Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/dgxbrF2xiQXZ-WngZopf1n6t4h4.roa
File: dgxbrF2xiQXZ-WngZopf1n6t4h4.roa (raw, json)
Hash identifier: IltgVnEVObYMx2Kls8sFkGdmfNDfYCurxGuPPcAHLGg=
Subject key identifier: 76:0C:5B:AC:5D:B1:89:05:D9:F9:69:E0:66:8A:5F:D6:7E:AD:E2:1E
Certificate issuer: /CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Certificate serial: 0184AF6AED59AC42BEC6DBC30265FAA4A9DF
Authority key identifier: 46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/dgxbrF2xiQXZ-WngZopf1n6t4h4.roa
Signing time: Fri 25 Nov 2022 15:32:10 +0000
ROA not before: Fri 25 Nov 2022 15:32:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16019
IP address blocks: 185.99.176.0/22 maxlen: 22
185.241.220.0/22 maxlen: 32
2a0c:b180::/29 maxlen: 48
2a00:8e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:6a:ed:59:ac:42:be:c6:db:c3:02:65:fa:a4:a9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46eb11af9355da9a2b5df73ecdd7fd0967a4b58c
Validity
Not Before: Nov 25 15:32:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=760c5bac5db18905d9f969e0668a5fd67eade21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:42:8f:bb:2b:36:89:dd:f6:67:2c:cc:0a:67:
17:ec:96:b8:65:40:24:88:d7:31:3b:48:ec:63:93:
26:c5:71:a6:c2:2c:e5:8c:85:29:71:b0:3f:69:18:
2a:40:2b:15:05:d3:e5:97:8b:8d:bb:b5:b4:36:52:
77:1c:51:ef:38:87:b9:ce:ab:b8:fc:11:51:9a:ea:
19:47:2c:38:7b:e2:31:23:1c:b4:db:37:33:03:fc:
da:33:6f:e2:b6:66:1b:de:1e:20:f8:0b:a6:a1:64:
d3:a9:d1:94:b7:98:a7:67:2f:b7:42:8e:8f:43:e0:
d8:b2:e5:b3:ff:1f:d6:15:1c:cd:60:04:b4:f2:a3:
08:e2:05:a1:45:80:dc:97:85:64:2f:fe:47:4a:90:
94:bc:db:c8:a1:82:31:01:d5:c0:05:87:92:70:6f:
78:dd:1c:9a:90:4e:3e:d3:16:a3:1d:a1:72:f2:11:
19:7e:16:5e:3f:ad:71:42:be:58:16:6b:86:31:00:
52:62:de:74:70:dd:bc:3c:b1:2b:d7:45:a0:e5:37:
5e:a1:b0:f3:55:ef:94:3c:0e:89:a2:02:66:74:db:
5b:8f:de:08:83:e0:10:3e:2d:4a:bb:22:75:6d:27:
cb:e4:ac:0f:1f:48:10:e4:60:43:e0:8e:f7:13:6a:
78:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0C:5B:AC:5D:B1:89:05:D9:F9:69:E0:66:8A:5F:D6:7E:AD:E2:1E
X509v3 Authority Key Identifier:
keyid:46:EB:11:AF:93:55:DA:9A:2B:5D:F7:3E:CD:D7:FD:09:67:A4:B5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RusRr5NV2porXfc-zdf9CWektYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/dgxbrF2xiQXZ-WngZopf1n6t4h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/1a43f0-c027-4fdc-8515-45f496f2fe75/1/RusRr5NV2porXfc-zdf9CWektYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.176.0/22
185.241.220.0/22
IPv6:
2a00:8e80::/29
2a0c:b180::/29
Signature Algorithm: sha256WithRSAEncryption
a0:94:5f:74:04:8d:02:00:4d:7f:c9:47:10:18:b3:21:4e:ca:
62:ac:5e:79:da:1f:5b:1d:c8:26:b5:fe:88:88:be:78:d7:75:
ca:90:be:c9:15:9d:f5:5f:07:49:4e:2f:be:49:48:dd:59:2f:
01:aa:3a:c5:31:e1:4d:96:7e:67:bf:34:8d:1c:a1:c7:05:bf:
9b:06:9d:0d:5b:fe:03:6e:62:4a:3b:ef:17:83:01:5c:f6:46:
af:18:43:f4:5b:3c:36:c4:22:13:e1:32:1d:37:1c:80:ba:2f:
de:40:c0:6a:03:3a:19:15:46:37:94:04:f3:ae:40:21:73:6d:
b1:85:5b:a0:dc:80:4c:e7:e9:58:1e:2c:20:41:29:c9:29:d9:
72:93:5d:99:b1:27:2e:6a:f6:17:88:a2:98:c2:61:cd:ca:3a:
ff:ec:d9:d1:d0:35:29:13:19:70:0e:d3:b4:54:e9:32:8c:ea:
12:0a:e1:ae:2b:56:15:ad:2c:f3:f0:70:ec:3e:27:a0:82:2e:
84:ab:43:8e:27:d8:5a:bb:78:45:35:a6:35:62:c3:3c:c3:4b:
bb:33:01:60:e0:55:89:f6:a7:46:da:19:6e:b3:e7:f0:84:5c:
f4:45:ad:ad:b0:8a:3f:52:86:d3:6c:ee:1a:3e:bc:63:e4:ff:
17:a3:75:0c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYSvau1ZrEK+xtvDAmX6pKnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWIxMWFmOTM1NWRhOWEyYjVkZjczZWNkZDdmZDA5Njdh
NGI1OGMwHhcNMjIxMTI1MTUzMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBjNWJhYzVkYjE4OTA1ZDlmOTY5ZTA2NjhhNWZkNjdlYWRlMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkKPuys2id32ZyzMCmcX7Ja4ZUAk
iNcxO0jsY5MmxXGmwizljIUpcbA/aRgqQCsVBdPll4uNu7W0NlJ3HFHvOIe5zqu4
/BFRmuoZRyw4e+IxIxy02zczA/zaM2/itmYb3h4g+AumoWTTqdGUt5inZy+3Qo6P
Q+DYsuWz/x/WFRzNYAS08qMI4gWhRYDcl4VkL/5HSpCUvNvIoYIxAdXABYeScG94
3RyakE4+0xajHaFy8hEZfhZeP61xQr5YFmuGMQBSYt50cN28PLEr10Wg5TdeobDz
Ve+UPA6JogJmdNtbj94Ig+AQPi1KuyJ1bSfL5KwPH0gQ5GBD4I73E2p4BwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHYMW6xdsYkF2flp4GaKX9Z+reIeMB8GA1UdIwQY
MBaAFEbrEa+TVdqaK133Ps3X/QlnpLWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUt
NDVmNDk2ZjJmZTc1LzEvZGd4YnJGMnhpUVhaLVduZ1pvcGYxbjZ0NGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xYTQzZjAtYzAyNy00ZmRjLTg1MTUtNDVmNDk2ZjJmZTc1
LzEvUnVzUnI1TlYycG9yWGZjLXpkZjlDV2VrdFl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuWOwAwQC
ufHcMBQEAgACMA4DBQMqAI6AAwUDKgyxgDANBgkqhkiG9w0BAQsFAAOCAQEAoJRf
dASNAgBNf8lHEBizIU7KYqxeedofWx3IJrX+iIi+eNd1ypC+yRWd9V8HSU4vvklI
3VkvAao6xTHhTZZ+Z780jRyhxwW/mwadDVv+A25iSjvvF4MBXPZGrxhD9Fs8NsQi
E+EyHTccgLov3kDAagM6GRVGN5QE865AIXNtsYVboNyATOfpWB4sIEEpySnZcpNd
mbEnLmr2F4iimMJhzco6/+zZ0dA1KRMZcA7TtFTpMozqEgrhritWFa0s8/Bw7D4n
oIIuhKtDjifYWrt4RTWmNWLDPMNLuzMBYOBVifanRtoZbrPn8IRc9EWtrbCKP1KG
02zuGj68Y+T/F6N1DA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:46 2025 by rpki-client