Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/Difacw5Pbl_9uhiAwKWnRB1Cv7Q.roa
File: Difacw5Pbl_9uhiAwKWnRB1Cv7Q.roa (raw, json)
Hash identifier: io3HOuQDKmjzKnw5uvS1CSYfZZeM2fBRM4vs3BKql5w=
Subject key identifier: 0E:27:DA:73:0E:4F:6E:5F:FD:BA:18:80:C0:A5:A7:44:1D:42:BF:B4
Certificate issuer: /CN=4cfcc7e017c2c9f7632da7293476bb7e4a30365a
Certificate serial: 0185708CB292D96CC084CAFA5EBD1D2AED11
Authority key identifier: 4C:FC:C7:E0:17:C2:C9:F7:63:2D:A7:29:34:76:BB:7E:4A:30:36:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPzH4BfCyfdjLacpNHa7fkowNlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/Difacw5Pbl_9uhiAwKWnRB1Cv7Q.roa
Signing time: Mon 02 Jan 2023 03:35:46 +0000
ROA not before: Mon 02 Jan 2023 03:35:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206951
IP address blocks: 185.170.228.0/22 maxlen: 32
2a0a:b300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b2:92:d9:6c:c0:84:ca:fa:5e:bd:1d:2a:ed:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cfcc7e017c2c9f7632da7293476bb7e4a30365a
Validity
Not Before: Jan 2 03:35:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e27da730e4f6e5ffdba1880c0a5a7441d42bfb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:17:7f:3f:d6:b1:b9:03:8a:15:d8:d6:2b:15:
ef:f6:d1:97:e8:d3:3c:a9:15:ad:64:26:a1:bd:f9:
ef:f1:20:79:f4:88:f0:9e:e5:0b:bb:f1:f4:db:e9:
e8:11:b1:64:19:5b:c8:b2:6b:eb:c9:fa:57:77:9d:
30:46:25:58:9f:f4:a9:8a:af:c4:14:fd:af:b5:99:
5e:57:d5:83:ef:7f:a7:da:ce:43:92:a5:da:64:46:
34:ef:fd:31:8f:fe:90:8d:ac:1f:6e:d2:21:e3:49:
e8:fd:11:de:4f:e7:2e:04:ab:a5:5c:6a:b8:b0:d2:
83:93:75:51:7d:49:0c:f5:8e:65:91:8d:d3:85:e6:
6e:3d:59:5a:05:da:7b:73:7a:2f:74:31:92:84:49:
d8:f3:70:49:f0:81:c0:2d:80:11:64:6d:aa:eb:4e:
12:f2:3a:aa:1b:23:c5:4b:c8:cc:c0:2b:4d:c7:17:
f7:6b:80:4a:d3:b0:9b:7d:b9:d3:d4:b0:6d:69:3c:
59:ab:f3:77:ee:6f:8b:61:12:8d:2b:da:3d:a5:2f:
ec:f6:12:c6:af:b1:a9:26:7a:a6:c2:c4:a2:5f:5f:
5f:39:b2:bf:a1:08:ff:52:35:0b:a7:8e:47:6a:7e:
1d:4c:15:74:4d:a3:f0:70:9a:01:8a:15:84:dc:c6:
88:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:27:DA:73:0E:4F:6E:5F:FD:BA:18:80:C0:A5:A7:44:1D:42:BF:B4
X509v3 Authority Key Identifier:
keyid:4C:FC:C7:E0:17:C2:C9:F7:63:2D:A7:29:34:76:BB:7E:4A:30:36:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPzH4BfCyfdjLacpNHa7fkowNlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/Difacw5Pbl_9uhiAwKWnRB1Cv7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/TPzH4BfCyfdjLacpNHa7fkowNlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.228.0/22
IPv6:
2a0a:b300::/29
Signature Algorithm: sha256WithRSAEncryption
50:d2:98:63:59:4f:06:59:12:9c:c1:f8:c8:ac:9f:d3:b2:5d:
a5:f4:81:9d:6f:2a:35:c5:f3:ec:ef:7b:91:03:0c:3b:38:38:
86:c7:f4:5f:02:5a:8c:9c:49:25:8e:69:16:89:c7:87:3d:fe:
09:58:3b:7d:df:0a:73:84:83:2b:1c:6d:38:8c:71:3a:5f:f3:
7c:3d:13:a8:22:a7:35:b9:02:e3:11:b1:f0:92:ce:d2:6e:06:
91:81:6d:4e:bf:28:f0:d8:7a:63:e7:d8:a4:97:ff:48:fc:34:
e3:56:5e:ab:27:bc:60:26:fa:f0:ba:32:24:01:e0:5a:9c:00:
49:66:67:fc:14:16:79:91:c8:a6:81:e3:b2:a2:40:07:41:ac:
45:58:cc:42:40:d4:fb:05:d2:79:53:54:61:ee:67:0b:68:5f:
6b:a1:c2:ef:39:27:3a:56:0f:91:29:bb:de:8c:15:90:09:83:
11:e0:78:12:d3:52:0d:4a:82:8f:21:17:37:ec:69:f3:8a:31:
28:e2:d9:81:88:2b:10:18:76:2b:45:46:61:d0:a4:0e:c2:0e:
b8:17:86:5d:3c:ae:e8:49:c5:06:7d:af:65:94:b8:0d:3e:ac:
ba:10:d3:79:7f:17:43:b2:f6:2e:5c:e4:bc:cd:48:f7:b1:d6:
f3:5a:4d:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwjLKS2WzAhMr6Xr0dKu0RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZmNjN2UwMTdjMmM5Zjc2MzJkYTcyOTM0NzZiYjdlNGEz
MDM2NWEwHhcNMjMwMTAyMDMzNTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTI3ZGE3MzBlNGY2ZTVmZmRiYTE4ODBjMGE1YTc0NDFkNDJiZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhd/P9axuQOKFdjWKxXv9tGX6NM8
qRWtZCahvfnv8SB59IjwnuULu/H02+noEbFkGVvIsmvryfpXd50wRiVYn/Spiq/E
FP2vtZleV9WD73+n2s5DkqXaZEY07/0xj/6QjawfbtIh40no/RHeT+cuBKulXGq4
sNKDk3VRfUkM9Y5lkY3TheZuPVlaBdp7c3ovdDGShEnY83BJ8IHALYARZG2q604S
8jqqGyPFS8jMwCtNxxf3a4BK07CbfbnT1LBtaTxZq/N37m+LYRKNK9o9pS/s9hLG
r7GpJnqmwsSiX19fObK/oQj/UjULp45Han4dTBV0TaPwcJoBihWE3MaILwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA4n2nMOT25f/boYgMClp0QdQr+0MB8GA1UdIwQY
MBaAFEz8x+AXwsn3Yy2nKTR2u35KMDZaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFB6SDRCZkN5ZmRqTGFjcE5IYTdma293TmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iYmVkYmUtODgyMS00YmQ4LWJiY2Mt
M2FkZjliNjEzNDdkLzEvRGlmYWN3NVBibF85dWhpQXdLV25SQjFDdjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9iYmVkYmUtODgyMS00YmQ4LWJiY2MtM2FkZjliNjEzNDdk
LzEvVFB6SDRCZkN5ZmRqTGFjcE5IYTdma293TmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuarkMA0E
AgACMAcDBQMqCrMAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ0phjWU8GWRKcwfjIrJ/T
sl2l9IGdbyo1xfPs73uRAww7ODiGx/RfAlqMnEkljmkWiceHPf4JWDt93wpzhIMr
HG04jHE6X/N8PROoIqc1uQLjEbHwks7SbgaRgW1Ovyjw2Hpj59ikl/9I/DTjVl6r
J7xgJvrwujIkAeBanABJZmf8FBZ5kcimgeOyokAHQaxFWMxCQNT7BdJ5U1Rh7mcL
aF9rocLvOSc6Vg+RKbvejBWQCYMR4HgS01INSoKPIRc37GnzijEo4tmBiCsQGHYr
RUZh0KQOwg64F4ZdPK7oScUGfa9llLgNPqy6ENN5fxdDsvYuXOS8zUj3sdbzWk0u
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:03:54 2025 by rpki-client