Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/a5b6f7-f551-441b-bb8f-79da7aaaa3b2/1/lKkRgDNrVwe9Rvy7QSRjhfI1NZc.roa
File: lKkRgDNrVwe9Rvy7QSRjhfI1NZc.roa (raw, json)
Hash identifier: WWJX93PW7ciTSCUgkj3utywceDcwb9tuSKSP1yd0b6s=
Subject key identifier: 94:A9:11:80:33:6B:57:07:BD:46:FC:BB:41:24:63:85:F2:35:35:97
Certificate issuer: /CN=2794556395b47bf43e0d5d556e7e255b6c8accc2
Certificate serial: 01856F0252189FDAB153CC83571CE70BCB13
Authority key identifier: 27:94:55:63:95:B4:7B:F4:3E:0D:5D:55:6E:7E:25:5B:6C:8A:CC:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5RVY5W0e_Q-DV1Vbn4lW2yKzMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/a5b6f7-f551-441b-bb8f-79da7aaaa3b2/1/lKkRgDNrVwe9Rvy7QSRjhfI1NZc.roa
Signing time: Sun 01 Jan 2023 20:25:01 +0000
ROA not before: Sun 01 Jan 2023 20:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39702
IP address blocks: 185.133.12.0/22 maxlen: 22
2a05:fe80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:52:18:9f:da:b1:53:cc:83:57:1c:e7:0b:cb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2794556395b47bf43e0d5d556e7e255b6c8accc2
Validity
Not Before: Jan 1 20:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94a91180336b5707bd46fcbb41246385f2353597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7f:50:df:ab:04:6d:2c:a5:aa:1a:17:da:1b:
08:a5:7f:53:03:ec:10:8d:84:c2:e8:96:b5:0f:c4:
2d:9f:cb:bf:86:2d:39:70:10:66:dd:fc:06:20:78:
d9:fd:4c:c0:1d:ef:c5:a2:ba:ce:d0:58:6a:e2:df:
4d:7a:1e:4f:63:12:c6:46:1f:4f:d3:36:ff:1a:c0:
95:6e:a7:c3:46:58:c2:d0:5a:63:3d:21:5a:bf:53:
78:6e:3f:db:b7:a4:47:71:d4:1d:3f:99:eb:71:7a:
44:f4:c8:70:ac:ea:65:23:84:12:9e:bf:ca:a3:45:
e4:ae:58:8b:2e:a6:bd:08:97:e2:92:5b:ff:55:7c:
78:27:f6:29:9c:ff:56:32:fe:20:e7:a8:b2:3b:6a:
a1:bf:cd:35:c4:e9:08:c1:07:27:f8:7c:53:bf:37:
48:95:37:e3:32:e0:72:98:2a:62:95:dc:a1:a1:35:
ef:9b:91:9b:86:5c:20:7d:0c:3e:74:3c:93:ec:66:
af:6d:00:4c:14:77:7a:0b:51:9c:ad:07:b4:ac:cb:
a8:34:c4:b5:2a:3b:40:a2:71:5f:06:7a:2f:7a:99:
75:1e:2d:81:6d:1f:0a:b1:d7:b8:03:ac:ad:88:69:
5c:7b:b5:2e:a2:b6:ea:f9:27:ea:5e:a3:50:12:a1:
cb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A9:11:80:33:6B:57:07:BD:46:FC:BB:41:24:63:85:F2:35:35:97
X509v3 Authority Key Identifier:
keyid:27:94:55:63:95:B4:7B:F4:3E:0D:5D:55:6E:7E:25:5B:6C:8A:CC:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5RVY5W0e_Q-DV1Vbn4lW2yKzMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a5b6f7-f551-441b-bb8f-79da7aaaa3b2/1/lKkRgDNrVwe9Rvy7QSRjhfI1NZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/a5b6f7-f551-441b-bb8f-79da7aaaa3b2/1/J5RVY5W0e_Q-DV1Vbn4lW2yKzMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.12.0/22
IPv6:
2a05:fe80::/29
Signature Algorithm: sha256WithRSAEncryption
2b:ab:fe:2b:fe:7d:57:69:94:7f:32:6c:fb:2a:92:d1:bd:43:
5b:bf:85:93:5f:d3:fb:96:ae:c7:de:25:c4:e3:df:c5:d9:94:
cb:aa:b2:35:94:ca:4e:1b:92:b5:f5:0f:8d:b8:76:04:3b:0c:
85:8f:a6:23:8b:27:db:d7:d8:9d:dc:4f:cf:3e:51:9b:5b:c0:
58:85:c4:07:e5:b2:83:38:11:28:6d:2a:db:98:4b:f7:dc:da:
fb:2d:85:bd:7d:c1:c9:3e:36:83:c2:1a:c8:03:93:1d:4f:f6:
4d:2a:19:c4:9e:f9:b5:78:25:b7:f9:9f:f5:23:57:68:ee:4e:
6e:21:f0:34:95:66:9f:d4:1b:86:5d:23:6c:bb:a3:82:d2:da:
d1:b9:17:39:02:2c:67:7b:5d:97:5e:1d:83:d4:06:8d:58:d4:
bd:7a:3a:ca:8b:3c:dd:9c:4e:65:0c:46:95:49:f1:ee:ac:35:
82:36:04:a2:51:f5:7c:2b:84:4a:83:18:4c:3c:80:ff:6a:03:
5e:c6:b1:d6:19:f5:26:ea:46:d6:62:aa:ca:a4:94:aa:bc:e7:
98:a2:e1:e9:ac:cb:ea:8e:9f:c1:e7:f1:e9:b5:ef:03:04:84:
b9:d5:b6:5d:26:e6:fa:0d:77:bb:b7:34:34:b6:3d:fb:fb:ca:
a8:c4:f8:86
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAlIYn9qxU8yDVxznC8sTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTQ1NTYzOTViNDdiZjQzZTBkNWQ1NTZlN2UyNTViNmM4
YWNjYzIwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE5MTE4MDMzNmI1NzA3YmQ0NmZjYmI0MTI0NjM4NWYyMzUzNTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX9Q36sEbSylqhoX2hsIpX9TA+wQ
jYTC6Ja1D8Qtn8u/hi05cBBm3fwGIHjZ/UzAHe/ForrO0Fhq4t9Neh5PYxLGRh9P
0zb/GsCVbqfDRljC0FpjPSFav1N4bj/bt6RHcdQdP5nrcXpE9MhwrOplI4QSnr/K
o0XkrliLLqa9CJfiklv/VXx4J/YpnP9WMv4g56iyO2qhv801xOkIwQcn+HxTvzdI
lTfjMuBymCpildyhoTXvm5GbhlwgfQw+dDyT7GavbQBMFHd6C1GcrQe0rMuoNMS1
KjtAonFfBnovepl1Hi2BbR8Ksde4A6ytiGlce7Uuorbq+SfqXqNQEqHLswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJSpEYAza1cHvUb8u0EkY4XyNTWXMB8GA1UdIwQY
MBaAFCeUVWOVtHv0Pg1dVW5+JVtsiszCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVSVlk1VzBlX1EtRFYxVmJuNGxXMnlLek1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hNWI2ZjctZjU1MS00NDFiLWJiOGYt
NzlkYTdhYWFhM2IyLzEvbEtrUmdETnJWd2U5UnZ5N1FTUmpoZkkxTlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hNWI2ZjctZjU1MS00NDFiLWJiOGYtNzlkYTdhYWFhM2Iy
LzEvSjVSVlk1VzBlX1EtRFYxVmJuNGxXMnlLek1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYUMMA0E
AgACMAcDBQMqBf6AMA0GCSqGSIb3DQEBCwUAA4IBAQArq/4r/n1XaZR/Mmz7KpLR
vUNbv4WTX9P7lq7H3iXE49/F2ZTLqrI1lMpOG5K19Q+NuHYEOwyFj6Yjiyfb19id
3E/PPlGbW8BYhcQH5bKDOBEobSrbmEv33Nr7LYW9fcHJPjaDwhrIA5MdT/ZNKhnE
nvm1eCW3+Z/1I1do7k5uIfA0lWaf1BuGXSNsu6OC0trRuRc5Aixne12XXh2D1AaN
WNS9ejrKizzdnE5lDEaVSfHurDWCNgSiUfV8K4RKgxhMPID/agNexrHWGfUm6kbW
YqrKpJSqvOeYouHprMvqjp/B5/Hpte8DBIS51bZdJub6DXe7tzQ0tj37+8qoxPiG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:07 2025 by rpki-client