Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/fXVjR7COCDiDCyx2QNddT9l538Q.roa
File: fXVjR7COCDiDCyx2QNddT9l538Q.roa (raw, json)
Hash identifier: 6Q9MVB2qc7aTdYUAidkmFbxtgKFte+4R2DkYbYt2VTk=
Subject key identifier: 7D:75:63:47:B0:8E:08:38:83:0B:2C:76:40:D7:5D:4F:D9:79:DF:C4
Certificate issuer: /CN=630213aba1ea928b9ed32491de9ba10464b0636c
Certificate serial: 077CAD43
Authority key identifier: 63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/fXVjR7COCDiDCyx2QNddT9l538Q.roa
Signing time: Sat 01 Jan 2022 07:59:42 +0000
ROA not before: Sat 01 Jan 2022 07:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203136
IP address blocks: 185.143.176.0/24 maxlen: 24
185.143.176.0/22 maxlen: 22
185.143.179.0/24 maxlen: 24
185.143.178.0/24 maxlen: 24
185.143.177.0/24 maxlen: 24
2a0e:2700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125611331 (0x77cad43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=630213aba1ea928b9ed32491de9ba10464b0636c
Validity
Not Before: Jan 1 07:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d756347b08e0838830b2c7640d75d4fd979dfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:13:6e:f5:b9:54:67:e5:a1:eb:34:23:b2:e3:
2a:82:53:90:d7:09:80:a5:85:4c:10:66:c1:e6:cd:
04:a0:c7:db:c4:0b:f0:3f:ca:dc:bd:fc:48:53:8e:
e3:db:7a:3e:4f:53:2a:65:8a:95:d9:86:4a:55:d1:
67:1d:ce:8e:de:9f:35:55:35:8c:ad:fe:b8:bd:88:
7b:06:4b:ee:b2:2a:65:20:88:9b:f1:f6:f8:86:ea:
81:0d:fe:ac:bb:d0:6a:f6:1c:01:cb:ec:37:0c:08:
51:f4:93:92:83:61:4f:17:9f:7b:55:d7:02:f7:f0:
bb:e7:e0:72:70:8b:28:6c:1d:b0:7a:49:51:9f:48:
ae:08:a7:8a:e0:fe:ae:91:9d:ec:22:9b:a9:ee:ee:
c1:63:15:06:66:39:3e:fe:b2:f4:06:4d:96:43:9e:
b7:40:90:0d:ee:52:e5:a7:35:be:06:6d:95:cd:2e:
68:0d:19:08:26:e8:23:00:f6:48:52:e0:13:20:96:
ea:ba:3b:04:5d:60:65:af:0b:45:1a:7e:fc:a3:56:
41:8a:45:52:fc:db:d8:34:2b:8b:b2:5e:d7:f0:00:
e0:18:4d:fe:a4:01:f5:83:4f:44:b9:64:5e:a1:2d:
8e:6d:85:48:98:f0:e9:4e:4b:eb:5c:6b:02:46:46:
ce:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:75:63:47:B0:8E:08:38:83:0B:2C:76:40:D7:5D:4F:D9:79:DF:C4
X509v3 Authority Key Identifier:
keyid:63:02:13:AB:A1:EA:92:8B:9E:D3:24:91:DE:9B:A1:04:64:B0:63:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YwITq6Hqkoue0ySR3puhBGSwY2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/fXVjR7COCDiDCyx2QNddT9l538Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/accc76-e123-45b1-96b4-8f4c59ec20be/1/YwITq6Hqkoue0ySR3puhBGSwY2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.176.0/22
IPv6:
2a0e:2700::/29
Signature Algorithm: sha256WithRSAEncryption
8d:9b:af:6a:09:65:45:8c:73:2d:2c:ef:7a:60:72:00:86:ac:
75:92:12:14:74:85:bd:ee:30:84:d9:b6:12:f4:78:78:b7:e6:
42:e7:85:42:4a:97:44:1d:04:0e:af:61:66:12:95:e0:6e:da:
53:68:cb:2f:30:43:d4:9a:f4:86:3d:c4:bd:56:6c:d2:bd:6a:
36:7a:63:04:5b:14:f9:36:96:fa:fa:c9:8d:d0:85:04:eb:05:
6a:c3:3e:40:09:7c:d8:53:e5:43:22:c6:a2:45:ce:52:9f:f3:
58:49:aa:bd:a0:1d:b6:2e:7b:77:77:8d:02:c6:ae:7e:37:b0:
6a:fd:f7:0d:9b:b4:e0:1e:c7:cb:68:44:2d:ce:e5:41:76:96:
f8:be:91:6a:45:f9:33:77:3d:98:80:14:66:e0:b2:1f:2c:3c:
8f:02:07:54:8a:09:d0:fb:d7:0a:9f:5b:f2:60:c2:71:ed:2d:
2e:df:66:be:0a:46:45:e3:11:19:49:59:8e:18:5e:8f:6e:46:
0f:d6:85:33:6d:b0:89:ee:29:9a:32:9e:d9:7e:0a:3e:28:17:
f2:3a:ae:7c:79:e9:93:9a:44:3a:2d:f7:a7:a7:05:c6:ab:d7:
fc:a8:71:38:0f:cb:b5:8f:bc:41:2a:59:29:94:5f:c6:65:2b:
b1:29:12:95
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB3ytQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzAyMTNhYmExZWE5MjhiOWVkMzI0OTFkZTliYTEwNDY0YjA2MzZjMB4XDTIyMDEw
MTA3NTk0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q3NTYzNDdiMDhl
MDgzODgzMGIyYzc2NDBkNzVkNGZkOTc5ZGZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIUTbvW5VGfloes0I7LjKoJTkNcJgKWFTBBmwebNBKDH28QL
8D/K3L38SFOO49t6Pk9TKmWKldmGSlXRZx3Ojt6fNVU1jK3+uL2IewZL7rIqZSCI
m/H2+IbqgQ3+rLvQavYcAcvsNwwIUfSTkoNhTxefe1XXAvfwu+fgcnCLKGwdsHpJ
UZ9IrginiuD+rpGd7CKbqe7uwWMVBmY5Pv6y9AZNlkOet0CQDe5S5ac1vgZtlc0u
aA0ZCCboIwD2SFLgEyCW6ro7BF1gZa8LRRp+/KNWQYpFUvzb2DQri7Je1/AA4BhN
/qQB9YNPRLlkXqEtjm2FSJjw6U5L61xrAkZGzo8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR9dWNHsI4IOIMLLHZA111P2XnfxDAfBgNVHSMEGDAWgBRjAhOroeqSi57T
JJHem6EEZLBjbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l3SVRxNkhxa291ZTB5U1IzcHVoQkdTd1kydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvYWNjYzc2LWUxMjMtNDViMS05NmI0LThmNGM1OWVjMjBiZS8x
L2ZYVmpSN0NPQ0RpREN5eDJRTmRkVDlsNTM4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
YWNjYzc2LWUxMjMtNDViMS05NmI0LThmNGM1OWVjMjBiZS8xL1l3SVRxNkhxa291
ZTB5U1IzcHVoQkdTd1kydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmPsDANBAIAAjAHAwUDKg4nADAN
BgkqhkiG9w0BAQsFAAOCAQEAjZuvagllRYxzLSzvemByAIasdZISFHSFve4whNm2
EvR4eLfmQueFQkqXRB0EDq9hZhKV4G7aU2jLLzBD1Jr0hj3EvVZs0r1qNnpjBFsU
+TaW+vrJjdCFBOsFasM+QAl82FPlQyLGokXOUp/zWEmqvaAdti57d3eNAsaufjew
av33DZu04B7Hy2hELc7lQXaW+L6RakX5M3c9mIAUZuCyHyw8jwIHVIoJ0PvXCp9b
8mDCce0tLt9mvgpGReMRGUlZjhhej25GD9aFM22wie4pmjKe2X4KPigX8jqufHnp
k5pEOi33p6cFxqvX/KhxOA/LtY+8QSpZKZRfxmUrsSkSlQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:15 2025 by rpki-client