Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/6DLPXtLjzwrFSGZTUMBDOuej5E8.roa
File: 6DLPXtLjzwrFSGZTUMBDOuej5E8.roa (raw, json)
Hash identifier: 5KGK+cOWLTscbGjuNwz9/p3Jeu4lZSvq5FTREPxK+l0=
Subject key identifier: E8:32:CF:5E:D2:E3:CF:0A:C5:48:66:53:50:C0:43:3A:E7:A3:E4:4F
Certificate issuer: /CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Certificate serial: 01888C339A514727A44B52B57CD2D0DFC7B4
Authority key identifier: D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/6DLPXtLjzwrFSGZTUMBDOuej5E8.roa
Signing time: Mon 05 Jun 2023 15:36:12 +0000
ROA not before: Mon 05 Jun 2023 15:36:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205260
IP address blocks: 185.223.196.0/22 maxlen: 22
185.223.199.0/24 maxlen: 24
2a0c:4c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:33:9a:51:47:27:a4:4b:52:b5:7c:d2:d0:df:c7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3540b518d75fbefd616bfd94cf05fd25ba488b6
Validity
Not Before: Jun 5 15:36:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e832cf5ed2e3cf0ac548665350c0433ae7a3e44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a6:00:a5:85:67:37:61:13:68:95:e6:e5:97:
8b:7f:4a:c1:b4:ae:0a:da:c3:bd:f6:92:ca:89:e2:
c3:a2:59:8e:4d:55:16:6c:91:c5:2f:7d:24:8c:4b:
f3:b3:66:e3:1c:29:13:62:be:21:9b:7e:54:54:ad:
94:db:7a:aa:df:03:13:7e:c6:d3:7c:fa:50:50:a9:
ab:36:f6:19:af:08:0f:35:38:5c:09:49:3e:46:90:
42:8a:41:de:e4:b7:11:38:d3:8a:aa:92:e6:03:95:
54:93:d9:42:a6:10:b4:17:15:31:60:59:8a:8c:06:
f5:79:17:d1:5c:24:23:5d:f6:a6:a5:c6:82:e9:81:
2b:11:95:63:e1:a0:c5:d8:cd:71:13:8e:0b:67:69:
89:6d:b9:7f:39:8e:dc:e5:1f:74:03:fd:b2:cc:cf:
17:d5:6c:e9:6e:dd:d5:0d:ad:68:1f:d9:9e:c7:c5:
9d:6b:2b:16:d2:65:d9:02:81:0f:fb:3d:be:c0:1a:
da:0c:16:bb:d4:90:e1:70:d9:53:b1:85:65:35:a6:
d7:2d:92:d8:bf:42:e7:cd:7b:ee:57:d9:2a:29:bb:
10:31:58:a5:46:4b:dc:6e:1c:be:3e:17:04:62:58:
53:fa:82:30:a3:ff:a5:80:9b:02:b3:69:a6:45:60:
92:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:32:CF:5E:D2:E3:CF:0A:C5:48:66:53:50:C0:43:3A:E7:A3:E4:4F
X509v3 Authority Key Identifier:
keyid:D3:54:0B:51:8D:75:FB:EF:D6:16:BF:D9:4C:F0:5F:D2:5B:A4:88:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/01QLUY11--_WFr_ZTPBf0lukiLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/6DLPXtLjzwrFSGZTUMBDOuej5E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/acee8e-7761-419f-b483-b30162e3ccc0/1/01QLUY11--_WFr_ZTPBf0lukiLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.196.0/22
IPv6:
2a0c:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
0d:b9:a3:b5:5d:1e:e8:1d:a4:2d:fb:3a:32:b8:f2:87:a8:c2:
16:1c:84:0f:52:6c:1a:ca:a4:30:8a:bc:ad:b9:e1:81:09:c9:
53:8c:3e:60:5e:5e:38:b6:91:22:aa:2f:2e:ac:3c:4e:39:ba:
5d:0e:3f:60:80:d7:26:91:fe:7e:19:81:92:37:4b:11:84:6a:
f9:35:19:82:95:5d:d9:74:ca:a3:70:d6:08:d6:11:32:a2:99:
0b:ea:2d:b3:b4:67:a8:2c:47:05:a8:a8:07:e0:ff:a5:04:58:
eb:5c:31:71:01:8c:bf:fc:0a:33:5d:1e:a6:42:db:87:3d:12:
6b:8a:f8:5c:e8:ff:99:69:37:8b:89:0d:91:e8:a4:b0:d6:01:
b4:b9:8c:c8:7b:4f:24:39:97:75:37:3e:f6:42:52:44:b9:30:
23:b9:2e:8e:98:dc:3c:69:10:9f:cf:a8:e0:f2:8b:a3:14:93:
e5:4a:8f:95:3a:97:05:7f:bb:f3:8a:82:14:17:da:70:d8:3b:
0a:43:e1:97:e4:0e:56:22:ac:d9:97:2e:ab:de:82:ca:1d:3e:
7b:02:3f:3e:9a:57:d7:b9:9f:ef:06:27:6d:0e:35:ff:9c:3b:
93:ca:5d:68:d2:22:d8:34:e6:98:78:77:37:51:f4:74:70:4b:
84:32:36:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYiMM5pRRyekS1K1fNLQ38e0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNTQwYjUxOGQ3NWZiZWZkNjE2YmZkOTRjZjA1ZmQyNWJh
NDg4YjYwHhcNMjMwNjA1MTUzNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODMyY2Y1ZWQyZTNjZjBhYzU0ODY2NTM1MGMwNDMzYWU3YTNlNDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKYApYVnN2ETaJXm5ZeLf0rBtK4K
2sO99pLKieLDolmOTVUWbJHFL30kjEvzs2bjHCkTYr4hm35UVK2U23qq3wMTfsbT
fPpQUKmrNvYZrwgPNThcCUk+RpBCikHe5LcRONOKqpLmA5VUk9lCphC0FxUxYFmK
jAb1eRfRXCQjXfampcaC6YErEZVj4aDF2M1xE44LZ2mJbbl/OY7c5R90A/2yzM8X
1Wzpbt3VDa1oH9mex8WdaysW0mXZAoEP+z2+wBraDBa71JDhcNlTsYVlNabXLZLY
v0LnzXvuV9kqKbsQMVilRkvcbhy+PhcEYlhT+oIwo/+lgJsCs2mmRWCSGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOgyz17S488KxUhmU1DAQzrno+RPMB8GA1UdIwQY
MBaAFNNUC1GNdfvv1ha/2UzwX9JbpIi2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMt
YjMwMTYyZTNjY2MwLzEvNkRMUFh0TGp6d3JGU0daVFVNQkRPdWVqNUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hY2VlOGUtNzc2MS00MTlmLWI0ODMtYjMwMTYyZTNjY2Mw
LzEvMDFRTFVZMTEtLV9XRnJfWlRQQmYwbHVraUxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud/EMA0E
AgACMAcDBQMqDEwAMA0GCSqGSIb3DQEBCwUAA4IBAQANuaO1XR7oHaQt+zoyuPKH
qMIWHIQPUmwayqQwirytueGBCclTjD5gXl44tpEiqi8urDxOObpdDj9ggNcmkf5+
GYGSN0sRhGr5NRmClV3ZdMqjcNYI1hEyopkL6i2ztGeoLEcFqKgH4P+lBFjrXDFx
AYy//AozXR6mQtuHPRJrivhc6P+ZaTeLiQ2R6KSw1gG0uYzIe08kOZd1Nz72QlJE
uTAjuS6OmNw8aRCfz6jg8oujFJPlSo+VOpcFf7vzioIUF9pw2DsKQ+GX5A5WIqzZ
ly6r3oLKHT57Aj8+mlfXuZ/vBidtDjX/nDuTyl1o0iLYNOaYeHc3UfR0cEuEMjY5
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:26:13 2025 by rpki-client