Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/cxQVOyoO8omld3Hbd6zTMYSEQR0.roa
File: cxQVOyoO8omld3Hbd6zTMYSEQR0.roa (raw, json)
Hash identifier: 9HngrLyj3O3C5U9iPE8mLaq89V6VtenMKDwlOBlRl0U=
Subject key identifier: 73:14:15:3B:2A:0E:F2:89:A5:77:71:DB:77:AC:D3:31:84:84:41:1D
Certificate issuer: /CN=b28599292a6324297e02fff3c5119bee0b317548
Certificate serial: 018571DE7CE74E483C4DA68CFB8407D97EB6
Authority key identifier: B2:85:99:29:2A:63:24:29:7E:02:FF:F3:C5:11:9B:EE:0B:31:75:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/soWZKSpjJCl-Av_zxRGb7gsxdUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/cxQVOyoO8omld3Hbd6zTMYSEQR0.roa
Signing time: Mon 02 Jan 2023 09:44:44 +0000
ROA not before: Mon 02 Jan 2023 09:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203455
IP address blocks: 185.133.132.0/22 maxlen: 32
2a05:70c0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:de:7c:e7:4e:48:3c:4d:a6:8c:fb:84:07:d9:7e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b28599292a6324297e02fff3c5119bee0b317548
Validity
Not Before: Jan 2 09:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7314153b2a0ef289a57771db77acd3318484411d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5f:6c:eb:7c:93:d0:1f:dc:5c:14:95:e7:22:
f3:b7:e0:4b:17:02:57:49:2e:05:1e:32:6b:61:44:
84:41:78:0b:62:78:17:9d:ef:a4:3f:07:ba:e8:3d:
ec:e8:2c:59:52:fa:45:42:8f:43:ff:e9:7c:83:29:
c1:97:20:3a:76:47:d5:79:0f:2a:22:0b:48:26:74:
d6:29:e4:ed:0e:da:bf:f0:69:d9:eb:94:f8:3c:85:
e1:11:25:ae:40:65:e7:99:66:29:b1:53:e3:6e:a9:
a8:2d:fa:af:18:47:eb:9d:2a:75:a7:5a:aa:22:14:
65:3d:b8:1a:a9:cc:23:fc:8a:d0:c5:1a:3e:e4:c6:
07:15:31:53:9d:93:d2:26:cd:fc:d7:6c:62:8a:5d:
16:e8:03:ef:6b:b2:7b:36:86:e1:4c:49:81:25:17:
84:f0:1a:03:08:7d:d5:95:ad:ee:fe:05:eb:f4:19:
42:e3:3c:51:fb:f2:f0:1a:cc:4e:a9:dc:d0:09:97:
f4:80:45:b3:f1:89:6f:3d:87:c4:3b:c8:86:1b:af:
9f:7b:53:71:79:f5:21:a3:9c:96:e6:17:e8:ae:3d:
11:6f:f6:2c:0a:53:80:d0:47:13:d2:1c:4d:64:e8:
d8:5e:5b:d0:28:f5:02:13:3f:da:45:f0:8e:59:d3:
47:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:14:15:3B:2A:0E:F2:89:A5:77:71:DB:77:AC:D3:31:84:84:41:1D
X509v3 Authority Key Identifier:
keyid:B2:85:99:29:2A:63:24:29:7E:02:FF:F3:C5:11:9B:EE:0B:31:75:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/soWZKSpjJCl-Av_zxRGb7gsxdUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/cxQVOyoO8omld3Hbd6zTMYSEQR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e552f4-96ca-4259-a82a-e35a67e5d9e2/1/soWZKSpjJCl-Av_zxRGb7gsxdUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.132.0/22
IPv6:
2a05:70c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:4c:8e:0c:33:6e:72:a1:8f:70:36:1f:c0:dc:e0:9f:f4:67:
8c:c1:3c:98:47:6f:44:16:bd:a5:cf:c7:29:24:40:e8:f9:f1:
90:6d:64:84:b0:06:21:39:e1:3b:4d:8f:e1:fc:27:18:bd:39:
14:93:ec:fa:72:bf:7c:86:d1:e6:1f:55:60:be:af:87:f9:e1:
62:7d:36:ea:ba:e6:39:13:f9:bd:f0:1e:3c:fc:c1:bd:1f:25:
af:ba:42:21:73:b7:3b:74:bb:6b:69:e0:b7:e2:78:b6:52:64:
3b:b0:53:2b:e9:d1:fa:e0:21:1f:77:33:6a:d0:0d:51:92:90:
3e:b0:19:51:13:2f:47:27:f6:2a:06:c4:26:f1:94:74:e2:c5:
77:a2:0b:fb:68:d3:aa:f2:92:f1:85:f3:14:e7:7f:53:49:8e:
5e:64:b7:dc:60:78:db:76:08:63:bd:84:04:42:ef:c6:d0:5e:
2a:27:2f:e0:2d:38:d6:07:36:60:94:bb:01:cf:60:4f:5e:49:
a8:3f:61:83:a5:11:90:84:4d:60:68:cd:83:6b:2f:77:58:79:
93:de:b6:0a:6f:a7:c5:93:bb:be:a6:c6:33:fe:52:9f:94:9e:
b2:6e:db:78:9e:00:3f:36:0f:68:2b:e9:1f:fc:db:31:e7:31:
dd:da:70:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx3nznTkg8TaaM+4QH2X62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODU5OTI5MmE2MzI0Mjk3ZTAyZmZmM2M1MTE5YmVlMGIz
MTc1NDgwHhcNMjMwMTAyMDk0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE0MTUzYjJhMGVmMjg5YTU3NzcxZGI3N2FjZDMzMTg0ODQ0MTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF9s63yT0B/cXBSV5yLzt+BLFwJX
SS4FHjJrYUSEQXgLYngXne+kPwe66D3s6CxZUvpFQo9D/+l8gynBlyA6dkfVeQ8q
IgtIJnTWKeTtDtq/8GnZ65T4PIXhESWuQGXnmWYpsVPjbqmoLfqvGEfrnSp1p1qq
IhRlPbgaqcwj/IrQxRo+5MYHFTFTnZPSJs3812xiil0W6APva7J7NobhTEmBJReE
8BoDCH3Vla3u/gXr9BlC4zxR+/LwGsxOqdzQCZf0gEWz8YlvPYfEO8iGG6+fe1Nx
efUho5yW5hforj0Rb/YsClOA0EcT0hxNZOjYXlvQKPUCEz/aRfCOWdNH6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHMUFTsqDvKJpXdx23es0zGEhEEdMB8GA1UdIwQY
MBaAFLKFmSkqYyQpfgL/88URm+4LMXVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29XWktTcGpKQ2wtQXZfenhSR2I3Z3N4ZFVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lNTUyZjQtOTZjYS00MjU5LWE4MmEt
ZTM1YTY3ZTVkOWUyLzEvY3hRVk95b084b21sZDNIYmQ2elRNWVNFUVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lNTUyZjQtOTZjYS00MjU5LWE4MmEtZTM1YTY3ZTVkOWUy
LzEvc29XWktTcGpKQ2wtQXZfenhSR2I3Z3N4ZFVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYWEMA0E
AgACMAcDBQMqBXDAMA0GCSqGSIb3DQEBCwUAA4IBAQAOTI4MM25yoY9wNh/A3OCf
9GeMwTyYR29EFr2lz8cpJEDo+fGQbWSEsAYhOeE7TY/h/CcYvTkUk+z6cr98htHm
H1Vgvq+H+eFifTbquuY5E/m98B48/MG9HyWvukIhc7c7dLtraeC34ni2UmQ7sFMr
6dH64CEfdzNq0A1RkpA+sBlREy9HJ/YqBsQm8ZR04sV3ogv7aNOq8pLxhfMU539T
SY5eZLfcYHjbdghjvYQEQu/G0F4qJy/gLTjWBzZglLsBz2BPXkmoP2GDpRGQhE1g
aM2Day93WHmT3rYKb6fFk7u+psYz/lKflJ6ybtt4ngA/Ng9oK+kf/Nsx5zHd2nAF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:16 2025 by rpki-client