Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/j3TzKu4Nan4pXI_Uey3a3YffxJo.roa
File: j3TzKu4Nan4pXI_Uey3a3YffxJo.roa (raw, json)
Hash identifier: ZTQz2gBsd889Krx3H1oGaB7Ixj4gL8cLO8gjB30PtpU=
Subject key identifier: 8F:74:F3:2A:EE:0D:6A:7E:29:5C:8F:D4:7B:2D:DA:DD:87:DF:C4:9A
Certificate issuer: /CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Certificate serial: 018BB634D3BFA1083FA6B339A28EC5543752
Authority key identifier: C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/j3TzKu4Nan4pXI_Uey3a3YffxJo.roa
Signing time: Thu 09 Nov 2023 22:29:57 +0000
ROA not before: Thu 09 Nov 2023 22:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200402
IP address blocks: 185.84.57.0/24 maxlen: 24
185.84.56.0/24 maxlen: 24
185.84.56.0/22 maxlen: 22
2a03:6ee0::/32 maxlen: 32
2a03:6ee0::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b6:34:d3:bf:a1:08:3f:a6:b3:39:a2:8e:c5:54:37:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0eb668b735a1839374e48f79cb2436dbf417caa
Validity
Not Before: Nov 9 22:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f74f32aee0d6a7e295c8fd47b2ddadd87dfc49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d1:25:3b:3a:3f:27:38:5b:62:95:06:fb:a4:
05:5f:90:de:8b:a3:e1:c2:b6:cd:a1:be:d1:b2:d2:
5a:bf:78:6a:57:5e:3a:35:0d:a4:e2:85:e3:ee:e4:
58:d1:5e:4b:e3:29:dc:d8:d0:47:0a:bb:25:23:3d:
72:a2:13:8c:f2:b5:c8:8e:fe:5c:75:a3:74:3e:41:
cd:5e:70:80:39:24:d0:55:92:ec:b8:68:96:25:b2:
38:75:cc:1c:44:36:77:9f:07:43:ea:2f:1c:e4:28:
52:7a:b2:04:09:58:5a:dd:f7:6e:cf:2b:9a:26:92:
e6:f1:f7:81:5f:85:d0:88:92:01:31:22:ac:ad:57:
9c:c4:58:d7:0a:23:b7:31:3c:d6:10:2b:f4:5f:2a:
d8:cf:f4:fd:3b:ee:e3:c0:b2:c8:69:4d:d1:8b:94:
51:a6:c5:3b:77:f4:1e:af:99:4d:01:84:36:75:53:
90:3d:b8:e8:1b:0a:d8:3d:e4:10:cf:a4:69:a2:b0:
97:f0:12:6a:a9:9d:92:b7:d3:53:21:33:51:49:24:
89:ed:6e:be:9c:e8:57:7b:3c:eb:9f:0e:b2:de:ed:
2e:7c:6a:ea:bd:8a:89:58:2e:e8:7f:3b:91:57:71:
e0:cb:68:e0:07:21:1c:c4:69:68:98:6d:31:67:3d:
2e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:74:F3:2A:EE:0D:6A:7E:29:5C:8F:D4:7B:2D:DA:DD:87:DF:C4:9A
X509v3 Authority Key Identifier:
keyid:C0:EB:66:8B:73:5A:18:39:37:4E:48:F7:9C:B2:43:6D:BF:41:7C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/j3TzKu4Nan4pXI_Uey3a3YffxJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/68b521-c790-4957-9e52-2d26f1b56e20/1/wOtmi3NaGDk3Tkj3nLJDbb9BfKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.56.0/22
IPv6:
2a03:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
32:20:f0:3f:ee:16:62:8d:69:7c:0a:4f:10:b5:f3:11:05:41:
24:f2:8a:02:d1:3e:da:9b:7b:3b:bb:a7:26:fe:2a:96:52:a3:
9f:fe:36:00:96:4f:aa:26:47:69:5d:c7:5c:03:7d:c5:15:b1:
b4:4d:a9:85:13:15:05:69:95:6d:f9:bf:3f:24:e5:c4:55:f9:
be:7d:a4:a5:cc:21:45:ed:de:f7:00:b7:c8:20:db:db:90:1a:
17:bb:c0:fd:63:e9:80:bd:0e:49:94:6b:84:ec:e0:ff:fa:99:
0a:4f:95:77:e1:b3:06:16:60:fe:5e:be:b0:42:13:13:8b:29:
db:c3:8e:89:11:13:eb:97:9d:cc:8d:3c:af:d0:91:59:81:d1:
85:4b:71:e7:b3:39:4e:dc:21:3f:9e:10:b8:62:b4:80:7c:0d:
af:dd:db:df:6d:c3:94:1c:13:20:fd:ca:de:15:e9:7f:93:ad:
d6:63:61:ba:82:6b:ef:7b:9a:7b:d1:5a:bb:65:cd:84:f4:f7:
89:3b:53:ac:82:e6:b1:47:ca:a7:b0:79:36:f4:58:be:5c:1a:
81:61:3c:85:3f:df:21:df:fd:4d:ef:a4:b5:e6:a7:70:99:ba:
c7:21:85:7e:37:e7:94:8f:86:1a:10:c2:5b:7e:86:33:b9:2f:
d7:66:38:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYu2NNO/oQg/prM5oo7FVDdSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWI2NjhiNzM1YTE4MzkzNzRlNDhmNzljYjI0MzZkYmY0
MTdjYWEwHhcNMjMxMTA5MjIyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc0ZjMyYWVlMGQ2YTdlMjk1YzhmZDQ3YjJkZGFkZDg3ZGZjNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNElOzo/JzhbYpUG+6QFX5Dei6Ph
wrbNob7RstJav3hqV146NQ2k4oXj7uRY0V5L4ync2NBHCrslIz1yohOM8rXIjv5c
daN0PkHNXnCAOSTQVZLsuGiWJbI4dcwcRDZ3nwdD6i8c5ChSerIECVha3fduzyua
JpLm8feBX4XQiJIBMSKsrVecxFjXCiO3MTzWECv0XyrYz/T9O+7jwLLIaU3Ri5RR
psU7d/Qer5lNAYQ2dVOQPbjoGwrYPeQQz6RporCX8BJqqZ2St9NTITNRSSSJ7W6+
nOhXezzrnw6y3u0ufGrqvYqJWC7ofzuRV3Hgy2jgByEcxGlomG0xZz0uHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI908yruDWp+KVyP1Hst2t2H38SaMB8GA1UdIwQY
MBaAFMDrZotzWhg5N05I95yyQ22/QXyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTIt
MmQyNmYxYjU2ZTIwLzEvajNUekt1NE5hbjRwWElfVWV5M2EzWWZmeEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC82OGI1MjEtYzc5MC00OTU3LTllNTItMmQyNmYxYjU2ZTIw
LzEvd090bWkzTmFHRGszVGtqM25MSkRiYjlCZktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVQ4MA0E
AgACMAcDBQAqA27gMA0GCSqGSIb3DQEBCwUAA4IBAQAyIPA/7hZijWl8Ck8QtfMR
BUEk8ooC0T7am3s7u6cm/iqWUqOf/jYAlk+qJkdpXcdcA33FFbG0TamFExUFaZVt
+b8/JOXEVfm+faSlzCFF7d73ALfIINvbkBoXu8D9Y+mAvQ5JlGuE7OD/+pkKT5V3
4bMGFmD+Xr6wQhMTiynbw46JERPrl53MjTyv0JFZgdGFS3HnszlO3CE/nhC4YrSA
fA2v3dvfbcOUHBMg/creFel/k63WY2G6gmvve5p70Vq7Zc2E9PeJO1OsguaxR8qn
sHk29Fi+XBqBYTyFP98h3/1N76S15qdwmbrHIYV+N+eUj4YaEMJbfoYzuS/XZjjx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:34 2025 by rpki-client