Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/kiYEoKb5fQ4fhxMUXtiidQZqBzY.roa
File: kiYEoKb5fQ4fhxMUXtiidQZqBzY.roa (raw, json)
Hash identifier: dG1u5pHn7jFuGbKfaNwOM0I0I34P8MolKyPp0iNVrbk=
Subject key identifier: 92:26:04:A0:A6:F9:7D:0E:1F:87:13:14:5E:D8:A2:75:06:6A:07:36
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 0EBB8C6B
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/kiYEoKb5fQ4fhxMUXtiidQZqBzY.roa
Signing time: Sat 01 Jan 2022 12:58:34 +0000
ROA not before: Sat 01 Jan 2022 12:58:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205845
IP address blocks: 185.204.120.0/22 maxlen: 24
2a0a:f740::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 247172203 (0xebb8c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Jan 1 12:58:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=922604a0a6f97d0e1f8713145ed8a275066a0736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0d:df:d2:83:19:e6:bf:9e:a3:5a:ab:c2:c9:
1f:15:7a:6e:43:72:10:f8:d3:40:a3:f0:da:a9:c6:
d0:22:11:61:b3:85:51:33:61:bd:4e:c1:c4:45:c2:
d2:fd:97:aa:4c:52:50:fd:57:e9:78:92:17:be:ea:
48:be:ed:79:ac:8a:4c:bc:c5:6d:51:2a:0a:47:42:
b6:2b:c7:22:4f:12:ff:21:c2:dd:cd:27:c9:b1:77:
54:c5:af:42:98:27:d0:f3:e1:a7:97:c3:83:67:08:
6e:6a:74:a3:43:3d:58:5b:ad:80:a4:41:02:c9:03:
df:b5:42:08:dd:0e:3a:d4:48:a5:25:1e:af:25:3d:
67:a6:2a:63:34:2d:91:42:f0:1f:ed:6d:dc:3a:47:
56:ea:1a:91:35:b8:67:96:c8:14:19:8f:0b:fa:72:
d3:8c:95:ba:36:43:5f:9c:29:a3:0a:44:3f:4e:72:
49:c3:af:42:fa:1d:08:78:e1:fc:c4:a3:66:ce:43:
0f:d3:6d:b6:84:b3:17:58:5b:71:6b:33:0e:95:de:
b0:9e:9c:0e:0c:9a:a0:a9:ca:bc:33:b6:70:a9:01:
82:50:9e:35:2c:65:4d:32:7f:62:2c:be:c0:97:99:
30:3f:86:ea:68:10:42:14:18:a2:10:e3:5d:40:fc:
20:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:26:04:A0:A6:F9:7D:0E:1F:87:13:14:5E:D8:A2:75:06:6A:07:36
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/kiYEoKb5fQ4fhxMUXtiidQZqBzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.120.0/22
IPv6:
2a0a:f740::/29
Signature Algorithm: sha256WithRSAEncryption
4b:6e:74:38:d9:31:47:d2:5f:3a:9d:ae:7c:ce:c4:c8:7e:1b:
d4:ea:bc:1e:95:aa:e1:90:c1:1a:75:c7:ba:3f:39:e5:35:74:
ac:5e:27:1b:6b:d3:92:7a:f1:15:e5:03:be:84:55:fd:e7:08:
80:b1:4e:19:bd:1d:42:69:4a:78:d9:4e:9f:af:5d:8b:df:1c:
8a:f3:fe:00:d4:40:58:f0:a9:8d:06:e7:8c:90:b1:4a:9e:08:
d9:60:d4:59:65:c0:07:0f:d6:14:d1:3e:69:6c:3f:ef:5f:be:
ff:4d:cb:78:ea:df:c4:3d:ff:f6:d2:65:9e:e6:6b:2e:e6:58:
b6:3a:d4:e5:b9:2f:f1:14:54:e3:c6:92:1a:09:a2:dd:b2:4d:
5b:95:bd:10:2a:36:da:d8:6f:e1:89:45:90:f0:a9:ff:e2:a7:
d4:cb:2e:73:0e:65:81:c3:f2:52:b7:f7:e7:6b:9b:47:54:5f:
69:3b:82:68:2f:c9:89:c8:85:5b:3c:c2:0f:c2:a3:89:f6:05:
a2:d2:a0:0a:8d:69:f6:bf:57:9e:4d:94:8a:64:90:31:e7:e4:
29:fa:71:33:7e:8c:a2:82:f9:ae:00:92:73:19:f5:5d:e4:22:
9e:ae:61:c3:e5:ae:07:c9:8b:d2:9f:f5:e4:c7:d1:97:fc:8d:
e1:c4:44:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDruMazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzljNDVlNDM2MjU1MjIwODBhZWM1Mzk1Mjk4OWExM2EyOGFiZDAwMB4XDTIyMDEw
MTEyNTgzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIyNjA0YTBhNmY5
N2QwZTFmODcxMzE0NWVkOGEyNzUwNjZhMDczNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMMN39KDGea/nqNaq8LJHxV6bkNyEPjTQKPw2qnG0CIRYbOF
UTNhvU7BxEXC0v2XqkxSUP1X6XiSF77qSL7teayKTLzFbVEqCkdCtivHIk8S/yHC
3c0nybF3VMWvQpgn0PPhp5fDg2cIbmp0o0M9WFutgKRBAskD37VCCN0OOtRIpSUe
ryU9Z6YqYzQtkULwH+1t3DpHVuoakTW4Z5bIFBmPC/py04yVujZDX5wpowpEP05y
ScOvQvodCHjh/MSjZs5DD9NttoSzF1hbcWszDpXesJ6cDgyaoKnKvDO2cKkBglCe
NSxlTTJ/Yiy+wJeZMD+G6mgQQhQYohDjXUD8ICkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSSJgSgpvl9Dh+HExRe2KJ1BmoHNjAfBgNVHSMEGDAWgBQjnEXkNiVSIICu
xTlSmJoTooq9ADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k1eEY1RFlsVWlDQXJzVTVVcGlhRTZLS3ZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvNGM0ODk0LTgwZmMtNDhlZi1iNjY4LTk3NWEyMzdlY2QwNi8x
L2tpWUVvS2I1ZlE0Zmh4TVVYdGlpZFFacUJ6WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
NGM0ODk0LTgwZmMtNDhlZi1iNjY4LTk3NWEyMzdlY2QwNi8xL0k1eEY1RFlsVWlD
QXJzVTVVcGlhRTZLS3ZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnMeDANBAIAAjAHAwUDKgr3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAS250ONkxR9JfOp2ufM7EyH4b1Oq8HpWq4ZDBGnXH
uj855TV0rF4nG2vTknrxFeUDvoRV/ecIgLFOGb0dQmlKeNlOn69di98civP+ANRA
WPCpjQbnjJCxSp4I2WDUWWXABw/WFNE+aWw/71++/03LeOrfxD3/9tJlnuZrLuZY
tjrU5bkv8RRU48aSGgmi3bJNW5W9ECo22thv4YlFkPCp/+Kn1Msucw5lgcPyUrf3
52ubR1RfaTuCaC/JiciFWzzCD8KjifYFotKgCo1p9r9Xnk2UimSQMefkKfpxM36M
ooL5rgCScxn1XeQinq5hw+WuB8mL0p/15MfRl/yN4cRE8A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:50 2025 by rpki-client