Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/1-da-5hFSHq8xM8j5wUnSNN_jrxA.roa
File: 1-da-5hFSHq8xM8j5wUnSNN_jrxA.roa (raw, json)
Hash identifier: h8YgALIuKUmTGedcipzsnW8sf+MPjQh55WO2fIXpfww=
Subject key identifier: F9:D6:BE:E6:11:52:1E:AF:31:33:C8:F9:C1:49:D2:34:DF:E3:AF:10
Certificate issuer: /CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Certificate serial: 0D9836C4
Authority key identifier: 6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/1-da-5hFSHq8xM8j5wUnSNN_jrxA.roa
Signing time: Sat 01 Jan 2022 09:56:40 +0000
ROA not before: Sat 01 Jan 2022 09:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201625
IP address blocks: 185.68.164.0/22 maxlen: 32
2a05:1220::/29 maxlen: 48
2a05:1220::/30 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228079300 (0xd9836c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ecb3fb3bea8cc8e36e3da7d9c47049bfc6ffb14
Validity
Not Before: Jan 1 09:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9d6bee611521eaf3133c8f9c149d234dfe3af10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f9:ba:a4:dc:34:d0:c8:1b:20:1e:57:cb:81:
48:5d:94:dc:fc:d7:a4:43:bd:d7:73:ab:65:dd:40:
fa:52:63:0f:93:39:b9:ff:94:75:91:f2:bd:9f:7f:
24:84:d9:48:9b:e9:a4:85:8c:7c:a2:76:16:0a:9e:
5c:f3:cb:e9:13:d5:b8:13:9c:20:4f:a2:16:df:03:
c0:5e:85:dc:f4:f2:3e:79:47:a4:24:c8:6a:ad:66:
e8:69:6f:0f:02:96:ad:f8:af:30:94:69:01:dc:10:
3d:73:6c:69:89:c7:de:de:63:a2:83:8c:81:e2:28:
3b:eb:43:6a:86:59:1d:8b:16:73:57:cc:f8:34:0f:
02:ba:fe:fd:86:46:5c:56:68:94:45:7b:ae:c9:5d:
3b:ba:c8:06:2d:79:c7:fd:9b:b0:82:cc:7c:57:22:
1b:f9:05:46:a1:95:71:27:16:97:09:eb:8f:dc:5c:
e6:0e:e1:e4:19:fe:fd:aa:54:d1:1c:60:54:a7:aa:
2c:c1:64:42:3a:84:65:86:d6:b7:32:95:94:4e:d2:
43:a5:a2:b0:5b:f7:d8:54:54:1a:70:71:36:54:de:
b4:26:4b:f5:cf:ea:e6:43:8a:67:c8:9f:a3:ae:b9:
01:71:89:29:13:d6:42:0b:18:bb:c3:40:14:d4:ec:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D6:BE:E6:11:52:1E:AF:31:33:C8:F9:C1:49:D2:34:DF:E3:AF:10
X509v3 Authority Key Identifier:
keyid:6E:CB:3F:B3:BE:A8:CC:8E:36:E3:DA:7D:9C:47:04:9B:FC:6F:FB:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bss_s76ozI4249p9nEcEm_xv-xQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/1-da-5hFSHq8xM8j5wUnSNN_jrxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/0ba7e2-63a2-4c41-86b5-a370f4ba2d2b/1/bss_s76ozI4249p9nEcEm_xv-xQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.164.0/22
IPv6:
2a05:1220::/29
Signature Algorithm: sha256WithRSAEncryption
2f:3b:b7:d5:c5:bb:b7:17:bf:88:fa:8e:69:7b:f8:93:f0:11:
ce:d9:6b:43:68:91:11:01:ea:57:6b:1f:99:62:86:af:a7:15:
f7:33:fd:65:27:9b:a1:d9:3f:39:d5:d5:0d:44:95:d3:cf:f3:
5e:26:5e:ad:ec:ee:78:f3:4a:21:21:f9:5a:1c:78:07:c7:6c:
fe:82:17:f4:2f:b9:5e:53:4b:07:e2:11:66:d6:b3:de:4b:1d:
54:86:b7:7e:e5:8e:e6:3a:64:df:66:7c:22:ff:43:19:8d:e8:
fb:f4:ad:0f:f4:f6:74:79:cf:7a:97:7a:2b:a5:1b:48:ad:cf:
63:44:79:1e:f4:00:d5:c6:aa:ca:47:e4:2e:0b:e7:4a:02:fe:
a0:b7:8a:db:bb:be:25:7e:ba:c5:74:c5:28:33:77:b8:dc:b6:
57:5a:d4:7f:a2:c2:7f:44:c8:43:6c:d0:c8:04:27:f9:25:e6:
f9:ea:53:4c:30:7a:2c:b3:84:45:87:ec:7c:73:b3:ea:33:d5:
0e:76:d2:a3:1d:b2:e0:1c:57:d3:8d:90:75:f3:ca:9d:65:22:
e2:1b:dc:6c:8a:4e:f8:a2:12:91:9f:62:3a:7e:9a:1b:71:22:
6a:df:f8:2d:f0:be:ca:4c:e4:3e:0f:99:a0:cc:20:34:74:54:
38:5b:e2:86
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEDZg2xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWNiM2ZiM2JlYThjYzhlMzZlM2RhN2Q5YzQ3MDQ5YmZjNmZmYjE0MB4XDTIyMDEw
MTA5NTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlkNmJlZTYxMTUy
MWVhZjMxMzNjOGY5YzE0OWQyMzRkZmUzYWYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML5uqTcNNDIGyAeV8uBSF2U3PzXpEO913OrZd1A+lJjD5M5
uf+UdZHyvZ9/JITZSJvppIWMfKJ2FgqeXPPL6RPVuBOcIE+iFt8DwF6F3PTyPnlH
pCTIaq1m6GlvDwKWrfivMJRpAdwQPXNsaYnH3t5jooOMgeIoO+tDaoZZHYsWc1fM
+DQPArr+/YZGXFZolEV7rsldO7rIBi15x/2bsILMfFciG/kFRqGVcScWlwnrj9xc
5g7h5Bn+/apU0RxgVKeqLMFkQjqEZYbWtzKVlE7SQ6WisFv32FRUGnBxNlTetCZL
9c/q5kOKZ8ifo665AXGJKRPWQgsYu8NAFNTstS8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT51r7mEVIerzEzyPnBSdI03+OvEDAfBgNVHSMEGDAWgBRuyz+zvqjMjjbj
2n2cRwSb/G/7FDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jzc19zNzZvekk0MjQ5cDluRWNFbV94di14US5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvMGJhN2UyLTYzYTItNGM0MS04NmI1LWEzNzBmNGJhMmQyYi8x
LzEtZGEtNWhGU0hxOHhNOGo1d1VuU05OX2pyeEEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzg1
LzBiYTdlMi02M2EyLTRjNDEtODZiNS1hMzcwZjRiYTJkMmIvMS9ic3Nfczc2b3pJ
NDI0OXA5bkVjRW1feHYteFEuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5RKQwDQQCAAIwBwMFAyoFEiAw
DQYJKoZIhvcNAQELBQADggEBAC87t9XFu7cXv4j6jml7+JPwEc7Za0NokREB6ldr
H5lihq+nFfcz/WUnm6HZPznV1Q1EldPP814mXq3s7njzSiEh+VoceAfHbP6CF/Qv
uV5TSwfiEWbWs95LHVSGt37ljuY6ZN9mfCL/QxmN6Pv0rQ/09nR5z3qXeiulG0it
z2NEeR70ANXGqspH5C4L50oC/qC3itu7viV+usV0xSgzd7jctlda1H+iwn9EyENs
0MgEJ/kl5vnqU0wweiyzhEWH7Hxzs+oz1Q520qMdsuAcV9ONkHXzyp1lIuIb3GyK
TviiEpGfYjp+mhtxImrf+C3wvspM5D4PmaDMIDR0VDhb4oY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:18 2024 by rpki-client on console-ams.rpki-client.org