Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/6QT9fkyW5NZkjnUMBW2yZYFeWr0.roa
File: 6QT9fkyW5NZkjnUMBW2yZYFeWr0.roa (raw, json)
Hash identifier: Qks3EKM/HJ3CKWmJGTC5iMGk4W8XSB8WCp1iON2C/AY=
Subject key identifier: E9:04:FD:7E:4C:96:E4:D6:64:8E:75:0C:05:6D:B2:65:81:5E:5A:BD
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 018926A00E5B5828E03B59AC40D4F2388A1F
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/6QT9fkyW5NZkjnUMBW2yZYFeWr0.roa
Signing time: Wed 05 Jul 2023 15:16:10 +0000
ROA not before: Wed 05 Jul 2023 15:16:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.185.78.0/24 maxlen: 24
185.185.77.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:a0:0e:5b:58:28:e0:3b:59:ac:40:d4:f2:38:8a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jul 5 15:16:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e904fd7e4c96e4d6648e750c056db265815e5abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:ce:77:c8:6a:b2:1e:d9:f2:58:67:fd:8c:
40:f2:c0:22:9c:0c:07:4d:78:b1:5b:94:21:cb:ab:
2b:eb:42:b2:8a:22:4a:37:14:30:7b:82:0c:85:15:
8b:fd:ec:78:2b:1b:a1:0a:44:1f:7b:e3:d5:11:63:
52:8e:b3:6d:1d:09:a4:39:07:64:1d:d2:55:19:08:
7e:ba:39:da:c8:f6:72:b6:51:e1:71:67:36:38:a1:
46:bb:68:e7:16:57:68:25:02:f9:d0:21:50:16:af:
22:8b:89:81:5e:15:cb:00:9b:13:4b:b0:4c:f5:f1:
82:ac:d4:b9:02:51:74:3d:b6:e4:4b:38:10:94:32:
d3:23:35:25:64:94:57:1c:0a:4e:a7:c3:dd:a5:02:
5b:a7:61:b2:33:da:5d:fe:32:76:ed:d8:f9:2f:2a:
3b:12:00:27:b1:75:97:54:23:98:a3:53:17:ec:fe:
cb:6e:b4:55:b1:56:52:44:ac:8b:f5:95:a9:19:e1:
c0:7e:6a:13:16:26:27:4b:fc:ee:36:4e:fc:f5:f8:
e2:be:45:42:bd:cd:e2:86:f0:ab:89:23:f8:a3:94:
46:3f:46:42:92:a5:65:40:03:6a:0b:42:93:01:c6:
d9:a1:1c:63:51:59:58:f7:68:9d:2c:97:0a:ba:6e:
d2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:04:FD:7E:4C:96:E4:D6:64:8E:75:0C:05:6D:B2:65:81:5E:5A:BD
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/6QT9fkyW5NZkjnUMBW2yZYFeWr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.77.0-185.185.78.255
Signature Algorithm: sha256WithRSAEncryption
36:90:e8:e7:7e:69:29:65:94:49:a0:f5:37:70:ac:a9:65:0c:
97:55:c3:db:a9:9d:6f:ea:31:b9:b4:bd:8f:4b:ba:6f:fa:da:
09:7e:5f:36:2d:98:19:4c:1e:c7:53:92:6a:4c:63:7d:cc:7c:
e4:66:94:76:38:8a:c7:7a:d5:30:37:dc:bc:aa:9b:2f:26:47:
3b:3e:17:0b:ed:bb:1e:23:0b:eb:78:d0:39:0e:7d:a4:2b:e1:
ec:41:46:c4:98:08:6a:90:7f:9e:a2:84:43:3d:d0:27:df:89:
63:b3:6c:4d:60:fe:bf:9b:75:db:68:f3:60:cb:6b:9d:f1:61:
22:ac:94:61:dd:63:e1:f8:0b:d0:8a:75:a2:0a:6a:4e:4a:bc:
14:05:2a:18:39:0f:dc:1c:07:4d:c4:86:7d:23:ed:1c:ce:99:
55:4f:fa:e8:10:d7:eb:ec:24:85:ea:9a:b9:8b:c6:49:32:2a:
f2:55:69:a6:10:2d:ba:08:79:6c:9e:04:96:53:e1:c8:ef:d4:
3a:ad:92:96:be:2c:01:3f:07:a4:69:14:2e:41:64:a5:20:14:
72:53:7a:b0:21:13:9f:c3:19:aa:39:81:40:82:d9:83:03:ca:
ad:ef:03:67:b3:e6:2e:2d:1b:43:99:a9:c5:85:24:54:60:b6:
fa:bb:88:82
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkmoA5bWCjgO1msQNTyOIofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjMwNzA1MTUxNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTA0ZmQ3ZTRjOTZlNGQ2NjQ4ZTc1MGMwNTZkYjI2NTgxNWU1YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhbOd8hqsh7Z8lhn/YxA8sAinAwH
TXixW5Qhy6sr60KyiiJKNxQwe4IMhRWL/ex4KxuhCkQfe+PVEWNSjrNtHQmkOQdk
HdJVGQh+ujnayPZytlHhcWc2OKFGu2jnFldoJQL50CFQFq8ii4mBXhXLAJsTS7BM
9fGCrNS5AlF0PbbkSzgQlDLTIzUlZJRXHApOp8PdpQJbp2GyM9pd/jJ27dj5Lyo7
EgAnsXWXVCOYo1MX7P7LbrRVsVZSRKyL9ZWpGeHAfmoTFiYnS/zuNk789fjivkVC
vc3ihvCriSP4o5RGP0ZCkqVlQANqC0KTAcbZoRxjUVlY92idLJcKum7SoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOkE/X5MluTWZI51DAVtsmWBXlq9MB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvNlFUOWZreVc1Tlpram5VTUJXMnlaWUZlV3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCBbS8MAwD
BAC5uU0DBAC5uU4wDQYJKoZIhvcNAQELBQADggEBADaQ6Od+aSlllEmg9TdwrKll
DJdVw9upnW/qMbm0vY9Lum/62gl+XzYtmBlMHsdTkmpMY33MfORmlHY4isd61TA3
3Lyqmy8mRzs+Fwvtux4jC+t40DkOfaQr4exBRsSYCGqQf56ihEM90CffiWOzbE1g
/r+bddto82DLa53xYSKslGHdY+H4C9CKdaIKak5KvBQFKhg5D9wcB03Ehn0j7RzO
mVVP+ugQ1+vsJIXqmrmLxkkyKvJVaaYQLboIeWyeBJZT4cjv1Dqtkpa+LAE/B6Rp
FC5BZKUgFHJTerAhE5/DGao5gUCC2YMDyq3vA2ez5i4tG0OZqcWFJFRgtvq7iII=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:27 2025 by rpki-client