Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/rqFJiN9AKXyMYO3DG_xxJ5uXsOk.roa
File: rqFJiN9AKXyMYO3DG_xxJ5uXsOk.roa (raw, json)
Hash identifier: j1MgrsGjw807xb4VYeB85qQnDiajyte0YSFpOkrrz2k=
Subject key identifier: AE:A1:49:88:DF:40:29:7C:8C:60:ED:C3:1B:FC:71:27:9B:97:B0:E9
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018BAA978234A5F6A7B8EB8E1C4329BE99B4
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/rqFJiN9AKXyMYO3DG_xxJ5uXsOk.roa
Signing time: Tue 07 Nov 2023 16:22:17 +0000
ROA not before: Tue 07 Nov 2023 16:22:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35219
IP address blocks: 185.185.228.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:97:82:34:a5:f6:a7:b8:eb:8e:1c:43:29:be:99:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Nov 7 16:22:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aea14988df40297c8c60edc31bfc71279b97b0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1d:46:71:63:9a:a1:99:a0:f0:26:f6:e2:11:
53:87:a2:c2:3f:7a:24:67:a4:b2:78:05:a9:2e:b6:
5e:c9:f9:37:53:64:ae:45:34:d0:95:79:05:44:50:
be:71:c3:83:00:8a:1f:11:47:5a:a7:a7:95:f4:2c:
43:c3:fe:ca:3b:ad:e9:60:be:8f:2d:ed:1d:d2:0f:
3e:be:c8:f7:79:6e:42:ab:89:41:f2:89:e6:b4:25:
6c:ac:fe:43:1d:a1:cd:ba:a0:1c:19:3d:ba:9b:a8:
82:f5:38:29:27:3c:31:02:82:79:0a:03:75:cf:3b:
4d:78:94:34:48:e3:45:5e:3c:70:3a:89:ea:ac:6e:
a4:5a:09:2d:91:57:bd:0c:85:cb:45:3f:7d:2f:59:
40:49:81:c6:1b:45:ef:e5:95:2d:25:0d:bc:09:46:
92:56:50:24:d7:42:da:68:97:04:8f:e0:a1:d7:13:
85:19:fc:b7:7e:27:74:00:67:6e:6a:e5:5b:74:41:
e6:c7:3b:a4:f6:c6:b8:57:2e:78:0b:0d:b2:ab:84:
9e:d5:38:7b:f9:45:22:39:c1:73:9a:2a:0a:ec:55:
31:ab:c3:10:51:8b:28:31:62:d4:fe:2f:41:78:97:
9d:0c:3d:73:2e:4d:cb:fa:a3:1a:ce:cb:17:cc:b0:
a6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A1:49:88:DF:40:29:7C:8C:60:ED:C3:1B:FC:71:27:9B:97:B0:E9
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/rqFJiN9AKXyMYO3DG_xxJ5uXsOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.64.0/22
185.185.228.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c6:9d:ec:6d:17:ee:ec:06:f9:95:50:05:9f:5f:11:f4:9e:
49:4a:20:a2:12:cc:93:7c:ae:f5:a9:5d:3b:65:56:23:87:84:
35:14:63:cf:b8:27:be:b0:6d:57:65:9a:b2:3d:8d:da:c7:ee:
4b:58:62:00:1e:2e:c4:a6:30:75:fe:24:ea:67:10:d1:bc:45:
6c:1f:9a:8e:72:6f:db:67:60:8b:8b:4a:5e:f1:6c:81:5e:df:
2a:a6:1a:58:7c:38:08:4b:1e:0d:f3:0f:c3:b1:73:4f:24:12:
67:8d:57:48:87:7f:03:dc:e8:1c:51:25:cb:6e:11:87:bb:73:
5e:cd:8c:f9:d9:d2:7f:1e:15:d7:9b:cf:19:8f:79:da:92:4c:
d9:e9:3d:2f:37:73:0a:a4:58:34:65:37:b2:f5:bc:82:46:d3:
02:60:79:71:6f:b9:14:8f:fd:aa:63:b6:f0:6b:cd:5e:d0:bd:
c0:c9:81:00:69:b4:d2:6a:80:d5:41:39:c1:23:9c:a9:a6:99:
93:f4:0c:c9:3a:9c:a6:5f:f0:be:d8:65:47:b7:c4:b3:ce:87:
2d:fb:cd:2c:3d:81:dd:f0:e4:22:0e:c6:07:6b:65:a9:00:ad:
d3:32:7e:ab:a4:d2:06:e3:dd:16:83:ca:42:93:1b:d8:63:76:
d4:f5:86:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuql4I0pfanuOuOHEMpvpm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjMxMTA3MTYyMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWExNDk4OGRmNDAyOTdjOGM2MGVkYzMxYmZjNzEyNzliOTdiMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR1GcWOaoZmg8Cb24hFTh6LCP3ok
Z6SyeAWpLrZeyfk3U2SuRTTQlXkFRFC+ccODAIofEUdap6eV9CxDw/7KO63pYL6P
Le0d0g8+vsj3eW5Cq4lB8onmtCVsrP5DHaHNuqAcGT26m6iC9TgpJzwxAoJ5CgN1
zztNeJQ0SONFXjxwOonqrG6kWgktkVe9DIXLRT99L1lASYHGG0Xv5ZUtJQ28CUaS
VlAk10LaaJcEj+Ch1xOFGfy3fid0AGduauVbdEHmxzuk9sa4Vy54Cw2yq4Se1Th7
+UUiOcFzmioK7FUxq8MQUYsoMWLU/i9BeJedDD1zLk3L+qMazssXzLCmHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK6hSYjfQCl8jGDtwxv8cSebl7DpMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvcnFGSmlOOUFLWHlNWU8zREdfeHhKNXVYc09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUBAAwQA
ubnkMA0GCSqGSIb3DQEBCwUAA4IBAQBFxp3sbRfu7Ab5lVAFn18R9J5JSiCiEsyT
fK71qV07ZVYjh4Q1FGPPuCe+sG1XZZqyPY3ax+5LWGIAHi7EpjB1/iTqZxDRvEVs
H5qOcm/bZ2CLi0pe8WyBXt8qphpYfDgISx4N8w/DsXNPJBJnjVdIh38D3OgcUSXL
bhGHu3NezYz52dJ/HhXXm88Zj3nakkzZ6T0vN3MKpFg0ZTey9byCRtMCYHlxb7kU
j/2qY7bwa81e0L3AyYEAabTSaoDVQTnBI5ypppmT9AzJOpymX/C+2GVHt8Szzoct
+80sPYHd8OQiDsYHa2WpAK3TMn6rpNIG490Wg8pCkxvYY3bU9YbZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:13 2025 by rpki-client