Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/1_5JJ5S_ztyuyhZRI3cAKfJKgGg.roa
File: 1_5JJ5S_ztyuyhZRI3cAKfJKgGg.roa (raw, json)
Hash identifier: 0kFCskjgJ6MoEq7+Sp+8nNRjSUmyByKl0HHE2S2aObE=
Subject key identifier: D7:FE:49:27:94:BF:CE:DC:AE:CA:16:51:23:77:00:29:F2:4A:80:68
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 01856CCB011DBED68C1E2E2BC9B1018EE545
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/1_5JJ5S_ztyuyhZRI3cAKfJKgGg.roa
Signing time: Sun 01 Jan 2023 10:05:21 +0000
ROA not before: Sun 01 Jan 2023 10:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57129
IP address blocks: 185.202.200.0/22 maxlen: 22
2a06:cd00::/29 maxlen: 29
2a0d:5900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:01:1d:be:d6:8c:1e:2e:2b:c9:b1:01:8e:e5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Jan 1 10:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7fe492794bfcedcaeca165123770029f24a8068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8b:81:16:08:34:70:03:11:3a:fc:d5:91:5e:
64:e8:d7:d3:7e:a3:f1:40:7e:e9:4a:d8:d1:86:0f:
f3:af:b3:20:01:65:b8:16:99:e9:58:cd:85:fb:6c:
c5:f8:de:50:14:43:af:5a:8b:db:84:46:63:9e:3e:
3f:64:e2:20:aa:42:b1:0a:bb:69:8f:1d:fb:d4:01:
d1:da:9b:a3:bb:1f:cd:b0:c0:c1:33:0d:65:e5:b4:
61:82:1a:46:59:da:62:ff:ca:09:69:ef:3c:76:2d:
c9:4e:08:6e:af:a1:a5:21:16:7a:51:8f:c0:a6:f9:
e9:53:2a:b4:3b:35:1a:ed:2f:4c:7b:5f:6b:39:4c:
99:2f:ef:c7:bb:0a:18:f4:4d:f6:22:8d:ee:c2:b3:
2a:0c:a7:db:bc:54:13:28:5c:ce:a8:2c:ae:83:c8:
3a:28:61:98:a9:e3:f7:aa:3a:e2:ed:a0:a4:70:1e:
b8:0b:ba:65:49:92:b3:ff:a0:d7:fb:4b:a8:5d:3c:
75:24:01:a9:2b:93:d9:c5:05:f3:2c:70:5a:c4:50:
ba:99:47:e9:5e:8d:6d:ab:c7:06:f7:c1:20:03:7a:
38:7f:fc:8f:b6:87:fb:b0:3f:c9:85:4f:21:43:8c:
a8:b1:22:4b:19:21:cf:17:f2:2d:6f:aa:97:da:ff:
90:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FE:49:27:94:BF:CE:DC:AE:CA:16:51:23:77:00:29:F2:4A:80:68
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/1_5JJ5S_ztyuyhZRI3cAKfJKgGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.200.0/22
IPv6:
2a06:cd00::/29
2a0d:5900::/29
Signature Algorithm: sha256WithRSAEncryption
32:cf:ba:ec:3e:70:c6:8e:03:22:f5:5d:a3:b0:8a:62:4b:a5:
5a:07:4d:7a:2a:c6:a3:de:d0:03:68:3f:54:25:35:13:4f:68:
2c:fb:de:e7:06:53:af:44:d8:93:47:92:78:e7:f3:53:7a:24:
8a:58:2d:00:e3:b9:e5:8e:7e:b8:a6:04:c5:c7:62:93:70:40:
7b:29:d2:9c:25:ee:f5:aa:36:e5:19:b9:f5:9c:9d:74:b5:8e:
55:18:99:50:2b:44:5a:9c:1a:6d:c8:35:7b:a3:67:52:59:f2:
e1:c8:b4:ea:b2:78:f9:e0:4a:4f:ad:80:53:db:8a:17:8a:2f:
2c:8a:f4:9f:33:c7:43:c5:30:4d:c4:11:b6:ec:a3:1f:7e:49:
30:a1:6c:76:28:c1:fc:b6:49:35:69:ce:c0:84:2b:3b:99:7b:
96:ce:18:74:d9:5f:46:99:64:69:f5:0d:8c:3d:6a:b2:31:8f:
74:ca:d6:76:c5:ca:b0:1b:51:34:83:b9:06:e4:0d:e7:8e:e8:
40:89:9d:2c:89:a1:12:a4:d2:0a:19:01:89:98:fe:a1:42:83:
0d:f9:4a:e5:c2:c1:02:ba:78:00:21:e2:15:0a:73:fe:85:c6:
99:69:1b:77:5b:1e:58:02:98:4c:b0:6b:75:75:1c:75:bb:4b:
79:5f:d6:2c
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVsywEdvtaMHi4rybEBjuVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjMwMTAxMTAwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ZlNDkyNzk0YmZjZWRjYWVjYTE2NTEyMzc3MDAyOWYyNGE4MDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYuBFgg0cAMROvzVkV5k6NfTfqPx
QH7pStjRhg/zr7MgAWW4FpnpWM2F+2zF+N5QFEOvWovbhEZjnj4/ZOIgqkKxCrtp
jx371AHR2pujux/NsMDBMw1l5bRhghpGWdpi/8oJae88di3JTghur6GlIRZ6UY/A
pvnpUyq0OzUa7S9Me19rOUyZL+/HuwoY9E32Io3uwrMqDKfbvFQTKFzOqCyug8g6
KGGYqeP3qjri7aCkcB64C7plSZKz/6DX+0uoXTx1JAGpK5PZxQXzLHBaxFC6mUfp
Xo1tq8cG98EgA3o4f/yPtof7sD/JhU8hQ4yosSJLGSHPF/Itb6qX2v+QWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNf+SSeUv87crsoWUSN3ACnySoBoMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvMV81Sko1U196dHl1eWhaUkkzY0FLZkpLZ0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCucrIMBQE
AgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAMs+67D5wxo4D
IvVdo7CKYkulWgdNeirGo97QA2g/VCU1E09oLPve5wZTr0TYk0eSeOfzU3okilgt
AOO55Y5+uKYExcdik3BAeynSnCXu9ao25Rm59ZyddLWOVRiZUCtEWpwabcg1e6Nn
Ulny4ci06rJ4+eBKT62AU9uKF4ovLIr0nzPHQ8UwTcQRtuyjH35JMKFsdijB/LZJ
NWnOwIQrO5l7ls4YdNlfRplkafUNjD1qsjGPdMrWdsXKsBtRNIO5BuQN547oQImd
LImhEqTSChkBiZj+oUKDDflK5cLBArp4ACHiFQpz/oXGmWkbd1seWAKYTLBrdXUc
dbtLeV/WLA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:35 2025 by rpki-client