Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa
File: 7pOuc4gYp5gW4p_FB5NHGclPcow.roa (raw, json)
Hash identifier: pZ3ufyCS46x2BkVBkWdOgI6LXgghqD2HFJ1Q0auT1JA=
Subject key identifier: EE:93:AE:73:88:18:A7:98:16:E2:9F:C5:07:93:47:19:C9:4F:72:8C
Certificate issuer: /CN=6086314f87635e793bc2e3dbbed66405b8ac6771
Certificate serial: 018572711BFF81124F5E28517C42AE574C95
Authority key identifier: 60:86:31:4F:87:63:5E:79:3B:C2:E3:DB:BE:D6:64:05:B8:AC:67:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YIYxT4djXnk7wuPbvtZkBbisZ3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa
Signing time: Mon 02 Jan 2023 12:24:53 +0000
ROA not before: Mon 02 Jan 2023 12:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204712
IP address blocks: 185.83.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:1b:ff:81:12:4f:5e:28:51:7c:42:ae:57:4c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6086314f87635e793bc2e3dbbed66405b8ac6771
Validity
Not Before: Jan 2 12:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee93ae738818a79816e29fc507934719c94f728c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:17:76:bd:08:29:1d:88:58:ae:74:d1:79:
7f:f6:e2:49:53:3e:85:03:fa:96:3e:dd:99:62:88:
34:b6:9d:b5:68:38:86:ed:07:a5:d4:70:ed:65:43:
6f:bc:e6:48:88:d1:5d:8c:71:c9:f6:ad:bc:2b:fc:
b7:e4:41:8d:ef:85:89:04:60:06:80:75:e3:a5:e1:
20:86:24:ce:3d:d0:aa:f7:3e:75:4c:dd:28:78:85:
ac:fc:af:30:d9:c2:f8:f9:0c:a7:c2:87:f0:77:02:
1b:ac:2b:7c:8b:08:88:b6:d8:ba:00:b0:34:56:81:
9d:8c:3b:a5:af:8a:4c:84:17:64:11:6e:ad:c9:b0:
2b:ed:61:55:e0:24:51:ae:d2:9e:67:32:21:c0:10:
56:26:74:d3:e1:f7:d1:19:dd:1f:c0:c5:7e:23:cd:
a5:1e:74:61:91:d9:48:ab:3f:db:86:ea:24:3e:eb:
da:2a:de:fa:73:a9:53:a8:2e:18:d2:8d:81:b5:d0:
0b:42:7e:e3:65:8b:45:9b:09:e5:3e:9c:19:92:88:
38:3f:45:7c:70:5b:72:30:fc:23:14:7d:6e:3f:e9:
ea:7c:89:7d:c1:79:51:d7:ff:1a:12:58:f8:35:fc:
00:13:fa:d7:08:26:e6:4e:96:82:9f:13:7e:e0:6e:
f9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:93:AE:73:88:18:A7:98:16:E2:9F:C5:07:93:47:19:C9:4F:72:8C
X509v3 Authority Key Identifier:
keyid:60:86:31:4F:87:63:5E:79:3B:C2:E3:DB:BE:D6:64:05:B8:AC:67:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIYxT4djXnk7wuPbvtZkBbisZ3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/YIYxT4djXnk7wuPbvtZkBbisZ3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:1d:35:c7:47:ff:97:e0:13:2c:f0:6b:17:1f:03:63:9a:e0:
0d:e6:0b:ef:72:dd:62:7c:b1:dc:6d:22:26:b0:3c:e3:19:3e:
eb:a2:63:42:f1:2d:91:26:98:e7:6f:d8:4b:9d:f1:cc:1d:04:
a6:6f:26:cb:90:e3:1e:b7:ad:66:a5:5c:ba:b9:18:87:9e:79:
ce:d2:ef:5c:4e:d1:18:a0:9e:50:1a:60:d9:6a:44:7c:9a:c1:
69:fd:55:72:d3:42:9f:a1:9c:89:fd:c7:f6:d8:bf:2b:7b:88:
f7:7b:e6:5d:18:06:12:53:ce:14:46:96:c9:b1:a0:50:33:a6:
13:60:9a:ff:d9:04:4f:d2:5c:ce:a2:79:cb:c2:20:6d:df:74:
b6:cf:61:3f:bd:4c:74:af:5b:ad:a6:36:2c:d5:e7:1a:fd:71:
e4:ac:fc:10:ad:7e:5e:6c:bc:b1:32:e0:ed:b5:09:4d:86:49:
c9:5c:2c:77:6c:a0:74:65:a9:cf:72:43:1d:2c:f2:5d:63:9c:
c7:85:b3:a7:2d:a9:62:9d:88:dc:ba:cf:84:b8:68:5b:62:11:
cb:86:61:f9:bb:73:50:ee:d5:7f:2d:e4:52:62:2d:d1:ce:43:
2d:38:3e:08:17:dc:b4:dc:5c:e1:2e:6c:cb:6f:3f:07:36:c9:
d6:d1:65:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycRv/gRJPXihRfEKuV0yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODYzMTRmODc2MzVlNzkzYmMyZTNkYmJlZDY2NDA1Yjhh
YzY3NzEwHhcNMjMwMTAyMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkzYWU3Mzg4MThhNzk4MTZlMjlmYzUwNzkzNDcxOWM5NGY3MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJsXdr0IKR2IWK500Xl/9uJJUz6F
A/qWPt2ZYog0tp21aDiG7Qel1HDtZUNvvOZIiNFdjHHJ9q28K/y35EGN74WJBGAG
gHXjpeEghiTOPdCq9z51TN0oeIWs/K8w2cL4+QynwofwdwIbrCt8iwiItti6ALA0
VoGdjDulr4pMhBdkEW6tybAr7WFV4CRRrtKeZzIhwBBWJnTT4ffRGd0fwMV+I82l
HnRhkdlIqz/bhuokPuvaKt76c6lTqC4Y0o2BtdALQn7jZYtFmwnlPpwZkog4P0V8
cFtyMPwjFH1uP+nqfIl9wXlR1/8aElj4NfwAE/rXCCbmTpaCnxN+4G75FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6TrnOIGKeYFuKfxQeTRxnJT3KMMB8GA1UdIwQY
MBaAFGCGMU+HY155O8Lj277WZAW4rGdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlZeFQ0ZGpYbms3d3VQYnZ0WmtCYmlzWjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZmJjNWYtN2MwNC00MGRhLTlkNWEt
MDI4MDU5OGYxOWUzLzEvN3BPdWM0Z1lwNWdXNHBfRkI1TkhHY2xQY293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZmJjNWYtN2MwNC00MGRhLTlkNWEtMDI4MDU5OGYxOWUz
LzEvWUlZeFQ0ZGpYbms3d3VQYnZ0WmtCYmlzWjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCMHTXHR/+X4BMs8GsXHwNjmuAN5gvvct1ifLHcbSIm
sDzjGT7romNC8S2RJpjnb9hLnfHMHQSmbybLkOMet61mpVy6uRiHnnnO0u9cTtEY
oJ5QGmDZakR8msFp/VVy00KfoZyJ/cf22L8re4j3e+ZdGAYSU84URpbJsaBQM6YT
YJr/2QRP0lzOonnLwiBt33S2z2E/vUx0r1utpjYs1eca/XHkrPwQrX5ebLyxMuDt
tQlNhknJXCx3bKB0ZanPckMdLPJdY5zHhbOnLalinYjcus+EuGhbYhHLhmH5u3NQ
7tV/LeRSYi3RzkMtOD4IF9y03FzhLmzLbz8HNsnW0WUu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:04 2025 by rpki-client