Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/CIkcRvHMTx4OOXXSp0RoIeHjCaQ.roa
File: CIkcRvHMTx4OOXXSp0RoIeHjCaQ.roa (raw, json)
Hash identifier: SAaYFB9EGyfkFzptRbZhSBhT/g7djUa/lKsqL+uDRbQ=
Subject key identifier: 08:89:1C:46:F1:CC:4F:1E:0E:39:75:D2:A7:44:68:21:E1:E3:09:A4
Certificate issuer: /CN=56a022deb0928f5d1a0a5fb00e96cad4c7d911d8
Certificate serial: 01857095010BEA1E0B772689DA42AA6C4A4F
Authority key identifier: 56:A0:22:DE:B0:92:8F:5D:1A:0A:5F:B0:0E:96:CA:D4:C7:D9:11:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VqAi3rCSj10aCl-wDpbK1MfZEdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/CIkcRvHMTx4OOXXSp0RoIeHjCaQ.roa
Signing time: Mon 02 Jan 2023 03:44:51 +0000
ROA not before: Mon 02 Jan 2023 03:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48374
IP address blocks: 185.141.144.0/22 maxlen: 22
2a07:2500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:01:0b:ea:1e:0b:77:26:89:da:42:aa:6c:4a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56a022deb0928f5d1a0a5fb00e96cad4c7d911d8
Validity
Not Before: Jan 2 03:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08891c46f1cc4f1e0e3975d2a7446821e1e309a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:43:46:ac:b5:30:71:63:7b:3a:a9:91:ac:73:
d6:d1:46:d4:e8:e3:35:f4:fa:58:f5:8e:c1:69:2b:
3f:6d:5e:b8:51:80:dd:4b:ee:1e:20:e7:4b:ee:d0:
93:10:51:c0:09:2e:41:1a:3a:20:d1:98:42:b4:db:
49:22:68:24:0d:d9:1a:01:7b:b3:56:2f:2b:3a:44:
48:9a:13:f5:e3:c2:0c:f5:f8:32:ef:34:de:21:b1:
31:ca:51:40:8c:72:83:0a:71:e6:3a:1d:68:21:d3:
fe:c5:35:6d:aa:ec:41:96:db:50:4a:1f:09:08:04:
f9:2b:7c:f4:1f:a1:6b:a1:f6:60:9a:69:0f:06:17:
f7:e1:6c:60:14:ba:be:09:64:98:32:2f:3c:f3:16:
28:e6:48:f1:aa:21:1a:a4:c8:09:3e:1e:35:97:d1:
73:17:9c:e1:f8:9c:40:7c:4b:15:ed:42:3b:e6:13:
62:00:e1:0d:af:77:bd:89:5a:5c:41:3e:35:61:42:
9f:4c:a9:eb:3b:ca:3d:5f:db:98:e3:e3:bb:02:5f:
e7:12:eb:b4:f7:ed:82:33:6a:aa:ff:d0:27:d8:53:
4a:9a:28:66:9e:c9:a1:61:11:e1:fe:e8:fc:8a:90:
ca:c3:37:da:6e:cc:8e:69:8f:d8:fc:e8:ed:4c:4e:
7a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:89:1C:46:F1:CC:4F:1E:0E:39:75:D2:A7:44:68:21:E1:E3:09:A4
X509v3 Authority Key Identifier:
keyid:56:A0:22:DE:B0:92:8F:5D:1A:0A:5F:B0:0E:96:CA:D4:C7:D9:11:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VqAi3rCSj10aCl-wDpbK1MfZEdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/CIkcRvHMTx4OOXXSp0RoIeHjCaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bb207-f471-4b67-8cb7-e15a6c3e4ea6/1/VqAi3rCSj10aCl-wDpbK1MfZEdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.144.0/22
IPv6:
2a07:2500::/29
Signature Algorithm: sha256WithRSAEncryption
78:56:21:b8:aa:9d:25:d3:17:28:cf:b2:0d:99:98:59:32:52:
67:e9:3f:05:09:9c:c1:da:c3:81:0b:b4:a1:a5:ed:e4:5f:50:
2f:97:8b:71:d6:a1:37:86:a8:1c:ad:df:e5:2e:f3:05:2c:1c:
b9:d3:ee:66:57:46:a4:62:84:a9:b3:2c:ee:05:23:a0:62:52:
05:d0:78:35:10:a3:6e:75:83:2e:a5:08:ec:35:46:93:96:c5:
98:dc:28:52:f0:b1:c9:d3:ae:9c:76:87:aa:a1:9a:21:33:63:
9d:98:86:ed:51:77:36:30:dc:c4:fa:d9:f6:4f:c1:87:af:d6:
d3:14:36:c6:8d:56:4a:79:a6:64:80:73:7b:40:c3:e6:6f:0f:
8d:2c:33:3f:ee:8d:72:26:01:d8:4e:76:e4:0a:01:3f:d7:12:
3b:31:86:b9:38:1f:db:cf:86:98:4d:00:69:35:38:3b:76:94:
c1:6f:e4:12:55:46:a6:25:3c:2b:78:a0:a9:3b:5b:3f:d6:8a:
48:2b:02:bb:09:5a:7b:fa:cb:e5:c9:9c:0c:72:65:79:be:32:
62:5f:4c:75:e0:a7:de:f3:0e:30:78:56:ee:52:3f:b2:c3:e5:
f3:12:69:8a:a1:56:3e:a4:d4:a0:b1:59:7c:42:c4:81:27:fb:
dd:01:a7:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwlQEL6h4LdyaJ2kKqbEpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YTAyMmRlYjA5MjhmNWQxYTBhNWZiMDBlOTZjYWQ0Yzdk
OTExZDgwHhcNMjMwMTAyMDM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg5MWM0NmYxY2M0ZjFlMGUzOTc1ZDJhNzQ0NjgyMWUxZTMwOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkNGrLUwcWN7OqmRrHPW0UbU6OM1
9PpY9Y7BaSs/bV64UYDdS+4eIOdL7tCTEFHACS5BGjog0ZhCtNtJImgkDdkaAXuz
Vi8rOkRImhP148IM9fgy7zTeIbExylFAjHKDCnHmOh1oIdP+xTVtquxBlttQSh8J
CAT5K3z0H6FrofZgmmkPBhf34WxgFLq+CWSYMi888xYo5kjxqiEapMgJPh41l9Fz
F5zh+JxAfEsV7UI75hNiAOENr3e9iVpcQT41YUKfTKnrO8o9X9uY4+O7Al/nEuu0
9+2CM2qq/9An2FNKmihmnsmhYRHh/uj8ipDKwzfabsyOaY/Y/OjtTE56EQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAiJHEbxzE8eDjl10qdEaCHh4wmkMB8GA1UdIwQY
MBaAFFagIt6wko9dGgpfsA6WytTH2RHYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFBaTNyQ1NqMTBhQ2wtd0RwYksxTWZaRWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83YmIyMDctZjQ3MS00YjY3LThjYjct
ZTE1YTZjM2U0ZWE2LzEvQ0lrY1J2SE1UeDRPT1hYU3AwUm9JZUhqQ2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83YmIyMDctZjQ3MS00YjY3LThjYjctZTE1YTZjM2U0ZWE2
LzEvVnFBaTNyQ1NqMTBhQ2wtd0RwYksxTWZaRWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2QMA0E
AgACMAcDBQMqByUAMA0GCSqGSIb3DQEBCwUAA4IBAQB4ViG4qp0l0xcoz7INmZhZ
MlJn6T8FCZzB2sOBC7Shpe3kX1Avl4tx1qE3hqgcrd/lLvMFLBy50+5mV0akYoSp
syzuBSOgYlIF0Hg1EKNudYMupQjsNUaTlsWY3ChS8LHJ066cdoeqoZohM2OdmIbt
UXc2MNzE+tn2T8GHr9bTFDbGjVZKeaZkgHN7QMPmbw+NLDM/7o1yJgHYTnbkCgE/
1xI7MYa5OB/bz4aYTQBpNTg7dpTBb+QSVUamJTwreKCpO1s/1opIKwK7CVp7+svl
yZwMcmV5vjJiX0x14Kfe8w4weFbuUj+yw+XzEmmKoVY+pNSgsVl8QsSBJ/vdAadB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:42 2025 by rpki-client