Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/1-_6ZIffi7maLVMIpzD8IXSNUFis.roa
File: 1-_6ZIffi7maLVMIpzD8IXSNUFis.roa (raw, json)
Hash identifier: 3EBKLRVbuS41ZlhOsDzRHW6Q7nDTlpw5DwRVLNgrDIU=
Subject key identifier: FB:FE:99:21:F7:E2:EE:66:8B:54:C2:29:CC:3F:08:5D:23:54:16:2B
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 01847A7ED8551608055E9C954434A5435283
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/1-_6ZIffi7maLVMIpzD8IXSNUFis.roa
Signing time: Tue 15 Nov 2022 08:54:04 +0000
ROA not before: Tue 15 Nov 2022 08:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200739
IP address blocks: 185.97.224.0/22 maxlen: 22
2a06:8c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:7e:d8:55:16:08:05:5e:9c:95:44:34:a5:43:52:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Nov 15 08:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbfe9921f7e2ee668b54c229cc3f085d2354162b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dd:c6:7a:18:d5:44:73:1c:b2:c1:17:d8:c1:
e0:ce:09:9b:96:51:dc:1b:a7:d2:d8:7f:fc:38:6c:
9e:fc:0d:db:34:48:09:59:6b:41:24:c3:44:ed:63:
f0:c5:60:f7:7b:86:b5:b7:40:83:73:c2:58:91:66:
5b:ae:40:48:86:9a:c4:bc:39:95:56:f5:e1:1f:fd:
03:4a:e4:2d:62:44:23:31:2d:64:a2:95:cf:4f:a9:
39:2e:52:c2:9b:0d:83:0c:1a:46:f2:ee:82:ed:6d:
40:79:30:e5:32:d9:0e:15:97:92:4d:0f:4c:6b:16:
1b:ca:a3:41:0e:01:f6:67:bf:1c:1f:50:85:f5:3a:
76:dc:3f:35:92:bd:3c:4b:cb:f3:04:c5:0f:7a:a9:
c3:bf:c1:f3:f4:3f:ed:d1:e5:5b:9b:56:c5:9b:36:
23:e3:04:e4:4c:59:e8:83:f0:38:5f:3d:01:99:f1:
91:89:5e:88:21:73:e6:cf:e9:a1:3d:47:52:d1:c2:
65:67:fb:4c:ca:9d:1f:c7:aa:63:f2:59:8f:d9:05:
28:d2:46:fa:b3:ee:21:d9:d0:45:53:d1:42:4e:14:
31:aa:b1:c4:85:93:00:09:9c:13:e0:f2:0e:04:a6:
22:be:85:6d:9d:4b:80:06:ff:10:7d:32:2b:61:0e:
0f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FE:99:21:F7:E2:EE:66:8B:54:C2:29:CC:3F:08:5D:23:54:16:2B
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/1-_6ZIffi7maLVMIpzD8IXSNUFis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.224.0/22
IPv6:
2a06:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
ae:bc:5f:b8:a5:f0:dc:b7:56:d9:fa:46:c4:80:f8:9b:97:ba:
46:c2:f9:78:08:3f:73:15:29:35:57:1f:24:f6:2d:f2:00:8e:
df:0f:86:b7:be:e7:05:26:f0:06:b6:51:5c:c3:ea:6b:2e:c1:
8e:b2:37:61:3f:0d:fa:27:db:7c:07:f0:33:7a:2e:0f:03:19:
29:52:d8:04:54:7b:e1:d8:89:36:41:cd:fa:48:ff:7f:50:3c:
1a:9c:12:51:f4:6d:eb:75:b2:fe:50:ea:2f:c9:50:cb:91:e1:
ac:95:65:5d:96:98:cd:ee:cf:42:cd:f0:74:27:54:06:51:16:
4e:2b:38:2e:a9:ff:97:c8:c3:ce:a7:00:35:35:b9:78:15:c7:
54:33:63:e5:fa:38:48:7c:99:87:3b:62:71:37:bc:e0:0b:9e:
70:fd:72:5e:d1:17:a1:bc:4d:54:25:cb:d1:ed:b9:e0:b7:9a:
a3:7c:63:cb:6a:30:2f:26:7a:51:ef:61:f6:30:9f:ad:95:25:
54:cd:5d:5b:29:00:eb:a0:0a:2e:9d:fa:0b:8b:0a:47:2c:f6:
49:76:89:7b:82:3f:f6:6c:a6:f6:45:28:93:26:8c:05:60:f7:
d0:3e:82:13:a7:06:e2:3f:b5:c3:43:3e:41:19:31:d3:d1:6d:
1e:90:72:5d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYR6fthVFggFXpyVRDSlQ1KDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjIxMTE1MDg1NDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZlOTkyMWY3ZTJlZTY2OGI1NGMyMjljYzNmMDg1ZDIzNTQxNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot3GehjVRHMcssEX2MHgzgmbllHc
G6fS2H/8OGye/A3bNEgJWWtBJMNE7WPwxWD3e4a1t0CDc8JYkWZbrkBIhprEvDmV
VvXhH/0DSuQtYkQjMS1kopXPT6k5LlLCmw2DDBpG8u6C7W1AeTDlMtkOFZeSTQ9M
axYbyqNBDgH2Z78cH1CF9Tp23D81kr08S8vzBMUPeqnDv8Hz9D/t0eVbm1bFmzYj
4wTkTFnog/A4Xz0BmfGRiV6IIXPmz+mhPUdS0cJlZ/tMyp0fx6pj8lmP2QUo0kb6
s+4h2dBFU9FCThQxqrHEhZMACZwT4PIOBKYivoVtnUuABv8QfTIrYQ4PaQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPv+mSH34u5mi1TCKcw/CF0jVBYrMB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvMS1fNlpJZmZpN21hTFZNSXB6RDhJWFNOVUZpcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTIvMDEwMTYxLWI4NDAtNDQ5Ny1hZmJlLTRiZWY0M2QzZmIx
Ny8xL0RaTUMxVWJnYU1MOWRuZloxU0FLM1RiSXZOVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlh4DAN
BAIAAjAHAwUDKgYIwDANBgkqhkiG9w0BAQsFAAOCAQEArrxfuKXw3LdW2fpGxID4
m5e6RsL5eAg/cxUpNVcfJPYt8gCO3w+Gt77nBSbwBrZRXMPqay7BjrI3YT8N+ifb
fAfwM3ouDwMZKVLYBFR74diJNkHN+kj/f1A8GpwSUfRt63Wy/lDqL8lQy5HhrJVl
XZaYze7PQs3wdCdUBlEWTis4Lqn/l8jDzqcANTW5eBXHVDNj5fo4SHyZhzticTe8
4AuecP1yXtEXobxNVCXL0e254Leao3xjy2owLyZ6Ue9h9jCfrZUlVM1dWykA66AK
Lp36C4sKRyz2SXaJe4I/9mym9kUokyaMBWD30D6CE6cG4j+1w0M+QRkx09FtHpBy
XQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:20 2025 by rpki-client