Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/9o1gsAnEnaPE5NZaJrq0MzHKaxI.roa
File: 9o1gsAnEnaPE5NZaJrq0MzHKaxI.roa (raw, json)
Hash identifier: tuZDH5N4rk1mSh14+mgO2AiAR0mpZWAr0cx2bGqgzcE=
Subject key identifier: F6:8D:60:B0:09:C4:9D:A3:C4:E4:D6:5A:26:BA:B4:33:31:CA:6B:12
Certificate issuer: /CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Certificate serial: 018570B0994B9F776F58F85C6F749041CC54
Authority key identifier: C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/9o1gsAnEnaPE5NZaJrq0MzHKaxI.roa
Signing time: Mon 02 Jan 2023 04:14:59 +0000
ROA not before: Mon 02 Jan 2023 04:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48972
IP address blocks: 185.107.120.0/22 maxlen: 22
2a00:cb40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:99:4b:9f:77:6f:58:f8:5c:6f:74:90:41:cc:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76e03ff7d0bfde32839c28fec81c6275c04d33f
Validity
Not Before: Jan 2 04:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f68d60b009c49da3c4e4d65a26bab43331ca6b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:10:58:e6:a6:6e:24:90:c9:fe:96:a6:c8:7f:
76:42:60:2a:29:e4:e3:e1:01:1b:3e:ec:3c:b2:9f:
51:7f:b9:ea:e0:62:c2:2c:e8:95:25:98:e3:7a:b5:
69:13:26:4e:78:1f:1a:12:99:37:ed:32:78:82:a9:
a2:58:ba:d9:a7:32:a7:b8:94:b6:61:ce:d2:49:87:
28:8b:a4:4b:2f:f1:2b:d5:86:e9:41:86:bb:88:a1:
91:6a:30:67:9b:10:b3:55:d9:91:2d:30:c7:78:6d:
20:3f:86:2d:56:60:03:ff:1a:d9:d6:db:70:df:2b:
95:ef:b3:df:56:d1:07:3d:0c:43:a7:1a:3e:b1:36:
3c:ef:dd:36:96:04:a6:d4:11:54:a8:66:0f:e7:5b:
de:d1:aa:5d:9a:8e:b7:03:5a:92:c5:11:77:64:a8:
03:ab:0b:85:54:48:f8:8c:94:c1:b6:9c:d7:d9:dc:
ec:84:cb:45:09:ba:cb:89:08:ef:a8:8b:9e:d9:19:
9f:9f:e5:5f:96:32:ba:ad:d4:ee:3a:11:23:94:02:
65:07:5d:aa:98:9d:b1:e6:f1:42:d5:bd:67:3a:7b:
5d:a9:43:4a:4e:05:33:0b:ec:49:5a:90:a5:4f:48:
8a:93:6a:fa:98:e0:fd:29:a5:d5:12:4b:db:88:e1:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8D:60:B0:09:C4:9D:A3:C4:E4:D6:5A:26:BA:B4:33:31:CA:6B:12
X509v3 Authority Key Identifier:
keyid:C7:6E:03:FF:7D:0B:FD:E3:28:39:C2:8F:EC:81:C6:27:5C:04:D3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x24D_30L_eMoOcKP7IHGJ1wE0z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/9o1gsAnEnaPE5NZaJrq0MzHKaxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/3347f7-5259-4238-adb6-835de0f5892e/1/x24D_30L_eMoOcKP7IHGJ1wE0z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.120.0/22
IPv6:
2a00:cb40::/32
Signature Algorithm: sha256WithRSAEncryption
a3:f0:cc:53:93:03:eb:1f:ff:4b:59:88:19:35:77:eb:07:bf:
6b:4b:ce:06:3a:36:df:21:30:b2:6e:43:94:b3:b0:5e:29:f3:
7c:b6:47:e6:9f:9f:14:60:d6:a3:e0:d0:89:72:90:52:8b:32:
54:23:bb:b2:12:bf:f6:7e:f0:2a:61:fb:3f:3c:50:60:d0:42:
95:b8:d4:2a:7c:4a:85:63:ab:23:18:ee:b5:47:8f:76:dc:e7:
ac:b2:13:2d:23:4b:0c:da:34:60:f3:51:26:60:42:04:d0:90:
b4:e9:59:0a:c9:aa:29:56:f7:77:5f:6a:4a:5a:b5:c1:83:39:
20:94:e5:7d:a3:09:b5:96:ea:c3:0f:5b:c5:bf:ec:3c:00:60:
17:15:6c:08:86:69:d5:92:c1:c0:36:1b:39:da:3b:ca:79:0e:
fa:41:41:d6:35:c7:a8:96:63:0f:dc:7f:85:08:1b:79:35:72:
ca:16:eb:bf:cd:d7:dd:61:8e:69:03:70:e8:cb:b8:1f:98:8a:
3b:22:b9:61:78:d7:e5:af:27:0e:37:f7:b9:f1:ab:98:e8:f3:
78:98:e0:2a:8f:8e:2d:59:24:16:e6:09:ff:3f:82:73:61:59:
c4:15:0d:b4:02:d2:b9:ba:90:fe:18:b8:15:1f:9b:21:f5:56:
b9:b7:89:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsJlLn3dvWPhcb3SQQcxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmUwM2ZmN2QwYmZkZTMyODM5YzI4ZmVjODFjNjI3NWMw
NGQzM2YwHhcNMjMwMTAyMDQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhkNjBiMDA5YzQ5ZGEzYzRlNGQ2NWEyNmJhYjQzMzMxY2E2YjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxBY5qZuJJDJ/pamyH92QmAqKeTj
4QEbPuw8sp9Rf7nq4GLCLOiVJZjjerVpEyZOeB8aEpk37TJ4gqmiWLrZpzKnuJS2
Yc7SSYcoi6RLL/Er1YbpQYa7iKGRajBnmxCzVdmRLTDHeG0gP4YtVmAD/xrZ1ttw
3yuV77PfVtEHPQxDpxo+sTY87902lgSm1BFUqGYP51ve0apdmo63A1qSxRF3ZKgD
qwuFVEj4jJTBtpzX2dzshMtFCbrLiQjvqIue2Rmfn+VfljK6rdTuOhEjlAJlB12q
mJ2x5vFC1b1nOntdqUNKTgUzC+xJWpClT0iKk2r6mOD9KaXVEkvbiOE90QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPaNYLAJxJ2jxOTWWia6tDMxymsSMB8GA1UdIwQY
MBaAFMduA/99C/3jKDnCj+yBxidcBNM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYt
ODM1ZGUwZjU4OTJlLzEvOW8xZ3NBbkVuYVBFNU5aYUpycTBNekhLYXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8zMzQ3ZjctNTI1OS00MjM4LWFkYjYtODM1ZGUwZjU4OTJl
LzEveDI0RF8zMExfZU1vT2NLUDdJSEdKMXdFMHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWt4MA0E
AgACMAcDBQAqAMtAMA0GCSqGSIb3DQEBCwUAA4IBAQCj8MxTkwPrH/9LWYgZNXfr
B79rS84GOjbfITCybkOUs7BeKfN8tkfmn58UYNaj4NCJcpBSizJUI7uyEr/2fvAq
Yfs/PFBg0EKVuNQqfEqFY6sjGO61R4923OesshMtI0sM2jRg81EmYEIE0JC06VkK
yaopVvd3X2pKWrXBgzkglOV9owm1lurDD1vFv+w8AGAXFWwIhmnVksHANhs52jvK
eQ76QUHWNceolmMP3H+FCBt5NXLKFuu/zdfdYY5pA3Doy7gfmIo7IrlheNflrycO
N/e58auY6PN4mOAqj44tWSQW5gn/P4JzYVnEFQ20AtK5upD+GLgVH5sh9Va5t4k+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:08 2025 by rpki-client