Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/3YmRLeivWvLGtTImiF90mETZvHQ.roa
File: 3YmRLeivWvLGtTImiF90mETZvHQ.roa (raw, json)
Hash identifier: gdvUPN7dIDKYOD1jH3RXPHqye3ZerNtLWLk4xAVUWkQ=
Subject key identifier: DD:89:91:2D:E8:AF:5A:F2:C6:B5:32:26:88:5F:74:98:44:D9:BC:74
Certificate issuer: /CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Certificate serial: 018BB8416D256BD5346BA7AA77CC732F62F1
Authority key identifier: C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/3YmRLeivWvLGtTImiF90mETZvHQ.roa
Signing time: Fri 10 Nov 2023 08:02:57 +0000
ROA not before: Fri 10 Nov 2023 08:02:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200402
IP address blocks: 185.84.57.0/24 maxlen: 24
185.84.56.0/24 maxlen: 24
185.84.56.0/22 maxlen: 22
2a03:6ee0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:41:6d:25:6b:d5:34:6b:a7:aa:77:cc:73:2f:62:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Validity
Not Before: Nov 10 08:02:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd89912de8af5af2c6b53226885f749844d9bc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0e:c3:d7:b4:e5:80:84:e6:a5:8f:91:c7:d0:
8f:da:7d:9b:6f:aa:23:6b:ba:4c:75:81:02:0c:cf:
0b:78:ad:86:7d:85:b6:4c:16:9a:99:d1:25:55:db:
5a:ed:8f:36:1e:43:62:84:fd:59:2c:96:ce:1a:3c:
07:ca:2e:40:07:00:9e:d5:4c:84:aa:dd:ad:b5:b3:
16:79:28:ab:78:3a:de:3c:e4:c7:b3:52:96:8e:b8:
61:80:a0:a2:03:bb:71:f3:a9:db:60:fc:8f:1b:51:
70:ca:60:09:84:89:40:c6:29:8f:ce:aa:84:34:f1:
8b:a5:ce:62:c7:2b:e3:e0:25:c9:ab:36:9d:07:16:
e8:3d:15:7a:7e:62:7b:5f:29:62:37:90:86:0c:22:
bf:5f:5b:71:fc:92:57:08:23:89:d8:c1:ea:50:ae:
f6:d7:10:30:41:a7:b7:54:7c:c9:bf:39:bb:7e:ef:
61:14:74:1e:ca:54:89:22:5c:a2:a7:e7:ea:8f:f9:
0c:e7:20:1d:d3:04:d1:0f:88:94:f8:cc:24:f3:65:
50:00:92:0d:0c:8c:a5:32:ea:19:85:3f:05:14:ed:
ea:91:af:29:d2:5b:0d:b4:5d:da:f3:44:d7:88:c5:
e6:77:9d:e9:0e:e4:57:da:b0:24:ed:0a:e9:1e:14:
b2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:89:91:2D:E8:AF:5A:F2:C6:B5:32:26:88:5F:74:98:44:D9:BC:74
X509v3 Authority Key Identifier:
keyid:C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/3YmRLeivWvLGtTImiF90mETZvHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.56.0/22
IPv6:
2a03:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:e0:14:0a:ea:4b:c1:08:5d:a7:cf:f7:2e:34:e9:5a:1f:d8:
2b:d2:0a:1a:94:3a:a7:3d:8d:2d:6e:06:ea:89:c0:86:ca:2a:
50:5d:14:4a:39:1c:15:25:15:24:eb:68:2c:b3:aa:1e:b6:c3:
38:af:0a:71:ec:08:56:6a:53:4e:a6:d3:e2:a6:76:53:cd:c8:
97:d5:08:30:0a:ea:35:c8:30:31:df:be:7a:a9:19:73:a1:d5:
44:bc:7f:2d:83:bc:1f:dc:29:27:88:33:82:4f:bb:6b:23:54:
97:1c:ed:f5:a0:39:14:29:98:4e:40:1f:0a:c2:6a:ef:00:ea:
96:85:19:b9:80:8f:f9:75:47:e3:77:ab:e3:b7:b8:4d:88:59:
f0:cf:06:2e:ed:81:3c:2b:0c:96:39:ce:40:8d:7c:92:b9:94:
27:aa:b0:03:6f:10:c1:e4:2c:67:6f:55:cd:8f:1f:fe:8f:b1:
78:e2:f5:0e:ce:44:2e:6e:ee:5e:a9:bb:33:58:b0:30:f8:38:
c3:96:90:52:90:d1:3f:71:53:ec:5a:4c:14:27:93:3d:7c:ba:
19:58:43:6c:bb:09:92:01:db:aa:bc:2c:78:77:3e:72:9e:5a:
42:86:d8:a1:e1:ec:42:c0:ff:85:76:0f:d1:8f:5e:4e:45:6c:
d5:77:c9:1f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu4QW0la9U0a6eqd8xzL2LxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWI2NjhiNzM1YTE4MzkzNzRlNDhmNzljYjI0MzZkYmY0
MTdjYWEwHhcNMjMxMTEwMDgwMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg5OTEyZGU4YWY1YWYyYzZiNTMyMjY4ODVmNzQ5ODQ0ZDliYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw7D17TlgITmpY+Rx9CP2n2bb6oj
a7pMdYECDM8LeK2GfYW2TBaamdElVdta7Y82HkNihP1ZLJbOGjwHyi5ABwCe1UyE
qt2ttbMWeSireDrePOTHs1KWjrhhgKCiA7tx86nbYPyPG1FwymAJhIlAximPzqqE
NPGLpc5ixyvj4CXJqzadBxboPRV6fmJ7XyliN5CGDCK/X1tx/JJXCCOJ2MHqUK72
1xAwQae3VHzJvzm7fu9hFHQeylSJIlyip+fqj/kM5yAd0wTRD4iU+Mwk82VQAJIN
DIylMuoZhT8FFO3qka8p0lsNtF3a80TXiMXmd53pDuRX2rAk7QrpHhSyeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN2JkS3or1ryxrUyJohfdJhE2bx0MB8GA1UdIwQY
MBaAFMDrZotzWhg5N05I95yyQ22/QXyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTIt
MmQyNmYxYjU2ZTIwLzEvM1ltUkxlaXZXdkxHdFRJbWlGOTBtRVRadkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTItMmQyNmYxYjU2ZTIw
LzEvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVQ4MA0E
AgACMAcDBQAqA27gMA0GCSqGSIb3DQEBCwUAA4IBAQB/4BQK6kvBCF2nz/cuNOla
H9gr0goalDqnPY0tbgbqicCGyipQXRRKORwVJRUk62gss6oetsM4rwpx7AhWalNO
ptPipnZTzciX1QgwCuo1yDAx3756qRlzodVEvH8tg7wf3CkniDOCT7trI1SXHO31
oDkUKZhOQB8KwmrvAOqWhRm5gI/5dUfjd6vjt7hNiFnwzwYu7YE8KwyWOc5AjXyS
uZQnqrADbxDB5Cxnb1XNjx/+j7F44vUOzkQubu5eqbszWLAw+DjDlpBSkNE/cVPs
WkwUJ5M9fLoZWENsuwmSAduqvCx4dz5ynlpChtih4exCwP+Fdg/Rj15ORWzVd8kf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:52 2025 by rpki-client