Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/6ZtJm1S7S7Cb3pF_QCwwIEj_OK8.roa
File: 6ZtJm1S7S7Cb3pF_QCwwIEj_OK8.roa (raw, json)
Hash identifier: fHTBYVkNfV7+0339xeWLqsVef7ZP/pzqxSasrPiPgYY=
Subject key identifier: E9:9B:49:9B:54:BB:4B:B0:9B:DE:91:7F:40:2C:30:20:48:FF:38:AF
Certificate issuer: /CN=203b3ab8d9011439d4ba84dfd4afe616d4196cc4
Certificate serial: 018C122DF43FB3212EDE911C0B1CC78DC8D8
Authority key identifier: 20:3B:3A:B8:D9:01:14:39:D4:BA:84:DF:D4:AF:E6:16:D4:19:6C:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/6ZtJm1S7S7Cb3pF_QCwwIEj_OK8.roa
Signing time: Mon 27 Nov 2023 19:07:30 +0000
ROA not before: Mon 27 Nov 2023 19:07:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29075
IP address blocks: 185.204.188.0/22 maxlen: 24
2a0a:fc40::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:2d:f4:3f:b3:21:2e:de:91:1c:0b:1c:c7:8d:c8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=203b3ab8d9011439d4ba84dfd4afe616d4196cc4
Validity
Not Before: Nov 27 19:07:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e99b499b54bb4bb09bde917f402c302048ff38af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ef:14:73:f4:e6:7a:b8:e0:cc:b5:d3:54:d2:
88:7e:20:57:f5:d3:c6:fd:bb:51:08:3b:63:d6:d1:
9c:11:bd:d9:51:3b:04:cc:af:b9:76:90:4e:5a:62:
35:41:b8:2e:1b:26:31:c8:cf:b0:ba:bc:bb:27:fb:
90:fd:bd:ad:b3:48:a3:d6:39:77:b9:46:a5:a3:3c:
ab:81:16:6e:0a:d0:c3:cf:bd:89:0a:b8:07:13:81:
93:98:2b:2e:cf:85:9b:4c:59:fe:9d:ba:e5:35:f3:
32:90:13:f2:5d:2d:ce:0e:f4:7c:ed:d8:09:c5:81:
b6:3c:2a:f1:a4:6c:a4:b3:38:f7:01:ec:ce:fb:b2:
37:3b:1d:a9:ea:bc:e3:87:76:24:2a:c4:22:8f:e0:
68:6f:0b:dd:8b:19:07:57:e0:1f:d2:a6:5a:5e:a7:
3f:64:e5:05:a2:29:e2:e2:8d:50:3d:ff:fd:d1:ef:
c4:80:69:a7:0b:e7:bb:69:af:92:ca:21:7b:db:84:
1d:b8:e5:d3:ca:46:41:09:4d:d1:a0:1e:3e:b1:58:
83:69:4b:a4:35:65:90:b2:c1:15:74:96:83:46:bb:
93:c4:83:8d:cb:32:65:90:d5:a8:ce:d7:39:95:d2:
48:44:34:63:b7:62:58:62:4d:6e:62:bc:19:b5:84:
4f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9B:49:9B:54:BB:4B:B0:9B:DE:91:7F:40:2C:30:20:48:FF:38:AF
X509v3 Authority Key Identifier:
keyid:20:3B:3A:B8:D9:01:14:39:D4:BA:84:DF:D4:AF:E6:16:D4:19:6C:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/6ZtJm1S7S7Cb3pF_QCwwIEj_OK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/8f2777-1899-4a35-b284-a62af286f9b3/1/IDs6uNkBFDnUuoTf1K_mFtQZbMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.188.0/22
IPv6:
2a0a:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
2f:4a:95:e6:89:07:b8:b7:72:67:38:c1:90:62:84:66:30:da:
eb:bf:4c:8a:35:18:c6:11:dc:d5:91:9c:02:d3:7c:b0:fb:5e:
7a:91:13:af:b8:e2:b8:23:18:72:dd:28:ed:14:fc:d0:e3:ec:
92:23:7b:33:52:75:55:62:b6:b4:90:1e:8b:c8:57:dd:3b:18:
4f:b4:05:e5:bb:bd:9a:77:dd:32:03:ac:d4:2f:f7:98:dc:54:
37:89:5d:eb:09:3d:5c:40:d2:33:99:d7:77:03:b0:9e:7d:9d:
94:a7:17:46:3d:66:60:40:42:84:3e:d3:47:5e:22:fa:d1:37:
cc:1b:55:84:7c:67:61:8e:c1:ae:11:07:c0:09:a1:cf:b5:bd:
b1:db:ec:14:3a:20:f4:40:32:0f:38:45:43:1e:93:9b:ec:70:
07:c1:fa:e6:ce:52:33:91:45:41:8f:67:0c:b9:d6:cc:58:be:
29:45:48:56:33:a4:24:39:28:df:17:2e:2b:9e:43:a2:db:51:
74:db:b6:2f:7d:01:aa:d3:b5:f2:e2:a7:34:65:a5:eb:5f:1d:
30:eb:83:e4:f4:0e:6f:54:90:b0:64:2b:78:b7:1b:ff:8f:e8:
d5:39:e8:0b:b2:b2:e7:64:cd:39:84:2e:68:fd:a7:ac:c4:14:
73:cd:e3:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwSLfQ/syEu3pEcCxzHjcjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwM2IzYWI4ZDkwMTE0MzlkNGJhODRkZmQ0YWZlNjE2ZDQx
OTZjYzQwHhcNMjMxMTI3MTkwNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTliNDk5YjU0YmI0YmIwOWJkZTkxN2Y0MDJjMzAyMDQ4ZmYzOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAie8Uc/TmerjgzLXTVNKIfiBX9dPG
/btRCDtj1tGcEb3ZUTsEzK+5dpBOWmI1QbguGyYxyM+wury7J/uQ/b2ts0ij1jl3
uUalozyrgRZuCtDDz72JCrgHE4GTmCsuz4WbTFn+nbrlNfMykBPyXS3ODvR87dgJ
xYG2PCrxpGykszj3AezO+7I3Ox2p6rzjh3YkKsQij+BobwvdixkHV+Af0qZaXqc/
ZOUFoini4o1QPf/90e/EgGmnC+e7aa+SyiF724QduOXTykZBCU3RoB4+sViDaUuk
NWWQssEVdJaDRruTxIONyzJlkNWoztc5ldJIRDRjt2JYYk1uYrwZtYRPLQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOmbSZtUu0uwm96Rf0AsMCBI/zivMB8GA1UdIwQY
MBaAFCA7OrjZARQ51LqE39Sv5hbUGWzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURzNnVOa0JGRG5VdW9UZjFLX21GdFFaYk1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84ZjI3NzctMTg5OS00YTM1LWIyODQt
YTYyYWYyODZmOWIzLzEvNlp0Sm0xUzdTN0NiM3BGX1FDd3dJRWpfT0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84ZjI3NzctMTg5OS00YTM1LWIyODQtYTYyYWYyODZmOWIz
LzEvSURzNnVOa0JGRG5VdW9UZjFLX21GdFFaYk1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucy8MA0E
AgACMAcDBQMqCvxAMA0GCSqGSIb3DQEBCwUAA4IBAQAvSpXmiQe4t3JnOMGQYoRm
MNrrv0yKNRjGEdzVkZwC03yw+156kROvuOK4Ixhy3SjtFPzQ4+ySI3szUnVVYra0
kB6LyFfdOxhPtAXlu72ad90yA6zUL/eY3FQ3iV3rCT1cQNIzmdd3A7CefZ2UpxdG
PWZgQEKEPtNHXiL60TfMG1WEfGdhjsGuEQfACaHPtb2x2+wUOiD0QDIPOEVDHpOb
7HAHwfrmzlIzkUVBj2cMudbMWL4pRUhWM6QkOSjfFy4rnkOi21F027YvfQGq07Xy
4qc0ZaXrXx0w64Pk9A5vVJCwZCt4txv/j+jVOegLsrLnZM05hC5o/aesxBRzzeMV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:13 2025 by rpki-client