Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/1-SAf1QVeyHy-EW0ULyzBrq1edqY.roa
File: 1-SAf1QVeyHy-EW0ULyzBrq1edqY.roa (raw, json)
Hash identifier: XJiUCluoyPodGWwuH4KS+wnR/0hSVBD9H7wtzd6Hpm0=
Subject key identifier: F9:20:1F:D5:05:5E:C8:7C:BE:11:6D:14:2F:2C:C1:AE:AD:5E:76:A6
Certificate issuer: /CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Certificate serial: 0185715575992ADD25B3F0909E239CBFCFAF
Authority key identifier: C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/1-SAf1QVeyHy-EW0ULyzBrq1edqY.roa
Signing time: Mon 02 Jan 2023 07:15:04 +0000
ROA not before: Mon 02 Jan 2023 07:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200402
IP address blocks: 185.84.57.0/24 maxlen: 24
185.84.56.0/24 maxlen: 24
185.84.56.0/22 maxlen: 22
2a03:6ee0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:75:99:2a:dd:25:b3:f0:90:9e:23:9c:bf:cf:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Validity
Not Before: Jan 2 07:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9201fd5055ec87cbe116d142f2cc1aead5e76a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:3e:67:83:7b:a7:b8:44:62:3d:26:a5:70:
3c:d1:82:78:c4:2b:a0:72:c1:da:39:d7:6c:90:2a:
ad:81:88:a6:49:93:8d:e8:d6:90:0e:b0:40:4c:05:
87:a5:75:48:a2:f8:83:47:88:e4:ec:ba:f5:9b:64:
5f:4a:88:3f:ce:1c:b7:56:af:c5:48:06:b7:c7:a4:
9a:47:ad:99:20:20:44:54:b8:3a:de:8c:66:67:16:
e3:26:12:31:08:be:bb:9f:22:2c:34:f0:0f:98:2a:
36:83:a1:c3:69:2f:6d:27:b5:40:e6:a8:86:7f:92:
cb:3d:46:6a:92:02:a6:50:f7:5a:80:0e:ee:a8:1f:
88:e7:bb:27:84:11:d3:61:9d:ca:1b:f4:23:50:eb:
20:a1:00:2c:01:57:86:1b:d2:c2:ff:9d:50:cb:a0:
46:a5:57:14:cf:c0:c5:6d:cf:49:f5:df:f2:b8:67:
2f:ec:10:9d:39:d9:9b:c2:39:b4:e5:f9:32:1a:15:
52:ec:1d:39:94:74:4a:59:90:76:6c:dd:92:8e:80:
3c:70:74:15:2b:4e:5b:24:fa:17:fb:06:e6:c5:d0:
bf:55:c9:11:ce:78:ed:9b:00:55:16:ae:25:4f:e4:
4c:e5:bb:e1:6c:5a:19:d6:54:8d:e5:72:d7:de:59:
43:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:20:1F:D5:05:5E:C8:7C:BE:11:6D:14:2F:2C:C1:AE:AD:5E:76:A6
X509v3 Authority Key Identifier:
keyid:C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/1-SAf1QVeyHy-EW0ULyzBrq1edqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.56.0/22
IPv6:
2a03:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:fa:f0:d2:39:b4:dd:a5:59:aa:f4:8e:93:3f:ec:dc:43:43:
9b:cf:a9:5a:30:be:2d:15:e0:4c:90:c5:df:b5:cd:0d:7b:fd:
ea:1e:30:6d:8a:10:df:8e:f7:51:2d:3f:38:43:f5:3a:74:dd:
62:84:95:7b:9d:55:2b:c7:c5:1b:1e:0e:04:c8:70:65:5d:b8:
be:03:c2:75:d9:5e:1e:6a:d8:05:df:73:c1:f9:f0:35:f8:b9:
6e:38:0c:cb:6f:c7:67:9e:94:89:ea:40:b8:b6:b7:74:6d:e2:
28:e0:9f:e9:0c:dc:d1:79:0e:1f:81:c0:b3:34:cb:90:d2:c2:
1e:3b:ce:86:c1:78:64:ed:fe:b3:65:f0:f1:5c:89:ed:ce:c5:
44:6b:b0:97:53:3a:36:31:f0:e0:1d:92:96:3b:3e:50:ad:24:
e2:c1:9f:71:0d:52:b6:ca:95:8c:56:1a:72:f6:f8:d4:34:f7:
5c:93:89:a2:78:2c:39:be:ca:06:94:b0:a0:22:f4:b0:f9:c1:
42:41:c9:20:e7:a0:8c:17:a7:7c:af:df:4f:3e:7e:ec:e2:c7:
7d:ae:4f:d9:ef:fb:5e:fd:f1:a2:94:9c:17:32:11:ff:c0:ec:
29:c1:e9:17:c8:ec:4b:e6:44:ce:28:df:37:a1:52:00:a5:42:
7e:01:ab:d8
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxVXWZKt0ls/CQniOcv8+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWI2NjhiNzM1YTE4MzkzNzRlNDhmNzljYjI0MzZkYmY0
MTdjYWEwHhcNMjMwMTAyMDcxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTIwMWZkNTA1NWVjODdjYmUxMTZkMTQyZjJjYzFhZWFkNWU3NmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiU+Z4N7p7hEYj0mpXA80YJ4xCug
csHaOddskCqtgYimSZON6NaQDrBATAWHpXVIoviDR4jk7Lr1m2RfSog/zhy3Vq/F
SAa3x6SaR62ZICBEVLg63oxmZxbjJhIxCL67nyIsNPAPmCo2g6HDaS9tJ7VA5qiG
f5LLPUZqkgKmUPdagA7uqB+I57snhBHTYZ3KG/QjUOsgoQAsAVeGG9LC/51Qy6BG
pVcUz8DFbc9J9d/yuGcv7BCdOdmbwjm05fkyGhVS7B05lHRKWZB2bN2SjoA8cHQV
K05bJPoX+wbmxdC/VckRznjtmwBVFq4lT+RM5bvhbFoZ1lSN5XLX3llDpQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPkgH9UFXsh8vhFtFC8swa6tXnamMB8GA1UdIwQY
MBaAFMDrZotzWhg5N05I95yyQ22/QXyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTIt
MmQyNmYxYjU2ZTIwLzEvMS1TQWYxUVZleUh5LUVXMFVMeXpCcnExZWRxWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvNjhiNTIxLWM3OTAtNDk1Ny05ZTUyLTJkMjZmMWI1NmUy
MC8xL3dPdG1pM05hR0RrM1RrajNuTEpEYmI5QmZLby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlUODAN
BAIAAjAHAwUAKgNu4DANBgkqhkiG9w0BAQsFAAOCAQEAsfrw0jm03aVZqvSOkz/s
3ENDm8+pWjC+LRXgTJDF37XNDXv96h4wbYoQ3473US0/OEP1OnTdYoSVe51VK8fF
Gx4OBMhwZV24vgPCddleHmrYBd9zwfnwNfi5bjgMy2/HZ56UiepAuLa3dG3iKOCf
6Qzc0XkOH4HAszTLkNLCHjvOhsF4ZO3+s2Xw8VyJ7c7FRGuwl1M6NjHw4B2Sljs+
UK0k4sGfcQ1StsqVjFYacvb41DT3XJOJongsOb7KBpSwoCL0sPnBQkHJIOegjBen
fK/fTz5+7OLHfa5P2e/7Xv3xopScFzIR/8DsKcHpF8jsS+ZEzijfN6FSAKVCfgGr
2A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:30 2025 by rpki-client