Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/t9LI0uYfmfEaVMvGt0O34rHJ_oo.roa
File: t9LI0uYfmfEaVMvGt0O34rHJ_oo.roa (raw, json)
Hash identifier: awVR5u0w7RjQukMLavrA8bro6ksURinF5zXYEQuPxwg=
Subject key identifier: B7:D2:C8:D2:E6:1F:99:F1:1A:54:CB:C6:B7:43:B7:E2:B1:C9:FE:8A
Certificate issuer: /CN=73ff4b1cbeaf9dd75d3b5ef3ee9a75d5799f7280
Certificate serial: 01857070526F4CB48D489534AA7F7AEC97D6
Authority key identifier: 73:FF:4B:1C:BE:AF:9D:D7:5D:3B:5E:F3:EE:9A:75:D5:79:9F:72:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_9LHL6vndddO17z7pp11XmfcoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/t9LI0uYfmfEaVMvGt0O34rHJ_oo.roa
Signing time: Mon 02 Jan 2023 03:04:47 +0000
ROA not before: Mon 02 Jan 2023 03:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12350
IP address blocks: 185.242.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:52:6f:4c:b4:8d:48:95:34:aa:7f:7a:ec:97:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73ff4b1cbeaf9dd75d3b5ef3ee9a75d5799f7280
Validity
Not Before: Jan 2 03:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7d2c8d2e61f99f11a54cbc6b743b7e2b1c9fe8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:c1:98:ee:29:82:15:23:0c:16:f8:ff:26:
ab:7b:11:74:5a:d2:1d:1d:6c:34:dc:83:a3:d1:5e:
15:33:10:5c:1c:9a:ff:da:a1:b1:12:62:e0:a7:16:
8d:1d:49:8c:7a:c5:73:b9:fd:ec:ea:98:f6:8d:02:
65:4d:74:08:6f:25:a0:db:8b:08:a7:45:1c:41:7d:
29:a2:5e:29:02:81:99:51:ec:63:8b:80:95:8a:83:
eb:f6:85:c7:1c:2a:84:87:bd:bd:91:3a:8d:c1:d6:
3d:e6:ac:8c:a3:b2:8e:35:8c:98:37:6c:82:86:f1:
49:6b:a9:7f:99:95:6e:45:12:e4:71:c4:58:4c:de:
b9:cc:50:cb:0b:b5:4f:2c:e6:9f:07:45:60:c2:7e:
e5:a4:8c:10:d7:1c:f1:2d:5e:0b:18:ca:6d:45:72:
a5:55:18:5d:09:0e:fd:83:f6:5b:91:92:dd:e4:97:
56:61:72:b8:3c:10:5b:b2:01:2e:2f:b4:32:93:fa:
35:a3:e1:6a:f1:42:e5:3a:e0:f5:f8:7d:a1:a2:5d:
2f:6a:f0:0d:b4:be:37:37:5d:dc:d5:72:ff:91:60:
98:31:02:84:77:e2:43:f3:fb:1f:eb:b7:01:28:08:
8d:0b:11:3c:1b:aa:3d:c5:d4:a3:1d:d9:81:5d:7c:
44:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D2:C8:D2:E6:1F:99:F1:1A:54:CB:C6:B7:43:B7:E2:B1:C9:FE:8A
X509v3 Authority Key Identifier:
keyid:73:FF:4B:1C:BE:AF:9D:D7:5D:3B:5E:F3:EE:9A:75:D5:79:9F:72:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_9LHL6vndddO17z7pp11XmfcoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/t9LI0uYfmfEaVMvGt0O34rHJ_oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/26f44a-ae53-4727-9075-437a346b22f7/1/c_9LHL6vndddO17z7pp11XmfcoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.60.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:d6:31:8d:39:77:42:7b:32:8f:ee:dc:8a:94:bc:aa:96:d2:
37:df:a3:12:61:27:29:1b:81:8e:07:5f:44:a3:6d:a7:1b:15:
c6:f8:2d:9d:f7:0e:c5:b5:aa:4c:a6:b2:1f:ff:d1:54:dc:d7:
2d:79:55:1b:a5:a7:6e:d1:55:43:86:7a:68:c2:5a:22:04:03:
21:3a:38:94:98:4c:b6:a1:a8:4f:14:0f:03:45:d8:a1:be:ac:
09:4c:87:fa:de:d9:f0:0d:f2:56:f9:ba:79:ee:34:9f:bf:17:
22:a5:17:c4:66:73:58:b6:f2:22:74:80:4c:99:29:71:80:ac:
1d:29:42:94:38:3b:22:a5:80:48:3c:4f:dc:97:64:98:6d:d9:
21:2a:e1:f3:21:9d:9d:e9:7b:f5:dd:9d:84:7c:fd:74:1a:53:
9a:0e:cd:95:53:26:32:3e:d7:14:79:48:bb:62:90:53:64:7a:
a6:5a:4b:79:66:be:63:03:4f:37:48:ca:93:17:ce:45:26:96:
b7:87:a9:d3:46:a7:8f:50:be:03:c9:ea:aa:25:90:da:2d:0e:
95:43:40:35:98:5c:ac:21:64:93:6c:17:68:2b:2a:f2:ab:a2:
11:3a:6e:dd:d2:9f:80:a2:1f:9f:d9:57:51:1a:cd:52:73:7f:
5f:c3:17:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcFJvTLSNSJU0qn967JfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZmY0YjFjYmVhZjlkZDc1ZDNiNWVmM2VlOWE3NWQ1Nzk5
ZjcyODAwHhcNMjMwMTAyMDMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2QyYzhkMmU2MWY5OWYxMWE1NGNiYzZiNzQzYjdlMmIxYzlmZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvLBmO4pghUjDBb4/yarexF0WtId
HWw03IOj0V4VMxBcHJr/2qGxEmLgpxaNHUmMesVzuf3s6pj2jQJlTXQIbyWg24sI
p0UcQX0pol4pAoGZUexji4CVioPr9oXHHCqEh729kTqNwdY95qyMo7KONYyYN2yC
hvFJa6l/mZVuRRLkccRYTN65zFDLC7VPLOafB0Vgwn7lpIwQ1xzxLV4LGMptRXKl
VRhdCQ79g/ZbkZLd5JdWYXK4PBBbsgEuL7Qyk/o1o+Fq8ULlOuD1+H2hol0vavAN
tL43N13c1XL/kWCYMQKEd+JD8/sf67cBKAiNCxE8G6o9xdSjHdmBXXxEPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfSyNLmH5nxGlTLxrdDt+Kxyf6KMB8GA1UdIwQY
MBaAFHP/Sxy+r53XXTte8+6addV5n3KAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY185TEhMNnZuZGRkTzE3ejdwcDExWG1mY29BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yNmY0NGEtYWU1My00NzI3LTkwNzUt
NDM3YTM0NmIyMmY3LzEvdDlMSTB1WWZtZkVhVk12R3QwTzM0ckhKX29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yNmY0NGEtYWU1My00NzI3LTkwNzUtNDM3YTM0NmIyMmY3
LzEvY185TEhMNnZuZGRkTzE3ejdwcDExWG1mY29BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufI8MA0G
CSqGSIb3DQEBCwUAA4IBAQAN1jGNOXdCezKP7tyKlLyqltI336MSYScpG4GOB19E
o22nGxXG+C2d9w7FtapMprIf/9FU3NcteVUbpadu0VVDhnpowloiBAMhOjiUmEy2
oahPFA8DRdihvqwJTIf63tnwDfJW+bp57jSfvxcipRfEZnNYtvIidIBMmSlxgKwd
KUKUODsipYBIPE/cl2SYbdkhKuHzIZ2d6Xv13Z2EfP10GlOaDs2VUyYyPtcUeUi7
YpBTZHqmWkt5Zr5jA083SMqTF85FJpa3h6nTRqePUL4DyeqqJZDaLQ6VQ0A1mFys
IWSTbBdoKyryq6IROm7d0p+Aoh+f2VdRGs1Sc39fwxc7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:10 2025 by rpki-client