Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/1-g6Vk7-FbmZ5WQ4PdITeeg_6xPo.roa
File: 1-g6Vk7-FbmZ5WQ4PdITeeg_6xPo.roa (raw, json)
Hash identifier: hbbpP7fU+0i+SZYCXRrtEmm02sUd7uRZ/B/ldic+WBM=
Subject key identifier: FA:0E:95:93:BF:85:6E:66:79:59:0E:0F:74:84:DE:7A:0F:FA:C4:FA
Certificate issuer: /CN=dfb8d9140502c9e035305189bf658234db14f54c
Certificate serial: 0187E219A022887764F31AE10C930601C646
Authority key identifier: DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/1-g6Vk7-FbmZ5WQ4PdITeeg_6xPo.roa
Signing time: Wed 03 May 2023 14:52:22 +0000
ROA not before: Wed 03 May 2023 14:52:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212175
IP address blocks: 185.225.9.0/24 maxlen: 24
2a12:df40::/29 maxlen: 64
2a10:9e80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e2:19:a0:22:88:77:64:f3:1a:e1:0c:93:06:01:c6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8d9140502c9e035305189bf658234db14f54c
Validity
Not Before: May 3 14:52:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa0e9593bf856e6679590e0f7484de7a0ffac4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:2d:c9:ab:06:e6:dc:5b:ec:41:1d:3c:01:
bf:b8:e4:a5:6a:93:8a:33:9a:0b:79:7b:c1:2b:bf:
ec:4b:3e:83:dd:b9:51:e5:18:16:77:59:1b:18:21:
9f:f4:69:4b:c1:e4:4d:8f:0b:02:e0:62:87:34:59:
95:91:ad:fa:0a:7c:81:34:6c:d4:1f:51:c2:35:8f:
0d:82:27:13:d1:e8:38:53:00:4a:ed:d0:7e:b8:30:
1e:d4:e3:f8:77:55:e9:d6:80:3d:96:ff:47:f4:4d:
23:d8:3e:bb:b0:65:7a:97:d1:cf:b3:2c:52:d2:2d:
7c:c4:3a:b3:4e:cd:e3:8e:51:04:7a:97:b5:c6:47:
4d:c2:a9:81:3b:5c:56:8f:97:b4:22:a9:6d:03:68:
00:89:10:3a:7b:b4:bd:9b:b8:92:d9:b6:ec:40:3a:
e9:3f:66:0e:94:fe:e5:a5:ee:e4:e8:45:a9:64:68:
7d:67:8b:24:19:02:23:73:f2:33:62:07:d8:00:c1:
6e:b7:c2:32:cf:3d:b8:6a:9b:7a:4a:6e:90:8d:ce:
36:dd:87:94:ff:95:b9:da:14:7d:16:a7:63:ad:37:
da:3d:2d:1a:af:a5:d3:97:13:9d:f3:4b:42:97:70:
3c:16:a7:58:49:34:9e:79:43:5c:77:7f:22:4d:e8:
32:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0E:95:93:BF:85:6E:66:79:59:0E:0F:74:84:DE:7A:0F:FA:C4:FA
X509v3 Authority Key Identifier:
keyid:DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/1-g6Vk7-FbmZ5WQ4PdITeeg_6xPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.9.0/24
IPv6:
2a10:9e80::/29
2a12:df40::/29
Signature Algorithm: sha256WithRSAEncryption
21:6f:e7:a6:ee:f8:a5:2c:e6:c6:c5:95:e2:90:b2:d2:4d:c6:
50:51:e1:30:5e:26:c5:e0:2c:16:42:85:21:92:d0:7d:0e:37:
65:18:38:79:34:f4:fc:12:a5:74:71:c1:d1:1d:0b:c4:6f:d0:
f6:aa:1d:30:77:0b:4c:78:53:fb:74:57:2d:bb:85:36:9e:ff:
41:6f:21:10:79:90:3b:49:db:fa:79:7b:12:7b:9e:bb:89:86:
4b:5e:44:9e:60:33:3a:11:70:6f:7a:9e:aa:f8:96:33:9e:d2:
de:5e:97:f0:39:35:fc:1a:14:1c:62:ff:ab:af:30:99:1d:b6:
31:09:19:e6:22:cc:84:04:32:12:30:3e:00:a3:92:1d:06:62:
9c:a2:d4:af:ca:75:2f:92:87:ec:62:0c:b0:cf:19:4f:23:90:
f0:12:4e:1d:ea:9d:32:6e:43:df:4d:f6:30:32:e7:97:4c:29:
48:a6:da:f4:4f:ef:b8:52:a8:3f:60:5a:c8:99:a8:99:2a:87:
51:32:cd:22:38:eb:bd:44:16:98:fe:d5:07:00:bb:fb:62:4b:
4a:c1:88:06:7d:75:b2:72:e3:2f:6b:a7:1d:c8:e8:ee:11:48:
7f:f6:c3:70:dc:99:58:de:81:47:cc:e8:2b:87:81:b4:33:7d:
ca:52:e4:cb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYfiGaAiiHdk8xrhDJMGAcZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhkOTE0MDUwMmM5ZTAzNTMwNTE4OWJmNjU4MjM0ZGIx
NGY1NGMwHhcNMjMwNTAzMTQ1MjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBlOTU5M2JmODU2ZTY2Nzk1OTBlMGY3NDg0ZGU3YTBmZmFjNGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9MtyasG5txb7EEdPAG/uOSlapOK
M5oLeXvBK7/sSz6D3blR5RgWd1kbGCGf9GlLweRNjwsC4GKHNFmVka36CnyBNGzU
H1HCNY8NgicT0eg4UwBK7dB+uDAe1OP4d1Xp1oA9lv9H9E0j2D67sGV6l9HPsyxS
0i18xDqzTs3jjlEEepe1xkdNwqmBO1xWj5e0IqltA2gAiRA6e7S9m7iS2bbsQDrp
P2YOlP7lpe7k6EWpZGh9Z4skGQIjc/IzYgfYAMFut8Iyzz24apt6Sm6Qjc423YeU
/5W52hR9FqdjrTfaPS0ar6XTlxOd80tCl3A8FqdYSTSeeUNcd38iTegycQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPoOlZO/hW5meVkOD3SE3noP+sT6MB8GA1UdIwQY
MBaAFN+42RQFAsngNTBRib9lgjTbFPVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgt
NDFlNzNjMWViYWUxLzEvMS1nNlZrNy1GYm1aNVdRNFBkSVRlZWdfNnhQby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvNjJhOTQ3LWNmYjgtNGQzZC1iMzA4LTQxZTczYzFlYmFl
MS8xLzM3alpGQVVDeWVBMU1GR0p2MldDTk5zVTlVdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA1BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEALnhCTAU
BAIAAjAOAwUDKhCegAMFAyoS30AwDQYJKoZIhvcNAQELBQADggEBACFv56bu+KUs
5sbFleKQstJNxlBR4TBeJsXgLBZChSGS0H0ON2UYOHk09PwSpXRxwdEdC8Rv0Paq
HTB3C0x4U/t0Vy27hTae/0FvIRB5kDtJ2/p5exJ7nruJhkteRJ5gMzoRcG96nqr4
ljOe0t5el/A5NfwaFBxi/6uvMJkdtjEJGeYizIQEMhIwPgCjkh0GYpyi1K/KdS+S
h+xiDLDPGU8jkPASTh3qnTJuQ99N9jAy55dMKUim2vRP77hSqD9gWsiZqJkqh1Ey
zSI4671EFpj+1QcAu/tiS0rBiAZ9dbJy4y9rpx3I6O4RSH/2w3DcmVjegUfM6CuH
gbQzfcpS5Ms=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:11 2025 by rpki-client