Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/vN8br1OyKQ1jPmahpcmBKpzayYg.roa
File: vN8br1OyKQ1jPmahpcmBKpzayYg.roa (raw, json)
Hash identifier: 765dMAqEDl25stvzKp4U2qnIpgzZtNPsHNfSmJcQ34Q=
Subject key identifier: BC:DF:1B:AF:53:B2:29:0D:63:3E:66:A1:A5:C9:81:2A:9C:DA:C9:88
Certificate issuer: /CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Certificate serial: 01856FE711159D5449692B0BEEA8A6873262
Authority key identifier: 66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/vN8br1OyKQ1jPmahpcmBKpzayYg.roa
Signing time: Mon 02 Jan 2023 00:34:52 +0000
ROA not before: Mon 02 Jan 2023 00:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200435
IP address blocks: 185.63.172.0/22 maxlen: 24
185.63.172.0/24 maxlen: 24
185.63.175.0/24 maxlen: 24
185.63.173.0/24 maxlen: 24
185.63.174.0/24 maxlen: 24
2a04:f600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:11:15:9d:54:49:69:2b:0b:ee:a8:a6:87:32:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Validity
Not Before: Jan 2 00:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcdf1baf53b2290d633e66a1a5c9812a9cdac988
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9d:f4:53:a5:ee:ef:0f:fc:bf:09:21:bd:bc:
11:ec:46:0f:1d:8f:36:9e:73:20:e0:dc:26:42:5e:
97:b6:db:74:d9:65:f8:e3:da:90:57:ff:07:94:43:
73:82:74:59:db:a6:af:88:e0:2b:0a:5c:b9:35:f6:
cb:80:56:06:db:2b:e0:08:38:a9:1d:4f:ba:6a:c8:
cd:54:b7:0a:0d:35:53:be:b8:61:f1:0e:61:f2:78:
79:20:25:75:f6:83:4d:28:3b:eb:c0:a3:9f:91:90:
e2:24:67:b7:c2:1f:6e:da:a2:b0:7c:41:6b:28:ca:
c4:5c:ab:96:2d:69:00:68:4e:23:b2:79:86:49:0e:
a4:f9:86:8b:39:9d:d3:19:09:cf:ad:fa:f2:62:3d:
94:f4:bd:a6:59:1c:f3:2e:a7:dd:21:67:ea:5d:fd:
43:98:3b:f0:d4:bd:b4:46:31:fb:5b:97:c1:83:bc:
d4:bc:06:e5:e0:68:80:74:ef:0c:71:6c:8d:59:6a:
02:c9:6c:1b:2d:1b:db:55:70:d1:b9:c7:49:a0:af:
8c:d5:40:53:eb:4d:5c:f8:0e:8b:0d:f1:d9:ee:20:
99:3c:22:9f:64:41:8a:4a:72:57:fc:27:26:42:7a:
13:4f:e0:5b:b7:58:13:50:60:2d:f6:93:11:f7:1c:
55:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DF:1B:AF:53:B2:29:0D:63:3E:66:A1:A5:C9:81:2A:9C:DA:C9:88
X509v3 Authority Key Identifier:
keyid:66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/vN8br1OyKQ1jPmahpcmBKpzayYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.172.0/22
IPv6:
2a04:f600::/29
Signature Algorithm: sha256WithRSAEncryption
3d:62:71:37:85:48:26:16:9e:24:98:e1:da:fd:6f:3f:7c:13:
da:d8:c1:bd:32:d1:4c:0f:f5:dd:fb:55:a0:cb:23:f2:6d:f8:
b4:c2:a6:0d:62:b0:5e:95:a7:7c:d5:e0:aa:9f:c8:35:73:29:
45:67:77:ca:a2:ca:8f:1f:9c:36:a1:ef:ef:c3:fe:ed:e2:77:
c0:48:ce:04:47:50:26:29:82:97:9c:d0:59:d5:38:e2:1d:98:
36:7d:2c:b6:a5:2f:b8:29:94:f7:8a:1b:fb:dc:cc:7d:dc:a0:
d2:fc:52:04:7d:76:66:b1:79:51:a9:52:57:a8:87:44:ef:3d:
96:06:32:ce:df:fc:93:26:c7:cf:94:48:38:4c:25:4b:97:6f:
20:2f:9b:63:d4:f6:83:d5:dc:bf:70:e2:ca:db:26:8c:a3:cb:
8e:a1:a7:e3:96:dd:57:70:3f:88:d6:83:e8:34:b0:4d:68:36:
08:c9:8c:ec:90:1d:98:8f:a7:07:b5:fe:bc:ee:2b:69:ca:1f:
5f:1d:ca:94:f7:9f:64:fe:0f:ff:f8:ee:82:06:85:65:0e:23:
27:3b:73:d2:01:7d:65:8c:48:16:3d:e6:25:b9:81:42:54:6e:
6a:f7:83:55:c2:53:9d:0b:43:3a:c7:bb:34:28:9a:97:4d:15:
30:d5:4e:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv5xEVnVRJaSsL7qimhzJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDA1ODBlMTcyNWY0NWRlMTA2Yjk3Zjc3ZDljZDc2YmM0
ZGY4MDYwHhcNMjMwMTAyMDAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2RmMWJhZjUzYjIyOTBkNjMzZTY2YTFhNWM5ODEyYTljZGFjOTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl530U6Xu7w/8vwkhvbwR7EYPHY82
nnMg4NwmQl6Xttt02WX449qQV/8HlENzgnRZ26aviOArCly5NfbLgFYG2yvgCDip
HU+6asjNVLcKDTVTvrhh8Q5h8nh5ICV19oNNKDvrwKOfkZDiJGe3wh9u2qKwfEFr
KMrEXKuWLWkAaE4jsnmGSQ6k+YaLOZ3TGQnPrfryYj2U9L2mWRzzLqfdIWfqXf1D
mDvw1L20RjH7W5fBg7zUvAbl4GiAdO8McWyNWWoCyWwbLRvbVXDRucdJoK+M1UBT
601c+A6LDfHZ7iCZPCKfZEGKSnJX/CcmQnoTT+Bbt1gTUGAt9pMR9xxVSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLzfG69TsikNYz5moaXJgSqc2smIMB8GA1UdIwQY
MBaAFGbQWA4XJfRd4Qa5f3fZzXa8TfgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMt
OTVkOTVhY2U4MjgxLzEvdk44YnIxT3lLUTFqUG1haHBjbUJLcHpheVlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMtOTVkOTVhY2U4Mjgx
LzEvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+sMA0E
AgACMAcDBQMqBPYAMA0GCSqGSIb3DQEBCwUAA4IBAQA9YnE3hUgmFp4kmOHa/W8/
fBPa2MG9MtFMD/Xd+1WgyyPybfi0wqYNYrBelad81eCqn8g1cylFZ3fKosqPH5w2
oe/vw/7t4nfASM4ER1AmKYKXnNBZ1TjiHZg2fSy2pS+4KZT3ihv73Mx93KDS/FIE
fXZmsXlRqVJXqIdE7z2WBjLO3/yTJsfPlEg4TCVLl28gL5tj1PaD1dy/cOLK2yaM
o8uOoafjlt1XcD+I1oPoNLBNaDYIyYzskB2Yj6cHtf687itpyh9fHcqU959k/g//
+O6CBoVlDiMnO3PSAX1ljEgWPeYluYFCVG5q94NVwlOdC0M6x7s0KJqXTRUw1U4i
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:08 2025 by rpki-client