Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/9b_3kgxSgEEOgv4w4C_yAq6cn6c.roa
File: 9b_3kgxSgEEOgv4w4C_yAq6cn6c.roa (raw, json)
Hash identifier: JDemYMt++Ih7PbaqbATzme0+md/cHPQEH0wd+Dqj3p0=
Subject key identifier: F5:BF:F7:92:0C:52:80:41:0E:82:FE:30:E0:2F:F2:02:AE:9C:9F:A7
Certificate issuer: /CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Certificate serial: 01856CB837811244648AEC50F3C62B851453
Authority key identifier: D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/9b_3kgxSgEEOgv4w4C_yAq6cn6c.roa
Signing time: Sun 01 Jan 2023 09:44:50 +0000
ROA not before: Sun 01 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205169
IP address blocks: 185.227.238.0/24 maxlen: 24
185.227.239.0/24 maxlen: 24
185.227.236.0/24 maxlen: 24
185.227.237.0/24 maxlen: 24
2a0c:d600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:37:81:12:44:64:8a:ec:50:f3:c6:2b:85:14:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Validity
Not Before: Jan 1 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5bff7920c5280410e82fe30e02ff202ae9c9fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e3:8c:d8:f8:ac:4f:8f:95:fe:c4:99:b9:5d:
4d:70:85:65:1d:47:db:2d:5b:d7:72:ed:88:1d:9f:
f5:d6:19:6b:88:4b:c6:1f:5e:af:02:b2:4e:a9:c3:
98:3d:09:92:ab:b4:59:b2:17:2c:af:e9:f3:e7:9c:
3c:37:2b:0b:86:dc:33:bb:80:ef:9d:f0:d8:f7:b7:
ff:de:a3:c8:1c:74:55:0b:69:71:9e:41:b5:28:73:
8d:4c:42:9a:2c:77:a5:99:ee:0e:d0:dd:c4:00:af:
79:69:e7:77:65:38:c2:a2:7c:cf:b9:7b:c7:89:71:
8d:f8:5f:04:af:bb:2e:59:5c:7a:84:21:48:c8:45:
be:15:1d:4d:a5:ac:59:08:67:9f:42:59:0d:f1:79:
f4:3e:a8:25:b5:77:7d:30:b9:1b:cb:bb:b7:33:07:
19:2f:8b:9e:d6:39:ee:6a:04:66:35:6b:6e:a5:7c:
5d:89:8e:94:d0:98:a3:cf:d8:d4:af:dd:c3:d6:cf:
7d:29:60:0c:6d:7f:71:97:27:74:d2:50:ed:4c:68:
fd:1f:73:c7:a9:3f:04:37:77:3f:fb:c2:cb:0f:92:
3b:f1:3d:c2:0b:0f:0b:4f:56:e3:15:5a:c7:23:70:
00:5a:ee:3d:b7:b8:91:c6:4b:0f:19:46:86:a5:ac:
b5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BF:F7:92:0C:52:80:41:0E:82:FE:30:E0:2F:F2:02:AE:9C:9F:A7
X509v3 Authority Key Identifier:
keyid:D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/9b_3kgxSgEEOgv4w4C_yAq6cn6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/1vvZ7VBO72Wez8kZoZXNKoA7YKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.236.0/22
IPv6:
2a0c:d600::/29
Signature Algorithm: sha256WithRSAEncryption
75:1a:5d:ca:4f:e1:76:f9:d4:14:79:7d:92:9e:02:3e:fa:4f:
c7:4c:59:51:c9:f5:78:aa:99:cf:c9:b6:70:9e:96:c0:65:3c:
d2:de:15:77:ab:a5:6c:41:8e:ab:63:ca:04:5f:75:08:a3:5f:
6c:d7:aa:15:38:29:ec:ea:6f:c1:1b:97:20:17:45:a7:63:ed:
ee:77:82:d7:68:74:d6:f6:a2:53:11:8a:ea:f0:56:01:53:cd:
d2:3d:ca:6e:24:4b:da:66:94:8f:9d:65:26:f0:7e:30:a8:87:
41:0b:b2:33:d7:02:74:79:e6:b5:35:4e:61:97:ce:83:11:5d:
44:67:ba:9f:be:ca:67:e9:38:51:14:86:74:fe:70:26:34:07:
14:af:0b:2c:89:97:af:af:ea:f0:53:ef:91:c5:3d:ab:13:e2:
cb:1e:3c:86:b9:6b:6e:5e:3b:b8:9e:ca:59:55:ac:03:3c:f9:
ca:64:6b:6a:70:d8:c3:90:04:5a:38:d0:02:3b:3f:12:9c:0b:
a1:7c:e5:e6:c7:4d:9c:f4:29:bd:25:ee:14:9a:5d:b5:d1:9d:
f8:0c:b5:d8:0f:db:03:5f:92:be:f0:cb:bc:1a:a3:d7:d3:84:
4a:59:53:4d:1d:0c:96:5f:aa:aa:d3:20:e4:6c:2b:fc:56:19:
a3:f4:5c:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsuDeBEkRkiuxQ88YrhRRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmJkOWVkNTA0ZWVmNjU5ZWNmYzkxOWExOTVjZDJhODAz
YjYwYTcwHhcNMjMwMTAxMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJmZjc5MjBjNTI4MDQxMGU4MmZlMzBlMDJmZjIwMmFlOWM5ZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+OM2PisT4+V/sSZuV1NcIVlHUfb
LVvXcu2IHZ/11hlriEvGH16vArJOqcOYPQmSq7RZshcsr+nz55w8NysLhtwzu4Dv
nfDY97f/3qPIHHRVC2lxnkG1KHONTEKaLHelme4O0N3EAK95aed3ZTjConzPuXvH
iXGN+F8Er7suWVx6hCFIyEW+FR1NpaxZCGefQlkN8Xn0PqgltXd9MLkby7u3MwcZ
L4ue1jnuagRmNWtupXxdiY6U0Jijz9jUr93D1s99KWAMbX9xlyd00lDtTGj9H3PH
qT8EN3c/+8LLD5I78T3CCw8LT1bjFVrHI3AAWu49t7iRxksPGUaGpay1KwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPW/95IMUoBBDoL+MOAv8gKunJ+nMB8GA1UdIwQY
MBaAFNb72e1QTu9lns/JGaGVzSqAO2CnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZ2WjdWQk83MldlejhrWm9aWE5Lb0E3WUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80YTU4NWEtZjBmMC00OTg3LWFlMDMt
YWNjY2FlNjkwZTc1LzEvOWJfM2tneFNnRUVPZ3Y0dzRDX3lBcTZjbjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80YTU4NWEtZjBmMC00OTg3LWFlMDMtYWNjY2FlNjkwZTc1
LzEvMXZ2WjdWQk83MldlejhrWm9aWE5Lb0E3WUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuePsMA0E
AgACMAcDBQMqDNYAMA0GCSqGSIb3DQEBCwUAA4IBAQB1Gl3KT+F2+dQUeX2SngI+
+k/HTFlRyfV4qpnPybZwnpbAZTzS3hV3q6VsQY6rY8oEX3UIo19s16oVOCns6m/B
G5cgF0WnY+3ud4LXaHTW9qJTEYrq8FYBU83SPcpuJEvaZpSPnWUm8H4wqIdBC7Iz
1wJ0eea1NU5hl86DEV1EZ7qfvspn6ThRFIZ0/nAmNAcUrwssiZevr+rwU++RxT2r
E+LLHjyGuWtuXju4nspZVawDPPnKZGtqcNjDkARaONACOz8SnAuhfOXmx02c9Cm9
Je4Uml210Z34DLXYD9sDX5K+8Mu8GqPX04RKWVNNHQyWX6qq0yDkbCv8Vhmj9Fy1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:56 2025 by rpki-client