Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/_ag2IfFiqHsJxzTkcrN-_BkFbNg.roa
File: _ag2IfFiqHsJxzTkcrN-_BkFbNg.roa (raw, json)
Hash identifier: NMiyZfh621W2h7tZXn0ZLSLXz5lbP7uVT2rQZn0lApY=
Subject key identifier: FD:A8:36:21:F1:62:A8:7B:09:C7:34:E4:72:B3:7E:FC:19:05:6C:D8
Certificate issuer: /CN=afe4a0d5fda600c5d5b7f618f686d7e93051b4d7
Certificate serial: 018571B0B7693177EB78D35B35E84726567F
Authority key identifier: AF:E4:A0:D5:FD:A6:00:C5:D5:B7:F6:18:F6:86:D7:E9:30:51:B4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-Sg1f2mAMXVt_YY9obX6TBRtNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/_ag2IfFiqHsJxzTkcrN-_BkFbNg.roa
Signing time: Mon 02 Jan 2023 08:54:44 +0000
ROA not before: Mon 02 Jan 2023 08:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60003
IP address blocks: 185.60.72.0/22 maxlen: 22
2a02:71a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:b7:69:31:77:eb:78:d3:5b:35:e8:47:26:56:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afe4a0d5fda600c5d5b7f618f686d7e93051b4d7
Validity
Not Before: Jan 2 08:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda83621f162a87b09c734e472b37efc19056cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ff:83:a7:08:7e:10:06:2e:d3:df:ce:00:f9:
7a:95:ed:d2:23:3b:20:8a:21:34:c3:1c:78:7e:ec:
4e:c2:44:f3:e5:41:2c:3b:cb:b4:3a:a6:db:d3:ae:
fd:7a:67:76:8e:9a:a2:2e:46:3d:a4:fc:1b:dd:37:
64:6a:49:f5:ad:7c:dc:52:f4:21:14:28:3b:76:28:
79:d6:b7:43:10:72:8f:af:f4:ef:5f:54:5c:14:34:
68:98:98:52:03:70:e1:c1:58:a2:d6:54:87:d7:ca:
e3:a7:77:46:20:f5:9c:73:88:4a:7e:fc:6c:7b:44:
a0:f6:05:a9:9a:c2:b6:61:0d:4a:01:be:67:ee:64:
3c:78:b3:0f:a2:34:59:e2:21:f9:06:19:b4:c4:cb:
37:ff:0b:5e:0b:f5:93:78:dd:06:b3:0d:fc:67:4a:
ff:34:92:01:d7:9f:34:3f:4e:c4:49:84:0b:f3:e7:
82:71:58:bd:5a:69:62:19:60:1b:7d:df:17:5e:c0:
f9:c1:65:f6:ab:84:4e:c3:f9:55:45:c7:ba:f4:cb:
41:ba:e2:2a:d2:b6:f6:16:c5:5c:ad:4a:10:16:4f:
57:9e:7f:ed:0c:70:ed:e2:d4:e2:9d:7e:e7:05:27:
1d:eb:6a:55:5c:59:da:df:5f:8c:96:33:e1:46:7d:
89:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A8:36:21:F1:62:A8:7B:09:C7:34:E4:72:B3:7E:FC:19:05:6C:D8
X509v3 Authority Key Identifier:
keyid:AF:E4:A0:D5:FD:A6:00:C5:D5:B7:F6:18:F6:86:D7:E9:30:51:B4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-Sg1f2mAMXVt_YY9obX6TBRtNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/_ag2IfFiqHsJxzTkcrN-_BkFbNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9467c8-0c90-46e1-91c0-e107d9f16c2d/1/r-Sg1f2mAMXVt_YY9obX6TBRtNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.72.0/22
IPv6:
2a02:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:98:ce:3b:06:bf:b2:6c:fb:77:c1:07:2c:8c:fa:51:97:13:
16:4c:15:39:77:c5:df:fc:dc:a2:e6:2c:a9:ec:0b:f4:1f:f1:
e8:1c:2f:fa:db:89:fa:06:50:70:6d:8d:82:13:b3:d4:e2:45:
63:94:fd:06:ac:25:65:9c:18:59:66:a2:f6:4c:bd:a3:b1:71:
20:de:48:27:af:9b:d5:7b:7f:d2:45:f6:e2:ac:e3:54:c5:48:
0d:d0:00:9f:26:e3:50:ad:65:0d:00:21:8c:76:fb:f5:3c:4e:
67:bc:2d:87:0f:ed:f8:be:89:43:3e:28:6d:3e:43:72:d9:72:
ef:30:52:aa:ef:9e:21:30:49:bf:23:96:83:0a:c1:dc:7a:5e:
da:f3:20:f0:88:05:97:6e:4b:b4:67:6d:2f:70:9b:57:99:05:
1b:3c:44:36:d5:51:ed:bb:06:c6:94:b3:a6:4c:e1:e8:ac:8a:
6a:16:00:fc:80:f8:bd:41:c1:c8:25:e9:9d:32:bd:2f:01:f3:
6d:92:a1:67:6e:27:e6:87:9d:09:6b:b9:f1:0a:6a:19:7e:c3:
3e:0c:83:78:91:22:70:16:7d:8a:fd:e6:4a:7d:5c:17:60:1b:
ef:77:95:7f:5a:c3:08:76:81:85:ab:b8:f8:06:b1:c4:2b:3e:
38:a9:43:b6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsLdpMXfreNNbNehHJlZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZTRhMGQ1ZmRhNjAwYzVkNWI3ZjYxOGY2ODZkN2U5MzA1
MWI0ZDcwHhcNMjMwMTAyMDg1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE4MzYyMWYxNjJhODdiMDljNzM0ZTQ3MmIzN2VmYzE5MDU2Y2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgP+Dpwh+EAYu09/OAPl6le3SIzsg
iiE0wxx4fuxOwkTz5UEsO8u0Oqbb0679emd2jpqiLkY9pPwb3Tdkakn1rXzcUvQh
FCg7dih51rdDEHKPr/TvX1RcFDRomJhSA3DhwVii1lSH18rjp3dGIPWcc4hKfvxs
e0Sg9gWpmsK2YQ1KAb5n7mQ8eLMPojRZ4iH5Bhm0xMs3/wteC/WTeN0Gsw38Z0r/
NJIB1580P07ESYQL8+eCcVi9WmliGWAbfd8XXsD5wWX2q4ROw/lVRce69MtBuuIq
0rb2FsVcrUoQFk9Xnn/tDHDt4tTinX7nBScd62pVXFna31+MljPhRn2JMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP2oNiHxYqh7Ccc05HKzfvwZBWzYMB8GA1UdIwQY
MBaAFK/koNX9pgDF1bf2GPaG1+kwUbTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci1TZzFmMm1BTVhWdF9ZWTlvYlg2VEJSdE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85NDY3YzgtMGM5MC00NmUxLTkxYzAt
ZTEwN2Q5ZjE2YzJkLzEvX2FnMklmRmlxSHNKeHpUa2NyTi1fQmtGYk5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85NDY3YzgtMGM5MC00NmUxLTkxYzAtZTEwN2Q5ZjE2YzJk
LzEvci1TZzFmMm1BTVhWdF9ZWTlvYlg2VEJSdE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTxIMA0E
AgACMAcDBQAqAnGgMA0GCSqGSIb3DQEBCwUAA4IBAQBqmM47Br+ybPt3wQcsjPpR
lxMWTBU5d8Xf/Nyi5iyp7Av0H/HoHC/624n6BlBwbY2CE7PU4kVjlP0GrCVlnBhZ
ZqL2TL2jsXEg3kgnr5vVe3/SRfbirONUxUgN0ACfJuNQrWUNACGMdvv1PE5nvC2H
D+34volDPihtPkNy2XLvMFKq754hMEm/I5aDCsHcel7a8yDwiAWXbku0Z20vcJtX
mQUbPEQ21VHtuwbGlLOmTOHorIpqFgD8gPi9QcHIJemdMr0vAfNtkqFnbifmh50J
a7nxCmoZfsM+DIN4kSJwFn2K/eZKfVwXYBvvd5V/WsMIdoGFq7j4BrHEKz44qUO2
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:05 2025 by rpki-client