Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/_SJjJN6vo8k-bZS6rvMbqDmOI7g.roa
File: _SJjJN6vo8k-bZS6rvMbqDmOI7g.roa (raw, json)
Hash identifier: /pc4I9yGCZ+I5soKFPH7t1Gdq3ynqDtJrrwvXMci1sc=
Subject key identifier: FD:22:63:24:DE:AF:A3:C9:3E:6D:94:BA:AE:F3:1B:A8:39:8E:23:B8
Certificate issuer: /CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Certificate serial: 01857355FE206C660174684B1191F12064D9
Authority key identifier: D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/_SJjJN6vo8k-bZS6rvMbqDmOI7g.roa
Signing time: Mon 02 Jan 2023 16:34:53 +0000
ROA not before: Mon 02 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210162
IP address blocks: 185.228.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:fe:20:6c:66:01:74:68:4b:11:91:f1:20:64:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Validity
Not Before: Jan 2 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd226324deafa3c93e6d94baaef31ba8398e23b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:20:eb:82:c8:73:c4:8a:df:7e:07:93:b9:79:
cf:a5:73:1c:ea:1f:7e:c1:2b:ac:12:a1:a5:1d:1b:
c1:af:3d:4f:51:b0:c1:c8:9e:83:94:27:82:ca:5d:
07:34:0e:cc:70:74:18:c0:83:eb:ac:fb:28:79:6f:
cc:d1:4a:5c:44:b7:76:b4:e7:ca:a7:3a:82:11:91:
01:fd:e7:45:3c:c6:03:7d:86:a0:0e:20:72:a9:ac:
88:01:14:6a:b7:bc:2f:01:c2:f8:e9:54:6d:af:e3:
79:57:8a:c9:21:c5:ec:98:21:37:82:2f:08:c7:d3:
3c:ce:f5:b0:dc:2a:e8:c5:0c:b2:a2:f7:99:4e:e2:
42:d7:26:b9:c6:26:33:54:3a:fc:47:66:b6:af:10:
7c:c3:5c:92:54:4f:7d:c6:53:ee:0f:2a:2b:d6:4d:
3c:57:c8:41:72:35:e9:ce:be:1e:87:e4:da:2a:a7:
0a:06:17:55:d2:e7:bd:81:45:5a:4e:cd:b9:f6:87:
05:18:6b:f0:1e:86:8b:84:57:5f:11:6b:5d:f8:9a:
20:df:bf:d1:89:3e:59:03:20:d1:2e:cb:71:54:42:
61:af:b1:bf:97:d5:08:35:6a:d0:af:ad:83:14:72:
cc:e8:16:55:ae:3f:86:6a:56:6a:59:b6:d4:e6:91:
57:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:22:63:24:DE:AF:A3:C9:3E:6D:94:BA:AE:F3:1B:A8:39:8E:23:B8
X509v3 Authority Key Identifier:
keyid:D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/_SJjJN6vo8k-bZS6rvMbqDmOI7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/2cm69G1slNJ84SjaO2W1o7Bts4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.249.0/24
Signature Algorithm: sha256WithRSAEncryption
59:12:dc:ea:85:76:06:32:f8:b3:77:00:f5:c0:4b:1b:60:1e:
b4:90:ad:82:64:85:dd:9b:3e:8c:b4:e6:17:64:71:4b:d8:90:
7b:8f:48:5d:d5:96:41:06:a9:23:16:d5:c1:e0:e0:17:d5:dd:
0d:48:23:46:3b:dd:94:47:c8:76:e0:d3:2f:0f:18:32:6d:52:
07:9a:41:e8:22:ae:6c:d0:fe:2a:a2:c9:17:c1:08:f7:a7:d2:
5e:ff:4c:9d:58:e9:84:db:c6:aa:49:1f:a9:aa:3b:1a:7a:ce:
75:af:ad:90:68:bb:18:03:09:f6:5a:ae:1d:b2:3b:86:2d:ec:
40:11:25:8e:6b:a8:f8:65:e6:2d:62:fd:72:ba:57:c3:2b:12:
2e:0a:a4:86:0a:b8:97:e6:fa:4c:e1:83:d3:3d:1e:51:28:29:
8d:2d:19:69:92:dc:47:8c:ba:3f:47:f6:75:09:90:92:35:ff:
5a:16:a1:43:c8:94:c1:32:11:77:03:fa:9a:f1:e5:f8:87:3a:
88:de:bd:79:32:94:ac:ea:ad:f2:a3:2e:22:13:21:d4:1a:a1:
f8:fa:92:c0:41:70:3d:30:d0:7b:4c:49:4a:be:e5:0b:2b:4f:
7f:cf:f9:5f:95:f9:05:a8:7c:a9:ee:ee:b5:3b:d7:59:64:c1:
35:ed:a6:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzVf4gbGYBdGhLEZHxIGTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YzliYWY0NmQ2Yzk0ZDI3Y2UxMjhkYTNiNjViNWEzYjA2
ZGIzOGIwHhcNMjMwMTAyMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDIyNjMyNGRlYWZhM2M5M2U2ZDk0YmFhZWYzMWJhODM5OGUyM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiDrgshzxIrffgeTuXnPpXMc6h9+
wSusEqGlHRvBrz1PUbDByJ6DlCeCyl0HNA7McHQYwIPrrPsoeW/M0UpcRLd2tOfK
pzqCEZEB/edFPMYDfYagDiByqayIARRqt7wvAcL46VRtr+N5V4rJIcXsmCE3gi8I
x9M8zvWw3CroxQyyoveZTuJC1ya5xiYzVDr8R2a2rxB8w1ySVE99xlPuDyor1k08
V8hBcjXpzr4eh+TaKqcKBhdV0ue9gUVaTs259ocFGGvwHoaLhFdfEWtd+Jog37/R
iT5ZAyDRLstxVEJhr7G/l9UINWrQr62DFHLM6BZVrj+GalZqWbbU5pFXlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0iYyTer6PJPm2Uuq7zG6g5jiO4MB8GA1UdIwQY
MBaAFNnJuvRtbJTSfOEo2jtltaOwbbOLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMt
YTAxMGQ4ZTRmYWYwLzEvX1NKakpONnZvOGstYlpTNnJ2TWJxRG1PSTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NGY5OGMtYzFkMS00ZmUyLTlhZGMtYTAxMGQ4ZTRmYWYw
LzEvMmNtNjlHMXNsTko4NFNqYU8yVzFvN0J0czRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBZEtzqhXYGMvizdwD1wEsbYB60kK2CZIXdmz6MtOYX
ZHFL2JB7j0hd1ZZBBqkjFtXB4OAX1d0NSCNGO92UR8h24NMvDxgybVIHmkHoIq5s
0P4qoskXwQj3p9Je/0ydWOmE28aqSR+pqjsaes51r62QaLsYAwn2Wq4dsjuGLexA
ESWOa6j4ZeYtYv1yulfDKxIuCqSGCriX5vpM4YPTPR5RKCmNLRlpktxHjLo/R/Z1
CZCSNf9aFqFDyJTBMhF3A/qa8eX4hzqI3r15MpSs6q3yoy4iEyHUGqH4+pLAQXA9
MNB7TElKvuULK09/z/lflfkFqHyp7u61O9dZZME17aa0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:53 2025 by rpki-client