Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/2m3ZJ28erpE5WSpnk_ibkIUA4Kg.roa
File: 2m3ZJ28erpE5WSpnk_ibkIUA4Kg.roa (raw, json)
Hash identifier: 67FkhichY8YjGFZcPL1/X61OLb8HPgbeUGiwiPHkMsw=
Subject key identifier: DA:6D:D9:27:6F:1E:AE:91:39:59:2A:67:93:F8:9B:90:85:00:E0:A8
Certificate issuer: /CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Certificate serial: 01856FF05337D50754BBD1289E986A295180
Authority key identifier: 21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/2m3ZJ28erpE5WSpnk_ibkIUA4Kg.roa
Signing time: Mon 02 Jan 2023 00:44:58 +0000
ROA not before: Mon 02 Jan 2023 00:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206988
IP address blocks: 185.169.224.0/22 maxlen: 22
2a0a:6d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:53:37:d5:07:54:bb:d1:28:9e:98:6a:29:51:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213d8735c144cf12565843b69eb40a4d1a301aa5
Validity
Not Before: Jan 2 00:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da6dd9276f1eae9139592a6793f89b908500e0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:0e:6e:08:39:06:2e:49:75:91:0c:ba:ac:
73:23:8f:24:99:8e:29:99:20:30:86:13:f6:50:3b:
d3:b1:62:e3:c3:9a:a6:25:18:6f:c2:ca:4a:f9:65:
7d:3d:e2:a0:c3:c2:0b:08:2b:c5:12:71:9d:58:4b:
4b:81:fc:99:ac:a5:bc:57:d1:90:f5:39:db:94:60:
ab:a5:df:58:35:c7:39:6c:dd:90:2c:b3:c4:fb:bf:
4c:d2:fe:5c:93:9b:43:1d:d7:8b:cd:00:cb:17:49:
4c:dc:44:ac:82:68:02:24:18:3d:cd:b3:e7:e5:2e:
13:c0:c2:f6:5d:23:c0:09:95:fc:e7:92:8c:c2:cc:
53:d3:f2:af:2b:cb:38:c1:4e:c0:0d:8b:92:34:b4:
bf:14:c6:78:c5:34:b1:0f:4a:28:90:2f:b9:a0:5e:
b5:d0:f8:71:09:0a:5e:ed:e7:4b:84:66:db:2c:40:
74:10:c1:88:01:43:ab:65:55:45:fb:92:b8:97:73:
a5:f6:3b:af:77:b5:ae:88:b0:d1:66:c2:37:a6:b8:
fd:dc:75:62:49:6a:1f:4d:75:a4:5f:f5:89:84:e3:
fd:ce:b3:d2:53:15:67:43:f4:96:bc:b0:9b:95:be:
32:48:3b:5e:38:6d:82:30:9a:68:87:5b:f9:9d:27:
bd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6D:D9:27:6F:1E:AE:91:39:59:2A:67:93:F8:9B:90:85:00:E0:A8
X509v3 Authority Key Identifier:
keyid:21:3D:87:35:C1:44:CF:12:56:58:43:B6:9E:B4:0A:4D:1A:30:1A:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT2HNcFEzxJWWEO2nrQKTRowGqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/2m3ZJ28erpE5WSpnk_ibkIUA4Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b043af-b492-4b5b-a250-301433ebe436/1/IT2HNcFEzxJWWEO2nrQKTRowGqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.224.0/22
IPv6:
2a0a:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
14:e4:b3:9a:57:a0:17:99:77:d5:d4:b1:44:d0:ae:3f:7d:0f:
47:5a:1d:9d:ef:16:4b:43:49:0a:de:6e:71:2c:c2:a7:03:df:
fe:5c:a9:2e:78:5a:9d:1c:94:97:11:ca:30:fc:79:99:3e:56:
6c:4b:2e:13:70:68:25:ce:41:98:bb:83:0c:d2:97:71:01:5c:
cc:eb:24:3d:26:3a:c9:ac:f3:7a:3f:27:ad:6c:9b:19:39:f8:
d9:2b:ba:38:89:34:8c:28:4d:3f:49:3e:9a:3f:b8:04:af:39:
69:9a:b1:84:53:1a:88:4d:fb:3e:d2:cb:9c:46:63:7d:28:25:
fc:24:b9:c8:a4:7f:15:a8:c0:97:9e:72:2e:07:5e:86:56:96:
5c:20:d3:2e:da:53:6b:45:3a:8c:25:00:4d:58:38:36:49:9b:
71:30:4c:a7:0f:4c:60:14:48:21:ac:74:fa:c0:c9:32:ff:6b:
c9:dc:99:ba:63:bd:9b:cc:2e:6d:e5:88:db:fd:3e:62:33:52:
95:7c:e5:83:27:ed:dd:72:f2:ed:99:d6:ea:4e:a1:65:3d:c2:
2a:86:4f:81:2d:3b:bf:dd:b0:24:39:e2:a5:59:09:7e:6d:84:
1e:f9:af:21:e1:2a:88:01:13:fe:3d:9b:58:50:0f:d1:88:d3:
16:eb:d1:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv8FM31QdUu9EonphqKVGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2Q4NzM1YzE0NGNmMTI1NjU4NDNiNjllYjQwYTRkMWEz
MDFhYTUwHhcNMjMwMTAyMDA0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTZkZDkyNzZmMWVhZTkxMzk1OTJhNjc5M2Y4OWI5MDg1MDBlMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8sObgg5Bi5JdZEMuqxzI48kmY4p
mSAwhhP2UDvTsWLjw5qmJRhvwspK+WV9PeKgw8ILCCvFEnGdWEtLgfyZrKW8V9GQ
9TnblGCrpd9YNcc5bN2QLLPE+79M0v5ck5tDHdeLzQDLF0lM3ESsgmgCJBg9zbPn
5S4TwML2XSPACZX855KMwsxT0/KvK8s4wU7ADYuSNLS/FMZ4xTSxD0ookC+5oF61
0PhxCQpe7edLhGbbLEB0EMGIAUOrZVVF+5K4l3Ol9juvd7WuiLDRZsI3prj93HVi
SWofTXWkX/WJhOP9zrPSUxVnQ/SWvLCblb4ySDteOG2CMJpoh1v5nSe9VQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNpt2SdvHq6ROVkqZ5P4m5CFAOCoMB8GA1UdIwQY
MBaAFCE9hzXBRM8SVlhDtp60Ck0aMBqlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAt
MzAxNDMzZWJlNDM2LzEvMm0zWkoyOGVycEU1V1NwbmtfaWJrSVVBNEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iMDQzYWYtYjQ5Mi00YjViLWEyNTAtMzAxNDMzZWJlNDM2
LzEvSVQySE5jRkV6eEpXV0VPMm5yUUtUUm93R3FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuangMA0E
AgACMAcDBQMqCm0AMA0GCSqGSIb3DQEBCwUAA4IBAQAU5LOaV6AXmXfV1LFE0K4/
fQ9HWh2d7xZLQ0kK3m5xLMKnA9/+XKkueFqdHJSXEcow/HmZPlZsSy4TcGglzkGY
u4MM0pdxAVzM6yQ9JjrJrPN6PyetbJsZOfjZK7o4iTSMKE0/ST6aP7gErzlpmrGE
UxqITfs+0sucRmN9KCX8JLnIpH8VqMCXnnIuB16GVpZcINMu2lNrRTqMJQBNWDg2
SZtxMEynD0xgFEghrHT6wMky/2vJ3Jm6Y72bzC5t5Yjb/T5iM1KVfOWDJ+3dcvLt
mdbqTqFlPcIqhk+BLTu/3bAkOeKlWQl+bYQe+a8h4SqIARP+PZtYUA/RiNMW69EO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:46 2025 by rpki-client