Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/bm4C7UE0FkE5xvafNiyDTsamdu8.roa
File: bm4C7UE0FkE5xvafNiyDTsamdu8.roa (raw, json)
Hash identifier: PQ1vJxdR9b94Y+ZXB7DW6iqlHWP7WO8iEn32c+nVK7Y=
Subject key identifier: 6E:6E:02:ED:41:34:16:41:39:C6:F6:9F:36:2C:83:4E:C6:A6:76:EF
Certificate issuer: /CN=4bd444c864e9e85d35376e0f68281799f6281f14
Certificate serial: 021CCE
Authority key identifier: 4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/bm4C7UE0FkE5xvafNiyDTsamdu8.roa
Signing time: Mon 24 Jan 2022 18:09:21 +0000
ROA not before: Mon 24 Jan 2022 18:09:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60717
IP address blocks: 185.13.92.0/22 maxlen: 22
2a02:f480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138446 (0x21cce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bd444c864e9e85d35376e0f68281799f6281f14
Validity
Not Before: Jan 24 18:09:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e6e02ed4134164139c6f69f362c834ec6a676ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:c9:34:f6:d7:8e:47:81:da:cd:1c:b9:b7:
8e:6a:77:85:a3:fd:03:2f:42:c2:d7:da:4e:5c:81:
ea:a1:c6:32:43:c1:8e:41:cf:32:ed:fa:c9:49:c4:
5e:13:b5:72:2c:81:99:42:6e:53:f4:d7:b3:8e:8d:
51:38:56:60:de:13:d7:a0:09:e4:97:aa:51:da:86:
c6:a3:66:84:ea:51:bd:90:33:89:11:43:b6:81:f9:
37:0f:d5:10:0e:40:59:f3:f0:dc:a8:59:79:98:61:
91:ed:da:49:7f:be:27:5a:b8:18:02:42:8a:07:2d:
bf:f5:01:f0:5f:91:43:e9:10:f1:67:fd:eb:75:5f:
55:9b:c6:fd:e0:61:a7:ed:89:a9:81:3d:90:e4:af:
0b:5c:6e:47:64:c2:b1:2c:80:aa:e9:14:85:f9:e7:
b7:1e:97:fe:31:db:fb:10:a4:91:29:58:27:d0:df:
59:26:55:97:28:70:9a:a2:4e:c2:d4:9a:da:07:27:
ca:12:ad:60:0f:28:b3:21:35:d1:99:c7:e5:c4:ca:
9e:14:c8:be:74:5e:c8:75:8a:96:c6:31:89:10:e0:
3f:7e:a9:e8:30:3e:c5:62:77:a5:a7:c6:af:13:e8:
d0:1b:a1:38:56:d6:6f:e8:7c:2b:3b:70:d2:34:5f:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6E:02:ED:41:34:16:41:39:C6:F6:9F:36:2C:83:4E:C6:A6:76:EF
X509v3 Authority Key Identifier:
keyid:4B:D4:44:C8:64:E9:E8:5D:35:37:6E:0F:68:28:17:99:F6:28:1F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S9REyGTp6F01N24PaCgXmfYoHxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/bm4C7UE0FkE5xvafNiyDTsamdu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/4a0cdc-e7fe-450e-97ec-29095ad1cced/1/S9REyGTp6F01N24PaCgXmfYoHxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.92.0/22
IPv6:
2a02:f480::/29
Signature Algorithm: sha256WithRSAEncryption
4c:1f:88:07:ef:01:ad:dc:67:0b:96:97:46:07:5f:54:30:29:
5b:5f:71:2a:1f:7b:99:3b:1d:55:84:1f:4e:2d:ee:8b:96:96:
bd:3e:d2:0c:65:32:06:d3:27:5d:8e:93:65:78:fa:a0:48:f2:
db:1b:82:19:6f:cd:78:7f:da:15:96:55:bd:72:d7:31:d7:61:
5b:75:59:35:b0:58:06:1a:34:f8:07:33:2d:33:9e:cb:19:b2:
73:2f:3d:27:3e:64:bd:7e:cc:dd:ac:dd:49:b4:a3:5f:df:17:
c7:70:b5:41:4c:3c:66:d6:ff:7b:3a:53:cc:97:a9:3c:89:ef:
4f:df:7f:6f:ba:ab:c7:8a:09:f2:13:32:46:1a:05:89:d2:1c:
fa:e6:7a:c1:65:78:71:e9:a5:78:a8:3e:8d:b6:03:4b:e0:7d:
6b:b6:91:03:73:1d:c6:69:01:d2:4f:2e:7a:ab:97:64:94:dd:
5e:cb:b8:a2:d6:9f:24:04:8a:52:6e:e5:64:f2:dd:44:60:16:
45:41:2a:19:29:39:df:0b:26:8a:d7:91:90:d3:ab:a3:08:d4:
64:38:96:66:df:e8:a5:6f:f8:cb:64:b4:6d:39:a9:7e:60:ac:
3f:ad:53:a1:f3:97:25:ff:9b:81:95:b1:d0:13:97:31:df:47:
2d:e0:5c:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAhzOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
ZDQ0NGM4NjRlOWU4NWQzNTM3NmUwZjY4MjgxNzk5ZjYyODFmMTQwHhcNMjIwMTI0
MTgwOTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZTZlMDJlZDQxMzQx
NjQxMzljNmY2OWYzNjJjODM0ZWM2YTY3NmVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtX/JNPbXjkeB2s0cubeOaneFo/0DL0LC19pOXIHqocYyQ8GO
Qc8y7frJScReE7VyLIGZQm5T9Nezjo1ROFZg3hPXoAnkl6pR2obGo2aE6lG9kDOJ
EUO2gfk3D9UQDkBZ8/DcqFl5mGGR7dpJf74nWrgYAkKKBy2/9QHwX5FD6RDxZ/3r
dV9Vm8b94GGn7YmpgT2Q5K8LXG5HZMKxLICq6RSF+ee3Hpf+Mdv7EKSRKVgn0N9Z
JlWXKHCaok7C1JraByfKEq1gDyizITXRmcflxMqeFMi+dF7IdYqWxjGJEOA/fqno
MD7FYnelp8avE+jQG6E4VtZv6HwrO3DSNF8LGQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFG5uAu1BNBZBOcb2nzYsg07GpnbvMB8GA1UdIwQYMBaAFEvURMhk6ehdNTdu
D2goF5n2KB8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UzlSRXlHVHA2RjAxTjI0UGFDZ1htZllvSHhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80NS80YTBjZGMtZTdmZS00NTBlLTk3ZWMtMjkwOTVhZDFjY2VkLzEv
Ym00QzdVRTBGa0U1eHZhZk5peURUc2FtZHU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS80
YTBjZGMtZTdmZS00NTBlLTk3ZWMtMjkwOTVhZDFjY2VkLzEvUzlSRXlHVHA2RjAx
TjI0UGFDZ1htZllvSHhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ1cMA0EAgACMAcDBQMqAvSAMA0G
CSqGSIb3DQEBCwUAA4IBAQBMH4gH7wGt3GcLlpdGB19UMClbX3EqH3uZOx1VhB9O
Le6Llpa9PtIMZTIG0yddjpNlePqgSPLbG4IZb814f9oVllW9ctcx12FbdVk1sFgG
GjT4BzMtM57LGbJzLz0nPmS9fszdrN1JtKNf3xfHcLVBTDxm1v97OlPMl6k8ie9P
339vuqvHignyEzJGGgWJ0hz65nrBZXhx6aV4qD6NtgNL4H1rtpEDcx3GaQHSTy56
q5dklN1ey7ii1p8kBIpSbuVk8t1EYBZFQSoZKTnfCyaK15GQ06ujCNRkOJZm3+il
b/jLZLRtOal+YKw/rVOh85cl/5uBlbHQE5cx30ct4Fxb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:02 2025 by rpki-client