Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/N5Bob5ykUj2ZcdTB4lv9AWtZJQ0.roa
File: N5Bob5ykUj2ZcdTB4lv9AWtZJQ0.roa (raw, json)
Hash identifier: PVKKkiXvusF4l3Ct4uCVwvC/h2Y3itGdWbSXl5f+iGI=
Subject key identifier: 37:90:68:6F:9C:A4:52:3D:99:71:D4:C1:E2:5B:FD:01:6B:59:25:0D
Certificate issuer: /CN=3066af73eff3ac21ff17a0952ff370e60ca44b5d
Certificate serial: 0185708C9574A351FACC7D2DA0FBD3927BFF
Authority key identifier: 30:66:AF:73:EF:F3:AC:21:FF:17:A0:95:2F:F3:70:E6:0C:A4:4B:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGavc-_zrCH_F6CVL_Nw5gykS10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/N5Bob5ykUj2ZcdTB4lv9AWtZJQ0.roa
Signing time: Mon 02 Jan 2023 03:35:39 +0000
ROA not before: Mon 02 Jan 2023 03:35:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60444
IP address blocks: 185.30.216.0/22 maxlen: 22
2a00:b760::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:95:74:a3:51:fa:cc:7d:2d:a0:fb:d3:92:7b:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3066af73eff3ac21ff17a0952ff370e60ca44b5d
Validity
Not Before: Jan 2 03:35:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3790686f9ca4523d9971d4c1e25bfd016b59250d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:7c:72:aa:13:03:d1:32:ea:fa:bb:80:4e:
62:27:c5:0e:96:76:5d:1a:9b:cf:c5:f0:62:7e:c5:
c0:36:81:a7:d9:e0:d1:97:a0:5d:9e:aa:a0:a8:2c:
9d:9d:3b:24:9c:f2:3d:5d:6a:90:ee:7b:73:b6:58:
77:1e:b1:a1:82:fd:ad:9c:2c:52:e7:4b:e8:d6:8f:
98:85:6e:2d:3a:db:2e:43:17:ed:4e:7d:cd:8e:bb:
4a:eb:1a:42:d8:e1:85:b8:d9:a4:d7:60:49:5e:ec:
f4:4a:4f:9c:39:86:26:ca:cb:a3:b5:db:25:a2:cb:
42:54:b1:13:2a:59:d2:28:5d:4c:ad:d1:71:e9:5d:
e4:70:15:8e:30:00:1b:9c:3a:58:47:09:0a:2f:45:
1b:90:fe:f7:29:09:f3:4c:81:af:9a:b0:c2:7e:ee:
29:be:b9:92:57:3a:af:d7:d2:e5:d3:48:c1:c0:a6:
72:b5:2b:cc:4e:58:4a:bd:f2:87:6f:46:0c:fc:ca:
60:3e:9f:a5:bf:54:a8:33:de:e2:0f:ff:a8:3f:34:
7d:18:cc:b5:f3:b9:90:bf:ab:db:61:92:00:ad:f5:
e8:c9:b1:ad:25:bf:3a:a6:16:54:49:f9:be:19:e2:
1c:f2:d3:ac:8c:1a:9e:57:5e:30:87:ec:72:72:3a:
7c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:90:68:6F:9C:A4:52:3D:99:71:D4:C1:E2:5B:FD:01:6B:59:25:0D
X509v3 Authority Key Identifier:
keyid:30:66:AF:73:EF:F3:AC:21:FF:17:A0:95:2F:F3:70:E6:0C:A4:4B:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGavc-_zrCH_F6CVL_Nw5gykS10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/N5Bob5ykUj2ZcdTB4lv9AWtZJQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/232cfd-76dc-49e9-a94d-5188ea17d9a9/1/MGavc-_zrCH_F6CVL_Nw5gykS10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.216.0/22
IPv6:
2a00:b760::/32
Signature Algorithm: sha256WithRSAEncryption
29:48:ba:26:c2:3d:2c:4e:4a:f9:f8:f0:8e:5c:c2:47:97:69:
5c:d9:4a:87:be:b9:5f:43:11:fa:36:52:0d:e2:f9:99:a4:2b:
14:da:bc:15:48:24:3a:99:37:c1:c4:dd:3a:1f:de:a3:4b:ab:
03:ab:b0:a2:49:a8:bd:48:33:b3:aa:6e:a5:7a:11:f9:cd:99:
4a:e6:2c:8c:86:ba:56:cc:4c:37:10:18:52:d4:a4:8a:04:9c:
75:94:ee:50:c6:6a:84:7b:45:db:4c:13:c8:e4:ec:5e:a5:b7:
53:54:b7:b6:a3:c3:d7:dc:61:a7:3e:ad:3e:ac:2b:59:4d:eb:
31:f2:0e:6d:6a:3d:00:00:02:f2:38:de:21:9d:20:a7:f7:01:
bd:b2:ad:b2:ca:96:9e:fb:b9:be:4b:82:c5:55:db:da:fa:7e:
b7:83:b7:25:5b:9f:f6:d2:0d:61:96:8a:75:0d:33:f1:3e:b4:
fb:4e:52:92:50:92:61:14:af:da:66:79:6f:c1:5f:0c:d5:68:
1a:ed:a1:a3:a8:30:15:27:4e:90:a7:f4:d8:d2:a3:f4:40:61:
69:e6:77:6a:cf:ff:33:f0:e6:e7:e1:55:45:72:39:c2:2e:34:
06:91:42:96:02:67:fd:e5:16:f2:68:35:3e:ed:58:5f:f8:0d:
04:a1:04:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjJV0o1H6zH0toPvTknv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjZhZjczZWZmM2FjMjFmZjE3YTA5NTJmZjM3MGU2MGNh
NDRiNWQwHhcNMjMwMTAyMDMzNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzkwNjg2ZjljYTQ1MjNkOTk3MWQ0YzFlMjViZmQwMTZiNTkyNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLF8cqoTA9Ey6vq7gE5iJ8UOlnZd
GpvPxfBifsXANoGn2eDRl6BdnqqgqCydnTsknPI9XWqQ7ntztlh3HrGhgv2tnCxS
50vo1o+YhW4tOtsuQxftTn3NjrtK6xpC2OGFuNmk12BJXuz0Sk+cOYYmysujtdsl
ostCVLETKlnSKF1MrdFx6V3kcBWOMAAbnDpYRwkKL0UbkP73KQnzTIGvmrDCfu4p
vrmSVzqv19Ll00jBwKZytSvMTlhKvfKHb0YM/MpgPp+lv1SoM97iD/+oPzR9GMy1
87mQv6vbYZIArfXoybGtJb86phZUSfm+GeIc8tOsjBqeV14wh+xycjp8WwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDeQaG+cpFI9mXHUweJb/QFrWSUNMB8GA1UdIwQY
MBaAFDBmr3Pv86wh/xeglS/zcOYMpEtdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdhdmMtX3pyQ0hfRjZDVkxfTnc1Z3lrUzEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMzJjZmQtNzZkYy00OWU5LWE5NGQt
NTE4OGVhMTdkOWE5LzEvTjVCb2I1eWtVajJaY2RUQjRsdjlBV3RaSlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMzJjZmQtNzZkYy00OWU5LWE5NGQtNTE4OGVhMTdkOWE5
LzEvTUdhdmMtX3pyQ0hfRjZDVkxfTnc1Z3lrUzEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR7YMA0E
AgACMAcDBQAqALdgMA0GCSqGSIb3DQEBCwUAA4IBAQApSLomwj0sTkr5+PCOXMJH
l2lc2UqHvrlfQxH6NlIN4vmZpCsU2rwVSCQ6mTfBxN06H96jS6sDq7CiSai9SDOz
qm6lehH5zZlK5iyMhrpWzEw3EBhS1KSKBJx1lO5QxmqEe0XbTBPI5OxepbdTVLe2
o8PX3GGnPq0+rCtZTesx8g5taj0AAALyON4hnSCn9wG9sq2yypae+7m+S4LFVdva
+n63g7clW5/20g1hlop1DTPxPrT7TlKSUJJhFK/aZnlvwV8M1Wga7aGjqDAVJ06Q
p/TY0qP0QGFp5ndqz/8z8Obn4VVFcjnCLjQGkUKWAmf95RbyaDU+7Vhf+A0EoQTc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:14 2025 by rpki-client