Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/oArcOYAeeO1uavZBjzJd-iBd6hs.roa
File: oArcOYAeeO1uavZBjzJd-iBd6hs.roa (raw, json)
Hash identifier: s4cTLhVjdwlq6Tg1nPP76aMayAPoMybjtwQ64czVT4o=
Subject key identifier: A0:0A:DC:39:80:1E:78:ED:6E:6A:F6:41:8F:32:5D:FA:20:5D:EA:1B
Certificate issuer: /CN=72426c3d11c9f24acc0a1d8454cbc9604865a809
Certificate serial: 01856F39334244906304B876D2986E2B4210
Authority key identifier: 72:42:6C:3D:11:C9:F2:4A:CC:0A:1D:84:54:CB:C9:60:48:65:A8:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckJsPRHJ8krMCh2EVMvJYEhlqAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/oArcOYAeeO1uavZBjzJd-iBd6hs.roa
Signing time: Sun 01 Jan 2023 21:24:57 +0000
ROA not before: Sun 01 Jan 2023 21:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200607
IP address blocks: 185.101.181.0/24 maxlen: 24
185.101.180.0/24 maxlen: 24
185.101.183.0/24 maxlen: 24
185.101.182.0/24 maxlen: 24
2a06:2040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:33:42:44:90:63:04:b8:76:d2:98:6e:2b:42:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72426c3d11c9f24acc0a1d8454cbc9604865a809
Validity
Not Before: Jan 1 21:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a00adc39801e78ed6e6af6418f325dfa205dea1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5e:0e:8c:03:d6:37:92:44:79:ff:55:ea:b9:
d8:56:82:48:cb:87:fa:63:f1:87:94:30:b9:e3:36:
b6:aa:5f:f6:fc:69:c1:fa:ea:89:f8:be:6b:59:24:
a3:6d:d3:a9:e7:f7:8f:2b:23:ba:d8:1a:d9:d1:34:
fe:04:f8:8f:ed:4f:fc:2b:e9:f4:ee:04:13:54:66:
cc:83:06:3e:02:1b:f4:34:14:87:b8:95:15:c3:02:
e2:31:74:ba:73:df:ec:bb:b8:82:8e:d0:c8:59:5a:
3a:9f:58:de:66:f6:f4:e7:7c:26:4d:c3:65:2b:b7:
54:69:4d:d2:a2:f1:4e:e6:06:d9:fb:1f:2e:34:33:
bf:52:e8:29:aa:4d:d2:71:c2:b1:b6:b5:c2:bb:bb:
4d:9b:b1:0e:49:7e:38:10:19:70:53:67:36:55:70:
79:af:33:3d:af:14:12:53:4f:de:63:0d:ca:b8:12:
be:c3:ad:0a:71:77:2b:e0:be:35:d0:3a:c2:61:ce:
02:d6:bc:02:e8:53:23:a2:67:fd:af:ef:32:4f:25:
53:ce:8b:91:06:58:71:b5:c4:53:5c:35:e3:5b:8d:
1c:45:5f:2b:ee:18:d2:f2:bf:96:98:3c:c5:7d:6b:
7d:a6:3a:45:96:72:fd:a6:1a:37:3c:a3:40:7d:4b:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:0A:DC:39:80:1E:78:ED:6E:6A:F6:41:8F:32:5D:FA:20:5D:EA:1B
X509v3 Authority Key Identifier:
keyid:72:42:6C:3D:11:C9:F2:4A:CC:0A:1D:84:54:CB:C9:60:48:65:A8:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckJsPRHJ8krMCh2EVMvJYEhlqAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/oArcOYAeeO1uavZBjzJd-iBd6hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4c1b34-9c70-411f-b01f-be90b0fd1f78/1/ckJsPRHJ8krMCh2EVMvJYEhlqAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.180.0/22
IPv6:
2a06:2040::/29
Signature Algorithm: sha256WithRSAEncryption
b0:2e:97:bd:92:81:f5:31:6b:5e:2c:03:cd:14:7d:d1:e9:c2:
b0:c3:96:be:2c:0c:5c:ce:9d:38:f6:fd:9a:c9:51:3b:9e:34:
0d:14:3d:14:7a:d0:95:70:20:a1:d6:20:6b:65:e2:ee:11:f7:
e3:b5:bb:81:b4:15:82:80:9d:97:74:d3:e3:1f:1d:5f:50:8d:
29:7d:17:df:41:06:fe:76:5e:e6:13:f5:f8:8f:d7:3e:47:4c:
97:86:64:99:d6:01:48:f5:6a:3c:f5:0c:7a:c8:e4:76:c5:da:
26:ad:93:5c:87:74:fb:24:3e:e2:f9:dd:c9:0c:48:00:6a:6b:
06:6c:82:b4:38:10:43:64:bc:d9:a4:3b:de:2f:ca:05:fe:26:
2c:78:aa:e2:9e:ff:d5:ad:d6:a8:0a:ca:91:67:48:47:3f:0b:
eb:92:68:b3:5c:65:1a:79:de:e9:b3:ad:4a:1a:97:e5:d7:13:
f5:00:bf:9b:a9:5f:1f:55:9f:68:01:98:68:f8:bc:2d:3d:42:
71:89:cf:6e:ef:e9:82:c4:e8:5c:ad:fb:a9:40:49:e3:03:a1:
f0:8d:37:ec:e4:81:45:f2:f1:91:9a:44:d1:7e:b8:e8:dd:3d:
cf:c8:ee:ef:54:60:c6:03:3b:74:95:a1:6a:b8:28:6b:11:93:
7a:9b:d2:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvOTNCRJBjBLh20phuK0IQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDI2YzNkMTFjOWYyNGFjYzBhMWQ4NDU0Y2JjOTYwNDg2
NWE4MDkwHhcNMjMwMTAxMjEyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDBhZGMzOTgwMWU3OGVkNmU2YWY2NDE4ZjMyNWRmYTIwNWRlYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF4OjAPWN5JEef9V6rnYVoJIy4f6
Y/GHlDC54za2ql/2/GnB+uqJ+L5rWSSjbdOp5/ePKyO62BrZ0TT+BPiP7U/8K+n0
7gQTVGbMgwY+Ahv0NBSHuJUVwwLiMXS6c9/su7iCjtDIWVo6n1jeZvb053wmTcNl
K7dUaU3SovFO5gbZ+x8uNDO/Uugpqk3SccKxtrXCu7tNm7EOSX44EBlwU2c2VXB5
rzM9rxQSU0/eYw3KuBK+w60KcXcr4L410DrCYc4C1rwC6FMjomf9r+8yTyVTzouR
BlhxtcRTXDXjW40cRV8r7hjS8r+WmDzFfWt9pjpFlnL9pho3PKNAfUtpawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKAK3DmAHnjtbmr2QY8yXfogXeobMB8GA1UdIwQY
MBaAFHJCbD0RyfJKzAodhFTLyWBIZagJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tKc1BSSEo4a3JNQ2gyRVZNdkpZRWhscUFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80YzFiMzQtOWM3MC00MTFmLWIwMWYt
YmU5MGIwZmQxZjc4LzEvb0FyY09ZQWVlTzF1YXZaQmp6SmQtaUJkNmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80YzFiMzQtOWM3MC00MTFmLWIwMWYtYmU5MGIwZmQxZjc4
LzEvY2tKc1BSSEo4a3JNQ2gyRVZNdkpZRWhscUFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWW0MA0E
AgACMAcDBQMqBiBAMA0GCSqGSIb3DQEBCwUAA4IBAQCwLpe9koH1MWteLAPNFH3R
6cKww5a+LAxczp049v2ayVE7njQNFD0UetCVcCCh1iBrZeLuEffjtbuBtBWCgJ2X
dNPjHx1fUI0pfRffQQb+dl7mE/X4j9c+R0yXhmSZ1gFI9Wo89Qx6yOR2xdomrZNc
h3T7JD7i+d3JDEgAamsGbIK0OBBDZLzZpDveL8oF/iYseKrinv/VrdaoCsqRZ0hH
PwvrkmizXGUaed7ps61KGpfl1xP1AL+bqV8fVZ9oAZho+LwtPUJxic9u7+mCxOhc
rfupQEnjA6HwjTfs5IFF8vGRmkTRfrjo3T3PyO7vVGDGAzt0laFquChrEZN6m9JY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:55 2025 by rpki-client