Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa
File: 6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa (raw, json)
Hash identifier: 8/up58HTxWiCOsT3Je1cZ6LWJmWSr09i0XGaXtHdsXc=
Subject key identifier: EA:0F:92:84:35:32:E6:FD:F1:23:0B:16:EC:F0:76:AA:7C:C0:3C:8A
Certificate issuer: /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial: 018C398175F447355C47BF06E7D7C8638EE5
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa
Signing time: Tue 05 Dec 2023 10:23:54 +0000
ROA not before: Tue 05 Dec 2023 10:23:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204203
IP address blocks: 185.136.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:81:75:f4:47:35:5c:47:bf:06:e7:d7:c8:63:8e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Validity
Not Before: Dec 5 10:23:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea0f92843532e6fdf1230b16ecf076aa7cc03c8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f2:25:f6:e5:59:48:bb:67:da:ca:9f:d7:ad:
41:35:38:c8:42:3b:3b:19:97:ec:cd:2e:74:2f:54:
b7:fd:87:73:07:62:94:e7:ec:08:d1:d7:f7:f7:cd:
e6:d1:e5:6d:ae:87:d0:25:32:60:09:d0:e8:29:65:
bb:5b:83:22:f9:2a:4c:25:62:c8:48:a6:02:dd:cc:
96:56:bb:f4:2e:cb:d8:c5:2b:28:3f:f1:e9:c3:6e:
c5:a5:91:4f:fb:dc:89:8a:ca:9c:d5:f5:ee:91:12:
2e:b9:73:a4:a7:f6:db:63:ca:df:1b:ca:8a:cb:a5:
58:72:f5:f7:50:ed:88:ab:44:d4:67:16:f1:3e:7a:
c0:8c:c6:7a:1b:d2:59:59:86:a1:3b:df:a0:54:2d:
b6:88:92:fc:af:38:22:69:15:63:fc:43:3f:46:a0:
85:3a:3a:f3:61:0c:ea:88:24:93:8c:a6:d8:76:d9:
5c:61:e5:bb:c3:e7:46:97:27:70:25:f6:e1:f2:88:
55:ce:b2:33:f7:25:d4:f1:9b:a1:ef:d2:91:79:65:
21:86:30:8f:db:e2:4b:1d:ed:05:a7:bf:f6:ce:f3:
7e:25:65:c0:d4:d9:f2:19:07:23:7c:10:90:62:65:
d6:01:ac:d2:95:89:8e:e5:c0:5a:67:c7:c1:cf:db:
98:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:0F:92:84:35:32:E6:FD:F1:23:0B:16:EC:F0:76:AA:7C:C0:3C:8A
X509v3 Authority Key Identifier:
keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/6g-ShDUy5v3xIwsW7PB2qnzAPIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.135.0/24
Signature Algorithm: sha256WithRSAEncryption
68:19:d2:b2:42:3e:b6:50:a1:dc:55:72:d2:dd:9b:6d:98:8e:
2d:ef:19:53:13:68:b0:17:65:b9:ee:fa:aa:79:bf:a0:11:32:
4a:79:96:40:9c:d9:bc:b8:55:6e:61:53:57:76:96:ed:49:62:
c0:12:64:31:02:6c:6c:8e:a4:b9:3f:93:ae:b5:18:20:0e:37:
5e:55:6d:93:a9:e7:9a:68:5f:c7:d7:95:96:43:6b:8c:69:91:
98:52:63:b5:f2:b8:ba:64:f4:b8:05:20:6f:2c:81:74:57:24:
6b:a2:50:95:a2:43:bc:e4:ce:52:2e:ff:c3:84:6a:d4:bc:ca:
50:2f:08:9d:11:5b:3d:4e:5d:40:c2:d9:d0:51:7a:61:a7:14:
c7:4a:c6:ac:3c:8f:b3:75:55:b2:ef:97:8c:72:83:d2:5f:f6:
02:f8:5f:82:a7:ff:1f:bc:e2:d4:44:88:ed:cb:18:21:49:c3:
41:7a:1e:27:04:48:49:fa:a2:46:e3:d4:92:4e:b7:de:10:16:
3a:89:20:b8:82:28:9c:44:2c:9b:82:f0:64:45:13:02:10:26:
ef:b5:40:f5:44:92:f5:75:54:e3:9b:3b:1f:d3:20:e8:62:3e:
49:46:27:eb:57:d6:b8:b5:04:26:71:c1:97:85:61:92:07:82:
43:17:b0:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw5gXX0RzVcR78G59fIY47lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjMxMjA1MTAyMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTBmOTI4NDM1MzJlNmZkZjEyMzBiMTZlY2YwNzZhYTdjYzAzYzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfIl9uVZSLtn2sqf161BNTjIQjs7
GZfszS50L1S3/YdzB2KU5+wI0df3983m0eVtrofQJTJgCdDoKWW7W4Mi+SpMJWLI
SKYC3cyWVrv0LsvYxSsoP/Hpw27FpZFP+9yJisqc1fXukRIuuXOkp/bbY8rfG8qK
y6VYcvX3UO2Iq0TUZxbxPnrAjMZ6G9JZWYahO9+gVC22iJL8rzgiaRVj/EM/RqCF
OjrzYQzqiCSTjKbYdtlcYeW7w+dGlydwJfbh8ohVzrIz9yXU8Zuh79KReWUhhjCP
2+JLHe0Fp7/2zvN+JWXA1NnyGQcjfBCQYmXWAazSlYmO5cBaZ8fBz9uYKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOoPkoQ1Mub98SMLFuzwdqp8wDyKMB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEvNmctU2hEVXk1djN4SXdzVzdQQjJxbnpBUElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQBoGdKyQj62UKHcVXLS3ZttmI4t7xlTE2iwF2W57vqq
eb+gETJKeZZAnNm8uFVuYVNXdpbtSWLAEmQxAmxsjqS5P5OutRggDjdeVW2Tqeea
aF/H15WWQ2uMaZGYUmO18ri6ZPS4BSBvLIF0VyRrolCVokO85M5SLv/DhGrUvMpQ
LwidEVs9Tl1AwtnQUXphpxTHSsasPI+zdVWy75eMcoPSX/YC+F+Cp/8fvOLURIjt
yxghScNBeh4nBEhJ+qJG49SSTrfeEBY6iSC4giicRCybgvBkRRMCECbvtUD1RJL1
dVTjmzsf0yDoYj5JRifrV9a4tQQmccGXhWGSB4JDF7AK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:16 2025 by rpki-client