Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/Rk6bdoURZsWgaDzsvIIkwYCfahY.roa
File: Rk6bdoURZsWgaDzsvIIkwYCfahY.roa (raw, json)
Hash identifier: 65Sw6Dgd242pqxqRSuwUMPIf47YrIHYxop0GnFIfSfQ=
Subject key identifier: 46:4E:9B:76:85:11:66:C5:A0:68:3C:EC:BC:82:24:C1:80:9F:6A:16
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 0187A7D27AA15FF81427DC5EB4BE731C7F6E
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/Rk6bdoURZsWgaDzsvIIkwYCfahY.roa
Signing time: Sat 22 Apr 2023 07:16:41 +0000
ROA not before: Sat 22 Apr 2023 07:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202975
IP address blocks: 185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
85.116.132.0/22 maxlen: 22
89.105.88.0/24 maxlen: 24
2a06:f2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a7:d2:7a:a1:5f:f8:14:27:dc:5e:b4:be:73:1c:7f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Apr 22 07:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=464e9b76851166c5a0683cecbc8224c1809f6a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e5:84:89:a0:a4:31:da:54:67:c4:5d:81:64:
bd:9a:1a:30:32:15:5e:27:41:15:f4:16:87:cc:1f:
49:c6:42:f7:ef:ac:6f:87:c8:84:07:fc:06:c4:c3:
5f:c6:88:04:9d:57:bf:58:bd:96:fc:c3:8b:c1:81:
7f:29:18:99:59:c5:e5:c3:3e:7d:58:23:75:ab:30:
e6:bc:15:44:95:75:b9:fd:b1:bf:73:b7:5a:db:e3:
a3:a1:bc:8c:0a:38:bb:b2:49:0d:ba:0a:1d:04:2a:
18:3a:09:1c:c9:78:c0:75:f0:0f:71:60:24:f8:91:
68:a2:a6:85:2f:e7:91:bb:f3:cf:f0:93:1f:77:12:
3e:29:1a:e1:47:47:e7:15:85:19:46:5c:19:4e:6b:
d0:1d:1c:bd:6a:fd:b8:cd:2e:20:2b:82:0a:c8:25:
f7:95:eb:38:56:b0:4d:e2:44:4a:4d:7a:4a:0e:ac:
3e:5c:b6:57:ba:aa:7f:98:7c:62:5b:26:15:f6:58:
97:a6:3f:c1:18:4e:7c:78:46:4d:96:31:e9:67:be:
77:7e:0f:6b:75:ec:bd:83:c8:de:54:39:24:14:e7:
62:2b:f7:b1:8f:69:5a:1d:34:e6:80:dc:fa:c1:3e:
9b:89:10:25:4d:6b:f2:61:55:50:62:66:b5:78:c3:
50:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:4E:9B:76:85:11:66:C5:A0:68:3C:EC:BC:82:24:C1:80:9F:6A:16
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/Rk6bdoURZsWgaDzsvIIkwYCfahY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
89.105.88.0/24
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:93:1d:f8:f8:75:d4:ad:e2:05:2c:40:cb:1c:a7:28:ba:29:
ac:2d:08:e6:e9:9a:d5:9b:84:3a:12:63:95:e8:65:d8:a6:da:
c4:3a:97:ca:c7:3d:80:8a:b0:a6:b2:d6:90:b7:75:1a:98:4e:
66:55:bf:b0:a4:53:81:fa:7f:f6:dd:b3:b8:e5:6e:8a:df:c1:
c4:89:14:9c:1a:39:66:f7:a1:75:17:2a:3e:4c:48:0e:73:47:
a5:e1:7a:98:e3:e5:ce:0c:9a:a8:5c:95:9f:5d:33:e0:00:df:
2e:c8:25:65:a9:f6:35:d3:a5:10:30:8c:8b:07:96:4f:51:a6:
4e:2a:b5:24:23:31:86:eb:99:90:6a:f5:84:2b:a8:97:51:32:
a8:ab:27:fa:33:6f:9b:46:6e:3f:80:bb:5d:50:5c:e1:e1:4e:
0a:2a:2b:51:65:2f:a0:e2:c9:20:db:6e:26:05:0b:f1:a7:cc:
3f:2b:1d:54:f5:90:c6:ee:10:6c:d9:89:4f:ae:37:6e:03:d3:
ef:49:af:41:02:ca:f9:62:d9:82:ab:0f:a5:33:de:96:0a:b6:
80:33:e7:39:03:be:89:98:85:dd:be:c7:4d:0a:ed:36:94:d2:
f2:9f:e8:69:3e:7c:d0:8f:67:89:f2:3d:b6:fa:fa:87:19:bf:
ed:14:93:99
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYen0nqhX/gUJ9xetL5zHH9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjMwNDIyMDcxNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjRlOWI3Njg1MTE2NmM1YTA2ODNjZWNiYzgyMjRjMTgwOWY2YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuWEiaCkMdpUZ8RdgWS9mhowMhVe
J0EV9BaHzB9JxkL376xvh8iEB/wGxMNfxogEnVe/WL2W/MOLwYF/KRiZWcXlwz59
WCN1qzDmvBVElXW5/bG/c7da2+OjobyMCji7skkNugodBCoYOgkcyXjAdfAPcWAk
+JFooqaFL+eRu/PP8JMfdxI+KRrhR0fnFYUZRlwZTmvQHRy9av24zS4gK4IKyCX3
les4VrBN4kRKTXpKDqw+XLZXuqp/mHxiWyYV9liXpj/BGE58eEZNljHpZ753fg9r
dey9g8jeVDkkFOdiK/exj2laHTTmgNz6wT6biRAlTWvyYVVQYma1eMNQUQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEZOm3aFEWbFoGg87LyCJMGAn2oWMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvUms2YmRvVVJac1dnYUR6c3ZJSWt3WUNmYWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCVXSEAwQA
WWlYMAwDBAK5h2QDBAC5h2YwDQQCAAIwBwMFAyoG8sAwDQYJKoZIhvcNAQELBQAD
ggEBAKaTHfj4ddSt4gUsQMscpyi6KawtCObpmtWbhDoSY5XoZdim2sQ6l8rHPYCK
sKay1pC3dRqYTmZVv7CkU4H6f/bds7jlborfwcSJFJwaOWb3oXUXKj5MSA5zR6Xh
epjj5c4MmqhclZ9dM+AA3y7IJWWp9jXTpRAwjIsHlk9Rpk4qtSQjMYbrmZBq9YQr
qJdRMqirJ/ozb5tGbj+Au11QXOHhTgoqK1FlL6DiySDbbiYFC/GnzD8rHVT1kMbu
EGzZiU+uN24D0+9Jr0ECyvli2YKrD6Uz3pYKtoAz5zkDvomYhd2+x00K7TaU0vKf
6Gk+fNCPZ4nyPbb6+ocZv+0Uk5k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:58 2025 by rpki-client