Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/NFswHqVfouXMe0sjuhYM8HiNxj8.roa
File: NFswHqVfouXMe0sjuhYM8HiNxj8.roa (raw, json)
Hash identifier: 3JaQREM70wAZB4dqut21vYSVPfr5UCFJunZO+8PUM3I=
Subject key identifier: 34:5B:30:1E:A5:5F:A2:E5:CC:7B:4B:23:BA:16:0C:F0:78:8D:C6:3F
Certificate issuer: /CN=6e3e501d2513e5aed4423d7eb265e60822a8e78d
Certificate serial: 018570CC12012A27E4689081063FE7F5DF6B
Authority key identifier: 6E:3E:50:1D:25:13:E5:AE:D4:42:3D:7E:B2:65:E6:08:22:A8:E7:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bj5QHSUT5a7UQj1-smXmCCKo540.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/NFswHqVfouXMe0sjuhYM8HiNxj8.roa
Signing time: Mon 02 Jan 2023 04:45:00 +0000
ROA not before: Mon 02 Jan 2023 04:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60893
IP address blocks: 185.220.108.0/22 maxlen: 24
2a0b:efc0::/32 maxlen: 32
2a0b:efc0:400::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:12:01:2a:27:e4:68:90:81:06:3f:e7:f5:df:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e3e501d2513e5aed4423d7eb265e60822a8e78d
Validity
Not Before: Jan 2 04:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=345b301ea55fa2e5cc7b4b23ba160cf0788dc63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:29:55:ea:83:4c:4b:73:a7:1b:84:62:f8:8b:
a8:d8:38:1e:20:3f:15:8b:e0:2d:0b:42:c9:ea:b7:
33:26:7a:5e:71:0c:fd:b5:86:86:b8:ca:7b:17:1b:
a6:35:d5:b6:2c:d4:39:36:44:e7:91:ba:da:58:7d:
43:d6:4c:09:09:45:65:f3:83:f5:4d:57:df:dc:0f:
8e:3a:21:70:f0:b4:46:76:85:82:53:62:30:a7:6d:
fe:37:a8:af:4d:5e:69:a5:10:88:95:28:2b:68:35:
ad:6a:5e:6e:69:93:9e:c0:3b:58:bd:3b:65:db:f7:
4e:dd:1c:f8:5b:97:e4:0a:c7:a6:f8:92:65:61:8e:
12:87:84:26:b4:08:5e:f6:3f:80:fe:7e:e9:59:36:
b1:1c:4b:40:bb:b8:7f:8c:90:63:6c:cb:44:09:00:
e3:2b:7a:80:9a:74:02:11:90:c2:7d:67:22:3d:92:
e3:e8:b9:66:b9:42:c7:dd:67:f2:ca:8b:e3:7d:b5:
4b:90:a6:d3:e2:96:5c:12:a9:e2:31:69:2b:a7:17:
29:d8:26:3e:72:6a:82:82:17:aa:ca:e1:08:e9:3f:
38:8f:9a:01:a8:96:37:44:4a:22:dd:35:cc:af:b2:
a4:59:1b:c5:e5:4f:da:36:1f:d6:4a:95:0b:19:2f:
9b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5B:30:1E:A5:5F:A2:E5:CC:7B:4B:23:BA:16:0C:F0:78:8D:C6:3F
X509v3 Authority Key Identifier:
keyid:6E:3E:50:1D:25:13:E5:AE:D4:42:3D:7E:B2:65:E6:08:22:A8:E7:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bj5QHSUT5a7UQj1-smXmCCKo540.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/NFswHqVfouXMe0sjuhYM8HiNxj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/9d5fdc-66b2-4718-8b24-11daf170d7cd/1/bj5QHSUT5a7UQj1-smXmCCKo540.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.108.0/22
IPv6:
2a0b:efc0::/32
Signature Algorithm: sha256WithRSAEncryption
b9:1d:1e:f7:d1:07:72:f8:f9:bb:62:e0:f3:3b:05:4f:16:0b:
6e:29:c0:a1:27:20:1a:11:67:44:16:01:56:a0:09:2b:37:1d:
44:8c:40:f3:03:b0:19:31:3d:9a:a3:32:b8:29:b7:67:98:42:
3d:52:c4:bf:f4:8f:29:16:25:3e:31:98:0f:a3:e9:93:60:e5:
8d:3a:c3:5a:6d:29:ee:75:63:f1:f1:cc:12:98:e5:81:45:b3:
f2:21:56:68:f1:df:96:b4:a4:0c:6e:04:25:54:73:8b:87:c5:
2e:6d:c6:75:05:af:e1:91:61:70:7c:ac:60:a0:7f:68:42:a3:
b4:6e:4d:f3:8e:d2:6f:b2:9a:e3:f3:8a:9d:0b:2f:b4:61:43:
1d:5f:37:58:d4:9d:6a:a5:a0:d6:19:ed:0a:13:ef:e6:fb:54:
8e:bb:a5:ed:7f:e3:ce:98:3a:68:9f:d1:57:5d:1a:22:e6:98:
5c:6c:6e:23:53:02:a2:58:14:b0:44:3c:f8:6b:96:20:b3:37:
fe:57:42:f9:8c:43:07:8b:c6:54:a9:9f:12:20:c6:18:dd:f2:
c0:0b:0b:e2:be:0d:8a:c6:e9:96:7f:94:ef:06:7c:0b:e1:6e:
95:68:28:46:63:44:4d:3b:26:69:95:06:39:da:9a:35:1a:7e:
19:fe:e7:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwzBIBKifkaJCBBj/n9d9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlM2U1MDFkMjUxM2U1YWVkNDQyM2Q3ZWIyNjVlNjA4MjJh
OGU3OGQwHhcNMjMwMTAyMDQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDViMzAxZWE1NWZhMmU1Y2M3YjRiMjNiYTE2MGNmMDc4OGRjNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzClV6oNMS3OnG4Ri+Iuo2DgeID8V
i+AtC0LJ6rczJnpecQz9tYaGuMp7FxumNdW2LNQ5NkTnkbraWH1D1kwJCUVl84P1
TVff3A+OOiFw8LRGdoWCU2Iwp23+N6ivTV5ppRCIlSgraDWtal5uaZOewDtYvTtl
2/dO3Rz4W5fkCsem+JJlYY4Sh4QmtAhe9j+A/n7pWTaxHEtAu7h/jJBjbMtECQDj
K3qAmnQCEZDCfWciPZLj6LlmuULH3WfyyovjfbVLkKbT4pZcEqniMWkrpxcp2CY+
cmqCgheqyuEI6T84j5oBqJY3REoi3TXMr7KkWRvF5U/aNh/WSpULGS+beQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDRbMB6lX6LlzHtLI7oWDPB4jcY/MB8GA1UdIwQY
MBaAFG4+UB0lE+Wu1EI9frJl5ggiqOeNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmo1UUhTVVQ1YTdVUWoxLXNtWG1DQ0tvNTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy85ZDVmZGMtNjZiMi00NzE4LThiMjQt
MTFkYWYxNzBkN2NkLzEvTkZzd0hxVmZvdVhNZTBzanVoWU04SGlOeGo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy85ZDVmZGMtNjZiMi00NzE4LThiMjQtMTFkYWYxNzBkN2Nk
LzEvYmo1UUhTVVQ1YTdVUWoxLXNtWG1DQ0tvNTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudxsMA0E
AgACMAcDBQAqC+/AMA0GCSqGSIb3DQEBCwUAA4IBAQC5HR730Qdy+Pm7YuDzOwVP
FgtuKcChJyAaEWdEFgFWoAkrNx1EjEDzA7AZMT2aozK4KbdnmEI9UsS/9I8pFiU+
MZgPo+mTYOWNOsNabSnudWPx8cwSmOWBRbPyIVZo8d+WtKQMbgQlVHOLh8UubcZ1
Ba/hkWFwfKxgoH9oQqO0bk3zjtJvsprj84qdCy+0YUMdXzdY1J1qpaDWGe0KE+/m
+1SOu6Xtf+POmDpon9FXXRoi5phcbG4jUwKiWBSwRDz4a5Ygszf+V0L5jEMHi8ZU
qZ8SIMYY3fLACwvivg2KxumWf5TvBnwL4W6VaChGY0RNOyZplQY52po1Gn4Z/ufs
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:23 2025 by rpki-client