Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/cM6vlOHaJuvh8sEyhpyV8fg3c4s.roa
File: cM6vlOHaJuvh8sEyhpyV8fg3c4s.roa (raw, json)
Hash identifier: SDE3FAw/mRyP46Hizc86e5ZEN+0Ik1KFd4Yc45TtUVY=
Subject key identifier: 70:CE:AF:94:E1:DA:26:EB:E1:F2:C1:32:86:9C:95:F1:F8:37:73:8B
Certificate issuer: /CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Certificate serial: 01856F302C93221DA3BDD32CCD85A074AC6C
Authority key identifier: 2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/cM6vlOHaJuvh8sEyhpyV8fg3c4s.roa
Signing time: Sun 01 Jan 2023 21:15:06 +0000
ROA not before: Sun 01 Jan 2023 21:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60672
IP address blocks: 185.137.222.0/24 maxlen: 24
185.137.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:2c:93:22:1d:a3:bd:d3:2c:cd:85:a0:74:ac:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f7a464b894841b3b940e0b357b865e393b1dd46
Validity
Not Before: Jan 1 21:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70ceaf94e1da26ebe1f2c132869c95f1f837738b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:18:c2:61:83:27:f6:32:f7:ed:0a:00:34:
d6:2b:46:f6:7c:61:e7:47:17:c7:cf:ad:44:d3:b0:
d2:35:28:49:fe:96:e2:be:b2:64:33:fb:97:e4:30:
32:98:08:57:8b:91:6c:94:6c:8f:b0:32:15:9e:49:
e8:83:af:01:8a:38:17:26:a6:d5:37:39:94:56:e1:
41:94:59:65:19:bf:01:1e:52:1f:68:10:a3:82:d9:
cf:5f:d2:24:c5:e1:34:79:fc:f2:2b:90:e2:d9:84:
f9:92:3a:c3:20:f7:e9:6f:98:1c:54:fe:32:ff:46:
18:09:96:31:38:d1:d9:e2:04:fb:26:64:de:cd:7d:
60:2e:ff:58:0a:e9:ba:63:a6:bc:d7:5a:14:bf:d9:
0c:cf:d3:3d:7a:e9:61:d8:9c:90:0d:f5:95:0b:33:
c0:60:ab:79:11:b3:ab:7b:38:b0:d7:2b:16:98:d8:
2d:7f:25:fc:7c:d0:1b:53:c1:d8:af:91:6c:8d:16:
21:ba:5c:7f:07:ee:32:71:46:92:01:44:b7:40:4d:
ed:92:13:df:54:3f:1d:f7:9e:30:94:f4:2d:5a:16:
9d:88:33:55:16:05:11:9a:14:77:79:30:cc:00:91:
4f:47:41:c5:c1:b3:5e:4b:ac:7d:6c:20:31:57:be:
8f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CE:AF:94:E1:DA:26:EB:E1:F2:C1:32:86:9C:95:F1:F8:37:73:8B
X509v3 Authority Key Identifier:
keyid:2F:7A:46:4B:89:48:41:B3:B9:40:E0:B3:57:B8:65:E3:93:B1:DD:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3pGS4lIQbO5QOCzV7hl45Ox3UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/cM6vlOHaJuvh8sEyhpyV8fg3c4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b2f7a0-06c4-4ab5-85aa-10144c1bcafc/1/L3pGS4lIQbO5QOCzV7hl45Ox3UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.220.0-185.137.222.255
Signature Algorithm: sha256WithRSAEncryption
29:d6:82:e1:1f:39:83:67:48:54:62:e7:fd:32:f5:73:bb:70:
da:d4:e4:12:e0:2e:20:bb:16:64:32:89:ce:81:19:cb:34:9d:
f9:66:eb:93:a4:0f:97:75:55:d7:96:94:d0:af:b5:bc:e7:4e:
2a:91:5e:28:0d:7f:e2:30:e2:ea:eb:7e:1c:60:d3:2a:e6:e0:
d1:61:23:ea:34:76:d6:67:12:0e:87:f3:b6:15:52:60:5b:8f:
a9:9d:e4:18:7c:94:89:63:f1:6c:b7:43:60:80:dd:b8:fb:40:
91:07:1c:02:7e:09:3f:41:62:f4:b4:dc:40:b6:35:76:05:c4:
21:f9:cc:36:f4:96:66:1a:b9:52:e8:b6:76:4c:31:d1:08:fd:
ea:82:b7:a0:9d:f7:4b:61:46:25:9b:db:a9:8f:e8:9d:4b:00:
93:a6:0d:ee:d7:77:9e:5f:11:fe:e8:ba:83:fb:b3:dc:ae:60:
46:4e:bc:b3:d4:2e:08:ad:c3:1e:0b:8f:9e:38:71:84:89:20:
58:3d:a8:d0:e3:a1:99:a4:64:1a:f5:06:7e:ef:85:70:8f:66:
cf:08:ea:38:1e:f7:0a:78:50:09:c8:88:f5:01:a3:73:65:72:
d3:5b:ac:fe:b1:3f:21:5b:e7:35:88:57:98:72:1f:5b:90:39:
67:d1:cc:1c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvMCyTIh2jvdMszYWgdKxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmN2E0NjRiODk0ODQxYjNiOTQwZTBiMzU3Yjg2NWUzOTNi
MWRkNDYwHhcNMjMwMTAxMjExNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNlYWY5NGUxZGEyNmViZTFmMmMxMzI4NjljOTVmMWY4Mzc3MzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNEYwmGDJ/Yy9+0KADTWK0b2fGHn
RxfHz61E07DSNShJ/pbivrJkM/uX5DAymAhXi5FslGyPsDIVnknog68BijgXJqbV
NzmUVuFBlFllGb8BHlIfaBCjgtnPX9IkxeE0efzyK5Di2YT5kjrDIPfpb5gcVP4y
/0YYCZYxONHZ4gT7JmTezX1gLv9YCum6Y6a811oUv9kMz9M9eulh2JyQDfWVCzPA
YKt5EbOreziw1ysWmNgtfyX8fNAbU8HYr5FsjRYhulx/B+4ycUaSAUS3QE3tkhPf
VD8d954wlPQtWhadiDNVFgURmhR3eTDMAJFPR0HFwbNeS6x9bCAxV76P5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHDOr5Th2ibr4fLBMoaclfH4N3OLMB8GA1UdIwQY
MBaAFC96RkuJSEGzuUDgs1e4ZeOTsd1GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEt
MTAxNDRjMWJjYWZjLzEvY002dmxPSGFKdXZoOHNFeWhweVY4ZmczYzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iMmY3YTAtMDZjNC00YWI1LTg1YWEtMTAxNDRjMWJjYWZj
LzEvTDNwR1M0bElRYk81UU9DelY3aGw0NU94M1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5idwD
BAC5id4wDQYJKoZIhvcNAQELBQADggEBACnWguEfOYNnSFRi5/0y9XO7cNrU5BLg
LiC7FmQyic6BGcs0nflm65OkD5d1VdeWlNCvtbznTiqRXigNf+Iw4urrfhxg0yrm
4NFhI+o0dtZnEg6H87YVUmBbj6md5Bh8lIlj8Wy3Q2CA3bj7QJEHHAJ+CT9BYvS0
3EC2NXYFxCH5zDb0lmYauVLotnZMMdEI/eqCt6Cd90thRiWb26mP6J1LAJOmDe7X
d55fEf7ouoP7s9yuYEZOvLPULgitwx4Lj544cYSJIFg9qNDjoZmkZBr1Bn7vhXCP
Zs8I6jge9wp4UAnIiPUBo3NlctNbrP6xPyFb5zWIV5hyH1uQOWfRzBw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:01:12 2025 by rpki-client