjk3NTcyMzkx
NDRiYjYwHhcNMjIwODE5MTUwODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY5YTNjNzk3NDBhOWVmYTI2MDllM2QxYzUzNzAxNzI4Mjk1ODgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhucID1pkSNDsLTQE/GuvpaUuapPQ
A3WTLYq2M/e5jqYhHdVF+6Dvvsn3J6GZ8pZVjpBiXhHgYH14xSD4pRr9e9JnSDr9
vHkvQ/xlYyNUMkR7t/3stDD7O1H5jb89BnVSgWTVRqy9WUwvvCSFZxpzAYDLhOW0
O+fXs0cFd+wkkMlxV/Fd/TAQZuqXJUk0B+oQkvgF40A4Wj6y/kFznRKQCYR1pklZ
8Z4YRWLxtC0BBVipSEb6K0qI5qbrx2Y1Vq3Dg3S7/zvqgwBXJZyT2UfQp/6DLOMV
B1/+42pFi5dQAiS67E70Pnqp5dQHjYvcw0gH2KX2MbuisBwzaHRHTxNVzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCD5o8eXQKnvomCePRxTcBcoKViAMB8GA1UdIwQY
MBaAFG0wBtzSicR/n1jhKOspdXI5FEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMt
MmY3ZTUyZmI4YmQzLzEvSVBtang1ZEFxZS1pWUo0OUhGTndGeWdwV0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMtMmY3ZTUyZmI4YmQz
LzEvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXiNMA8E
AgACMAkDBwAqEyGAAAAwDQYJKoZIhvcNAQELBQADggEBALIsIOpE+EU+so7OUN4S
Ef6F5B8RJJKqHx6fe3Ki9jh+EFufnp5k2RNhVvz+8tgELeG1jNNfhlHwnstqJpV8
U/yz7ogoqV2IABzGmGf5uRZtc+8E09k2afTRdrEyST8HjSF/fSqYl2w3x9pAIl1I
XlaULB05c6iExGaEfdGelQfOLAoUa8KUXc/XdBw49XAyr6mgyN2P3yew4ji4GjI1
h0s9zaBo+vAXg6aPACZNYuld0KBD7M2j5nvzQ8H+9RT0Vz3F0itnPYSIGeDUsRZR
sn6D+W36tr+KMuaTDnpk+kpj4JQhr+ZzWNLvMzXErkp1v9QyEXDL9d8f5llIUynJ
c4o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:50 2024 by rpki-client on console-fra.rpki-client.org