Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/tGptwvUqH7z8bq_fC4n-ilWcBX4.roa
File: tGptwvUqH7z8bq_fC4n-ilWcBX4.roa (raw, json)
Hash identifier: k/++BtQuM7jz11a8/IBQbpkkUJfY894UUe7QPXTdElQ=
Subject key identifier: B4:6A:6D:C2:F5:2A:1F:BC:FC:6E:AF:DF:0B:89:FE:8A:55:9C:05:7E
Certificate issuer: /CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Certificate serial: 01856F6FF9639AC04370D57FC47F36F4BF17
Authority key identifier: F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/tGptwvUqH7z8bq_fC4n-ilWcBX4.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205241
IP address blocks: 185.219.56.0/22 maxlen: 24
2a0b:e140::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:f9:63:9a:c0:43:70:d5:7f:c4:7f:36:f4:bf:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46a6dc2f52a1fbcfc6eafdf0b89fe8a559c057e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:ca:f4:25:51:e7:68:ed:64:84:5a:04:13:
0c:5f:53:2e:a6:89:47:9c:a1:47:d5:e1:b4:99:f1:
59:a1:2b:39:14:49:e4:d0:86:28:78:b8:5f:e3:1c:
92:8e:da:04:06:4d:bd:92:2c:5d:ae:59:2d:ca:79:
29:7b:4d:3f:70:87:89:f4:f1:d0:de:a8:d3:1a:c7:
7c:d3:82:b1:5c:d2:73:d8:07:0e:64:a5:b0:6b:55:
a6:01:e3:22:20:50:1e:f0:ae:1b:cb:78:59:ac:fe:
3e:6f:1c:70:4a:75:79:e2:c2:95:8c:e4:45:35:d9:
f4:9c:32:7a:b0:bf:bd:4a:fa:e3:2d:2c:cd:63:92:
01:70:30:c3:a9:a5:53:05:50:6c:e9:fc:8b:69:46:
83:d0:d1:89:ac:18:fe:6f:0c:f8:bb:9d:79:d6:e5:
94:ee:33:ce:be:df:7e:d1:91:14:de:09:c1:1a:fe:
39:32:ef:4a:70:ca:4f:fb:a5:75:1a:83:73:a6:e2:
83:38:d2:2c:1f:23:ea:6d:ee:5c:58:26:c1:44:4e:
7b:47:ed:49:8d:8a:23:9f:8a:f8:dc:1c:7b:e5:d9:
63:68:7b:d0:e1:47:2b:98:ae:07:3e:e6:e4:39:86:
c4:8e:21:c6:82:f9:04:08:6f:8e:3c:bd:c7:a8:de:
24:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6A:6D:C2:F5:2A:1F:BC:FC:6E:AF:DF:0B:89:FE:8A:55:9C:05:7E
X509v3 Authority Key Identifier:
keyid:F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/tGptwvUqH7z8bq_fC4n-ilWcBX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.56.0/22
IPv6:
2a0b:e140::/29
Signature Algorithm: sha256WithRSAEncryption
16:24:e6:77:7c:ba:b0:d8:21:4e:dc:03:ee:56:93:51:24:96:
00:bd:22:ee:38:e0:e7:88:22:e5:d5:e2:ac:01:ce:cf:9b:0c:
bd:d1:6c:e0:09:4a:e1:ad:24:25:06:c6:98:a6:e5:98:a9:c3:
45:42:de:6e:ca:3d:74:02:fd:45:bc:4a:19:84:9a:af:fc:92:
9a:fb:8b:b7:ec:20:48:be:2e:c1:18:97:84:30:23:ca:49:51:
29:3c:32:dd:74:56:c6:40:8b:5a:e8:12:89:5f:d9:7d:f1:97:
ea:3a:42:f5:cb:dc:e8:f4:2a:71:7b:72:04:67:f6:16:f0:61:
ef:0c:84:62:3e:ca:86:14:3a:78:8f:9e:21:c4:8b:e9:74:30:
5b:5e:f2:bc:e2:f4:2f:63:37:53:10:68:1b:03:91:60:d2:f9:
03:d2:54:dc:e1:53:df:6c:87:ec:26:d4:19:79:66:1a:88:88:
ac:8f:c7:72:11:e1:fe:ae:04:1c:94:c7:5a:d9:5a:e2:ed:09:
79:90:9d:62:d0:dd:08:bb:4f:f6:9d:18:a1:08:88:44:d4:29:
02:92:68:4a:20:1f:82:ab:e6:5b:f2:fc:93:8e:86:be:ba:60:
61:22:91:91:a2:95:04:a9:25:ab:a6:a4:54:c2:26:66:78:d8:
fd:7a:6b:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvb/ljmsBDcNV/xH829L8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzkzNDNjYzZkNTFkZGI4ZTM2MzgyOTlhMWJiNDk1ZjQ1
ODA5MjEwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZhNmRjMmY1MmExZmJjZmM2ZWFmZGYwYjg5ZmU4YTU1OWMwNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg7K9CVR52jtZIRaBBMMX1MupolH
nKFH1eG0mfFZoSs5FEnk0IYoeLhf4xySjtoEBk29kixdrlktynkpe00/cIeJ9PHQ
3qjTGsd804KxXNJz2AcOZKWwa1WmAeMiIFAe8K4by3hZrP4+bxxwSnV54sKVjORF
Ndn0nDJ6sL+9SvrjLSzNY5IBcDDDqaVTBVBs6fyLaUaD0NGJrBj+bwz4u5151uWU
7jPOvt9+0ZEU3gnBGv45Mu9KcMpP+6V1GoNzpuKDONIsHyPqbe5cWCbBRE57R+1J
jYojn4r43Bx75dljaHvQ4UcrmK4HPubkOYbEjiHGgvkECG+OPL3HqN4kzQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLRqbcL1Kh+8/G6v3wuJ/opVnAV+MB8GA1UdIwQY
MBaAFPM5NDzG1R3bjjY4KZobtJX0WAkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDIt
Mzc3ZDI1YmU1OTRkLzEvdEdwdHd2VXFIN3o4YnFfZkM0bi1pbFdjQlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDItMzc3ZDI1YmU1OTRk
LzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuds4MA0E
AgACMAcDBQMqC+FAMA0GCSqGSIb3DQEBCwUAA4IBAQAWJOZ3fLqw2CFO3APuVpNR
JJYAvSLuOODniCLl1eKsAc7Pmwy90WzgCUrhrSQlBsaYpuWYqcNFQt5uyj10Av1F
vEoZhJqv/JKa+4u37CBIvi7BGJeEMCPKSVEpPDLddFbGQIta6BKJX9l98ZfqOkL1
y9zo9Cpxe3IEZ/YW8GHvDIRiPsqGFDp4j54hxIvpdDBbXvK84vQvYzdTEGgbA5Fg
0vkD0lTc4VPfbIfsJtQZeWYaiIisj8dyEeH+rgQclMda2Vri7Ql5kJ1i0N0Iu0/2
nRihCIhE1CkCkmhKIB+Cq+Zb8vyTjoa+umBhIpGRopUEqSWrpqRUwiZmeNj9emvH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:16 2025 by rpki-client