Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/rJRAOZ2qwfQEH0BhwJuExTMS02E.roa
File: rJRAOZ2qwfQEH0BhwJuExTMS02E.roa (raw, json)
Hash identifier: 3PSysCVEq+NoTguMf+4spnb/LHAyTND2U9aXC4vBiOc=
Subject key identifier: AC:94:40:39:9D:AA:C1:F4:04:1F:40:61:C0:9B:84:C5:33:12:D3:61
Certificate issuer: /CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Certificate serial: 01856D6F5D5F527E5DDC15E7075C5DF30FA8
Authority key identifier: DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/rJRAOZ2qwfQEH0BhwJuExTMS02E.roa
Signing time: Sun 01 Jan 2023 13:04:52 +0000
ROA not before: Sun 01 Jan 2023 13:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5435
IP address blocks: 185.178.225.0/24 maxlen: 24
185.178.224.0/24 maxlen: 24
212.93.224.0/19 maxlen: 19
192.160.15.0/24 maxlen: 24
2a02:23d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:5d:5f:52:7e:5d:dc:15:e7:07:5c:5d:f3:0f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf1df598f4a8f3a2d074ccb6f6d16b54d1d111c
Validity
Not Before: Jan 1 13:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac9440399daac1f4041f4061c09b84c53312d361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b2:e4:4d:b9:09:9c:9b:85:a8:93:0a:0f:64:
fd:f9:4a:6a:2e:a6:99:c3:57:ba:eb:2a:20:15:63:
da:40:97:bf:c6:19:d7:5a:bb:a9:0b:ab:51:7c:91:
52:76:9a:37:ce:a1:90:4e:be:ed:b9:2b:6d:e3:f0:
9e:06:34:fc:66:44:8c:bc:2b:39:14:82:8a:de:9a:
e0:8f:67:41:eb:de:9e:64:3d:f7:8d:59:fa:67:d0:
ee:9f:bb:4e:28:13:7b:e5:de:f8:f1:9f:2f:47:9f:
34:a7:cc:71:6e:a3:32:68:66:f7:5b:62:c6:9d:a0:
bf:4c:00:57:0e:41:0c:62:36:8f:07:1c:47:5f:62:
ce:06:d9:6a:84:20:87:3c:6b:4f:e1:4a:de:84:c3:
23:63:a7:bf:8e:fa:fb:b5:5b:3e:91:77:91:c6:ae:
1f:41:5a:6b:79:36:89:d5:90:2f:b2:04:38:bc:86:
31:e3:23:ea:23:56:95:ed:1d:ff:ef:25:7c:77:5e:
be:16:57:be:97:36:ea:0a:f8:f1:58:40:1f:75:bb:
74:18:5f:4b:f5:50:85:19:3b:74:39:62:76:56:1a:
cf:4c:f8:44:42:49:49:ff:8a:a0:ec:82:8a:53:ff:
19:52:c6:be:eb:e7:7e:bd:4d:ae:f6:a0:55:32:71:
05:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:94:40:39:9D:AA:C1:F4:04:1F:40:61:C0:9B:84:C5:33:12:D3:61
X509v3 Authority Key Identifier:
keyid:DD:F1:DF:59:8F:4A:8F:3A:2D:07:4C:CB:6F:6D:16:B5:4D:1D:11:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fHfWY9KjzotB0zLb20WtU0dERw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/rJRAOZ2qwfQEH0BhwJuExTMS02E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6b8bce-584c-492c-bd7e-d0f31bc93079/1/3fHfWY9KjzotB0zLb20WtU0dERw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.224.0/23
192.160.15.0/24
212.93.224.0/19
IPv6:
2a02:23d0::/32
Signature Algorithm: sha256WithRSAEncryption
94:d5:b6:49:47:da:64:41:02:a6:b6:42:06:74:e9:14:59:92:
e3:ae:f2:e1:c5:c9:77:d1:a3:38:16:54:89:a3:a7:f3:f4:8d:
47:99:33:a6:58:2a:8d:d7:65:33:a0:0a:d9:fe:19:02:38:af:
1a:90:d2:d7:6c:86:28:32:d2:e1:e0:55:f7:79:f2:c2:07:4b:
40:76:45:2e:82:34:bf:22:2c:24:69:a0:02:de:af:99:1e:b7:
d2:af:67:65:a7:35:6f:80:55:27:de:6c:ae:54:2c:d7:8e:35:
48:c0:06:4d:04:c3:95:94:b4:85:69:f7:70:f1:3e:4e:be:7b:
b3:16:48:c7:4d:6f:f7:36:db:28:db:72:b3:8f:28:20:47:c1:
d7:59:40:0f:0f:24:44:c4:40:5c:05:95:c4:0e:99:ed:66:23:
59:6b:09:7e:43:2c:4a:e0:1e:a5:2e:1a:93:1f:ad:63:d6:5d:
60:97:c3:48:7f:c4:7c:8a:f7:ce:5a:34:f5:9d:bf:01:cd:41:
22:64:4d:55:25:32:bc:a2:0e:bb:2c:ee:98:5b:12:ac:5a:9c:
c9:9d:dc:a8:9c:6d:55:51:10:7e:f0:9a:2f:c2:33:07:b6:0a:
62:52:85:f0:92:db:2d:0b:b5:97:b6:4e:85:0b:02:87:df:d5:
b1:bb:c5:33
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtb11fUn5d3BXnB1xd8w+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjFkZjU5OGY0YThmM2EyZDA3NGNjYjZmNmQxNmI1NGQx
ZDExMWMwHhcNMjMwMTAxMTMwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk0NDAzOTlkYWFjMWY0MDQxZjQwNjFjMDliODRjNTMzMTJkMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7LkTbkJnJuFqJMKD2T9+UpqLqaZ
w1e66yogFWPaQJe/xhnXWrupC6tRfJFSdpo3zqGQTr7tuStt4/CeBjT8ZkSMvCs5
FIKK3prgj2dB696eZD33jVn6Z9Dun7tOKBN75d748Z8vR580p8xxbqMyaGb3W2LG
naC/TABXDkEMYjaPBxxHX2LOBtlqhCCHPGtP4UrehMMjY6e/jvr7tVs+kXeRxq4f
QVpreTaJ1ZAvsgQ4vIYx4yPqI1aV7R3/7yV8d16+Fle+lzbqCvjxWEAfdbt0GF9L
9VCFGTt0OWJ2VhrPTPhEQklJ/4qg7IKKU/8ZUsa+6+d+vU2u9qBVMnEFGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKyUQDmdqsH0BB9AYcCbhMUzEtNhMB8GA1UdIwQY
MBaAFN3x31mPSo86LQdMy29tFrVNHREcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2Ut
ZDBmMzFiYzkzMDc5LzEvckpSQU9aMnF3ZlFFSDBCaHdKdUV4VE1TMDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82YjhiY2UtNTg0Yy00OTJjLWJkN2UtZDBmMzFiYzkzMDc5
LzEvM2ZIZldZOUtqem90QjB6TGIyMFd0VTBkRVJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBubLgAwQA
wKAPAwQF1F3gMA0EAgACMAcDBQAqAiPQMA0GCSqGSIb3DQEBCwUAA4IBAQCU1bZJ
R9pkQQKmtkIGdOkUWZLjrvLhxcl30aM4FlSJo6fz9I1HmTOmWCqN12UzoArZ/hkC
OK8akNLXbIYoMtLh4FX3efLCB0tAdkUugjS/IiwkaaAC3q+ZHrfSr2dlpzVvgFUn
3myuVCzXjjVIwAZNBMOVlLSFafdw8T5OvnuzFkjHTW/3Ntso23KzjyggR8HXWUAP
DyRExEBcBZXEDpntZiNZawl+QyxK4B6lLhqTH61j1l1gl8NIf8R8ivfOWjT1nb8B
zUEiZE1VJTK8og67LO6YWxKsWpzJndyonG1VURB+8JovwjMHtgpiUoXwktstC7WX
tk6FCwKH39Wxu8Uz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:13 2025 by rpki-client