Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/kyyB14vt2eTTg73xGpQaLOnd1QQ.roa
File: kyyB14vt2eTTg73xGpQaLOnd1QQ.roa (raw, json)
Hash identifier: 1oQLQBcpajsG5YiyRni6K+6k1h20bTaLuOPuCGagEOY=
Subject key identifier: 93:2C:81:D7:8B:ED:D9:E4:D3:83:BD:F1:1A:94:1A:2C:E9:DD:D5:04
Certificate issuer: /CN=edafdca6eace4f1293223b02eebc278243869b7b
Certificate serial: 018AB90C2BEF546D3482648FB0A4D3BF2CE6
Authority key identifier: ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/kyyB14vt2eTTg73xGpQaLOnd1QQ.roa
Signing time: Thu 21 Sep 2023 18:41:37 +0000
ROA not before: Thu 21 Sep 2023 18:41:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1902
IP address blocks: 185.156.128.0/24 maxlen: 24
185.156.128.0/22 maxlen: 22
185.156.130.0/23 maxlen: 23
185.156.129.0/24 maxlen: 24
2a07:9e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:0c:2b:ef:54:6d:34:82:64:8f:b0:a4:d3:bf:2c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edafdca6eace4f1293223b02eebc278243869b7b
Validity
Not Before: Sep 21 18:41:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=932c81d78bedd9e4d383bdf11a941a2ce9ddd504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:30:c1:7d:34:84:3d:8e:38:d8:ec:bf:9f:0d:
e1:50:53:06:7f:49:fb:d1:02:50:d6:45:59:99:c9:
67:ca:76:2f:9f:53:19:33:cd:5c:aa:5c:da:d0:59:
f9:35:cc:f7:67:ac:a5:7c:60:89:e0:3c:bf:1e:61:
19:87:89:54:5d:89:23:9e:e6:84:dc:e5:85:7e:b4:
9f:1e:9d:57:f8:37:b8:78:ce:58:b9:c3:c8:59:3c:
b8:8f:60:90:98:3e:cd:7a:c3:37:6a:86:7b:cd:c1:
be:96:85:b4:cd:58:bf:7f:81:99:a9:f3:c8:87:a2:
0f:4c:59:28:4a:bf:85:09:93:8c:e6:68:59:2a:de:
a5:a1:9b:82:3f:76:df:9a:51:24:1e:f0:52:d3:5d:
4a:93:4b:a7:5a:09:5f:1e:37:dd:b7:8f:4a:37:4a:
45:55:c6:52:dd:3a:fd:40:98:15:19:d5:98:6b:19:
da:e9:eb:1d:66:be:02:03:12:81:e6:30:ee:03:09:
76:71:f6:43:1f:69:77:f7:67:18:d2:82:de:0d:84:
25:b4:e9:af:9e:58:69:d1:e0:54:5c:c5:4e:3e:54:
44:2b:36:59:96:c0:10:98:43:2a:63:2a:af:6e:5e:
12:0f:a5:41:7e:54:ae:a4:cc:c9:28:9b:b4:78:82:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2C:81:D7:8B:ED:D9:E4:D3:83:BD:F1:1A:94:1A:2C:E9:DD:D5:04
X509v3 Authority Key Identifier:
keyid:ED:AF:DC:A6:EA:CE:4F:12:93:22:3B:02:EE:BC:27:82:43:86:9B:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a_cpurOTxKTIjsC7rwngkOGm3s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/kyyB14vt2eTTg73xGpQaLOnd1QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/b476f9-d242-465a-8748-5f1dc0a0bfcf/1/7a_cpurOTxKTIjsC7rwngkOGm3s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.128.0/22
IPv6:
2a07:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
05:1d:6f:32:3f:73:2b:31:5f:ba:4a:c8:d0:bd:3b:91:03:51:
4b:6f:86:e6:16:ea:ec:ce:3f:67:46:75:25:80:18:8a:83:13:
98:05:34:94:ae:c9:1e:5d:24:00:9f:70:31:ab:ed:5b:85:87:
bf:a1:61:01:e2:83:4f:5e:02:f6:85:87:05:a5:be:01:aa:08:
3d:67:4f:22:66:93:d2:73:dc:6e:9e:85:6f:fc:2e:a9:98:5f:
52:35:a4:23:2c:40:cb:72:44:be:e5:41:e7:14:99:9c:34:b2:
61:04:ec:77:b1:b7:f8:d2:26:05:97:c0:a7:29:c7:25:ce:f3:
e8:23:ab:13:fd:10:9f:13:b5:28:ba:5e:54:8e:a2:c4:3b:cf:
7c:fd:2b:bc:2b:b0:cc:24:74:62:1d:b0:de:13:a8:89:26:17:
44:2b:7f:f3:60:07:ac:b6:ab:e8:88:ac:cf:33:92:eb:9a:9c:
08:90:cb:c1:26:79:c4:8d:c7:09:14:89:87:da:1b:96:e9:da:
05:31:83:93:11:36:ac:5b:17:ae:60:7b:1f:65:5b:e7:0a:2f:
5b:3a:dd:54:fd:72:90:8f:85:ca:b6:ee:fc:8d:1e:ba:2a:47:
1d:f2:c9:7f:e3:c2:8e:be:28:e3:f0:88:c3:7d:c9:f3:69:22:
4e:a9:ff:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq5DCvvVG00gmSPsKTTvyzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYWZkY2E2ZWFjZTRmMTI5MzIyM2IwMmVlYmMyNzgyNDM4
NjliN2IwHhcNMjMwOTIxMTg0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJjODFkNzhiZWRkOWU0ZDM4M2JkZjExYTk0MWEyY2U5ZGRkNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDDBfTSEPY442Oy/nw3hUFMGf0n7
0QJQ1kVZmclnynYvn1MZM81cqlza0Fn5Ncz3Z6ylfGCJ4Dy/HmEZh4lUXYkjnuaE
3OWFfrSfHp1X+De4eM5YucPIWTy4j2CQmD7NesM3aoZ7zcG+loW0zVi/f4GZqfPI
h6IPTFkoSr+FCZOM5mhZKt6loZuCP3bfmlEkHvBS011Kk0unWglfHjfdt49KN0pF
VcZS3Tr9QJgVGdWYaxna6esdZr4CAxKB5jDuAwl2cfZDH2l392cY0oLeDYQltOmv
nlhp0eBUXMVOPlREKzZZlsAQmEMqYyqvbl4SD6VBflSupMzJKJu0eIIZSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJMsgdeL7dnk04O98RqUGizp3dUEMB8GA1UdIwQY
MBaAFO2v3Kbqzk8SkyI7Au68J4JDhpt7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgt
NWYxZGMwYTBiZmNmLzEva3l5QjE0dnQyZVRUZzczeEdwUWFMT25kMVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9iNDc2ZjktZDI0Mi00NjVhLTg3NDgtNWYxZGMwYTBiZmNm
LzEvN2FfY3B1ck9UeEtUSWpzQzdyd25na09HbTNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZyAMA0E
AgACMAcDBQMqB55AMA0GCSqGSIb3DQEBCwUAA4IBAQAFHW8yP3MrMV+6SsjQvTuR
A1FLb4bmFurszj9nRnUlgBiKgxOYBTSUrskeXSQAn3Axq+1bhYe/oWEB4oNPXgL2
hYcFpb4Bqgg9Z08iZpPSc9xunoVv/C6pmF9SNaQjLEDLckS+5UHnFJmcNLJhBOx3
sbf40iYFl8CnKcclzvPoI6sT/RCfE7Uoul5UjqLEO898/Su8K7DMJHRiHbDeE6iJ
JhdEK3/zYAestqvoiKzPM5LrmpwIkMvBJnnEjccJFImH2huW6doFMYOTETasWxeu
YHsfZVvnCi9bOt1U/XKQj4XKtu78jR66Kkcd8sl/48KOvijj8IjDfcnzaSJOqf+8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:55 2025 by rpki-client