Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/b0y34LqH1ViKYuSpqhaYxNSDtrc.roa
File: b0y34LqH1ViKYuSpqhaYxNSDtrc.roa (raw, json)
Hash identifier: YRCIeD7Ctt/02NKgMqjxWovcLDGBBz1fLFyDvVOuvzc=
Subject key identifier: 6F:4C:B7:E0:BA:87:D5:58:8A:62:E4:A9:AA:16:98:C4:D4:83:B6:B7
Certificate issuer: /CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Certificate serial: 018C2A39D1B14300BD3936F92375ADB238B5
Authority key identifier: 3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/b0y34LqH1ViKYuSpqhaYxNSDtrc.roa
Signing time: Sat 02 Dec 2023 11:11:21 +0000
ROA not before: Sat 02 Dec 2023 11:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29423
IP address blocks: 185.201.144.0/22 maxlen: 24
185.241.32.0/22 maxlen: 24
45.12.48.0/22 maxlen: 24
185.102.92.0/22 maxlen: 24
45.144.132.0/22 maxlen: 24
2a06:2380::/29 maxlen: 33
2a0a:c5c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:39:d1:b1:43:00:bd:39:36:f9:23:75:ad:b2:38:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfc6431f5333b6ddd31e83b69682d8e8ee06fc1
Validity
Not Before: Dec 2 11:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f4cb7e0ba87d5588a62e4a9aa1698c4d483b6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:df:bf:19:b5:df:b4:5c:74:cd:a2:16:ef:25:
52:72:c2:da:86:39:31:9a:41:0c:21:01:46:44:56:
f3:f7:79:2a:74:59:c4:95:6a:96:82:d1:e2:d4:31:
b6:06:35:08:23:cb:e7:58:65:ea:6a:39:1f:9b:a6:
bc:47:f6:00:29:aa:2c:3d:32:6d:b5:fc:b5:68:d4:
42:d1:f1:aa:79:04:95:ec:8f:10:b3:6b:a8:5b:47:
86:9b:e7:8a:30:e4:37:70:6f:07:cf:6e:69:04:6a:
25:d6:cc:c6:a7:90:be:bd:28:ed:7d:9c:e7:2b:62:
e0:e1:5c:da:1d:c1:f7:0d:71:ba:29:b7:61:46:67:
2e:4c:94:b0:3c:44:f5:88:8f:0d:9d:43:f9:05:87:
f9:1a:16:59:b8:aa:0f:8b:2d:20:e6:21:04:47:da:
08:e2:1f:09:6e:e4:3e:23:58:63:3f:cb:44:d7:53:
40:f9:71:a5:e2:94:76:b5:22:69:85:f0:2e:c6:50:
c9:af:05:b7:52:76:d5:85:88:89:19:1e:a0:23:d0:
27:38:29:e5:ab:97:9d:82:29:4e:52:ad:b8:f2:45:
89:bd:c7:0c:1b:fe:79:19:0f:98:4b:5a:9c:53:b5:
f7:00:91:37:5c:ee:e6:b4:39:d2:93:8a:d8:db:50:
f3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4C:B7:E0:BA:87:D5:58:8A:62:E4:A9:AA:16:98:C4:D4:83:B6:B7
X509v3 Authority Key Identifier:
keyid:3B:FC:64:31:F5:33:3B:6D:DD:31:E8:3B:69:68:2D:8E:8E:E0:6F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_xkMfUzO23dMeg7aWgtjo7gb8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/b0y34LqH1ViKYuSpqhaYxNSDtrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f5a8b1-6e22-4961-b38b-fe01eec40ec1/1/O_xkMfUzO23dMeg7aWgtjo7gb8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.48.0/22
45.144.132.0/22
185.102.92.0/22
185.201.144.0/22
185.241.32.0/22
IPv6:
2a06:2380::/29
2a0a:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
d6:90:fd:c0:13:6c:26:26:e4:84:dd:59:bd:fa:ee:2a:84:eb:
41:02:82:3c:9a:02:6b:39:f1:05:70:a5:55:30:84:68:df:de:
7c:f1:57:22:19:4f:5f:4c:d2:f3:31:63:7f:72:0a:99:06:0e:
51:6c:b5:86:73:52:e7:8d:53:fc:50:2a:e3:c3:a9:15:b1:82:
8c:14:3c:57:89:6f:c6:59:67:8f:5b:91:0c:c9:fe:f1:ae:d7:
5c:6a:38:c3:9f:1b:23:df:1b:12:26:81:c3:7b:ad:40:5a:6d:
9e:c7:a7:59:e0:20:8b:ab:b1:49:47:cd:1a:9f:1f:16:83:de:
66:08:d6:47:c5:b6:1f:cc:9d:94:97:67:f4:59:0b:f6:9f:39:
20:d9:c2:46:4c:4c:68:5c:97:ae:e8:34:01:43:4f:06:9f:31:
20:b5:42:c2:e7:65:2f:54:16:b6:2d:1c:df:c4:41:55:67:3e:
7d:5c:59:a7:cc:fd:75:15:af:4f:30:1a:80:6c:71:dc:84:4d:
35:1a:36:5a:1e:06:3e:4b:5b:d7:59:35:e0:77:0a:91:78:3a:
a0:87:7f:1b:df:f5:30:09:e7:1d:96:12:fc:d7:c9:c8:32:98:
1e:13:37:56:39:2f:33:27:c0:9b:1a:a1:ee:05:c4:96:98:1b:
04:94:31:77
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYwqOdGxQwC9OTb5I3Wtsji1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmM2NDMxZjUzMzNiNmRkZDMxZTgzYjY5NjgyZDhlOGVl
MDZmYzEwHhcNMjMxMjAyMTExMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjRjYjdlMGJhODdkNTU4OGE2MmU0YTlhYTE2OThjNGQ0ODNiNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3d+/GbXftFx0zaIW7yVScsLahjkx
mkEMIQFGRFbz93kqdFnElWqWgtHi1DG2BjUII8vnWGXqajkfm6a8R/YAKaosPTJt
tfy1aNRC0fGqeQSV7I8Qs2uoW0eGm+eKMOQ3cG8Hz25pBGol1szGp5C+vSjtfZzn
K2Lg4VzaHcH3DXG6KbdhRmcuTJSwPET1iI8NnUP5BYf5GhZZuKoPiy0g5iEER9oI
4h8JbuQ+I1hjP8tE11NA+XGl4pR2tSJphfAuxlDJrwW3UnbVhYiJGR6gI9AnOCnl
q5edgilOUq248kWJvccMG/55GQ+YS1qcU7X3AJE3XO7mtDnSk4rY21DzyQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFG9Mt+C6h9VYimLkqaoWmMTUg7a3MB8GA1UdIwQY
MBaAFDv8ZDH1Mztt3THoO2loLY6O4G/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGIt
ZmUwMWVlYzQwZWMxLzEvYjB5MzRMcUgxVmlLWXVTcHFoYVl4TlNEdHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mNWE4YjEtNmUyMi00OTYxLWIzOGItZmUwMWVlYzQwZWMx
LzEvT194a01mVXpPMjNkTWVnN2FXZ3RqbzdnYjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLQwwAwQC
LZCEAwQCuWZcAwQCucmQAwQCufEgMBQEAgACMA4DBQMqBiOAAwUDKgrFwDANBgkq
hkiG9w0BAQsFAAOCAQEA1pD9wBNsJibkhN1ZvfruKoTrQQKCPJoCaznxBXClVTCE
aN/efPFXIhlPX0zS8zFjf3IKmQYOUWy1hnNS541T/FAq48OpFbGCjBQ8V4lvxlln
j1uRDMn+8a7XXGo4w58bI98bEiaBw3utQFptnsenWeAgi6uxSUfNGp8fFoPeZgjW
R8W2H8ydlJdn9FkL9p85INnCRkxMaFyXrug0AUNPBp8xILVCwudlL1QWti0c38RB
VWc+fVxZp8z9dRWvTzAagGxx3IRNNRo2Wh4GPktb11k14HcKkXg6oId/G9/1MAnn
HZYS/NfJyDKYHhM3VjkvMyfAmxqh7gXElpgbBJQxdw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:43 2025 by rpki-client