
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/2nRmtDuqA5HjoWpb2G0Nul0zXSI.roa
File: 2nRmtDuqA5HjoWpb2G0Nul0zXSI.roa (raw, json)
Hash identifier: xDdgz06c6ws3OYNxtdRpPEkKzoDXeRIwCxSqVyEJ918=
Subject key identifier: DA:74:66:B4:3B:AA:03:91:E3:A1:6A:5B:D8:6D:0D:BA:5D:33:5D:22
Certificate issuer: /CN=428e828829846f63465a37447ece3a746a48dd6c
Certificate serial: 0185734CBE0395EF50D01CB020E6EF579798
Authority key identifier: 42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/2nRmtDuqA5HjoWpb2G0Nul0zXSI.roa
Signing time: Mon 02 Jan 2023 16:24:47 +0000
ROA not before: Mon 02 Jan 2023 16:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59962
IP address blocks: 185.64.178.0/23 maxlen: 23
185.64.176.0/23 maxlen: 23
2a04:fb40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:be:03:95:ef:50:d0:1c:b0:20:e6:ef:57:97:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428e828829846f63465a37447ece3a746a48dd6c
Validity
Not Before: Jan 2 16:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da7466b43baa0391e3a16a5bd86d0dba5d335d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:d5:3b:6c:2b:fa:56:be:26:b1:ff:6d:2e:
50:67:2d:91:3b:8c:b9:5a:84:69:55:c0:5f:c4:6d:
eb:71:8b:b1:9f:83:f8:97:42:22:6c:3e:8c:73:08:
64:23:b3:5e:60:fb:20:9c:1e:d8:a3:6a:d8:15:c2:
a5:48:d9:f8:6c:e5:2b:7a:1a:53:44:3f:7c:1d:5a:
4d:a0:60:a5:cd:58:00:3f:c3:39:2b:d3:c4:a3:03:
c8:76:60:36:78:c6:34:cc:07:4d:60:a0:0f:b1:89:
b8:2e:da:6b:06:68:2c:e2:2c:52:1d:69:b7:e5:b1:
42:56:5d:8d:f1:43:1a:e6:7a:89:76:d4:4b:75:be:
17:2a:2e:44:70:ed:f4:d8:5d:86:a5:4c:41:5a:3f:
26:3b:e2:46:68:75:9c:24:34:1f:ff:d7:3f:5e:2b:
eb:13:4b:2e:a7:6b:78:54:c6:2e:ac:7b:44:85:71:
32:a8:b4:f3:ee:20:46:9f:f8:07:b9:6a:5d:5a:f7:
aa:cd:4c:a9:ca:8e:65:ea:91:98:db:1f:26:cf:ec:
d3:85:01:2b:e6:01:33:f0:e5:b8:7b:4b:fb:2b:3a:
e9:4d:36:5a:30:c3:2c:50:83:8a:7b:41:a8:d8:85:
f2:5a:d1:19:b1:c8:70:c7:4b:b4:1d:e8:30:b5:80:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:74:66:B4:3B:AA:03:91:E3:A1:6A:5B:D8:6D:0D:BA:5D:33:5D:22
X509v3 Authority Key Identifier:
keyid:42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/2nRmtDuqA5HjoWpb2G0Nul0zXSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.176.0/22
IPv6:
2a04:fb40::/29
Signature Algorithm: sha256WithRSAEncryption
9f:fa:cc:f8:d9:4b:22:e0:d8:9e:9e:2a:c4:66:ad:72:ab:3f:
1b:63:35:d2:6b:d7:ad:2d:e0:b5:ea:59:38:14:8f:c6:05:9e:
81:4f:e0:06:49:9b:51:33:3b:85:1b:c5:81:c9:37:c3:80:03:
58:0d:e7:89:10:35:b9:fa:41:7d:78:fe:f9:56:af:f6:40:80:
66:b3:52:02:3d:e1:0c:92:97:9a:52:fb:df:49:d1:78:e7:f2:
5b:2a:21:c1:83:e0:02:60:ff:31:44:44:6c:51:ff:61:94:38:
80:5c:0a:86:46:cf:66:a7:c9:6a:32:08:b4:32:ed:90:a7:ef:
1a:41:58:3b:a6:51:78:a7:97:8a:ed:39:68:d8:fe:19:a0:35:
8a:42:06:e7:53:c0:da:68:68:9d:a1:f4:c2:af:a4:92:6f:bf:
f9:13:40:84:51:fe:88:45:e1:df:d4:7d:42:5d:9a:8b:34:53:
0c:04:1e:24:30:6a:6c:49:8e:f5:fa:2b:0c:e1:5e:62:28:45:
0b:1d:66:9f:e5:12:9a:07:8c:78:2a:dc:03:ae:17:95:ed:ba:
23:72:a3:48:b6:09:46:18:d1:c7:7d:c7:f4:74:4e:98:e8:52:
74:00:c0:07:af:f6:1f:ce:2c:3d:99:93:0f:16:a4:41:0a:53:
61:d4:d6:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzTL4Dle9Q0BywIObvV5eYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGU4Mjg4Mjk4NDZmNjM0NjVhMzc0NDdlY2UzYTc0NmE0
OGRkNmMwHhcNMjMwMTAyMTYyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc0NjZiNDNiYWEwMzkxZTNhMTZhNWJkODZkMGRiYTVkMzM1ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkjVO2wr+la+JrH/bS5QZy2RO4y5
WoRpVcBfxG3rcYuxn4P4l0IibD6McwhkI7NeYPsgnB7Yo2rYFcKlSNn4bOUrehpT
RD98HVpNoGClzVgAP8M5K9PEowPIdmA2eMY0zAdNYKAPsYm4LtprBmgs4ixSHWm3
5bFCVl2N8UMa5nqJdtRLdb4XKi5EcO302F2GpUxBWj8mO+JGaHWcJDQf/9c/Xivr
E0sup2t4VMYurHtEhXEyqLTz7iBGn/gHuWpdWveqzUypyo5l6pGY2x8mz+zThQEr
5gEz8OW4e0v7KzrpTTZaMMMsUIOKe0Go2IXyWtEZschwx0u0HegwtYB/swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNp0ZrQ7qgOR46FqW9htDbpdM10iMB8GA1UdIwQY
MBaAFEKOgogphG9jRlo3RH7OOnRqSN1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW82Q2lDbUViMk5HV2pkRWZzNDZkR3BJM1d3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jNWJiNjMtMzBiZi00OGM4LWE0MzMt
YTJmNjdmMmJmOTUwLzEvMm5SbXREdXFBNUhqb1dwYjJHME51bDB6WFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9jNWJiNjMtMzBiZi00OGM4LWE0MzMtYTJmNjdmMmJmOTUw
LzEvUW82Q2lDbUViMk5HV2pkRWZzNDZkR3BJM1d3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCwMA0E
AgACMAcDBQMqBPtAMA0GCSqGSIb3DQEBCwUAA4IBAQCf+sz42Usi4NienirEZq1y
qz8bYzXSa9etLeC16lk4FI/GBZ6BT+AGSZtRMzuFG8WByTfDgANYDeeJEDW5+kF9
eP75Vq/2QIBms1ICPeEMkpeaUvvfSdF45/JbKiHBg+ACYP8xRERsUf9hlDiAXAqG
Rs9mp8lqMgi0Mu2Qp+8aQVg7plF4p5eK7Tlo2P4ZoDWKQgbnU8DaaGidofTCr6SS
b7/5E0CEUf6IReHf1H1CXZqLNFMMBB4kMGpsSY71+isM4V5iKEULHWaf5RKaB4x4
KtwDrheV7bojcqNItglGGNHHfcf0dE6Y6FJ0AMAHr/Yfziw9mZMPFqRBClNh1NbV
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:36 2025 by rpki-client