Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ad64bb-d539-4a8e-b0e6-5f89b885f729/1/6Cm8fG6pqndiBJkA6bCxvaRTTLE.roa
File: 6Cm8fG6pqndiBJkA6bCxvaRTTLE.roa (raw, json)
Hash identifier: 0PR7QNJ1XzndZBxH1HQeB+KTMXDu8Bpgwu3QOdI9Dno=
Subject key identifier: E8:29:BC:7C:6E:A9:AA:77:62:04:99:00:E9:B0:B1:BD:A4:53:4C:B1
Certificate issuer: /CN=e8d878aa53081893ba528524ef143ea9271392b8
Certificate serial: 01856B6EB1CACDEDA0DCBE80A30D3AF1F554
Authority key identifier: E8:D8:78:AA:53:08:18:93:BA:52:85:24:EF:14:3E:A9:27:13:92:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Nh4qlMIGJO6UoUk7xQ-qScTkrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ad64bb-d539-4a8e-b0e6-5f89b885f729/1/6Cm8fG6pqndiBJkA6bCxvaRTTLE.roa
Signing time: Sun 01 Jan 2023 03:44:54 +0000
ROA not before: Sun 01 Jan 2023 03:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 64431
IP address blocks: 185.165.128.0/22 maxlen: 24
2a0a:600::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:6e:b1:ca:cd:ed:a0:dc:be:80:a3:0d:3a:f1:f5:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8d878aa53081893ba528524ef143ea9271392b8
Validity
Not Before: Jan 1 03:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e829bc7c6ea9aa7762049900e9b0b1bda4534cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3a:dc:de:e3:9b:51:98:ae:b3:c1:70:31:26:
5c:a2:e8:8c:fe:8b:ab:1a:28:49:14:93:f0:4b:ce:
00:bb:34:6f:e2:55:f9:70:19:cf:53:17:a0:9b:ed:
a3:7e:50:c6:8d:92:ef:bf:99:40:47:0e:07:50:cb:
06:a5:8d:78:91:0a:fd:6a:7a:51:a6:9c:0e:b7:c4:
36:b2:a7:4a:92:18:b0:3c:d9:19:7f:b9:c2:fa:fc:
87:eb:f3:62:58:b2:e7:cc:cc:5e:4f:3b:7e:f6:eb:
01:41:0e:de:65:f3:b4:36:36:2d:b3:64:4b:0e:65:
90:aa:02:13:24:84:61:2e:30:d2:35:b1:8b:b2:41:
64:8c:31:d8:a9:e8:56:04:57:a8:d0:8c:45:4e:0f:
ba:83:58:b6:f4:5c:21:d6:b8:17:b5:4f:51:e3:7f:
1a:8e:db:b8:fa:44:69:c3:a7:cd:6a:99:be:4b:05:
9b:5f:93:83:c1:d8:c5:b3:35:14:55:01:93:a1:26:
f4:17:21:c6:46:60:7d:d0:bc:f9:83:8c:10:4c:fb:
2a:bd:5a:a4:48:6f:74:b8:d3:02:03:99:3b:ae:3e:
10:e1:22:62:df:db:c9:69:de:dc:36:b6:ff:6c:1f:
90:d0:71:62:f4:90:d6:37:9b:df:80:7e:a2:5e:d7:
6e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:29:BC:7C:6E:A9:AA:77:62:04:99:00:E9:B0:B1:BD:A4:53:4C:B1
X509v3 Authority Key Identifier:
keyid:E8:D8:78:AA:53:08:18:93:BA:52:85:24:EF:14:3E:A9:27:13:92:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Nh4qlMIGJO6UoUk7xQ-qScTkrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ad64bb-d539-4a8e-b0e6-5f89b885f729/1/6Cm8fG6pqndiBJkA6bCxvaRTTLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ad64bb-d539-4a8e-b0e6-5f89b885f729/1/6Nh4qlMIGJO6UoUk7xQ-qScTkrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.128.0/22
IPv6:
2a0a:600::/29
Signature Algorithm: sha256WithRSAEncryption
78:51:2c:e0:bc:6e:55:14:f4:b8:dc:eb:1f:7e:05:76:29:54:
2b:cf:9d:e0:56:c5:bd:e6:7a:47:ac:9f:ef:c4:3d:cf:7a:4d:
f6:88:a8:8c:e4:a8:94:14:8a:2c:54:a9:21:cf:73:58:b9:f0:
0b:d2:95:bf:31:b3:cf:0b:34:33:03:14:d7:16:28:4d:27:2a:
58:8a:5f:ff:52:85:d2:66:6b:8f:b4:a8:7d:50:0c:18:7a:72:
28:9f:99:57:6a:fe:ad:42:33:20:ea:a6:32:b5:88:56:06:1e:
fc:28:dc:a6:ad:c8:51:ae:35:e8:20:6e:e8:5f:7a:f5:52:22:
75:82:45:cb:d3:a8:72:bc:5f:a7:f4:8a:0f:8c:e2:e6:64:b0:
17:b7:08:16:fd:cd:6c:42:10:a3:05:9b:fe:7b:3c:bd:b9:24:
2e:d9:f5:15:45:c6:48:57:cb:01:ca:94:09:67:98:e4:f0:52:
36:59:c9:b6:4e:4c:08:e8:7d:06:5f:5e:26:4f:70:bf:39:6c:
34:44:16:42:ca:bb:7e:89:4c:a1:f6:67:17:2d:74:5d:2f:99:
9d:46:e4:bb:91:23:24:2c:33:a6:08:31:a0:f3:4c:f3:d5:70:
11:c1:9f:c2:70:7d:79:76:b5:f8:40:12:b5:ae:80:0f:97:20:
ee:dc:24:54
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrbrHKze2g3L6Aow068fVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4ZDg3OGFhNTMwODE4OTNiYTUyODUyNGVmMTQzZWE5Mjcx
MzkyYjgwHhcNMjMwMTAxMDM0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODI5YmM3YzZlYTlhYTc3NjIwNDk5MDBlOWIwYjFiZGE0NTM0Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujrc3uObUZius8FwMSZcouiM/our
GihJFJPwS84AuzRv4lX5cBnPUxegm+2jflDGjZLvv5lARw4HUMsGpY14kQr9anpR
ppwOt8Q2sqdKkhiwPNkZf7nC+vyH6/NiWLLnzMxeTzt+9usBQQ7eZfO0NjYts2RL
DmWQqgITJIRhLjDSNbGLskFkjDHYqehWBFeo0IxFTg+6g1i29Fwh1rgXtU9R438a
jtu4+kRpw6fNapm+SwWbX5ODwdjFszUUVQGToSb0FyHGRmB90Lz5g4wQTPsqvVqk
SG90uNMCA5k7rj4Q4SJi39vJad7cNrb/bB+Q0HFi9JDWN5vfgH6iXtduKwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOgpvHxuqap3YgSZAOmwsb2kU0yxMB8GA1UdIwQY
MBaAFOjYeKpTCBiTulKFJO8UPqknE5K4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk5oNHFsTUlHSk82VW9Vazd4US1xU2NUa3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9hZDY0YmItZDUzOS00YThlLWIwZTYt
NWY4OWI4ODVmNzI5LzEvNkNtOGZHNnBxbmRpQkprQTZiQ3h2YVJUVExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9hZDY0YmItZDUzOS00YThlLWIwZTYtNWY4OWI4ODVmNzI5
LzEvNk5oNHFsTUlHSk82VW9Vazd4US1xU2NUa3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaWAMA0E
AgACMAcDBQMqCgYAMA0GCSqGSIb3DQEBCwUAA4IBAQB4USzgvG5VFPS43OsffgV2
KVQrz53gVsW95npHrJ/vxD3Pek32iKiM5KiUFIosVKkhz3NYufAL0pW/MbPPCzQz
AxTXFihNJypYil//UoXSZmuPtKh9UAwYenIon5lXav6tQjMg6qYytYhWBh78KNym
rchRrjXoIG7oX3r1UiJ1gkXL06hyvF+n9IoPjOLmZLAXtwgW/c1sQhCjBZv+ezy9
uSQu2fUVRcZIV8sBypQJZ5jk8FI2Wcm2TkwI6H0GX14mT3C/OWw0RBZCyrt+iUyh
9mcXLXRdL5mdRuS7kSMkLDOmCDGg80zz1XARwZ/CcH15drX4QBK1roAPlyDu3CRU
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:37 2025 by rpki-client