Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/6e0UJbWPoiBDHQV2NuGJrgdxNkQ.roa
File: 6e0UJbWPoiBDHQV2NuGJrgdxNkQ.roa (raw, json)
Hash identifier: /sXPQ7w/zKDc9issfHvfcotpicFPIDYo8V6j4dSt+b0=
Subject key identifier: E9:ED:14:25:B5:8F:A2:20:43:1D:05:76:36:E1:89:AE:07:71:36:44
Certificate issuer: /CN=acd35e0da439bea65c48329ce9e8b1093f72300a
Certificate serial: 01856CE5FFD89AD1910CDD7E6CCEBF1D9DF8
Authority key identifier: AC:D3:5E:0D:A4:39:BE:A6:5C:48:32:9C:E9:E8:B1:09:3F:72:30:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rNNeDaQ5vqZcSDKc6eixCT9yMAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/6e0UJbWPoiBDHQV2NuGJrgdxNkQ.roa
Signing time: Sun 01 Jan 2023 10:34:50 +0000
ROA not before: Sun 01 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200906
IP address blocks: 185.72.4.0/24 maxlen: 24
185.72.6.0/24 maxlen: 24
185.72.7.0/24 maxlen: 24
185.72.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e5:ff:d8:9a:d1:91:0c:dd:7e:6c:ce:bf:1d:9d:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acd35e0da439bea65c48329ce9e8b1093f72300a
Validity
Not Before: Jan 1 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9ed1425b58fa220431d057636e189ae07713644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9b:54:2e:dc:18:d1:c0:4a:13:96:eb:1d:0b:
33:1b:aa:97:28:7f:cf:60:f2:25:0e:99:e5:bf:49:
44:0a:70:fc:12:9c:c2:c9:2c:e6:9a:96:d3:2f:16:
89:ab:ec:f3:8e:37:77:d2:6f:7c:79:09:a6:5d:e0:
3b:0e:0b:b4:08:83:59:23:e3:b5:40:07:f2:d3:ed:
90:95:3a:08:f3:b9:32:81:73:b4:bf:5e:84:22:f8:
5b:72:0a:43:8c:56:83:34:e8:ef:c3:0d:58:a7:04:
67:f4:44:d8:09:15:29:d3:ed:07:3a:29:3b:81:99:
c4:41:f7:0d:9a:a1:04:e9:ee:8a:33:bd:3a:db:60:
b9:d0:e2:0d:50:31:ed:1b:50:66:7c:0c:f5:e2:2f:
74:32:11:1d:03:7c:fb:ee:09:11:bc:fa:d3:d6:b4:
09:b0:a4:a8:01:2b:d9:a5:e1:c8:0a:98:90:bf:85:
ab:d8:24:b0:81:d6:63:5d:11:ca:cd:39:d0:de:fb:
c5:94:f9:88:9c:ae:1e:73:b9:34:b2:02:fd:f2:db:
1a:9e:cb:bd:3a:3d:17:94:54:b4:50:7f:d9:df:b7:
98:25:2d:a9:3f:11:09:cd:6b:cf:61:33:7a:a8:af:
61:9d:80:8b:0d:25:8a:6e:81:29:b0:1b:5e:d0:8e:
f3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:ED:14:25:B5:8F:A2:20:43:1D:05:76:36:E1:89:AE:07:71:36:44
X509v3 Authority Key Identifier:
keyid:AC:D3:5E:0D:A4:39:BE:A6:5C:48:32:9C:E9:E8:B1:09:3F:72:30:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rNNeDaQ5vqZcSDKc6eixCT9yMAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/6e0UJbWPoiBDHQV2NuGJrgdxNkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a1b15f-7d3d-4af6-b656-65bb1a89f259/1/rNNeDaQ5vqZcSDKc6eixCT9yMAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.4.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:79:a4:90:0a:bb:5f:1a:a8:00:b0:ed:7c:d4:19:cd:af:32:
0d:2e:0c:7f:7f:64:59:5f:ea:22:82:c5:54:bd:2f:e6:a8:e0:
14:64:8b:75:9a:af:48:24:ee:ff:34:47:16:c7:33:4d:73:89:
b7:cf:50:63:68:6f:bc:4f:03:44:5b:30:84:1a:43:18:f6:6c:
2c:a3:32:84:67:72:63:a8:07:c2:c3:af:84:69:33:cd:b9:ce:
9a:b1:42:ab:f1:25:56:9b:17:7b:36:34:8f:64:64:c6:f1:61:
a1:6c:d8:77:66:21:12:af:10:ea:d6:43:b6:81:59:8a:34:f3:
b2:d7:67:c1:f0:3f:22:65:99:2f:ee:47:89:80:43:a8:61:21:
c6:36:5a:d9:54:6f:9c:28:08:7e:01:75:fe:1a:3b:c5:59:82:
6f:9d:db:ca:5a:e8:2b:69:54:ee:8a:33:64:d2:b6:d3:7c:d9:
24:5f:4b:81:fd:3d:0d:da:e9:8f:73:40:69:8f:db:92:0b:ed:
e0:e0:9e:43:d5:83:eb:53:3d:73:04:3a:ba:b9:a2:40:a8:3f:
5f:fc:d1:37:34:ce:15:f7:dd:b5:e9:58:e2:e2:e5:01:37:81:
ae:cd:65:01:87:45:ec:28:53:1a:ce:4c:34:23:3b:85:e5:4c:
61:9f:67:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5f/YmtGRDN1+bM6/HZ34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZDM1ZTBkYTQzOWJlYTY1YzQ4MzI5Y2U5ZThiMTA5M2Y3
MjMwMGEwHhcNMjMwMTAxMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWVkMTQyNWI1OGZhMjIwNDMxZDA1NzYzNmUxODlhZTA3NzEzNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25tULtwY0cBKE5brHQszG6qXKH/P
YPIlDpnlv0lECnD8EpzCySzmmpbTLxaJq+zzjjd30m98eQmmXeA7Dgu0CINZI+O1
QAfy0+2QlToI87kygXO0v16EIvhbcgpDjFaDNOjvww1YpwRn9ETYCRUp0+0HOik7
gZnEQfcNmqEE6e6KM70622C50OINUDHtG1BmfAz14i90MhEdA3z77gkRvPrT1rQJ
sKSoASvZpeHICpiQv4Wr2CSwgdZjXRHKzTnQ3vvFlPmInK4ec7k0sgL98tsansu9
Oj0XlFS0UH/Z37eYJS2pPxEJzWvPYTN6qK9hnYCLDSWKboEpsBte0I7zTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOntFCW1j6IgQx0Fdjbhia4HcTZEMB8GA1UdIwQY
MBaAFKzTXg2kOb6mXEgynOnosQk/cjAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck5OZURhUTV2cVpjU0RLYzZlaXhDVDl5TUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMWIxNWYtN2QzZC00YWY2LWI2NTYt
NjViYjFhODlmMjU5LzEvNmUwVUpiV1BvaUJESFFWMk51R0pyZ2R4TmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9hMWIxNWYtN2QzZC00YWY2LWI2NTYtNjViYjFhODlmMjU5
LzEvck5OZURhUTV2cVpjU0RLYzZlaXhDVDl5TUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUgEMA0G
CSqGSIb3DQEBCwUAA4IBAQBbeaSQCrtfGqgAsO181BnNrzINLgx/f2RZX+oigsVU
vS/mqOAUZIt1mq9IJO7/NEcWxzNNc4m3z1BjaG+8TwNEWzCEGkMY9mwsozKEZ3Jj
qAfCw6+EaTPNuc6asUKr8SVWmxd7NjSPZGTG8WGhbNh3ZiESrxDq1kO2gVmKNPOy
12fB8D8iZZkv7keJgEOoYSHGNlrZVG+cKAh+AXX+GjvFWYJvndvKWugraVTuijNk
0rbTfNkkX0uB/T0N2umPc0Bpj9uSC+3g4J5D1YPrUz1zBDq6uaJAqD9f/NE3NM4V
99216Vji4uUBN4GuzWUBh0XsKFMazkw0IzuF5Uxhn2d2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:04 2025 by rpki-client