Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/V69ttZlt0ELa5R0OS9H1ZgAvEjk.roa
File: V69ttZlt0ELa5R0OS9H1ZgAvEjk.roa (raw, json)
Hash identifier: Tsvo1MrV4E8O9UBvQQU6a5T7tZjtzE4zk8gdN89bQdk=
Subject key identifier: 57:AF:6D:B5:99:6D:D0:42:DA:E5:1D:0E:4B:D1:F5:66:00:2F:12:39
Certificate issuer: /CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Certificate serial: 01856C53F934CCEBF0B285192CCAD3D184F2
Authority key identifier: B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/V69ttZlt0ELa5R0OS9H1ZgAvEjk.roa
Signing time: Sun 01 Jan 2023 07:55:20 +0000
ROA not before: Sun 01 Jan 2023 07:55:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202687
IP address blocks: 185.84.240.0/24 maxlen: 24
2a03:4bc0:1015::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f9:34:cc:eb:f0:b2:85:19:2c:ca:d3:d1:84:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Validity
Not Before: Jan 1 07:55:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=57af6db5996dd042dae51d0e4bd1f566002f1239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bd:2f:d8:9d:0b:82:cc:6e:e8:da:05:b7:3e:
1d:f0:00:5e:af:80:4a:d8:fe:3b:7f:d1:0a:48:5d:
d5:fe:53:f6:0e:f5:6f:3b:55:9b:d0:f9:30:3a:9d:
0b:ca:6b:dc:b1:67:68:eb:26:4b:d2:9d:1f:b9:78:
a7:e3:37:8e:b9:71:86:dc:1e:4d:5a:60:01:0a:3e:
90:4d:98:e4:8e:39:76:4c:48:ad:4c:15:40:32:3e:
42:25:1c:20:f9:89:c8:a8:36:be:a3:dc:78:ab:5b:
b3:93:10:92:20:95:cb:94:9e:5d:bf:3c:a3:49:bc:
51:4e:05:9f:03:3b:9b:bb:c6:c2:ff:83:83:f7:ce:
48:94:73:3e:52:55:af:22:21:01:17:97:76:7c:ec:
d3:b4:60:0e:d8:e1:5f:9a:dc:5e:22:3f:18:3a:d7:
0a:ad:9f:6f:2a:17:3a:ff:ef:49:b9:1c:7f:e9:f8:
78:b0:a1:fb:48:9f:fe:db:9d:ff:3b:ec:ee:df:03:
89:e3:4b:65:14:f8:67:7a:a8:a5:46:9e:e3:ec:64:
9b:30:e1:87:f3:10:a1:a5:87:48:b7:6b:55:ca:0b:
43:50:5a:cb:ce:7e:4e:b2:60:98:ff:f5:03:6f:c0:
89:a9:eb:7e:e5:68:e1:4d:0b:6a:49:6f:ac:01:20:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AF:6D:B5:99:6D:D0:42:DA:E5:1D:0E:4B:D1:F5:66:00:2F:12:39
X509v3 Authority Key Identifier:
keyid:B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/V69ttZlt0ELa5R0OS9H1ZgAvEjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.240.0/24
IPv6:
2a03:4bc0:1015::/48
Signature Algorithm: sha256WithRSAEncryption
20:a4:aa:e0:be:38:70:88:84:0f:82:e3:cf:a0:43:bd:1d:ff:
9e:ac:9b:dc:ca:4d:77:f3:a9:9b:63:75:c9:06:e3:39:25:70:
f8:74:00:7c:27:7a:9c:b9:ce:29:cc:44:95:77:e2:23:2b:fd:
e4:08:d7:ef:3f:c7:0a:5a:fb:4b:51:71:3b:9e:1b:32:a6:f4:
d4:57:6e:83:29:29:0b:d8:b3:5b:58:52:fe:e5:5a:42:99:34:
fd:52:75:5c:74:ed:90:17:67:b5:a5:73:12:de:35:f8:58:ea:
f1:ed:a6:eb:42:2e:f1:9a:c5:3e:3f:d5:1c:c6:53:ef:d7:36:
3c:6e:49:68:15:ad:da:30:5a:19:f5:36:60:8d:4a:9a:51:0c:
b1:ff:1b:92:86:dc:85:e1:23:31:78:cb:70:8d:c0:e5:97:cf:
6a:ed:3f:86:5d:58:aa:f7:7c:f2:ff:d5:cf:cb:75:99:95:4f:
2e:3a:6f:b9:92:4a:3e:a0:6f:85:eb:7a:cd:25:2d:80:23:17:
a4:97:3b:7e:ed:95:ff:f5:7b:13:14:71:54:72:b1:ab:e5:73:
a1:cb:fb:16:9f:98:f5:2c:46:49:87:99:ba:f6:03:b9:29:bf:
be:de:17:81:ac:b0:59:3f:e3:cb:21:e1:19:de:42:43:dd:94:
39:2b:9f:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsU/k0zOvwsoUZLMrT0YTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDA3NGFhODQ0OTgzMGRhOWIyMGIzYWZiMDY4MmQzYzAz
MmY5ZmUwHhcNMjMwMTAxMDc1NTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2FmNmRiNTk5NmRkMDQyZGFlNTFkMGU0YmQxZjU2NjAwMmYxMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl70v2J0Lgsxu6NoFtz4d8ABer4BK
2P47f9EKSF3V/lP2DvVvO1Wb0PkwOp0LymvcsWdo6yZL0p0fuXin4zeOuXGG3B5N
WmABCj6QTZjkjjl2TEitTBVAMj5CJRwg+YnIqDa+o9x4q1uzkxCSIJXLlJ5dvzyj
SbxRTgWfAzubu8bC/4OD985IlHM+UlWvIiEBF5d2fOzTtGAO2OFfmtxeIj8YOtcK
rZ9vKhc6/+9JuRx/6fh4sKH7SJ/+253/O+zu3wOJ40tlFPhneqilRp7j7GSbMOGH
8xChpYdIt2tVygtDUFrLzn5OsmCY//UDb8CJqet+5WjhTQtqSW+sASAkNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFevbbWZbdBC2uUdDkvR9WYALxI5MB8GA1UdIwQY
MBaAFLZAdKqESYMNqbILOvsGgtPAMvn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEt
MzUxNzFhZWRkMzEzLzEvVjY5dHRabHQwRUxhNVIwT1M5SDFaZ0F2RWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEtMzUxNzFhZWRkMzEz
LzEvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuVTwMA8E
AgACMAkDBwAqA0vAEBUwDQYJKoZIhvcNAQELBQADggEBACCkquC+OHCIhA+C48+g
Q70d/56sm9zKTXfzqZtjdckG4zklcPh0AHwnepy5zinMRJV34iMr/eQI1+8/xwpa
+0tRcTueGzKm9NRXboMpKQvYs1tYUv7lWkKZNP1SdVx07ZAXZ7WlcxLeNfhY6vHt
putCLvGaxT4/1RzGU+/XNjxuSWgVrdowWhn1NmCNSppRDLH/G5KG3IXhIzF4y3CN
wOWXz2rtP4ZdWKr3fPL/1c/LdZmVTy46b7mSSj6gb4Xres0lLYAjF6SXO37tlf/1
exMUcVRysavlc6HL+xafmPUsRkmHmbr2A7kpv77eF4GssFk/48sh4RneQkPdlDkr
n78=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:16 2025 by rpki-client