Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/bFj_ipYHb8GLifrBXvG4Zb9OtKg.roa
File: bFj_ipYHb8GLifrBXvG4Zb9OtKg.roa (raw, json)
Hash identifier: 50J5abgg5dz1gI4/YCe8GO6Wa2yeOmS/dD0ADl1p6wE=
Subject key identifier: 6C:58:FF:8A:96:07:6F:C1:8B:89:FA:C1:5E:F1:B8:65:BF:4E:B4:A8
Certificate issuer: /CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Certificate serial: 01334D43
Authority key identifier: C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/bFj_ipYHb8GLifrBXvG4Zb9OtKg.roa
Signing time: Sat 01 Jan 2022 07:01:04 +0000
ROA not before: Sat 01 Jan 2022 07:01:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200402
IP address blocks: 185.84.57.0/24 maxlen: 24
185.84.56.0/24 maxlen: 24
185.84.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20139331 (0x1334d43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Validity
Not Before: Jan 1 07:01:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c58ff8a96076fc18b89fac15ef1b865bf4eb4a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:06:f3:55:7b:e5:e6:f5:a3:c4:df:78:9d:09:
23:9a:e8:88:09:5e:7b:7d:49:eb:69:3a:15:d4:13:
4c:7e:c3:bd:73:10:82:de:0c:97:a7:02:29:7d:a2:
32:8c:fe:b9:0b:68:fc:00:8d:0d:a0:b1:3c:16:f7:
e1:71:7c:6e:43:7c:81:c7:48:fc:59:18:96:ae:e1:
d4:b2:d3:c4:4b:2c:97:d4:7c:40:47:33:7d:26:08:
3d:22:e5:b0:b7:b1:f6:69:09:3f:2d:75:08:94:70:
83:8b:26:48:6a:76:a7:63:9f:45:f8:eb:2d:15:74:
6d:99:29:be:e2:da:d2:7f:45:52:ee:86:77:b0:e2:
f2:d1:5e:d1:e2:be:23:94:83:fa:5a:80:46:b0:b2:
a7:cc:36:91:92:ad:25:5f:f9:d6:c8:0c:84:63:e8:
92:9e:5c:b8:7e:1f:9d:ae:71:5d:60:d9:59:c4:b6:
67:b5:52:5c:23:c4:3d:c0:17:47:a4:e9:7a:6e:2c:
35:e1:65:01:e7:90:16:de:4b:a3:fd:1d:58:79:67:
17:84:f8:7a:37:98:54:d8:e7:bb:a3:5d:b7:a0:53:
f7:9a:b2:79:cc:33:17:dc:43:db:47:80:bb:e9:28:
7d:14:a8:a6:62:53:fb:77:29:b4:59:c6:4e:87:48:
74:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:58:FF:8A:96:07:6F:C1:8B:89:FA:C1:5E:F1:B8:65:BF:4E:B4:A8
X509v3 Authority Key Identifier:
keyid:C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/bFj_ipYHb8GLifrBXvG4Zb9OtKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:60:bc:49:27:2e:61:c3:a1:aa:b5:2e:7a:85:ea:8d:b6:bd:
e8:18:e4:e5:3e:7f:04:06:3e:a1:31:56:20:b1:4c:56:12:06:
67:28:25:a5:1a:99:32:b2:a4:91:62:f8:d4:bc:1e:03:e0:da:
ea:ab:cd:63:11:91:70:af:02:c0:18:65:bb:0a:07:4d:94:10:
03:9b:ef:7d:6a:4c:29:fe:e8:bf:69:5e:30:58:2f:8a:20:93:
eb:82:06:5a:8e:6d:71:2c:4b:9e:e1:ec:eb:b3:28:99:a6:f5:
09:16:a3:f9:2a:61:23:eb:d2:3a:cd:79:df:02:23:2d:cd:1e:
89:c5:6f:62:77:ea:82:f8:b8:86:53:58:ed:b6:e8:cd:9c:d4:
ef:10:55:25:f8:45:8b:c7:57:a3:02:b0:af:fe:c1:c7:18:e8:
85:83:11:2a:74:3f:e5:fa:70:f7:8d:e5:2a:25:c4:fe:53:27:
72:34:4a:71:b2:f6:7f:b8:0c:1a:58:e6:13:c4:ef:cc:51:c8:
b6:9e:00:4e:ee:30:b7:f6:b2:7a:e6:48:2c:0a:6b:33:a5:b9:
e5:8e:af:ac:3a:b9:da:bf:d3:13:43:57:a7:b1:45:83:85:4c:
68:1f:1e:9f:a7:2c:23:92:b3:02:91:6d:8b:42:dd:b9:bc:b1:
30:7d:81:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATNNQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MGViNjY4YjczNWExODM5Mzc0ZTQ4Zjc5Y2IyNDM2ZGJmNDE3Y2FhMB4XDTIyMDEw
MTA3MDEwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmM1OGZmOGE5NjA3
NmZjMThiODlmYWMxNWVmMWI4NjViZjRlYjRhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIG81V75eb1o8TfeJ0JI5roiAlee31J62k6FdQTTH7DvXMQ
gt4Ml6cCKX2iMoz+uQto/ACNDaCxPBb34XF8bkN8gcdI/FkYlq7h1LLTxEssl9R8
QEczfSYIPSLlsLex9mkJPy11CJRwg4smSGp2p2OfRfjrLRV0bZkpvuLa0n9FUu6G
d7Di8tFe0eK+I5SD+lqARrCyp8w2kZKtJV/51sgMhGPokp5cuH4fna5xXWDZWcS2
Z7VSXCPEPcAXR6Tpem4sNeFlAeeQFt5Lo/0dWHlnF4T4ejeYVNjnu6Ndt6BT95qy
ecwzF9xD20eAu+kofRSopmJT+3cptFnGTodIdOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsWP+KlgdvwYuJ+sFe8bhlv060qDAfBgNVHSMEGDAWgBTA62aLc1oYOTdO
SPecskNtv0F8qjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dPdG1pM05hR0RrM1RrajNuTEpEYmI5QmZLby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvNjhiNTIxLWM3OTAtNDk1Ny05ZTUyLTJkMjZmMWI1NmUyMC8x
L2JGal9pcFlIYjhHTGlmckJYdkc0WmI5T3RLZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
NjhiNTIxLWM3OTAtNDk1Ny05ZTUyLTJkMjZmMWI1NmUyMC8xL3dPdG1pM05hR0Rr
M1RrajNuTEpEYmI5QmZLby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlUODANBgkqhkiG9w0BAQsFAAOC
AQEAb2C8SScuYcOhqrUueoXqjba96Bjk5T5/BAY+oTFWILFMVhIGZyglpRqZMrKk
kWL41LweA+Da6qvNYxGRcK8CwBhluwoHTZQQA5vvfWpMKf7ov2leMFgviiCT64IG
Wo5tcSxLnuHs67Momab1CRaj+SphI+vSOs153wIjLc0eicVvYnfqgvi4hlNY7bbo
zZzU7xBVJfhFi8dXowKwr/7BxxjohYMRKnQ/5fpw943lKiXE/lMncjRKcbL2f7gM
GljmE8TvzFHItp4ATu4wt/ayeuZILAprM6W55Y6vrDq52r/TE0NXp7FFg4VMaB8e
n6csI5KzApFti0LdubyxMH2BSg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:46:04 2025 by rpki-client