Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/ae9cef-e937-4f80-9978-db4ad25d99a8/1/xu6uf1l5iJ9qiOQRMRWZdjVvJ9I.roa
File: xu6uf1l5iJ9qiOQRMRWZdjVvJ9I.roa (raw, json)
Hash identifier: Tuh8bVheuLrY9ZIfs2wuGB0SBcrFqrg+d6zshPS4lo8=
Subject key identifier: C6:EE:AE:7F:59:79:88:9F:6A:88:E4:11:31:15:99:76:35:6F:27:D2
Certificate issuer: /CN=7ba7fda6a692236c223f74d63ea7bb9fef2f1274
Certificate serial: 01856F8B6979DBC14FD293F0600C37493C29
Authority key identifier: 7B:A7:FD:A6:A6:92:23:6C:22:3F:74:D6:3E:A7:BB:9F:EF:2F:12:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6f9pqaSI2wiP3TWPqe7n-8vEnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/ae9cef-e937-4f80-9978-db4ad25d99a8/1/xu6uf1l5iJ9qiOQRMRWZdjVvJ9I.roa
Signing time: Sun 01 Jan 2023 22:54:45 +0000
ROA not before: Sun 01 Jan 2023 22:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206173
IP address blocks: 185.145.246.0/24 maxlen: 24
2a10:1e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:69:79:db:c1:4f:d2:93:f0:60:0c:37:49:3c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba7fda6a692236c223f74d63ea7bb9fef2f1274
Validity
Not Before: Jan 1 22:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6eeae7f5979889f6a88e41131159976356f27d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ca:72:fd:af:23:51:7c:ec:d4:ad:c5:f1:53:
02:2a:c9:09:d0:28:98:ef:01:37:2d:55:0b:21:29:
88:0e:16:11:9b:30:00:43:f8:0c:08:d9:02:9d:c5:
6b:aa:bb:5a:20:ec:2a:ef:fa:9f:5a:28:96:02:aa:
99:8a:87:0e:a5:a8:75:3a:ae:a9:43:66:a8:fb:ae:
36:77:b8:af:5c:96:57:ac:be:06:61:e7:3e:7d:13:
9c:49:15:e1:17:18:b4:c9:0a:8c:28:34:2b:a9:96:
39:f0:f2:16:92:12:9d:46:6d:18:cf:5f:fb:87:2c:
e7:70:a0:25:60:a6:07:b9:a2:51:89:91:d7:e2:05:
86:58:53:a0:4c:a5:5c:79:75:4e:92:48:4e:d7:9e:
38:5b:d4:eb:5a:0d:ee:34:e4:ab:fe:8f:2f:f8:63:
5c:fb:ec:3a:aa:aa:2e:30:00:85:3b:df:a5:c7:64:
77:f6:76:b7:60:ed:8a:d4:3e:4f:71:11:7b:ff:4b:
d5:5d:f5:75:aa:0f:09:a1:b8:3c:6c:cc:d0:3c:ce:
4d:bc:21:0f:70:e1:be:ce:df:02:a8:54:02:8b:18:
ae:6e:30:34:01:3c:e6:19:d9:1b:0c:ec:b3:f1:d2:
67:d4:20:06:6e:1a:d3:8c:23:95:33:91:78:86:0e:
93:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:EE:AE:7F:59:79:88:9F:6A:88:E4:11:31:15:99:76:35:6F:27:D2
X509v3 Authority Key Identifier:
keyid:7B:A7:FD:A6:A6:92:23:6C:22:3F:74:D6:3E:A7:BB:9F:EF:2F:12:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6f9pqaSI2wiP3TWPqe7n-8vEnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ae9cef-e937-4f80-9978-db4ad25d99a8/1/xu6uf1l5iJ9qiOQRMRWZdjVvJ9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/ae9cef-e937-4f80-9978-db4ad25d99a8/1/e6f9pqaSI2wiP3TWPqe7n-8vEnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.246.0/24
IPv6:
2a10:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
cb:c4:00:23:de:46:ae:25:14:fd:05:63:f2:61:63:a5:71:cd:
1c:97:01:30:eb:62:b5:4a:b1:cd:74:5d:0e:e9:d7:de:a1:da:
35:13:66:f0:c4:01:3f:1f:da:5d:ab:65:4a:9f:dc:9c:3f:8c:
05:22:98:62:a0:ef:60:ef:d4:56:85:40:28:7e:3a:08:ce:f7:
ba:14:e5:ee:c5:cc:c6:f6:30:95:33:a7:4f:c7:16:26:56:fb:
42:4f:20:bb:f1:48:50:8e:8b:6b:47:a3:79:06:c8:e0:fb:2b:
13:3b:34:4b:2b:59:66:df:63:bb:20:0d:b1:23:a0:88:5c:5f:
18:49:81:bb:f2:fb:c5:a8:0a:09:48:76:4e:fe:d9:c7:73:25:
3d:2d:0e:42:8c:d0:9e:a9:54:9d:b3:40:6b:6c:df:2f:ce:7f:
77:a4:09:6f:d7:b7:60:6a:83:61:c3:c7:de:6e:fe:38:5b:2c:
9b:ae:87:f4:39:77:f6:7c:f9:7b:da:ce:7e:32:54:d3:35:c4:
2a:e2:0e:6a:3f:d1:32:18:9d:b2:4b:9e:e3:2c:df:02:b6:9b:
3d:ac:9a:51:9d:5f:dc:7a:d2:62:7a:5e:85:14:c4:f2:67:e5:
89:90:0c:9f:cf:97:c6:1d:30:99:7d:08:25:eb:65:1b:77:e7:
8e:fb:46:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvi2l528FP0pPwYAw3STwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTdmZGE2YTY5MjIzNmMyMjNmNzRkNjNlYTdiYjlmZWYy
ZjEyNzQwHhcNMjMwMTAxMjI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmVlYWU3ZjU5Nzk4ODlmNmE4OGU0MTEzMTE1OTk3NjM1NmYyN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0spy/a8jUXzs1K3F8VMCKskJ0CiY
7wE3LVULISmIDhYRmzAAQ/gMCNkCncVrqrtaIOwq7/qfWiiWAqqZiocOpah1Oq6p
Q2ao+642d7ivXJZXrL4GYec+fROcSRXhFxi0yQqMKDQrqZY58PIWkhKdRm0Yz1/7
hyzncKAlYKYHuaJRiZHX4gWGWFOgTKVceXVOkkhO1544W9TrWg3uNOSr/o8v+GNc
++w6qqouMACFO9+lx2R39na3YO2K1D5PcRF7/0vVXfV1qg8Jobg8bMzQPM5NvCEP
cOG+zt8CqFQCixiubjA0ATzmGdkbDOyz8dJn1CAGbhrTjCOVM5F4hg6TlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMburn9ZeYifaojkETEVmXY1byfSMB8GA1UdIwQY
MBaAFHun/aamkiNsIj901j6nu5/vLxJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZmOXBxYVNJMndpUDNUV1BxZTduLTh2RW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9hZTljZWYtZTkzNy00ZjgwLTk5Nzgt
ZGI0YWQyNWQ5OWE4LzEveHU2dWYxbDVpSjlxaU9RUk1SV1pkalZ2SjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9hZTljZWYtZTkzNy00ZjgwLTk5NzgtZGI0YWQyNWQ5OWE4
LzEvZTZmOXBxYVNJMndpUDNUV1BxZTduLTh2RW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZH2MA0E
AgACMAcDBQMqEB5AMA0GCSqGSIb3DQEBCwUAA4IBAQDLxAAj3kauJRT9BWPyYWOl
cc0clwEw62K1SrHNdF0O6dfeodo1E2bwxAE/H9pdq2VKn9ycP4wFIphioO9g79RW
hUAofjoIzve6FOXuxczG9jCVM6dPxxYmVvtCTyC78UhQjotrR6N5Bsjg+ysTOzRL
K1lm32O7IA2xI6CIXF8YSYG78vvFqAoJSHZO/tnHcyU9LQ5CjNCeqVSds0BrbN8v
zn93pAlv17dgaoNhw8febv44Wyybrof0OXf2fPl72s5+MlTTNcQq4g5qP9EyGJ2y
S57jLN8Ctps9rJpRnV/cetJiel6FFMTyZ+WJkAyfz5fGHTCZfQgl62Ubd+eO+0ak
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:38 2025 by rpki-client