Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/a68IU2DxiKvu_sKW9EfmlhubsEQ.roa
File: a68IU2DxiKvu_sKW9EfmlhubsEQ.roa (raw, json)
Hash identifier: n2zjZ7ggClAlkMp9JUMfxPR5YJmrSNxgFocI8K+qU98=
Subject key identifier: 6B:AF:08:53:60:F1:88:AB:EE:FE:C2:96:F4:47:E6:96:1B:9B:B0:44
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 0186B74ECEBA4771D3C7BDCDC2D921EDB791
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/a68IU2DxiKvu_sKW9EfmlhubsEQ.roa
Signing time: Mon 06 Mar 2023 14:24:00 +0000
ROA not before: Mon 06 Mar 2023 14:24:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205185
IP address blocks: 185.226.108.0/22 maxlen: 24
185.152.84.0/22 maxlen: 24
45.129.172.0/22 maxlen: 24
185.136.236.0/22 maxlen: 24
2a0d:8600::/29 maxlen: 48
2a0f:dc40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b7:4e:ce:ba:47:71:d3:c7:bd:cd:c2:d9:21:ed:b7:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: Mar 6 14:24:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6baf085360f188abeefec296f447e6961b9bb044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3b:8c:36:4b:0d:4f:e2:54:7a:37:66:ac:0d:
53:ca:e9:e2:c3:2e:ac:97:0f:94:56:71:66:74:8c:
09:fd:06:78:e2:79:2e:8c:1e:2d:1b:89:93:55:41:
1a:38:3a:20:61:87:9b:f7:47:17:9f:be:8f:fb:4f:
bb:29:13:62:8e:dd:b7:14:a1:a1:c4:50:fd:33:c0:
44:f0:45:b4:c1:11:68:dc:c7:6c:c2:c0:e8:ee:d0:
90:eb:93:3b:a6:21:f9:18:eb:25:75:04:2b:1f:69:
81:05:84:b9:6c:8d:7c:8f:68:3b:0d:9c:9d:ad:c9:
d3:67:ff:ed:46:88:e4:f2:8f:d5:fa:0b:72:16:7b:
d0:3f:1d:c4:88:4f:57:61:70:29:ce:6d:c1:71:81:
6a:41:4a:87:60:c5:51:99:dc:6e:5e:84:b3:df:94:
87:42:dd:0d:ee:eb:4d:ba:9d:5b:37:31:8b:a2:60:
e0:c4:38:d0:c0:6e:2f:89:ba:fd:61:4b:6b:f6:15:
49:09:04:46:b7:de:dc:5e:e0:ba:99:b2:55:2e:8d:
d5:20:8e:e0:76:6b:d9:dc:bd:e3:ba:22:06:cb:db:
29:5f:d3:b6:c5:72:18:65:14:cf:32:a8:6a:1d:13:
94:3d:a8:25:d9:14:95:82:a3:0c:9b:b5:a3:da:4f:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AF:08:53:60:F1:88:AB:EE:FE:C2:96:F4:47:E6:96:1B:9B:B0:44
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/a68IU2DxiKvu_sKW9EfmlhubsEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.172.0/22
185.136.236.0/22
185.152.84.0/22
185.226.108.0/22
IPv6:
2a0d:8600::/29
2a0f:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
54:ec:8d:ac:6f:3c:63:e3:0b:10:78:fd:43:b6:a9:6a:1f:8f:
8c:2f:1d:28:38:7d:d6:bd:ad:8e:da:5f:6d:da:2a:bd:0f:b2:
d4:fe:4a:98:9a:ea:8b:9b:cb:63:0a:c7:ff:c4:97:66:23:cb:
c3:ab:47:41:3b:ba:5d:7c:24:97:6c:54:9c:ac:4a:49:bc:cb:
d0:2a:98:e6:4b:46:3c:43:f9:41:3f:12:aa:f1:44:a7:e0:8e:
07:c8:fc:7d:79:3c:ab:3e:46:ee:f8:d3:93:d6:bc:68:c4:53:
b1:f8:7c:d5:6b:2a:95:a5:a0:00:e4:3d:f5:49:ba:08:93:49:
d3:72:b9:eb:2c:16:7c:9c:69:1d:01:d5:c1:6a:db:b3:50:f5:
8d:d9:8f:b2:3d:24:d6:bc:54:7d:e5:a4:b4:9d:a2:2b:b4:49:
f7:60:62:e1:e4:9b:42:a1:0b:4d:da:d6:63:2a:01:8a:d0:36:
68:6d:6c:7b:da:76:f1:72:15:31:12:5a:cf:cf:f1:16:90:3e:
5e:5f:ec:1a:31:af:20:96:bb:f4:c6:9d:eb:93:bf:af:ba:99:
14:b1:1b:3f:4d:ac:ed:b0:ac:ef:8b:f0:de:73:a8:c1:59:16:
15:5b:78:38:d5:ee:15:ea:9a:58:a6:3c:1f:de:aa:e4:b5:fa:
63:bb:ac:fa
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYa3Ts66R3HTx73Nwtkh7beRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjMwMzA2MTQyNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmFmMDg1MzYwZjE4OGFiZWVmZWMyOTZmNDQ3ZTY5NjFiOWJiMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDuMNksNT+JUejdmrA1Tyuniwy6s
lw+UVnFmdIwJ/QZ44nkujB4tG4mTVUEaODogYYeb90cXn76P+0+7KRNijt23FKGh
xFD9M8BE8EW0wRFo3MdswsDo7tCQ65M7piH5GOsldQQrH2mBBYS5bI18j2g7DZyd
rcnTZ//tRojk8o/V+gtyFnvQPx3EiE9XYXApzm3BcYFqQUqHYMVRmdxuXoSz35SH
Qt0N7utNup1bNzGLomDgxDjQwG4vibr9YUtr9hVJCQRGt97cXuC6mbJVLo3VII7g
dmvZ3L3juiIGy9spX9O2xXIYZRTPMqhqHROUPagl2RSVgqMMm7Wj2k//dwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGuvCFNg8Yir7v7ClvRH5pYbm7BEMB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvYTY4SVUyRHhpS3Z1X3NLVzlFZm1saHVic0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYGsAwQC
uYjsAwQCuZhUAwQCueJsMBQEAgACMA4DBQMqDYYAAwUDKg/cQDANBgkqhkiG9w0B
AQsFAAOCAQEAVOyNrG88Y+MLEHj9Q7apah+PjC8dKDh91r2tjtpfbdoqvQ+y1P5K
mJrqi5vLYwrH/8SXZiPLw6tHQTu6XXwkl2xUnKxKSbzL0CqY5ktGPEP5QT8SqvFE
p+COB8j8fXk8qz5G7vjTk9a8aMRTsfh81WsqlaWgAOQ99Um6CJNJ03K56ywWfJxp
HQHVwWrbs1D1jdmPsj0k1rxUfeWktJ2iK7RJ92Bi4eSbQqELTdrWYyoBitA2aG1s
e9p28XIVMRJaz8/xFpA+Xl/sGjGvIJa79Mad65O/r7qZFLEbP02s7bCs74vw3nOo
wVkWFVt4ONXuFeqaWKY8H96q5LX6Y7us+g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:28 2025 by rpki-client