Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/27AZUmbMCde_tbiuo-eqlhIYpiY.roa
File: 27AZUmbMCde_tbiuo-eqlhIYpiY.roa (raw, json)
Hash identifier: qs//R1xy2heHhRw/KdST+ObD8r3Vr/UjZKdXS4XILY8=
Subject key identifier: DB:B0:19:52:66:CC:09:D7:BF:B5:B8:AE:A3:E7:AA:96:12:18:A6:26
Certificate issuer: /CN=82a4161acabf66d425ed878c5da96a7d5cb3ffe4
Certificate serial: 01856F5DD0EE06C0ADDAA0A5C932D59A997C
Authority key identifier: 82:A4:16:1A:CA:BF:66:D4:25:ED:87:8C:5D:A9:6A:7D:5C:B3:FF:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/27AZUmbMCde_tbiuo-eqlhIYpiY.roa
Signing time: Sun 01 Jan 2023 22:04:57 +0000
ROA not before: Sun 01 Jan 2023 22:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59959
IP address blocks: 185.243.124.0/22 maxlen: 22
2a0d:1380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:d0:ee:06:c0:ad:da:a0:a5:c9:32:d5:9a:99:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82a4161acabf66d425ed878c5da96a7d5cb3ffe4
Validity
Not Before: Jan 1 22:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbb0195266cc09d7bfb5b8aea3e7aa961218a626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f7:cb:c0:5c:c5:52:99:99:b0:92:fe:d8:3a:
0f:93:ca:e9:f2:be:81:99:5b:e7:bb:ab:54:4d:d3:
1a:e3:1f:e4:44:19:e9:8a:9d:4b:40:f8:8f:34:34:
18:a4:62:b6:8d:b3:18:a8:9a:69:33:8f:59:4f:5f:
ca:5b:c2:4c:61:4f:cd:08:92:eb:55:7c:83:9a:e1:
f1:e6:75:ae:75:55:5c:a5:3e:f2:7a:3e:5b:15:ec:
2e:d8:c5:a4:3a:4b:72:21:01:b3:c1:93:ab:f3:67:
7d:68:82:9c:5e:ed:3c:32:1a:78:53:83:3c:e1:2f:
3c:d2:24:15:53:f7:fd:42:32:c2:a3:da:c7:0e:28:
cc:96:d4:a5:9a:9b:5a:32:01:4a:76:bf:14:74:3d:
9f:3f:62:ac:b4:e9:85:84:19:cf:b2:83:7c:79:fe:
99:e1:e3:f1:6b:e7:9c:80:73:9c:2a:7f:40:53:9b:
da:d3:2c:a6:0c:fa:e4:f6:5e:5e:7d:dc:a1:a0:e1:
b0:8c:9a:1a:85:c4:7a:ad:a2:e1:2d:2c:32:86:cb:
00:d0:05:1d:9b:66:58:d6:1c:3a:24:1a:77:04:6c:
14:a8:86:dc:a0:ea:40:fd:80:20:69:32:7f:ed:2c:
f4:9b:b3:53:57:cd:53:68:8e:0d:fd:ab:5e:8c:4e:
5c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:B0:19:52:66:CC:09:D7:BF:B5:B8:AE:A3:E7:AA:96:12:18:A6:26
X509v3 Authority Key Identifier:
keyid:82:A4:16:1A:CA:BF:66:D4:25:ED:87:8C:5D:A9:6A:7D:5C:B3:FF:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/27AZUmbMCde_tbiuo-eqlhIYpiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/5209b6-d64c-4360-8c2b-6f70d53cbef6/1/gqQWGsq_ZtQl7YeMXalqfVyz_-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.124.0/22
IPv6:
2a0d:1380::/29
Signature Algorithm: sha256WithRSAEncryption
7b:69:9a:25:32:fc:80:d4:7e:03:d8:54:23:86:1c:2e:0d:8b:
53:2f:6b:be:bf:a4:2f:7b:fb:f3:26:ac:de:e3:9f:78:94:1d:
00:57:c8:5f:e3:46:df:96:9f:32:9d:f0:97:e9:a3:71:80:0a:
0a:44:21:63:5c:74:12:3c:c8:0f:01:3e:fb:da:97:cf:4e:6f:
9c:d6:cb:bc:00:9c:9a:45:20:45:df:ea:19:7c:23:af:4b:93:
8d:e0:ce:49:2a:2c:2e:5e:6d:8e:d4:e9:ec:a4:ad:da:c0:e4:
ce:20:18:96:1d:96:3e:02:c7:bb:37:b5:e9:ff:ce:48:3c:b8:
2b:9d:d4:c4:c0:e6:ad:f2:57:5d:9e:d8:49:d5:00:79:b4:dd:
23:c2:4f:14:79:b4:98:82:1f:fa:8c:ed:dc:4f:56:dc:dc:5b:
90:67:f8:4d:08:5d:d7:35:95:58:04:b0:d7:15:c2:05:83:2c:
db:b7:15:00:b3:a1:39:42:e2:c4:c7:bb:ed:fb:49:d8:dc:0b:
54:c9:df:94:4d:9b:d8:6b:25:d2:6f:23:11:c5:f0:b2:49:3b:
e2:ea:25:09:6a:85:e0:bd:35:dc:ba:49:69:54:79:85:79:ea:
de:aa:cc:0a:f2:67:c2:f7:7c:70:bd:ea:8b:83:27:55:77:93:
d9:ce:76:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvXdDuBsCt2qClyTLVmpl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYTQxNjFhY2FiZjY2ZDQyNWVkODc4YzVkYTk2YTdkNWNi
M2ZmZTQwHhcNMjMwMTAxMjIwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmIwMTk1MjY2Y2MwOWQ3YmZiNWI4YWVhM2U3YWE5NjEyMThhNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPfLwFzFUpmZsJL+2DoPk8rp8r6B
mVvnu6tUTdMa4x/kRBnpip1LQPiPNDQYpGK2jbMYqJppM49ZT1/KW8JMYU/NCJLr
VXyDmuHx5nWudVVcpT7yej5bFewu2MWkOktyIQGzwZOr82d9aIKcXu08Mhp4U4M8
4S880iQVU/f9QjLCo9rHDijMltSlmptaMgFKdr8UdD2fP2KstOmFhBnPsoN8ef6Z
4ePxa+ecgHOcKn9AU5va0yymDPrk9l5efdyhoOGwjJoahcR6raLhLSwyhssA0AUd
m2ZY1hw6JBp3BGwUqIbcoOpA/YAgaTJ/7Sz0m7NTV81TaI4N/atejE5cuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNuwGVJmzAnXv7W4rqPnqpYSGKYmMB8GA1UdIwQY
MBaAFIKkFhrKv2bUJe2HjF2pan1cs//kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3FRV0dzcV9adFFsN1llTVhhbHFmVnl6Xy1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MjA5YjYtZDY0Yy00MzYwLThjMmIt
NmY3MGQ1M2NiZWY2LzEvMjdBWlVtYk1DZGVfdGJpdW8tZXFsaElZcGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MjA5YjYtZDY0Yy00MzYwLThjMmItNmY3MGQ1M2NiZWY2
LzEvZ3FRV0dzcV9adFFsN1llTVhhbHFmVnl6Xy1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufN8MA0E
AgACMAcDBQMqDROAMA0GCSqGSIb3DQEBCwUAA4IBAQB7aZolMvyA1H4D2FQjhhwu
DYtTL2u+v6Qve/vzJqze4594lB0AV8hf40bflp8ynfCX6aNxgAoKRCFjXHQSPMgP
AT772pfPTm+c1su8AJyaRSBF3+oZfCOvS5ON4M5JKiwuXm2O1OnspK3awOTOIBiW
HZY+Ase7N7Xp/85IPLgrndTEwOat8lddnthJ1QB5tN0jwk8UebSYgh/6jO3cT1bc
3FuQZ/hNCF3XNZVYBLDXFcIFgyzbtxUAs6E5QuLEx7vt+0nY3AtUyd+UTZvYayXS
byMRxfCySTvi6iUJaoXgvTXcuklpVHmFeereqswK8mfC93xwveqLgydVd5PZznaW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:35 2025 by rpki-client