Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/c-jdO49AHTcG9Hc2Mi0u83RelPY.roa
File: c-jdO49AHTcG9Hc2Mi0u83RelPY.roa (raw, json)
Hash identifier: cIeGQgoS0Rss73PgGXIm6F64YfTtYTDFXkp25cVrpQo=
Subject key identifier: 73:E8:DD:3B:8F:40:1D:37:06:F4:77:36:32:2D:2E:F3:74:5E:94:F6
Certificate issuer: /CN=c088b56bd9e016f9bc521af4dc249e6d1256b1df
Certificate serial: 01856E6FAB4691AAA66C28B700D10DDCC9ED
Authority key identifier: C0:88:B5:6B:D9:E0:16:F9:BC:52:1A:F4:DC:24:9E:6D:12:56:B1:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wIi1a9ngFvm8Uhr03CSebRJWsd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/c-jdO49AHTcG9Hc2Mi0u83RelPY.roa
Signing time: Sun 01 Jan 2023 17:44:50 +0000
ROA not before: Sun 01 Jan 2023 17:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15388
IP address blocks: 185.62.64.0/22 maxlen: 22
212.77.224.0/19 maxlen: 19
2a02:2800::/32 maxlen: 32
2a02:2800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ab:46:91:aa:a6:6c:28:b7:00:d1:0d:dc:c9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c088b56bd9e016f9bc521af4dc249e6d1256b1df
Validity
Not Before: Jan 1 17:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73e8dd3b8f401d3706f47736322d2ef3745e94f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cc:d8:59:b6:fd:f2:e1:bf:90:9d:23:72:44:
c3:30:ca:5b:d3:47:26:5e:db:86:7c:03:ff:fd:33:
ae:f0:b7:db:cd:5e:cf:dd:7e:1e:64:37:e3:7f:c6:
94:d0:dc:dc:5f:39:8c:cf:e4:4d:a9:d4:bc:4f:c8:
88:46:23:d9:d8:f7:af:25:3c:95:8c:cf:eb:d1:b6:
20:4c:ce:26:7a:8c:eb:2f:a8:67:93:23:b2:0c:61:
32:e3:a2:4d:22:34:ec:6c:73:bd:f1:81:f4:0e:f5:
d9:0c:5c:cb:4c:45:d7:e3:ac:95:cb:8e:c2:5e:b7:
32:ca:38:6e:37:21:ad:a3:8d:d3:fc:8f:63:84:d0:
a9:c9:71:68:7a:af:1f:3c:56:28:bf:19:db:d7:11:
10:a3:e6:d0:94:b4:4b:f7:e9:55:97:b6:d7:f7:bd:
96:f5:95:3e:c7:f6:36:9a:6f:df:86:ba:75:bf:f2:
8f:ed:e6:21:46:b9:f0:c5:eb:e6:1d:bc:5d:52:e4:
b1:2a:db:01:83:ee:ec:fe:8a:15:fb:48:73:7d:73:
80:25:34:96:77:28:a6:20:9a:ed:a1:71:15:07:d8:
55:7f:0a:13:fc:f8:90:1c:71:7a:4b:86:79:df:fa:
0f:44:d3:eb:ea:66:cb:c6:39:85:7a:3b:88:6f:c4:
bf:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E8:DD:3B:8F:40:1D:37:06:F4:77:36:32:2D:2E:F3:74:5E:94:F6
X509v3 Authority Key Identifier:
keyid:C0:88:B5:6B:D9:E0:16:F9:BC:52:1A:F4:DC:24:9E:6D:12:56:B1:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wIi1a9ngFvm8Uhr03CSebRJWsd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/c-jdO49AHTcG9Hc2Mi0u83RelPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f5ac46-4c59-4b3e-b71e-becf12862497/1/wIi1a9ngFvm8Uhr03CSebRJWsd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.64.0/22
212.77.224.0/19
IPv6:
2a02:2800::/29
Signature Algorithm: sha256WithRSAEncryption
8e:bb:83:8a:24:e1:07:14:7b:76:4d:f8:77:9b:a3:00:86:d0:
8f:f5:6c:87:9a:7a:60:be:b4:8b:cf:86:50:60:eb:16:21:43:
e8:31:d7:52:9b:02:12:dc:24:89:b4:27:ed:47:38:ae:35:d8:
b8:89:70:af:a3:12:08:10:2a:98:1a:a3:cd:83:da:1d:67:05:
57:79:14:4a:7c:66:7a:01:18:48:1d:74:37:85:74:70:66:09:
84:1a:f3:78:0e:92:6d:f2:77:7f:6e:fd:15:90:4a:b0:eb:22:
43:35:3f:7e:df:54:0b:27:c2:bc:9c:6c:1f:96:d5:d9:16:c1:
5c:20:d6:86:7a:aa:4d:4f:31:9e:1f:7a:3e:de:c4:ba:80:07:
82:f9:f9:b7:23:53:32:7e:41:82:b0:14:30:58:65:d6:2f:f5:
24:0c:b6:eb:f6:6a:c4:89:e1:59:27:26:05:da:6c:c8:4c:27:
6e:f1:ed:af:e5:4a:bf:fa:d0:24:32:e3:2e:d4:26:d4:94:0f:
72:06:19:7c:d9:6b:ea:b0:2c:e4:4b:47:49:be:00:21:38:19:
a0:ad:eb:0c:55:76:be:13:a0:1a:de:63:e0:04:43:8c:ff:80:
73:48:00:6a:b8:f7:f1:e6:83:a2:1c:4d:f7:57:db:99:f0:53:
aa:52:24:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVub6tGkaqmbCi3ANEN3MntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwODhiNTZiZDllMDE2ZjliYzUyMWFmNGRjMjQ5ZTZkMTI1
NmIxZGYwHhcNMjMwMTAxMTc0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2U4ZGQzYjhmNDAxZDM3MDZmNDc3MzYzMjJkMmVmMzc0NWU5NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMzYWbb98uG/kJ0jckTDMMpb00cm
XtuGfAP//TOu8LfbzV7P3X4eZDfjf8aU0NzcXzmMz+RNqdS8T8iIRiPZ2PevJTyV
jM/r0bYgTM4meozrL6hnkyOyDGEy46JNIjTsbHO98YH0DvXZDFzLTEXX46yVy47C
XrcyyjhuNyGto43T/I9jhNCpyXFoeq8fPFYovxnb1xEQo+bQlLRL9+lVl7bX972W
9ZU+x/Y2mm/fhrp1v/KP7eYhRrnwxevmHbxdUuSxKtsBg+7s/ooV+0hzfXOAJTSW
dyimIJrtoXEVB9hVfwoT/PiQHHF6S4Z53/oPRNPr6mbLxjmFejuIb8S/RQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHPo3TuPQB03BvR3NjItLvN0XpT2MB8GA1UdIwQY
MBaAFMCItWvZ4Bb5vFIa9Nwknm0SVrHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0lpMWE5bmdGdm04VWhyMDNDU2ViUkpXc2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNWFjNDYtNGM1OS00YjNlLWI3MWUt
YmVjZjEyODYyNDk3LzEvYy1qZE80OUFIVGNHOUhjMk1pMHU4M1JlbFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNWFjNDYtNGM1OS00YjNlLWI3MWUtYmVjZjEyODYyNDk3
LzEvd0lpMWE5bmdGdm04VWhyMDNDU2ViUkpXc2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuT5AAwQF
1E3gMA0EAgACMAcDBQMqAigAMA0GCSqGSIb3DQEBCwUAA4IBAQCOu4OKJOEHFHt2
Tfh3m6MAhtCP9WyHmnpgvrSLz4ZQYOsWIUPoMddSmwIS3CSJtCftRziuNdi4iXCv
oxIIECqYGqPNg9odZwVXeRRKfGZ6ARhIHXQ3hXRwZgmEGvN4DpJt8nd/bv0VkEqw
6yJDNT9+31QLJ8K8nGwfltXZFsFcINaGeqpNTzGeH3o+3sS6gAeC+fm3I1MyfkGC
sBQwWGXWL/UkDLbr9mrEieFZJyYF2mzITCdu8e2v5Uq/+tAkMuMu1CbUlA9yBhl8
2WvqsCzkS0dJvgAhOBmgresMVXa+E6Aa3mPgBEOM/4BzSABquPfx5oOiHE33V9uZ
8FOqUiQm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:37 2025 by rpki-client