Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/dfqIqrGV-ZlFGzdnbrgwMYMMiQY.roa
File: dfqIqrGV-ZlFGzdnbrgwMYMMiQY.roa (raw, json)
Hash identifier: YlcNOd6iAa1nsCd6+6l5cfDimjcz96yv4wOim7eSx4I=
Subject key identifier: 75:FA:88:AA:B1:95:F9:99:45:1B:37:67:6E:B8:30:31:83:0C:89:06
Certificate issuer: /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial: 02D9FB73
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/dfqIqrGV-ZlFGzdnbrgwMYMMiQY.roa
Signing time: Sat 01 Jan 2022 04:59:11 +0000
ROA not before: Sat 01 Jan 2022 04:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.206.123.0/24 maxlen: 24
2a10:ca00:4::/48 maxlen: 48
2a10:ca00:2::/48 maxlen: 48
2a10:ca00:3::/48 maxlen: 48
2a10:ca00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47840115 (0x2d9fb73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
Validity
Not Before: Jan 1 04:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75fa88aab195f999451b37676eb83031830c8906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cc:1a:06:c0:1c:79:b5:a3:69:92:ae:d6:61:
15:4d:1c:a1:d4:72:da:7e:d0:37:8a:cd:9e:cf:15:
56:18:eb:c1:cb:1e:70:86:e8:60:46:1b:7f:8a:38:
f7:f4:8d:e5:a2:a2:54:d6:13:db:08:e6:1a:54:90:
26:f7:71:d0:d1:41:26:0b:25:d8:fb:eb:d3:01:51:
5c:2d:6e:af:21:53:8e:ed:fa:d1:a2:f4:83:dd:b9:
a1:d5:4b:e3:8f:0c:52:55:ae:4c:f4:db:a8:0c:5c:
f7:68:1f:b8:dd:8b:84:f4:9e:12:20:99:34:15:fa:
7a:63:fb:99:e3:21:af:c0:78:37:7b:45:25:5a:93:
6f:3c:03:fc:71:b2:5c:17:6d:8b:0a:fe:12:f3:3e:
67:c2:ef:4c:b0:35:8c:ae:b3:ac:7a:fe:75:5b:da:
d6:3a:38:2d:8b:ab:a5:70:f7:73:3e:3b:8a:77:3f:
02:10:42:64:a2:08:1c:b9:43:0c:ae:81:21:b4:ea:
73:a7:b3:eb:22:5c:b0:d2:a7:a4:64:0a:f1:14:c6:
ee:18:00:93:e4:d4:4d:c2:db:fb:32:a4:eb:17:36:
60:dc:81:19:6c:74:bd:f8:de:7d:38:ee:64:ec:5c:
ff:64:94:ae:29:cf:66:9d:0d:8b:e5:ce:30:8e:d2:
4d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FA:88:AA:B1:95:F9:99:45:1B:37:67:6E:B8:30:31:83:0C:89:06
X509v3 Authority Key Identifier:
keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/dfqIqrGV-ZlFGzdnbrgwMYMMiQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.123.0/24
IPv6:
2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
05:1f:b4:3f:ed:2f:9a:20:da:79:a3:aa:4e:fc:51:b8:cf:59:
e4:a3:6e:ed:1c:db:66:60:f2:99:e9:96:b8:69:1e:ba:27:89:
38:15:87:71:82:3b:89:bc:c6:fb:f4:39:5e:2f:0c:68:4b:e6:
45:8c:9f:f7:e6:98:36:80:2f:74:80:ca:56:cc:17:99:46:dc:
f0:6f:1b:4e:e5:13:d8:7c:22:60:f1:a9:1a:e6:48:5f:29:66:
e7:c3:c0:3f:dc:1c:f3:2c:0c:be:c9:c2:1c:3a:14:b1:27:47:
3c:f9:79:7b:b3:1e:55:6a:1f:1d:89:fb:80:1d:79:42:b3:b6:
60:41:e2:ae:a4:52:10:0b:4d:ac:28:92:3a:5a:54:a7:de:5d:
66:11:79:bc:fa:d8:1a:5e:b4:64:fd:38:81:9f:5e:f5:7d:5c:
98:fa:f7:46:5b:b9:a9:be:6f:d4:42:e5:47:33:13:88:2c:0d:
cb:cd:6d:49:32:bc:ec:bd:a1:5d:77:21:73:80:70:4f:4d:af:
d4:17:9a:e0:19:c5:5c:e3:db:f3:19:d5:97:80:c7:f8:1b:f1:
37:2e:0d:cf:0b:49:96:63:25:33:d0:24:48:32:58:85:26:d7:
0a:1e:82:a5:86:5a:ab:21:86:3a:01:4c:98:e4:b3:9f:a6:24:
c4:f2:6f:ab
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAtn7czANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmI1NWZiMzRkMjlmOTYyNTQ1MTMyYTAyNWI1MjY0NGZkZmZiZjZmMB4XDTIyMDEw
MTA0NTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVmYTg4YWFiMTk1
Zjk5OTQ1MWIzNzY3NmViODMwMzE4MzBjODkwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLMGgbAHHm1o2mSrtZhFU0codRy2n7QN4rNns8VVhjrwcse
cIboYEYbf4o49/SN5aKiVNYT2wjmGlSQJvdx0NFBJgsl2Pvr0wFRXC1uryFTju36
0aL0g925odVL448MUlWuTPTbqAxc92gfuN2LhPSeEiCZNBX6emP7meMhr8B4N3tF
JVqTbzwD/HGyXBdtiwr+EvM+Z8LvTLA1jK6zrHr+dVva1jo4LYurpXD3cz47inc/
AhBCZKIIHLlDDK6BIbTqc6ez6yJcsNKnpGQK8RTG7hgAk+TUTcLb+zKk6xc2YNyB
GWx0vfjefTjuZOxc/2SUrinPZp0Ni+XOMI7STWECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBR1+oiqsZX5mUUbN2duuDAxgwyJBjAfBgNVHSMEGDAWgBQ2tV+zTSn5YlRR
MqAltSZE/f+/bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05yVmZzMDBwLVdKVVVUS2dKYlVtUlAzX3YyOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMmJmMDBiLWJmYmMtNGY2Yi1hMTNlLWYxMGY3M2E5ZWNiMy8x
L2RmcUlxckdWLVpsRkd6ZG5icmd3TVlNTWlRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MmJmMDBiLWJmYmMtNGY2Yi1hMTNlLWYxMGY3M2E5ZWNiMy8xL05yVmZzMDBwLVdK
VVVUS2dKYlVtUlAzX3YyOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEALnOezAaBAIAAjAUMBIDBwAqEMoA
AAEDBwAqEMoAAAQwDQYJKoZIhvcNAQELBQADggEBAAUftD/tL5og2nmjqk78UbjP
WeSjbu0c22Zg8pnplrhpHroniTgVh3GCO4m8xvv0OV4vDGhL5kWMn/fmmDaAL3SA
ylbMF5lG3PBvG07lE9h8ImDxqRrmSF8pZufDwD/cHPMsDL7Jwhw6FLEnRzz5eXuz
HlVqHx2J+4AdeUKztmBB4q6kUhALTawokjpaVKfeXWYRebz62BpetGT9OIGfXvV9
XJj690Zbuam+b9RC5UczE4gsDcvNbUkyvOy9oV13IXOAcE9Nr9QXmuAZxVzj2/MZ
1ZeAx/gb8TcuDc8LSZZjJTPQJEgyWIUm1woegqWGWqshhjoBTJjks5+mJMTyb6s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:01 2023 by rpki-client on console-fra.rpki-client.org