Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/4FA2lOJKRLk5FcUH4NqvBNkxW6M.roa
File: 4FA2lOJKRLk5FcUH4NqvBNkxW6M.roa (raw, json)
Hash identifier: /FoAJXo35PPW+oIVt+5P2+JzhOP+mabUwIlmWC7ws3Q=
Subject key identifier: E0:50:36:94:E2:4A:44:B9:39:15:C5:07:E0:DA:AF:04:D9:31:5B:A3
Certificate issuer: /CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Certificate serial: 018572C3959C058BEF02A4F294A7CC7AD66D
Authority key identifier: 9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/4FA2lOJKRLk5FcUH4NqvBNkxW6M.roa
Signing time: Mon 02 Jan 2023 13:54:58 +0000
ROA not before: Mon 02 Jan 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 185.117.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:95:9c:05:8b:ef:02:a4:f2:94:a7:cc:7a:d6:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e9e6887ea7572a6411306c87b0cc089397a6354
Validity
Not Before: Jan 2 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0503694e24a44b93915c507e0daaf04d9315ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cd:3e:4b:d0:50:d9:23:71:d9:ee:fa:5d:9f:
0f:1a:dd:81:dc:19:20:9b:e1:93:72:1a:21:86:fa:
4d:4a:cc:08:42:36:b2:bd:d6:25:36:d9:7d:44:0a:
48:a3:b7:d1:a8:e2:ed:7f:14:f6:55:b9:2d:21:18:
b8:b5:47:4f:78:67:90:13:1d:19:f1:2a:5a:e2:b2:
43:17:b0:68:9f:bc:65:f8:92:a4:45:52:51:37:e8:
f6:92:8d:19:06:2f:b9:8e:00:a3:a4:07:83:e0:8b:
62:69:69:a6:5c:5d:82:d2:9c:ba:55:66:1f:bd:24:
90:84:f1:5f:40:58:d4:1e:d8:f0:f6:25:e3:9a:65:
b4:64:84:35:22:d0:93:0b:cb:bb:28:76:c4:59:25:
5f:d9:61:47:87:eb:e7:53:57:9d:d7:dd:a5:79:a0:
07:c8:bd:42:7d:cd:f7:31:a5:db:75:f6:af:e1:80:
58:8e:b5:fa:e4:1c:b3:0a:18:ba:25:52:ec:a7:d2:
18:cb:57:de:06:14:f1:be:61:48:81:61:ab:a7:16:
9c:85:35:31:58:bb:90:4d:0c:37:b1:b5:4e:59:b1:
5f:da:1a:9c:1d:60:20:f7:5d:50:9b:ba:fc:d9:6a:
68:52:bb:03:22:31:2b:ee:ce:bc:a5:6f:16:06:13:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:50:36:94:E2:4A:44:B9:39:15:C5:07:E0:DA:AF:04:D9:31:5B:A3
X509v3 Authority Key Identifier:
keyid:9E:9E:68:87:EA:75:72:A6:41:13:06:C8:7B:0C:C0:89:39:7A:63:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/np5oh-p1cqZBEwbIewzAiTl6Y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/4FA2lOJKRLk5FcUH4NqvBNkxW6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/e2abad-58fa-4ced-8650-ec508dec7793/1/np5oh-p1cqZBEwbIewzAiTl6Y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.120.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:98:3d:de:9a:5d:f9:44:11:00:f5:36:1f:4a:1e:92:a5:37:
f5:ab:d7:5e:9e:e8:85:aa:e7:47:74:ce:db:1d:b4:51:c7:77:
98:35:fd:95:5c:6b:25:ff:a4:11:28:ba:da:78:61:52:af:83:
33:29:db:c2:44:6a:a7:7b:e6:b6:1e:36:45:40:b1:d4:f9:6f:
35:06:f4:ef:4b:cf:ba:94:7e:56:a3:71:37:75:f8:c6:a9:82:
d6:aa:5a:42:87:4b:52:80:41:40:ee:b8:81:bd:96:43:c6:b3:
55:8f:ff:d1:cd:a2:98:35:05:88:4f:3f:15:19:1f:fc:72:9b:
e9:81:38:92:0d:c5:9f:ee:0f:10:86:71:31:2c:23:f9:2a:50:
ea:14:56:f5:cf:5b:04:25:9c:e4:52:7c:e5:36:0b:2b:8c:38:
8e:86:c6:52:60:0e:65:20:e3:71:79:58:27:05:39:19:6c:bd:
68:26:fe:e5:b2:23:ed:0b:1f:4a:ad:8c:b3:11:f3:e1:0a:55:
ac:b6:ba:bb:2f:b7:20:fd:f6:0c:d9:0c:a5:49:d3:4b:71:8a:
2b:8e:60:96:55:2a:fe:b5:3c:7c:be:29:31:40:31:a5:a3:65:
1c:ba:2e:66:3b:1a:07:b5:0a:e9:4c:d0:c5:d9:ad:f1:24:39:
83:7a:91:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw5WcBYvvAqTylKfMetZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOWU2ODg3ZWE3NTcyYTY0MTEzMDZjODdiMGNjMDg5Mzk3
YTYzNTQwHhcNMjMwMTAyMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUwMzY5NGUyNGE0NGI5MzkxNWM1MDdlMGRhYWYwNGQ5MzE1YmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAls0+S9BQ2SNx2e76XZ8PGt2B3Bkg
m+GTchohhvpNSswIQjayvdYlNtl9RApIo7fRqOLtfxT2VbktIRi4tUdPeGeQEx0Z
8Spa4rJDF7Bon7xl+JKkRVJRN+j2ko0ZBi+5jgCjpAeD4ItiaWmmXF2C0py6VWYf
vSSQhPFfQFjUHtjw9iXjmmW0ZIQ1ItCTC8u7KHbEWSVf2WFHh+vnU1ed192leaAH
yL1Cfc33MaXbdfav4YBYjrX65ByzChi6JVLsp9IYy1feBhTxvmFIgWGrpxachTUx
WLuQTQw3sbVOWbFf2hqcHWAg911Qm7r82WpoUrsDIjEr7s68pW8WBhO5wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBQNpTiSkS5ORXFB+DarwTZMVujMB8GA1UdIwQY
MBaAFJ6eaIfqdXKmQRMGyHsMwIk5emNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAt
ZWM1MDhkZWM3NzkzLzEvNEZBMmxPSktSTGs1RmNVSDROcXZCTmt4VzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9lMmFiYWQtNThmYS00Y2VkLTg2NTAtZWM1MDhkZWM3Nzkz
LzEvbnA1b2gtcDFjcVpCRXdiSWV3ekFpVGw2WTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXV4MA0G
CSqGSIb3DQEBCwUAA4IBAQA7mD3eml35RBEA9TYfSh6SpTf1q9denuiFqudHdM7b
HbRRx3eYNf2VXGsl/6QRKLraeGFSr4MzKdvCRGqne+a2HjZFQLHU+W81BvTvS8+6
lH5Wo3E3dfjGqYLWqlpCh0tSgEFA7riBvZZDxrNVj//RzaKYNQWITz8VGR/8cpvp
gTiSDcWf7g8QhnExLCP5KlDqFFb1z1sEJZzkUnzlNgsrjDiOhsZSYA5lIONxeVgn
BTkZbL1oJv7lsiPtCx9KrYyzEfPhClWstrq7L7cg/fYM2QylSdNLcYorjmCWVSr+
tTx8vikxQDGlo2Ucui5mOxoHtQrpTNDF2a3xJDmDepG0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:08 2025 by rpki-client