Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/am6EoO0t3RB7UhM7jri3mORA59w.roa
File: am6EoO0t3RB7UhM7jri3mORA59w.roa (raw, json)
Hash identifier: lbHYntzvX5RmBmtep0S7BW9/vazeZWjlIoPeXj/o/A8=
Subject key identifier: 6A:6E:84:A0:ED:2D:DD:10:7B:52:13:3B:8E:B8:B7:98:E4:40:E7:DC
Certificate issuer: /CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Certificate serial: 0186F47E0D5AC6C97F312DCC3039AF52A530
Authority key identifier: 29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/am6EoO0t3RB7UhM7jri3mORA59w.roa
Signing time: Sat 18 Mar 2023 11:32:27 +0000
ROA not before: Sat 18 Mar 2023 11:32:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204544
IP address blocks: 185.53.141.0/24 maxlen: 24
185.53.140.0/22 maxlen: 22
185.53.140.0/24 maxlen: 24
185.53.143.0/24 maxlen: 24
185.53.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f4:7e:0d:5a:c6:c9:7f:31:2d:cc:30:39:af:52:a5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293e0cd8b3e044edb823aef688aafb0b75de8675
Validity
Not Before: Mar 18 11:32:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a6e84a0ed2ddd107b52133b8eb8b798e440e7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:33:0f:98:31:70:1f:2a:55:f8:10:a4:9e:3e:
9f:0d:cb:fe:5a:4c:e7:11:66:29:90:ff:dc:91:c1:
e1:49:5c:b8:48:b4:84:49:29:3b:b6:98:d1:ff:a5:
f4:05:20:57:77:f5:2f:7b:99:f4:9f:42:52:4f:17:
14:d2:ce:39:7b:0c:7d:ad:4d:3f:c1:80:a5:3d:cd:
78:09:3a:23:1d:11:cb:e7:32:54:08:74:e5:fd:eb:
00:e8:9a:dc:7a:68:31:98:58:4e:ec:6b:66:64:b5:
f9:c4:0b:4f:c0:07:b9:50:65:6a:cb:e9:83:e7:52:
49:a1:3c:5b:c3:f6:34:35:e5:ab:66:c8:99:1d:cb:
26:68:00:c3:a5:96:c6:d7:a5:c4:a4:c9:7b:9f:fc:
bf:d8:63:d7:20:a1:a8:7d:12:25:43:88:ec:49:7c:
73:b7:6e:42:7d:64:1f:7b:f6:ed:3e:b3:2e:26:23:
b4:b7:83:20:80:14:81:5f:ff:56:73:83:22:30:4c:
c6:d9:81:9d:6f:6c:70:96:1a:8f:e9:04:cf:4f:ee:
d8:f5:9a:f0:a2:d3:13:b1:22:a0:6e:85:df:7c:6c:
eb:30:ff:58:f7:53:81:1b:4e:ff:92:83:b1:ed:08:
ce:52:ed:19:b7:80:84:c6:2f:4d:a4:c7:6a:25:53:
15:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6E:84:A0:ED:2D:DD:10:7B:52:13:3B:8E:B8:B7:98:E4:40:E7:DC
X509v3 Authority Key Identifier:
keyid:29:3E:0C:D8:B3:E0:44:ED:B8:23:AE:F6:88:AA:FB:0B:75:DE:86:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT4M2LPgRO24I672iKr7C3XehnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/am6EoO0t3RB7UhM7jri3mORA59w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da1c2-252d-4bd2-b56c-bb217cc3b78d/1/KT4M2LPgRO24I672iKr7C3XehnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.140.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:d3:59:4e:2d:d4:f6:09:b9:74:95:3a:9d:a4:41:40:13:ec:
e4:9b:63:23:de:85:44:da:7e:66:db:01:aa:4c:54:2d:e9:ad:
50:7c:41:9b:ca:7c:e2:75:f5:e1:32:5f:80:ae:c6:cf:2f:22:
34:ec:56:89:61:9a:5b:a1:84:7e:c9:9b:d6:c1:7f:09:52:83:
a4:27:51:31:a0:48:03:d9:f8:ca:8a:87:93:aa:5f:17:de:72:
8f:28:0b:aa:c4:fc:bb:4b:9c:00:75:e3:8d:d3:90:6f:a1:19:
73:42:95:22:06:a8:fb:81:4f:66:43:90:be:13:34:4e:da:e1:
04:6b:14:fb:f4:90:e5:f0:d3:2e:c3:88:77:e0:46:15:ec:90:
66:31:f7:d7:af:3f:a9:8e:a4:39:d8:70:c1:18:3e:00:b8:4f:
69:41:8a:7c:eb:1f:35:97:a1:ee:aa:48:22:9d:c3:61:1c:d8:
69:ed:f4:9f:b1:e4:25:a8:a4:4e:3d:26:95:8f:8e:51:c8:8f:
45:6f:bf:a3:e8:b9:b5:7e:1b:15:3b:b2:76:2b:d0:73:eb:88:
6f:1a:c8:3c:d6:06:c0:c3:4a:e1:fd:f4:83:79:17:92:68:99:
97:1a:83:0e:ad:f3:26:50:2a:1f:4a:c2:9e:c8:00:8e:39:32:
f2:1b:8b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb0fg1axsl/MS3MMDmvUqUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2UwY2Q4YjNlMDQ0ZWRiODIzYWVmNjg4YWFmYjBiNzVk
ZTg2NzUwHhcNMjMwMzE4MTEzMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZlODRhMGVkMmRkZDEwN2I1MjEzM2I4ZWI4Yjc5OGU0NDBlN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjMPmDFwHypV+BCknj6fDcv+Wkzn
EWYpkP/ckcHhSVy4SLSESSk7tpjR/6X0BSBXd/Uve5n0n0JSTxcU0s45ewx9rU0/
wYClPc14CTojHRHL5zJUCHTl/esA6JrcemgxmFhO7GtmZLX5xAtPwAe5UGVqy+mD
51JJoTxbw/Y0NeWrZsiZHcsmaADDpZbG16XEpMl7n/y/2GPXIKGofRIlQ4jsSXxz
t25CfWQfe/btPrMuJiO0t4MggBSBX/9Wc4MiMEzG2YGdb2xwlhqP6QTPT+7Y9Zrw
otMTsSKgboXffGzrMP9Y91OBG07/koOx7QjOUu0Zt4CExi9NpMdqJVMVgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpuhKDtLd0Qe1ITO464t5jkQOfcMB8GA1UdIwQY
MBaAFCk+DNiz4ETtuCOu9oiq+wt13oZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMt
YmIyMTdjYzNiNzhkLzEvYW02RW9PMHQzUkI3VWhNN2pyaTNtT1JBNTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGExYzItMjUyZC00YmQyLWI1NmMtYmIyMTdjYzNiNzhk
LzEvS1Q0TTJMUGdSTzI0STY3MmlLcjdDM1hlaG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTWMMA0G
CSqGSIb3DQEBCwUAA4IBAQAP01lOLdT2Cbl0lTqdpEFAE+zkm2Mj3oVE2n5m2wGq
TFQt6a1QfEGbynzidfXhMl+ArsbPLyI07FaJYZpboYR+yZvWwX8JUoOkJ1ExoEgD
2fjKioeTql8X3nKPKAuqxPy7S5wAdeON05BvoRlzQpUiBqj7gU9mQ5C+EzRO2uEE
axT79JDl8NMuw4h34EYV7JBmMffXrz+pjqQ52HDBGD4AuE9pQYp86x81l6Huqkgi
ncNhHNhp7fSfseQlqKROPSaVj45RyI9Fb7+j6Lm1fhsVO7J2K9Bz64hvGsg81gbA
w0rh/fSDeReSaJmXGoMOrfMmUCofSsKeyACOOTLyG4vG
-----END CERTIFICATE-----
Generated at Fri Apr 18 15:59:58 2025 by rpki-client