Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/6ELqtnq7XE0pChX5Wnmxx3RGCYs.roa
File: 6ELqtnq7XE0pChX5Wnmxx3RGCYs.roa (raw, json)
Hash identifier: +iVgJGH+wiPG0mXs3LD6uB8rf7SccQrJKXVNQPpjEr8=
Subject key identifier: E8:42:EA:B6:7A:BB:5C:4D:29:0A:15:F9:5A:79:B1:C7:74:46:09:8B
Certificate issuer: /CN=922e330b5879590abae81bf40a91a5101bc18fa0
Certificate serial: 01856ED49F848CB2EDA4ADDCE0106DD01217
Authority key identifier: 92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/6ELqtnq7XE0pChX5Wnmxx3RGCYs.roa
Signing time: Sun 01 Jan 2023 19:35:06 +0000
ROA not before: Sun 01 Jan 2023 19:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8699
IP address blocks: 185.120.28.0/24 maxlen: 24
185.120.28.0/22 maxlen: 24
185.120.29.0/24 maxlen: 24
185.120.30.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:9f:84:8c:b2:ed:a4:ad:dc:e0:10:6d:d0:12:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922e330b5879590abae81bf40a91a5101bc18fa0
Validity
Not Before: Jan 1 19:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e842eab67abb5c4d290a15f95a79b1c77446098b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:0c:5b:64:17:28:3c:94:9b:44:a0:bf:7c:33:
11:a4:e3:18:95:d4:5b:22:a0:59:32:ec:03:df:94:
b7:34:f9:72:b1:6b:02:bd:5f:46:e6:97:5c:27:ac:
9d:4e:56:0a:5b:08:5b:c6:43:d1:35:b6:66:d1:fd:
ac:a1:c5:76:ae:9c:52:39:bb:26:12:5c:09:1f:65:
6d:04:de:37:ae:dc:40:79:35:a6:c4:c7:a3:63:b9:
10:72:b9:51:d7:0b:c2:a2:a6:3e:76:1e:c9:4e:da:
ce:98:3b:95:d2:0f:e9:9c:21:9a:19:e8:5a:fa:52:
cc:b7:49:3f:3c:19:12:81:a8:b3:e7:e5:83:01:8f:
ab:11:74:7f:2e:38:46:e6:7a:86:f7:16:2e:2e:18:
c5:87:f9:81:47:c4:6c:41:e4:49:a1:a8:ed:83:58:
73:26:69:cb:50:83:e2:2c:c3:b1:58:87:39:08:f5:
be:06:b6:1e:d4:86:60:e4:cf:78:26:f4:f6:b9:21:
aa:87:c7:d3:74:0f:36:51:d9:6f:07:9b:37:ce:b0:
84:42:fb:b7:81:4e:7c:7f:87:b7:48:cb:03:2d:8e:
dc:f8:fa:9c:ba:36:e6:0e:02:99:73:da:5e:09:53:
51:fa:e5:b7:e8:e9:f2:ff:ea:2e:2c:7a:96:ec:ba:
32:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:42:EA:B6:7A:BB:5C:4D:29:0A:15:F9:5A:79:B1:C7:74:46:09:8B
X509v3 Authority Key Identifier:
keyid:92:2E:33:0B:58:79:59:0A:BA:E8:1B:F4:0A:91:A5:10:1B:C1:8F:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ki4zC1h5WQq66Bv0CpGlEBvBj6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/6ELqtnq7XE0pChX5Wnmxx3RGCYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f180ff-336c-4b45-9378-568672c25ca8/1/ki4zC1h5WQq66Bv0CpGlEBvBj6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.28.0/22
Signature Algorithm: sha256WithRSAEncryption
68:da:fc:59:64:4d:36:66:0c:91:c2:42:af:5c:24:f2:84:88:
4c:8b:bf:f1:2e:2b:3e:38:c7:e2:72:a1:97:35:43:39:03:25:
c8:16:57:37:d8:c5:4b:b1:bb:63:7f:ae:80:a9:5d:c6:22:18:
3e:85:f0:17:be:04:63:78:54:a8:aa:e3:3e:ee:b7:82:9c:d3:
99:b7:92:e2:78:4e:01:45:cd:f6:b5:4a:45:ff:62:f2:61:0a:
b2:d4:f4:20:8b:b8:4b:6b:e8:96:52:d2:b9:92:06:d0:cf:d9:
17:f9:9f:2b:c9:b7:e1:cd:99:99:3a:8a:ec:7d:35:d4:6e:b5:
47:a6:95:09:1f:66:c0:75:d7:80:cc:2c:ea:de:52:1d:f7:01:
97:68:a9:0d:6f:b9:ad:22:a7:3a:51:6b:01:57:65:41:a9:f9:
12:4a:30:7a:8f:67:d4:01:cd:87:26:68:7f:2d:4b:db:ff:ee:
71:50:2f:f9:23:11:a7:7e:14:be:d8:4c:57:0b:ca:b4:5e:94:
ec:2f:2a:bd:a6:6e:75:48:f8:0b:d0:d4:75:a1:91:15:b3:13:
fd:8b:d7:b8:d2:fc:ce:eb:2d:91:20:d5:e4:24:09:f4:88:35:
c8:1c:0a:c8:d1:60:f8:68:8a:5e:ec:96:12:c9:16:91:96:fd:
2d:4b:eb:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1J+EjLLtpK3c4BBt0BIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMmUzMzBiNTg3OTU5MGFiYWU4MWJmNDBhOTFhNTEwMWJj
MThmYTAwHhcNMjMwMTAxMTkzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQyZWFiNjdhYmI1YzRkMjkwYTE1Zjk1YTc5YjFjNzc0NDYwOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwxbZBcoPJSbRKC/fDMRpOMYldRb
IqBZMuwD35S3NPlysWsCvV9G5pdcJ6ydTlYKWwhbxkPRNbZm0f2socV2rpxSObsm
ElwJH2VtBN43rtxAeTWmxMejY7kQcrlR1wvCoqY+dh7JTtrOmDuV0g/pnCGaGeha
+lLMt0k/PBkSgaiz5+WDAY+rEXR/LjhG5nqG9xYuLhjFh/mBR8RsQeRJoajtg1hz
JmnLUIPiLMOxWIc5CPW+BrYe1IZg5M94JvT2uSGqh8fTdA82UdlvB5s3zrCEQvu3
gU58f4e3SMsDLY7c+PqcujbmDgKZc9peCVNR+uW36Ony/+ouLHqW7LoyQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOhC6rZ6u1xNKQoV+Vp5scd0RgmLMB8GA1UdIwQY
MBaAFJIuMwtYeVkKuugb9AqRpRAbwY+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgt
NTY4NjcyYzI1Y2E4LzEvNkVMcXRucTdYRTBwQ2hYNVdubXh4M1JHQ1lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mMTgwZmYtMzM2Yy00YjQ1LTkzNzgtNTY4NjcyYzI1Y2E4
LzEva2k0ekMxaDVXUXE2NkJ2MENwR2xFQnZCajZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXgcMA0G
CSqGSIb3DQEBCwUAA4IBAQBo2vxZZE02ZgyRwkKvXCTyhIhMi7/xLis+OMficqGX
NUM5AyXIFlc32MVLsbtjf66AqV3GIhg+hfAXvgRjeFSoquM+7reCnNOZt5LieE4B
Rc32tUpF/2LyYQqy1PQgi7hLa+iWUtK5kgbQz9kX+Z8rybfhzZmZOorsfTXUbrVH
ppUJH2bAddeAzCzq3lId9wGXaKkNb7mtIqc6UWsBV2VBqfkSSjB6j2fUAc2HJmh/
LUvb/+5xUC/5IxGnfhS+2ExXC8q0XpTsLyq9pm51SPgL0NR1oZEVsxP9i9e40vzO
6y2RINXkJAn0iDXIHArI0WD4aIpe7JYSyRaRlv0tS+ts
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:04 2025 by rpki-client