Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/fREbqHul9sqxhJWrrkLKKi7bQLk.roa
File: fREbqHul9sqxhJWrrkLKKi7bQLk.roa (raw, json)
Hash identifier: baJ0Y8BNR8JqjcCccMDRJm8qixFouLD0gcLjaqw1BcY=
Subject key identifier: 7D:11:1B:A8:7B:A5:F6:CA:B1:84:95:AB:AE:42:CA:2A:2E:DB:40:B9
Certificate issuer: /CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Certificate serial: 03344831
Authority key identifier: A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/fREbqHul9sqxhJWrrkLKKi7bQLk.roa
Signing time: Sat 01 Jan 2022 14:04:54 +0000
ROA not before: Sat 01 Jan 2022 14:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57091
IP address blocks: 185.185.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53758001 (0x3344831)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Validity
Not Before: Jan 1 14:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d111ba87ba5f6cab18495abae42ca2a2edb40b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d5:04:56:d3:36:f0:30:71:b2:94:d7:73:e0:
0a:71:af:0a:3d:3d:38:53:ea:4d:04:51:1f:61:52:
3c:0d:04:56:8f:bc:25:50:fa:e0:ec:79:b6:47:ff:
43:20:da:18:7a:fe:29:ea:84:53:f2:5b:c8:94:a5:
8d:a9:82:b1:e8:08:8c:be:e8:eb:23:ca:b6:01:f2:
6a:89:18:05:7a:d2:94:db:02:a3:cd:87:91:a2:e4:
4b:32:86:47:55:56:e3:5b:4b:3e:a3:10:9f:46:6b:
1b:b7:a5:80:d4:d3:a5:32:94:83:38:16:b5:c3:8b:
9f:ff:ce:89:76:82:ae:b2:b0:fa:27:ef:a1:4d:fa:
0b:e3:b5:cf:06:2d:f7:a7:7b:56:ed:6c:10:24:6c:
64:73:ce:e1:eb:71:f9:51:2d:d8:16:e6:89:04:4d:
c2:11:50:3c:0c:a5:07:91:46:b6:45:4e:5b:ae:37:
b5:03:c4:42:81:05:77:17:71:2d:60:0e:22:43:a0:
20:7a:4b:c9:78:d9:22:f2:04:33:95:29:b5:ab:e3:
68:50:b1:4c:a2:b6:38:4e:d5:d8:c8:d6:1f:72:fc:
ea:37:12:4e:49:20:e0:fe:1d:d4:77:d3:f7:71:25:
c6:15:40:f1:a9:a5:27:92:e6:b4:00:ec:ad:c9:2e:
fa:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:11:1B:A8:7B:A5:F6:CA:B1:84:95:AB:AE:42:CA:2A:2E:DB:40:B9
X509v3 Authority Key Identifier:
keyid:A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/fREbqHul9sqxhJWrrkLKKi7bQLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.120.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:af:9e:4f:39:04:42:10:af:9e:dc:0f:a0:c3:79:95:7c:1e:
7b:a3:17:96:00:0d:7f:a7:f2:cb:8f:be:3e:56:0e:e1:27:7b:
2c:3d:26:9b:1f:6d:bd:1e:a1:3c:7b:6e:9b:8c:9b:a4:aa:27:
d9:b5:b9:79:b3:f1:5f:0e:ef:94:dd:a5:63:3d:7e:e9:c4:e7:
a0:bb:84:77:19:08:1c:80:66:53:14:8b:e2:17:5c:36:4b:29:
d8:cc:dc:f5:cf:3f:bf:5e:a6:11:ef:23:09:51:78:a4:ed:de:
5c:70:9f:41:e4:75:d0:d4:bf:7b:7d:51:2c:38:1b:9f:d3:7b:
aa:86:9c:8f:7d:47:4c:62:e4:f5:73:45:75:ec:c9:54:e2:17:
74:c3:fc:24:28:55:96:88:40:3a:59:70:a4:b7:37:c6:d0:dc:
40:73:a7:59:8f:c5:56:57:a3:5b:66:09:d7:d5:2c:01:16:cf:
48:c1:ef:f3:f2:1e:79:bc:6f:ff:e0:e1:a9:2d:9a:48:a6:8f:
09:3e:d4:e4:76:06:cc:d5:43:62:18:1b:00:b8:77:a1:79:36:
a2:c4:da:2f:7e:d0:c6:e0:81:46:7a:f8:18:c1:e4:50:94:8a:
5a:9c:72:8a:84:2a:6e:bf:8b:e9:35:02:17:36:91:46:86:67:
e8:33:d5:8d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzRIMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGQ1MmNjODcwNjA2YTNmM2YzMmMwZmZmOTdjZjY5MzFmYTY1Y2EzMB4XDTIyMDEw
MTE0MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2QxMTFiYTg3YmE1
ZjZjYWIxODQ5NWFiYWU0MmNhMmEyZWRiNDBiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDVBFbTNvAwcbKU13PgCnGvCj09OFPqTQRRH2FSPA0EVo+8
JVD64Ox5tkf/QyDaGHr+KeqEU/JbyJSljamCsegIjL7o6yPKtgHyaokYBXrSlNsC
o82HkaLkSzKGR1VW41tLPqMQn0ZrG7elgNTTpTKUgzgWtcOLn//OiXaCrrKw+ifv
oU36C+O1zwYt96d7Vu1sECRsZHPO4etx+VEt2BbmiQRNwhFQPAylB5FGtkVOW643
tQPEQoEFdxdxLWAOIkOgIHpLyXjZIvIEM5UptavjaFCxTKK2OE7V2MjWH3L86jcS
Tkkg4P4d1HfT93ElxhVA8amlJ5LmtADsrcku+o8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR9ERuoe6X2yrGElauuQsoqLttAuTAfBgNVHSMEGDAWgBSo1SzIcGBqPz8y
wP/5fPaTH6ZcozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FOVXN5SEJnYWo4X01zRF8tWHoya3gtbVhLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8x
L2ZSRWJxSHVsOXNxeGhKV3Jya0xLS2k3YlFMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8xL3FOVXN5SEJnYWo4
X01zRF8tWHoya3gtbVhLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm5eDANBgkqhkiG9w0BAQsFAAOC
AQEAtK+eTzkEQhCvntwPoMN5lXwee6MXlgANf6fyy4++PlYO4Sd7LD0mmx9tvR6h
PHtum4ybpKon2bW5ebPxXw7vlN2lYz1+6cTnoLuEdxkIHIBmUxSL4hdcNksp2Mzc
9c8/v16mEe8jCVF4pO3eXHCfQeR10NS/e31RLDgbn9N7qoacj31HTGLk9XNFdezJ
VOIXdMP8JChVlohAOllwpLc3xtDcQHOnWY/FVlejW2YJ19UsARbPSMHv8/Ieebxv
/+DhqS2aSKaPCT7U5HYGzNVDYhgbALh3oXk2osTaL37QxuCBRnr4GMHkUJSKWpxy
ioQqbr+L6TUCFzaRRoZn6DPVjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:04 2025 by rpki-client