Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/ATzRkAiOWGBwPpywlAMEEYjwoGU.roa
File: ATzRkAiOWGBwPpywlAMEEYjwoGU.roa (raw, json)
Hash identifier: LXWthiwpVEW6qqIu65FQhUvUAMibPZvgO+QMWE4weo8=
Subject key identifier: 01:3C:D1:90:08:8E:58:60:70:3E:9C:B0:94:03:04:11:88:F0:A0:65
Certificate issuer: /CN=c7221e402998abc1f035475e158b74e8c76920c0
Certificate serial: 018570676515255F1CC3A7C3A453ADBF0835
Authority key identifier: C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/ATzRkAiOWGBwPpywlAMEEYjwoGU.roa
Signing time: Mon 02 Jan 2023 02:55:02 +0000
ROA not before: Mon 02 Jan 2023 02:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205935
IP address blocks: 185.201.132.0/24 maxlen: 24
185.201.135.0/24 maxlen: 24
185.201.134.0/24 maxlen: 24
185.201.133.0/24 maxlen: 24
2a0a:c441::/32 maxlen: 32
2a0a:c445::/32 maxlen: 32
2a0a:c443::/32 maxlen: 32
2a0a:c447::/32 maxlen: 32
2a0a:c444::/32 maxlen: 32
2a0a:c442::/32 maxlen: 32
2a0a:c440::/32 maxlen: 32
2a0a:c446::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:65:15:25:5f:1c:c3:a7:c3:a4:53:ad:bf:08:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7221e402998abc1f035475e158b74e8c76920c0
Validity
Not Before: Jan 2 02:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=013cd190088e5860703e9cb09403041188f0a065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:70:00:9f:01:40:ad:c4:c4:d2:d4:64:86:aa:
f4:ee:8c:2f:7e:8d:fd:34:9c:e8:77:86:8e:8b:62:
0b:c9:a0:c2:13:b8:02:a8:82:6c:4c:b4:7b:a6:a5:
a9:f5:37:7d:91:39:e6:e5:fc:43:00:ff:47:04:48:
72:da:b2:b2:3e:02:4d:b7:da:a8:b9:51:93:21:f7:
34:b7:c0:e3:4e:b0:bf:31:49:a2:51:0c:48:9f:22:
45:b1:bd:fd:3c:c2:5c:a5:36:47:3f:23:99:68:5c:
a6:10:06:3c:94:1f:20:5c:76:32:31:3e:19:18:52:
01:39:43:f4:d9:11:b5:af:0b:8b:ba:18:43:4d:69:
0d:10:a5:67:94:f4:a3:7b:a2:2b:dc:e9:99:d0:9d:
c8:b1:73:07:d7:d4:d5:5e:30:7c:06:be:30:5e:c4:
f1:02:17:db:05:99:69:18:c2:e4:46:84:20:57:14:
49:61:b6:ef:52:4c:cc:9b:09:87:8a:70:21:d8:cf:
b5:d6:15:90:9d:d3:bb:d8:e5:aa:3b:4a:fb:f4:f0:
98:6d:7f:bc:16:67:95:3a:e8:88:53:49:22:4a:68:
25:5f:5c:b4:6a:be:e0:c6:d0:6e:48:72:16:19:09:
60:38:e6:21:48:f4:8e:ff:f6:8e:b2:68:49:60:6f:
a6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3C:D1:90:08:8E:58:60:70:3E:9C:B0:94:03:04:11:88:F0:A0:65
X509v3 Authority Key Identifier:
keyid:C7:22:1E:40:29:98:AB:C1:F0:35:47:5E:15:8B:74:E8:C7:69:20:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xyIeQCmYq8HwNUdeFYt06MdpIMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/ATzRkAiOWGBwPpywlAMEEYjwoGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e9ca7a-411c-43a8-952f-cc540608c41d/1/xyIeQCmYq8HwNUdeFYt06MdpIMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.132.0/22
IPv6:
2a0a:c440::/29
Signature Algorithm: sha256WithRSAEncryption
71:80:35:29:ae:b6:b7:34:82:78:92:6a:09:68:45:30:ff:93:
c7:7d:8f:b5:d6:2d:46:1b:be:4a:b3:48:dd:6f:d2:51:2d:16:
72:95:9d:c7:07:5f:cc:db:bb:25:d7:99:53:cf:29:d1:b9:a6:
65:cc:f1:37:2f:5e:89:d5:cf:25:20:35:33:92:5e:77:aa:bd:
ad:b1:fe:1c:e6:33:5d:1c:15:cb:95:56:1b:92:bb:00:eb:9f:
40:89:a3:49:be:17:0e:93:9f:5a:c7:d0:9b:a4:bb:83:fa:54:
bd:d7:61:96:0a:2a:a2:1b:ce:6f:82:9f:d2:8d:55:e6:f2:90:
54:ff:27:10:50:0d:fc:26:c3:79:7b:2a:29:1a:23:ff:f7:5a:
32:e3:87:84:ef:a3:d9:c3:89:40:0a:cd:47:46:39:a4:cb:4b:
5a:cf:74:68:83:e9:d6:2c:10:7d:f8:4a:01:40:3b:74:67:76:
53:4b:86:f4:11:39:14:0b:d9:d3:98:70:11:43:3c:35:ba:89:
6a:a5:6f:db:d4:07:b3:93:ce:fe:a5:63:45:1c:e8:21:77:2b:
a8:26:25:7a:47:a7:f0:aa:87:75:34:88:eb:f9:a0:ae:d1:54:
6f:bd:ab:34:6f:91:7d:c2:02:01:4c:2d:e0:09:f9:bd:7c:1d:
9d:9a:b6:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZ2UVJV8cw6fDpFOtvwg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MjIxZTQwMjk5OGFiYzFmMDM1NDc1ZTE1OGI3NGU4Yzc2
OTIwYzAwHhcNMjMwMTAyMDI1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNjZDE5MDA4OGU1ODYwNzAzZTljYjA5NDAzMDQxMTg4ZjBhMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3AAnwFArcTE0tRkhqr07owvfo39
NJzod4aOi2ILyaDCE7gCqIJsTLR7pqWp9Td9kTnm5fxDAP9HBEhy2rKyPgJNt9qo
uVGTIfc0t8DjTrC/MUmiUQxInyJFsb39PMJcpTZHPyOZaFymEAY8lB8gXHYyMT4Z
GFIBOUP02RG1rwuLuhhDTWkNEKVnlPSje6Ir3OmZ0J3IsXMH19TVXjB8Br4wXsTx
AhfbBZlpGMLkRoQgVxRJYbbvUkzMmwmHinAh2M+11hWQndO72OWqO0r79PCYbX+8
FmeVOuiIU0kiSmglX1y0ar7gxtBuSHIWGQlgOOYhSPSO//aOsmhJYG+maQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAE80ZAIjlhgcD6csJQDBBGI8KBlMB8GA1UdIwQY
MBaAFMciHkApmKvB8DVHXhWLdOjHaSDAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYt
Y2M1NDA2MDhjNDFkLzEvQVR6UmtBaU9XR0J3UHB5d2xBTUVFWWp3b0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOWNhN2EtNDExYy00M2E4LTk1MmYtY2M1NDA2MDhjNDFk
LzEveHlJZVFDbVlxOEh3TlVkZUZZdDA2TWRwSU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucmEMA0E
AgACMAcDBQMqCsRAMA0GCSqGSIb3DQEBCwUAA4IBAQBxgDUprra3NIJ4kmoJaEUw
/5PHfY+11i1GG75Ks0jdb9JRLRZylZ3HB1/M27sl15lTzynRuaZlzPE3L16J1c8l
IDUzkl53qr2tsf4c5jNdHBXLlVYbkrsA659AiaNJvhcOk59ax9CbpLuD+lS912GW
CiqiG85vgp/SjVXm8pBU/ycQUA38JsN5eyopGiP/91oy44eE76PZw4lACs1HRjmk
y0taz3Rog+nWLBB9+EoBQDt0Z3ZTS4b0ETkUC9nTmHARQzw1uolqpW/b1Aezk87+
pWNFHOghdyuoJiV6R6fwqod1NIjr+aCu0VRvvas0b5F9wgIBTC3gCfm9fB2dmrYP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:03 2025 by rpki-client