Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/twOdoeqpYCCTYzeKeFrpcQuSMAs.roa
File: twOdoeqpYCCTYzeKeFrpcQuSMAs.roa (raw, json)
Hash identifier: 4jWEUQWRjJNad0wm8bWop+SKo1BOtqWslyCCi4R8VfE=
Subject key identifier: B7:03:9D:A1:EA:A9:60:20:93:63:37:8A:78:5A:E9:71:0B:92:30:0B
Certificate issuer: /CN=7580d16569bb24a328e27b47f7d751659725defb
Certificate serial: 3224ED06
Authority key identifier: 75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/twOdoeqpYCCTYzeKeFrpcQuSMAs.roa
Signing time: Sat 01 Jan 2022 12:04:47 +0000
ROA not before: Sat 01 Jan 2022 12:04:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199629
IP address blocks: 185.10.144.0/22 maxlen: 24
2a03:3a40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841280774 (0x3224ed06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7580d16569bb24a328e27b47f7d751659725defb
Validity
Not Before: Jan 1 12:04:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7039da1eaa960209363378a785ae9710b92300b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:a2:27:6f:79:75:7b:d1:41:13:cf:a9:03:
03:7f:3f:7e:2e:34:75:28:ce:1d:11:d5:96:e0:4a:
5a:ce:75:c9:34:cb:d3:c0:71:21:69:cb:a4:65:51:
ed:09:d6:86:c9:a0:a8:23:62:9e:f1:4b:b4:1f:8f:
49:c0:0e:8d:e6:be:6a:1f:72:c1:b9:88:5e:61:23:
58:3b:6b:09:88:ac:68:c6:96:e6:89:eb:bf:b4:4a:
34:db:9a:63:1e:68:a4:21:2b:04:59:d7:c4:56:c9:
9e:38:36:14:9f:52:f6:ec:a5:a5:59:0c:f6:05:6d:
75:53:15:26:96:c2:2a:63:47:ab:2d:12:4c:3f:31:
0d:c1:02:80:3e:38:df:f5:d7:6c:5d:95:eb:0a:2e:
ef:de:62:f3:17:58:6e:75:28:11:00:b2:d2:24:39:
3b:78:20:34:c0:47:11:30:bf:06:b0:7f:32:1c:47:
88:1a:74:2c:ea:c8:e8:fd:72:6b:c7:96:9f:98:f3:
98:28:5c:56:c8:b8:58:d3:8a:97:7b:8e:62:9a:26:
c2:78:93:54:fa:57:58:76:8f:b0:3b:7d:39:23:e2:
1a:7d:6e:05:a5:2a:14:be:a9:4b:16:d9:f1:2a:43:
4f:65:26:12:94:af:b8:15:40:a9:3c:7b:1d:ed:bc:
99:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:03:9D:A1:EA:A9:60:20:93:63:37:8A:78:5A:E9:71:0B:92:30:0B
X509v3 Authority Key Identifier:
keyid:75:80:D1:65:69:BB:24:A3:28:E2:7B:47:F7:D7:51:65:97:25:DE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dYDRZWm7JKMo4ntH99dRZZcl3vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/twOdoeqpYCCTYzeKeFrpcQuSMAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1a18de-efbd-41b5-b336-79fbd385a550/1/dYDRZWm7JKMo4ntH99dRZZcl3vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.144.0/22
IPv6:
2a03:3a40::/32
Signature Algorithm: sha256WithRSAEncryption
0c:0b:74:72:3e:2c:2d:d0:ee:57:ca:a3:6a:dc:e0:eb:bb:e3:
4d:64:fe:c4:f2:0a:4a:37:f8:bd:db:e8:23:6c:79:8e:81:49:
0e:cf:0e:1c:c7:e7:a3:58:de:fd:f2:2f:32:b3:e9:04:c0:9a:
77:ce:d2:f2:4b:d1:62:80:dc:c7:3d:34:29:47:f7:86:04:61:
12:5c:78:c6:b4:da:5a:42:96:02:74:bf:c0:38:91:df:5a:db:
da:27:eb:40:ff:14:8f:ba:e4:61:3f:e9:58:8e:bf:fa:64:6f:
51:63:86:2a:f3:df:c7:1d:d8:d8:e0:d2:05:de:9e:2b:23:37:
74:e5:f7:5c:ea:01:b2:ca:f6:c2:76:83:be:06:76:93:57:fd:
6f:42:a1:03:3c:92:75:ce:5e:2c:fb:4f:05:15:6e:ba:63:7e:
0b:85:89:c2:79:9f:70:7e:d5:17:57:f2:f6:19:17:9b:49:0c:
62:d6:c1:a4:6f:5d:ca:33:18:65:9a:25:49:cf:e0:2a:13:d4:
44:8e:77:30:97:15:12:16:e0:bb:fb:c1:01:52:91:9f:54:0f:
ff:10:59:da:09:d2:be:e8:80:c7:90:3b:05:37:92:1d:dd:60:
1f:2b:a6:f9:f7:5f:c8:7c:41:1e:fb:21:61:45:1c:45:79:b5:
b8:22:be:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEMiTtBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTgwZDE2NTY5YmIyNGEzMjhlMjdiNDdmN2Q3NTE2NTk3MjVkZWZiMB4XDTIyMDEw
MTEyMDQ0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjcwMzlkYTFlYWE5
NjAyMDkzNjMzNzhhNzg1YWU5NzEwYjkyMzAwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhhoidveXV70UETz6kDA38/fi40dSjOHRHVluBKWs51yTTL
08BxIWnLpGVR7QnWhsmgqCNinvFLtB+PScAOjea+ah9ywbmIXmEjWDtrCYisaMaW
5onrv7RKNNuaYx5opCErBFnXxFbJnjg2FJ9S9uylpVkM9gVtdVMVJpbCKmNHqy0S
TD8xDcECgD443/XXbF2V6wou795i8xdYbnUoEQCy0iQ5O3ggNMBHETC/BrB/MhxH
iBp0LOrI6P1ya8eWn5jzmChcVsi4WNOKl3uOYpomwniTVPpXWHaPsDt9OSPiGn1u
BaUqFL6pSxbZ8SpDT2UmEpSvuBVAqTx7He28mTECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS3A52h6qlgIJNjN4p4WulxC5IwCzAfBgNVHSMEGDAWgBR1gNFlabskoyji
e0f311FllyXe+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RZRFJaV203SktNbzRudEg5OWRSWlpjbDN2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvMWExOGRlLWVmYmQtNDFiNS1iMzM2LTc5ZmJkMzg1YTU1MC8x
L3R3T2RvZXFwWUNDVFl6ZUtlRnJwY1F1U01Bcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
MWExOGRlLWVmYmQtNDFiNS1iMzM2LTc5ZmJkMzg1YTU1MC8xL2RZRFJaV203SktN
bzRudEg5OWRSWlpjbDN2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkKkDANBAIAAjAHAwUAKgM6QDAN
BgkqhkiG9w0BAQsFAAOCAQEADAt0cj4sLdDuV8qjatzg67vjTWT+xPIKSjf4vdvo
I2x5joFJDs8OHMfno1je/fIvMrPpBMCad87S8kvRYoDcxz00KUf3hgRhElx4xrTa
WkKWAnS/wDiR31rb2ifrQP8Uj7rkYT/pWI6/+mRvUWOGKvPfxx3Y2ODSBd6eKyM3
dOX3XOoBssr2wnaDvgZ2k1f9b0KhAzySdc5eLPtPBRVuumN+C4WJwnmfcH7VF1fy
9hkXm0kMYtbBpG9dyjMYZZolSc/gKhPURI53MJcVEhbgu/vBAVKRn1QP/xBZ2gnS
vuiAx5A7BTeSHd1gHyum+fdfyHxBHvshYUUcRXm1uCK+1w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:46 2025 by rpki-client