Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/K6tEiXEmveJkblOo18iuY5F6RNw.roa
File: K6tEiXEmveJkblOo18iuY5F6RNw.roa (raw, json)
Hash identifier: WjCuaoo73JBzKZEgw4vsbyuhqt4TrFmIs7v6LBOENYw=
Subject key identifier: 2B:AB:44:89:71:26:BD:E2:64:6E:53:A8:D7:C8:AE:63:91:7A:44:DC
Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979
Certificate serial: 018B37F5057D95FA5B5B6AA53B042CB5F8C8
Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/K6tEiXEmveJkblOo18iuY5F6RNw.roa
Signing time: Mon 16 Oct 2023 10:08:06 +0000
ROA not before: Mon 16 Oct 2023 10:08:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201020
IP address blocks: 185.204.224.0/24 maxlen: 24
185.204.225.0/24 maxlen: 24
185.204.226.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:f5:05:7d:95:fa:5b:5b:6a:a5:3b:04:2c:b5:f8:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979
Validity
Not Before: Oct 16 10:08:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bab44897126bde2646e53a8d7c8ae63917a44dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:06:72:25:68:b1:2a:98:47:be:7e:3a:d1:bb:
e1:e2:79:a6:93:63:2d:73:3c:1e:3e:01:c5:e2:d8:
83:d3:7f:c1:5d:b9:29:28:13:6a:4b:58:af:12:4c:
ae:5f:e1:38:32:5a:ef:9a:8b:dd:3d:c7:c8:e3:4b:
2e:0f:c8:98:ec:0d:ba:14:24:ac:62:72:bf:32:ad:
69:5f:39:36:a4:59:d8:5f:d2:9c:16:ac:cf:9f:c3:
de:ca:bc:30:a7:d0:08:47:f1:65:e3:19:67:7c:36:
8b:cb:b4:49:e2:f9:91:bc:c1:25:b9:2a:a2:b7:be:
5c:de:78:ab:5d:a7:73:f9:52:3f:b1:37:4e:1b:52:
d2:df:9e:1f:bc:7f:2d:0d:90:6e:a4:7c:4a:4e:f6:
63:ae:15:a3:ad:a9:a0:f7:7e:77:7a:54:ec:e7:78:
7a:1a:4c:b6:d3:ca:6a:07:ad:fe:65:d0:ca:fb:75:
b1:80:37:10:94:d5:ae:f5:71:d8:96:56:0d:0d:9e:
16:b7:a6:d2:40:79:58:1b:8d:47:f4:94:d0:62:be:
57:53:d7:76:ea:7d:2f:bb:ac:85:51:c4:1a:64:d0:
42:17:30:58:11:da:77:14:07:7a:74:f0:f9:40:fa:
ea:bc:af:c5:92:41:db:5a:18:35:1e:dc:7f:7d:f6:
6b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AB:44:89:71:26:BD:E2:64:6E:53:A8:D7:C8:AE:63:91:7A:44:DC
X509v3 Authority Key Identifier:
keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/K6tEiXEmveJkblOo18iuY5F6RNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.224.0-185.204.226.255
Signature Algorithm: sha256WithRSAEncryption
7f:55:cc:1a:22:65:52:68:9c:15:91:f5:f9:62:7e:4d:1c:76:
a6:ac:2a:b8:bd:6f:7f:a9:61:52:64:7e:5c:2d:39:78:d4:82:
8b:0c:4f:17:84:17:98:b2:05:3e:d1:af:83:5d:48:dc:10:5c:
eb:9b:1b:11:fb:a6:a7:47:35:c9:0a:f8:f3:90:47:bc:6f:76:
73:1e:25:fc:4f:2f:5b:80:4a:92:0b:1e:1a:8d:4f:c7:91:81:
94:04:80:49:77:63:09:7e:87:f9:70:c1:fa:bb:8a:15:6f:09:
f5:00:df:cb:c2:dd:47:3f:da:67:f8:22:de:45:73:a5:ba:37:
31:22:dd:22:8e:83:0a:1b:26:1a:fc:a0:5a:bd:db:99:9f:63:
4d:e9:c9:f1:6a:4d:3d:1a:ae:53:11:9d:50:1a:ef:d3:86:cf:
dd:06:b5:64:4b:4b:f4:ad:0e:29:c3:ab:09:da:e2:72:e6:b1:
97:40:a4:45:1f:55:cc:0b:f6:df:c0:2b:9d:60:16:fc:2f:79:
13:9d:c0:b8:34:ef:8a:be:ba:4c:a9:99:7f:2d:95:35:53:7c:
ec:fd:a6:63:f8:8b:80:f9:13:2d:0c:90:37:e8:5f:2b:21:a9:
df:02:c0:19:01:d8:61:18:f4:3c:1e:0f:f3:36:96:14:78:a2:
d7:fc:83:69
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYs39QV9lfpbW2qlOwQstfjIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy
YzI5NzkwHhcNMjMxMDE2MTAwODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmFiNDQ4OTcxMjZiZGUyNjQ2ZTUzYThkN2M4YWU2MzkxN2E0NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwZyJWixKphHvn460bvh4nmmk2Mt
czwePgHF4tiD03/BXbkpKBNqS1ivEkyuX+E4MlrvmovdPcfI40suD8iY7A26FCSs
YnK/Mq1pXzk2pFnYX9KcFqzPn8Peyrwwp9AIR/Fl4xlnfDaLy7RJ4vmRvMEluSqi
t75c3nirXadz+VI/sTdOG1LS354fvH8tDZBupHxKTvZjrhWjramg9353elTs53h6
Gky208pqB63+ZdDK+3WxgDcQlNWu9XHYllYNDZ4Wt6bSQHlYG41H9JTQYr5XU9d2
6n0vu6yFUcQaZNBCFzBYEdp3FAd6dPD5QPrqvK/FkkHbWhg1Htx/ffZrbwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCurRIlxJr3iZG5TqNfIrmORekTcMB8GA1UdIwQY
MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt
NGFiYWRiNWFlYTlhLzEvSzZ0RWlYRW12ZUprYmxPbzE4aXVZNUY2Uk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh
LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5zOAD
BAC5zOIwDQYJKoZIhvcNAQELBQADggEBAH9VzBoiZVJonBWR9flifk0cdqasKri9
b3+pYVJkflwtOXjUgosMTxeEF5iyBT7Rr4NdSNwQXOubGxH7pqdHNckK+POQR7xv
dnMeJfxPL1uASpILHhqNT8eRgZQEgEl3Ywl+h/lwwfq7ihVvCfUA38vC3Uc/2mf4
It5Fc6W6NzEi3SKOgwobJhr8oFq925mfY03pyfFqTT0arlMRnVAa79OGz90GtWRL
S/StDinDqwna4nLmsZdApEUfVcwL9t/AK51gFvwveROdwLg074q+ukypmX8tlTVT
fOz9pmP4i4D5Ey0MkDfoXyshqd8CwBkB2GEY9DweD/M2lhR4otf8g2k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:56 2025 by rpki-client