Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/7kA5o1cfcCS3Ws-3ZPfXw8geq7A.roa
File: 7kA5o1cfcCS3Ws-3ZPfXw8geq7A.roa (raw, json)
Hash identifier: 30KFhgtKG9DEhvjgiIuBEJUAmWDwLo1LbXUh/M6LPFA=
Subject key identifier: EE:40:39:A3:57:1F:70:24:B7:5A:CF:B7:64:F7:D7:C3:C8:1E:AB:B0
Certificate issuer: /CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Certificate serial: 02297E28
Authority key identifier: 31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/7kA5o1cfcCS3Ws-3ZPfXw8geq7A.roa
Signing time: Sat 01 Jan 2022 08:59:50 +0000
ROA not before: Sat 01 Jan 2022 08:59:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33988
IP address blocks: 185.188.204.0/22 maxlen: 22
2a0b:8f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36273704 (0x2297e28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Validity
Not Before: Jan 1 08:59:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee4039a3571f7024b75acfb764f7d7c3c81eabb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bf:85:51:6e:0a:87:29:c1:fb:1c:88:05:24:
8e:00:b8:34:2c:45:80:97:04:1b:3b:5b:7f:6d:97:
fa:e0:a3:05:0b:f3:55:f8:be:06:34:04:58:24:0b:
65:16:8b:b4:cf:de:30:8f:3b:00:1e:79:ed:9f:98:
35:87:07:dc:b2:1e:55:77:f6:6f:79:b8:58:57:3b:
41:44:f9:58:56:2a:bf:fc:03:44:49:b6:bc:6d:a8:
b9:36:ab:8b:05:67:f6:b9:67:66:0b:bb:7b:55:ab:
ca:e3:a8:dc:f5:11:19:13:70:b1:19:fa:0f:45:6e:
55:b2:be:8a:6e:9e:29:14:44:64:52:a1:16:7d:71:
93:32:74:36:4e:22:f6:51:cd:2a:23:25:28:1b:cb:
5e:9b:7c:e6:30:8c:ac:6d:15:ce:f5:30:25:64:76:
71:e2:b1:9c:db:e6:06:f5:80:c0:63:c3:1b:2d:26:
0f:0e:ef:17:45:3b:0e:99:e9:01:ea:bf:2d:53:14:
6a:9f:d8:b4:81:1a:82:e4:b5:4b:3d:b4:c6:1e:98:
bb:c6:8c:e0:2c:09:47:f8:13:c8:98:2d:eb:ed:56:
2f:9d:21:27:9f:8d:e8:32:7f:39:3c:d3:35:a9:26:
f0:c0:b0:4b:ed:fe:b0:a6:9f:23:a5:4e:23:d0:0f:
02:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:40:39:A3:57:1F:70:24:B7:5A:CF:B7:64:F7:D7:C3:C8:1E:AB:B0
X509v3 Authority Key Identifier:
keyid:31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/7kA5o1cfcCS3Ws-3ZPfXw8geq7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.204.0/22
IPv6:
2a0b:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
90:19:ba:a8:9a:fe:62:9c:1a:48:15:ca:11:00:d6:13:c2:6e:
42:c0:fd:76:5d:45:41:94:4e:b4:a3:d6:3f:7f:7a:56:18:a0:
63:5a:9f:54:19:de:3f:24:31:c2:46:44:49:c7:07:63:2f:99:
af:b8:15:d6:a7:50:e8:4c:8d:26:7b:18:91:3c:01:9c:df:06:
b3:01:8e:b8:1e:29:6f:7a:7c:2c:1a:1d:85:ec:6b:5d:12:51:
6b:22:39:55:b4:eb:50:99:ef:57:ed:9c:b0:15:07:a1:a1:1e:
c5:2b:64:8f:a9:a5:8f:e6:91:4e:fe:d4:4b:aa:c5:38:f0:98:
e6:ec:b0:01:1d:df:af:29:7c:2a:e4:ca:27:cd:57:b6:3f:6e:
b3:75:6d:b1:7f:e7:a6:10:d5:09:5b:6d:54:35:b6:1f:98:58:
27:af:fe:e6:4c:dc:57:2c:fb:52:a8:01:d7:23:00:03:1e:3c:
49:12:2d:20:16:74:18:f8:95:68:76:76:6f:d7:74:22:cc:6f:
93:6c:7d:69:17:a9:59:60:77:57:54:89:e1:b3:c0:32:80:2a:
3a:24:e8:87:fa:ae:91:e7:26:d9:9d:f1:46:15:23:01:65:bc:
20:bd:c8:4c:c6:38:3a:97:30:11:f2:54:f5:3a:73:b2:eb:f1:
18:de:36:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAil+KDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTg4ZmFlM2ViYmIzZDc0ZmVlZGRjZjUwN2Y4M2U2N2RiODg1MGEyMB4XDTIyMDEw
MTA4NTk1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU0MDM5YTM1NzFm
NzAyNGI3NWFjZmI3NjRmN2Q3YzNjODFlYWJiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALq/hVFuCocpwfsciAUkjgC4NCxFgJcEGztbf22X+uCjBQvz
Vfi+BjQEWCQLZRaLtM/eMI87AB557Z+YNYcH3LIeVXf2b3m4WFc7QUT5WFYqv/wD
REm2vG2ouTariwVn9rlnZgu7e1WryuOo3PURGRNwsRn6D0VuVbK+im6eKRREZFKh
Fn1xkzJ0Nk4i9lHNKiMlKBvLXpt85jCMrG0VzvUwJWR2ceKxnNvmBvWAwGPDGy0m
Dw7vF0U7DpnpAeq/LVMUap/YtIEaguS1Sz20xh6Yu8aM4CwJR/gTyJgt6+1WL50h
J5+N6DJ/OTzTNakm8MCwS+3+sKafI6VOI9APApMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTuQDmjVx9wJLdaz7dk99fDyB6rsDAfBgNVHSMEGDAWgBQxiPrj67s9dP7t
3PUH+D5n24hQojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZajY0LXU3UFhULTdkejFCX2ctWjl1SVVLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmUvZWEyOWYyLWMzNDAtNGQ2MS1iNWJiLWI4NTNkZmY4NzY1Yy8x
LzdrQTVvMWNmY0NTM1dzLTNaUGZYdzhnZXE3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmUv
ZWEyOWYyLWMzNDAtNGQ2MS1iNWJiLWI4NTNkZmY4NzY1Yy8xL01ZajY0LXU3UFhU
LTdkejFCX2ctWjl1SVVLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm8zDANBAIAAjAHAwUDKguPADAN
BgkqhkiG9w0BAQsFAAOCAQEAkBm6qJr+YpwaSBXKEQDWE8JuQsD9dl1FQZROtKPW
P396VhigY1qfVBnePyQxwkZESccHYy+Zr7gV1qdQ6EyNJnsYkTwBnN8GswGOuB4p
b3p8LBodhexrXRJRayI5VbTrUJnvV+2csBUHoaEexStkj6mlj+aRTv7US6rFOPCY
5uywAR3fryl8KuTKJ81Xtj9us3VtsX/nphDVCVttVDW2H5hYJ6/+5kzcVyz7UqgB
1yMAAx48SRItIBZ0GPiVaHZ2b9d0Isxvk2x9aRepWWB3V1SJ4bPAMoAqOiToh/qu
kecm2Z3xRhUjAWW8IL3ITMY4OpcwEfJU9TpzsuvxGN42tQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:46 2025 by rpki-client