Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/b6zJicmfaeKlIS7x-UX4K5TbCR0.roa
File: b6zJicmfaeKlIS7x-UX4K5TbCR0.roa (raw, json)
Hash identifier: ct4E6T1aMugFh10fm8xNhGOkKTXEWP6VDY7tCBUt8Xk=
Subject key identifier: 6F:AC:C9:89:C9:9F:69:E2:A5:21:2E:F1:F9:45:F8:2B:94:DB:09:1D
Certificate issuer: /CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Certificate serial: 018572190C04D020CA75DE322DDBBD4160B0
Authority key identifier: 49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/b6zJicmfaeKlIS7x-UX4K5TbCR0.roa
Signing time: Mon 02 Jan 2023 10:48:42 +0000
ROA not before: Mon 02 Jan 2023 10:48:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201259
IP address blocks: 185.60.35.0/24 maxlen: 24
185.60.32.0/24 maxlen: 24
185.60.32.0/22 maxlen: 22
185.60.32.0/23 maxlen: 23
185.60.33.0/24 maxlen: 24
185.60.34.0/24 maxlen: 24
185.60.34.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:19:0c:04:d0:20:ca:75:de:32:2d:db:bd:41:60:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=492a8e482a81d90c45c4d90ac668a3f2245c0d6d
Validity
Not Before: Jan 2 10:48:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6facc989c99f69e2a5212ef1f945f82b94db091d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:97:f6:0a:3b:6b:20:87:bb:e0:97:8c:ac:3d:
b7:a7:03:91:c9:3a:ba:91:4e:e3:a4:aa:6e:60:f0:
de:4f:af:eb:f3:3c:b0:62:05:6b:c1:0d:4c:bd:d7:
ce:10:12:8e:45:ab:fe:ec:b4:9e:91:b6:10:45:46:
d0:22:26:45:0e:99:f1:36:ad:2f:08:cd:1b:af:df:
28:ea:95:37:35:0b:c8:ad:7c:d0:fd:d9:3f:b0:18:
78:ac:a1:76:18:36:bf:55:eb:48:29:70:b5:15:aa:
04:f3:d2:dc:92:17:36:66:d2:ef:72:4e:cd:fa:d2:
76:e2:68:20:c5:43:b8:88:e6:26:1c:e9:89:36:9f:
4c:ad:aa:0b:f5:72:f1:82:b2:d3:ca:b4:73:05:ef:
e8:66:86:10:42:a1:93:57:60:f5:ed:41:51:35:63:
2f:77:68:6c:c5:80:61:6e:87:82:c5:77:0e:fe:17:
55:f4:17:42:76:03:cd:59:ea:23:29:ca:9d:3e:ef:
17:d5:8f:48:96:77:f0:c9:89:3a:e8:5b:38:74:04:
29:af:dc:aa:81:e0:9d:51:bb:c0:e4:01:5a:86:03:
b3:68:c6:0d:41:ac:85:59:14:18:90:ec:23:27:f1:
fa:62:7d:b6:e3:0f:04:ad:b7:6f:15:c1:71:43:2f:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:AC:C9:89:C9:9F:69:E2:A5:21:2E:F1:F9:45:F8:2B:94:DB:09:1D
X509v3 Authority Key Identifier:
keyid:49:2A:8E:48:2A:81:D9:0C:45:C4:D9:0A:C6:68:A3:F2:24:5C:0D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSqOSCqB2QxFxNkKxmij8iRcDW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/b6zJicmfaeKlIS7x-UX4K5TbCR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b8eadf-8037-4fae-8d2c-e0a3cbd04796/1/SSqOSCqB2QxFxNkKxmij8iRcDW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.32.0/22
Signature Algorithm: sha256WithRSAEncryption
22:ae:db:95:81:a1:60:2d:dc:31:21:39:9e:8d:39:be:49:6c:
67:a5:0c:a3:1d:3d:98:23:bf:a6:b3:13:40:01:bc:e5:ce:c2:
f2:7d:51:06:e1:71:cb:6f:75:12:52:b6:f9:e6:1d:d5:5a:86:
54:aa:fd:26:2a:5e:57:09:e4:af:be:54:13:44:f4:95:42:85:
5c:d3:dd:5a:66:8f:07:f7:a7:b5:dd:43:54:0c:66:f3:0d:4f:
31:d3:30:dd:03:c6:b9:f8:a5:02:89:f7:b4:bc:2d:98:a9:90:
5e:ce:55:2d:bb:0f:6f:a4:da:1d:98:4d:f9:12:c6:fa:01:62:
cd:2d:54:b5:f0:62:10:2d:ea:0f:d7:4d:61:f1:3d:ea:64:6c:
ed:85:65:7d:96:ee:dc:2e:4f:60:7b:ba:a2:59:4c:32:7c:7d:
8d:84:9b:a3:18:08:b1:f2:bd:88:e5:9b:f1:5e:6e:db:52:8b:
87:fc:26:97:4a:98:c4:f5:3a:93:e1:fb:62:2a:21:13:c5:d7:
93:a4:c3:ea:25:84:a1:2c:49:30:be:af:4e:b4:23:9e:96:2f:
a9:9b:67:bc:aa:ec:dc:cb:ce:e8:cc:c5:f2:7d:37:b2:30:a3:
07:22:86:0d:9e:7a:73:48:0b:2f:43:b2:af:ab:93:3b:08:3f:
c0:bb:51:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyGQwE0CDKdd4yLdu9QWCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MmE4ZTQ4MmE4MWQ5MGM0NWM0ZDkwYWM2NjhhM2YyMjQ1
YzBkNmQwHhcNMjMwMTAyMTA0ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmFjYzk4OWM5OWY2OWUyYTUyMTJlZjFmOTQ1ZjgyYjk0ZGIwOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipf2CjtrIIe74JeMrD23pwORyTq6
kU7jpKpuYPDeT6/r8zywYgVrwQ1MvdfOEBKORav+7LSekbYQRUbQIiZFDpnxNq0v
CM0br98o6pU3NQvIrXzQ/dk/sBh4rKF2GDa/VetIKXC1FaoE89Lckhc2ZtLvck7N
+tJ24mggxUO4iOYmHOmJNp9MraoL9XLxgrLTyrRzBe/oZoYQQqGTV2D17UFRNWMv
d2hsxYBhboeCxXcO/hdV9BdCdgPNWeojKcqdPu8X1Y9IlnfwyYk66Fs4dAQpr9yq
geCdUbvA5AFahgOzaMYNQayFWRQYkOwjJ/H6Yn224w8ErbdvFcFxQy/kPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+syYnJn2nipSEu8flF+CuU2wkdMB8GA1UdIwQY
MBaAFEkqjkgqgdkMRcTZCsZoo/IkXA1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMt
ZTBhM2NiZDA0Nzk2LzEvYjZ6SmljbWZhZUtsSVM3eC1VWDRLNVRiQ1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9iOGVhZGYtODAzNy00ZmFlLThkMmMtZTBhM2NiZDA0Nzk2
LzEvU1NxT1NDcUIyUXhGeE5rS3htaWo4aVJjRFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTwgMA0G
CSqGSIb3DQEBCwUAA4IBAQAirtuVgaFgLdwxITmejTm+SWxnpQyjHT2YI7+msxNA
AbzlzsLyfVEG4XHLb3USUrb55h3VWoZUqv0mKl5XCeSvvlQTRPSVQoVc091aZo8H
96e13UNUDGbzDU8x0zDdA8a5+KUCife0vC2YqZBezlUtuw9vpNodmE35Esb6AWLN
LVS18GIQLeoP101h8T3qZGzthWV9lu7cLk9ge7qiWUwyfH2NhJujGAix8r2I5Zvx
Xm7bUouH/CaXSpjE9TqT4ftiKiETxdeTpMPqJYShLEkwvq9OtCOeli+pm2e8quzc
y87ozMXyfTeyMKMHIoYNnnpzSAsvQ7Kvq5M7CD/Au1GP
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:03 2025 by rpki-client