Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/jN2jkAWaUOQCix9Lgr2jTJN46h0.roa
File: jN2jkAWaUOQCix9Lgr2jTJN46h0.roa (raw, json)
Hash identifier: 3zPJoPjTc+QQ/g/OtJFF/72Gg0YcacSqYuTP9CmPJoQ=
Subject key identifier: 8C:DD:A3:90:05:9A:50:E4:02:8B:1F:4B:82:BD:A3:4C:93:78:EA:1D
Certificate issuer: /CN=6f80964407c5daa44088acfe95e6488b800fade5
Certificate serial: 018570799C2676968C75D9EBF0E53EB54331
Authority key identifier: 6F:80:96:44:07:C5:DA:A4:40:88:AC:FE:95:E6:48:8B:80:0F:AD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4CWRAfF2qRAiKz-leZIi4APreU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/jN2jkAWaUOQCix9Lgr2jTJN46h0.roa
Signing time: Mon 02 Jan 2023 03:14:56 +0000
ROA not before: Mon 02 Jan 2023 03:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209057
IP address blocks: 185.202.192.0/22 maxlen: 22
2a0e:6a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:9c:26:76:96:8c:75:d9:eb:f0:e5:3e:b5:43:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f80964407c5daa44088acfe95e6488b800fade5
Validity
Not Before: Jan 2 03:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cdda390059a50e4028b1f4b82bda34c9378ea1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:a8:ce:a1:de:99:1a:0a:56:36:2a:b5:5b:
f0:d4:fc:7a:ee:6f:27:5c:42:f2:4b:b6:72:fd:b5:
fb:98:4f:1a:73:b1:9e:e4:70:3b:0c:7d:c2:22:5d:
a3:31:e2:d7:cb:07:e3:26:b4:b8:43:b3:13:1e:67:
01:60:af:86:d2:a5:c8:01:87:3e:9b:18:1f:39:af:
4d:c8:e0:22:a8:fc:a8:30:9a:3e:b7:a4:06:e9:d6:
48:34:2f:af:17:ee:ae:2e:6c:b5:6c:e2:ed:3e:66:
6c:10:78:08:83:62:52:65:fe:8e:c4:3a:ce:0d:53:
cd:0f:5a:5a:f9:64:67:f8:88:50:1c:b9:cf:45:a1:
b0:70:e2:2e:e7:f7:dc:8f:2b:20:fd:58:dc:24:e6:
01:ef:cb:ac:fd:57:9d:43:12:b2:7d:b1:17:cd:53:
20:e9:15:84:18:d1:6c:3c:99:be:50:f9:8f:01:17:
a2:06:98:3a:cd:22:b3:43:f2:90:b7:23:84:78:b8:
60:c6:cd:33:2a:bc:6e:cf:94:af:dd:b3:d1:f2:86:
2d:be:ef:28:6b:fe:fd:ca:04:a0:23:f5:8d:18:cf:
c7:ad:dc:11:76:b5:e2:ae:25:72:06:14:19:da:f9:
50:95:db:6d:ae:2e:1a:f3:30:d6:10:34:92:a3:8f:
59:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DD:A3:90:05:9A:50:E4:02:8B:1F:4B:82:BD:A3:4C:93:78:EA:1D
X509v3 Authority Key Identifier:
keyid:6F:80:96:44:07:C5:DA:A4:40:88:AC:FE:95:E6:48:8B:80:0F:AD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4CWRAfF2qRAiKz-leZIi4APreU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/jN2jkAWaUOQCix9Lgr2jTJN46h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/b4CWRAfF2qRAiKz-leZIi4APreU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.192.0/22
IPv6:
2a0e:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
bd:b6:22:79:09:a5:a0:6f:9d:a6:19:69:f7:45:28:73:3a:39:
00:6e:c4:f4:68:e1:1a:c4:f1:3a:76:f5:44:cb:70:05:65:45:
40:97:b0:c0:49:97:30:44:5b:f3:c3:0c:d4:1d:78:86:c1:d4:
e7:f2:a9:9b:15:b1:b2:66:6b:9b:36:02:91:58:13:f6:56:e5:
65:c2:2e:2d:92:fd:e7:61:da:6c:ac:81:4c:4c:a5:27:26:73:
45:4b:4b:2a:34:49:8d:d9:b7:49:b0:a5:2d:f8:cd:2c:72:d4:
b2:73:6e:b4:d8:7d:d7:7b:60:47:95:ed:35:e7:1a:38:57:80:
05:55:7b:b4:e9:27:82:0b:cd:52:3e:0f:8f:9e:91:0b:e6:39:
1b:09:0f:20:02:27:59:0d:1f:ca:ec:01:d3:0f:d6:94:6b:27:
79:81:05:82:d0:25:9e:67:83:5e:de:b4:01:f9:2f:d0:d0:98:
f9:20:44:f6:ea:5b:b3:d9:d1:be:df:23:19:75:fe:f6:8b:48:
b3:65:9c:7d:cb:86:bc:0b:2e:a9:f8:a9:9e:06:87:bf:e6:b2:
c8:9d:f9:7d:08:52:5c:1a:7e:e9:eb:61:ef:9e:d6:e0:24:04:
ce:90:b6:e4:d1:01:e8:67:cd:34:8c:d9:aa:ab:3a:b4:fe:ea:
3d:6e:4d:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVweZwmdpaMddnr8OU+tUMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODA5NjQ0MDdjNWRhYTQ0MDg4YWNmZTk1ZTY0ODhiODAw
ZmFkZTUwHhcNMjMwMTAyMDMxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RkYTM5MDA1OWE1MGU0MDI4YjFmNGI4MmJkYTM0YzkzNzhlYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/uozqHemRoKVjYqtVvw1Px67m8n
XELyS7Zy/bX7mE8ac7Ge5HA7DH3CIl2jMeLXywfjJrS4Q7MTHmcBYK+G0qXIAYc+
mxgfOa9NyOAiqPyoMJo+t6QG6dZINC+vF+6uLmy1bOLtPmZsEHgIg2JSZf6OxDrO
DVPND1pa+WRn+IhQHLnPRaGwcOIu5/fcjysg/VjcJOYB78us/VedQxKyfbEXzVMg
6RWEGNFsPJm+UPmPAReiBpg6zSKzQ/KQtyOEeLhgxs0zKrxuz5Sv3bPR8oYtvu8o
a/79ygSgI/WNGM/HrdwRdrXiriVyBhQZ2vlQldttri4a8zDWEDSSo49ZWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIzdo5AFmlDkAosfS4K9o0yTeOodMB8GA1UdIwQY
MBaAFG+AlkQHxdqkQIis/pXmSIuAD63lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRDV1JBZkYycVJBaUt6LWxlWklpNEFQcmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOTA2YzktMmIzZC00MzdjLWEzY2Qt
NWQ5MmNlZjIzYzVhLzEvak4yamtBV2FVT1FDaXg5TGdyMmpUSk40NmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOTA2YzktMmIzZC00MzdjLWEzY2QtNWQ5MmNlZjIzYzVh
LzEvYjRDV1JBZkYycVJBaUt6LWxlWklpNEFQcmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucrAMA0E
AgACMAcDBQMqDmoAMA0GCSqGSIb3DQEBCwUAA4IBAQC9tiJ5CaWgb52mGWn3RShz
OjkAbsT0aOEaxPE6dvVEy3AFZUVAl7DASZcwRFvzwwzUHXiGwdTn8qmbFbGyZmub
NgKRWBP2VuVlwi4tkv3nYdpsrIFMTKUnJnNFS0sqNEmN2bdJsKUt+M0sctSyc260
2H3Xe2BHle015xo4V4AFVXu06SeCC81SPg+PnpEL5jkbCQ8gAidZDR/K7AHTD9aU
ayd5gQWC0CWeZ4Ne3rQB+S/Q0Jj5IET26luz2dG+3yMZdf72i0izZZx9y4a8Cy6p
+KmeBoe/5rLInfl9CFJcGn7p62HvntbgJATOkLbk0QHoZ800jNmqqzq0/uo9bk29
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:22 2025 by rpki-client