Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/706f41-0531-43df-b1e9-6f86d0b7e3e0/1/12yWSyWIe2TU0bvWOcPzQAID1tw.roa
File: 12yWSyWIe2TU0bvWOcPzQAID1tw.roa (raw, json)
Hash identifier: qmmcZNLqS9fnhc3WwyEo78uFa7Lb8YcipqMcZKvLQEk=
Subject key identifier: D7:6C:96:4B:25:88:7B:64:D4:D1:BB:D6:39:C3:F3:40:02:03:D6:DC
Certificate issuer: /CN=6cc7585ab7a83ec80b55ab957bf37b791e765016
Certificate serial: 01856D53F0C0C2B95B0EDE3E686510D69394
Authority key identifier: 6C:C7:58:5A:B7:A8:3E:C8:0B:55:AB:95:7B:F3:7B:79:1E:76:50:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMdYWreoPsgLVauVe_N7eR52UBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/706f41-0531-43df-b1e9-6f86d0b7e3e0/1/12yWSyWIe2TU0bvWOcPzQAID1tw.roa
Signing time: Sun 01 Jan 2023 12:34:55 +0000
ROA not before: Sun 01 Jan 2023 12:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212813
IP address blocks: 185.76.158.0/24 maxlen: 24
2a10:2680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f0:c0:c2:b9:5b:0e:de:3e:68:65:10:d6:93:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc7585ab7a83ec80b55ab957bf37b791e765016
Validity
Not Before: Jan 1 12:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d76c964b25887b64d4d1bbd639c3f3400203d6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0a:1a:2b:ea:fc:4c:1d:72:e1:21:3c:fe:8c:
df:6c:eb:9d:d8:52:56:3e:3d:52:86:03:36:8e:53:
1e:9f:69:a3:cb:5d:40:ce:94:e4:b3:7b:09:37:e6:
67:7e:cb:0a:3e:97:93:e0:2b:9a:67:f0:dd:71:15:
c9:6c:17:24:4a:22:02:83:b6:38:48:4b:af:aa:aa:
08:80:38:84:2c:98:fb:e8:19:d2:03:fa:66:e8:d4:
5d:e3:de:42:38:dc:8e:62:27:22:f7:ed:92:f8:08:
e7:ec:dd:5f:c5:28:d6:b7:ea:74:17:ea:4c:ac:a5:
7d:77:ca:d1:48:27:5b:cd:c2:cf:e1:7f:2d:4f:b9:
bd:a9:0d:de:40:9e:57:23:55:ce:8e:f8:21:e6:7a:
6b:ac:f2:2d:cb:a0:cc:68:8d:ec:62:e6:b7:5e:17:
2f:86:45:39:78:9f:4a:68:1d:45:0c:60:44:b8:77:
27:44:3d:6a:6f:bc:a1:ea:dd:ac:22:7d:15:17:f2:
f0:9f:84:9e:ed:bb:94:b3:58:33:34:2e:a1:1d:be:
a4:21:ed:ff:0d:dc:aa:3e:32:52:a0:f2:de:f3:2e:
62:36:78:d5:9c:7b:8f:91:7b:d1:fa:86:0d:55:79:
dd:b3:7c:aa:cc:3a:b1:bd:5e:25:b0:d6:35:11:48:
7f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6C:96:4B:25:88:7B:64:D4:D1:BB:D6:39:C3:F3:40:02:03:D6:DC
X509v3 Authority Key Identifier:
keyid:6C:C7:58:5A:B7:A8:3E:C8:0B:55:AB:95:7B:F3:7B:79:1E:76:50:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMdYWreoPsgLVauVe_N7eR52UBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/706f41-0531-43df-b1e9-6f86d0b7e3e0/1/12yWSyWIe2TU0bvWOcPzQAID1tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/706f41-0531-43df-b1e9-6f86d0b7e3e0/1/bMdYWreoPsgLVauVe_N7eR52UBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.158.0/24
IPv6:
2a10:2680::/29
Signature Algorithm: sha256WithRSAEncryption
38:5c:f9:f7:8e:a6:de:7a:0e:e7:42:90:d3:fd:3f:80:aa:7c:
f7:69:f1:57:f4:8a:74:ff:ae:5f:95:09:f6:42:49:58:43:bb:
1c:30:6b:ca:d4:95:51:98:36:9a:c2:bd:e0:9a:3b:96:e9:c4:
f8:38:2d:c1:18:2b:97:52:b2:fb:3b:61:33:d8:34:5f:83:91:
bd:2f:0b:cd:96:3e:38:b9:0d:61:e9:15:06:2e:e7:1b:9f:d0:
43:f3:26:cd:e9:e1:6f:ed:4a:a8:9b:82:bd:26:93:a1:c1:85:
25:46:c9:0f:c5:7c:da:aa:8c:36:a6:ab:30:7d:0a:1a:bb:2e:
27:83:38:57:41:24:ca:3e:a5:fb:4a:b1:b1:00:5f:d1:bf:cf:
b9:36:33:89:3f:01:ce:dd:c7:d9:6a:55:33:c5:96:21:44:41:
b2:64:30:d3:b3:e2:73:91:32:25:51:a2:6e:87:89:f8:f9:71:
0f:b5:3e:b4:f6:32:bc:b4:d9:57:a4:af:42:c9:f0:02:74:62:
1e:de:4e:81:c1:14:d1:0c:cc:8c:c6:52:24:01:0e:3f:b7:3d:
12:23:43:40:f2:4a:24:11:b1:1d:b8:ce:40:12:b1:1e:2a:e0:
2e:2c:8c:19:71:4d:11:95:66:3a:6f:21:e3:2b:4d:60:c0:73:
13:68:b0:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU/DAwrlbDt4+aGUQ1pOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzc1ODVhYjdhODNlYzgwYjU1YWI5NTdiZjM3Yjc5MWU3
NjUwMTYwHhcNMjMwMTAxMTIzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzZjOTY0YjI1ODg3YjY0ZDRkMWJiZDYzOWMzZjM0MDAyMDNkNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQoaK+r8TB1y4SE8/ozfbOud2FJW
Pj1ShgM2jlMen2mjy11AzpTks3sJN+ZnfssKPpeT4CuaZ/DdcRXJbBckSiICg7Y4
SEuvqqoIgDiELJj76BnSA/pm6NRd495CONyOYici9+2S+Ajn7N1fxSjWt+p0F+pM
rKV9d8rRSCdbzcLP4X8tT7m9qQ3eQJ5XI1XOjvgh5nprrPIty6DMaI3sYua3Xhcv
hkU5eJ9KaB1FDGBEuHcnRD1qb7yh6t2sIn0VF/Lwn4Se7buUs1gzNC6hHb6kIe3/
DdyqPjJSoPLe8y5iNnjVnHuPkXvR+oYNVXnds3yqzDqxvV4lsNY1EUh/XwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdslksliHtk1NG71jnD80ACA9bcMB8GA1UdIwQY
MBaAFGzHWFq3qD7IC1WrlXvze3kedlAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1kWVdyZW9Qc2dMVmF1VmVfTjdlUjUyVUJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83MDZmNDEtMDUzMS00M2RmLWIxZTkt
NmY4NmQwYjdlM2UwLzEvMTJ5V1N5V0llMlRVMGJ2V09jUHpRQUlEMXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83MDZmNDEtMDUzMS00M2RmLWIxZTktNmY4NmQwYjdlM2Uw
LzEvYk1kWVdyZW9Qc2dMVmF1VmVfTjdlUjUyVUJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUyeMA0E
AgACMAcDBQMqECaAMA0GCSqGSIb3DQEBCwUAA4IBAQA4XPn3jqbeeg7nQpDT/T+A
qnz3afFX9Ip0/65flQn2QklYQ7scMGvK1JVRmDaawr3gmjuW6cT4OC3BGCuXUrL7
O2Ez2DRfg5G9LwvNlj44uQ1h6RUGLucbn9BD8ybN6eFv7Uqom4K9JpOhwYUlRskP
xXzaqow2pqswfQoauy4ngzhXQSTKPqX7SrGxAF/Rv8+5NjOJPwHO3cfZalUzxZYh
REGyZDDTs+JzkTIlUaJuh4n4+XEPtT609jK8tNlXpK9CyfACdGIe3k6BwRTRDMyM
xlIkAQ4/tz0SI0NA8kokEbEduM5AErEeKuAuLIwZcU0RlWY6byHjK01gwHMTaLAB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:25 2025 by rpki-client