Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bB_5dfS-fj6c7QJ1kNJMARWlxSk.roa
File: bB_5dfS-fj6c7QJ1kNJMARWlxSk.roa (raw, json)
Hash identifier: X2pSfanHk1gkbVGIpQIPjTa+zIZhHXSjcuIc3z5yU4Y=
Subject key identifier: 6C:1F:F9:75:F4:BE:7E:3E:9C:ED:02:75:90:D2:4C:01:15:A5:C5:29
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 018462E9D6E955FC36747C35E7A65B8D1334
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bB_5dfS-fj6c7QJ1kNJMARWlxSk.roa
Signing time: Thu 10 Nov 2022 19:00:02 +0000
ROA not before: Thu 10 Nov 2022 19:00:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57129
IP address blocks: 185.202.200.0/22 maxlen: 22
2a06:cd00::/29 maxlen: 29
2a0d:5900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:e9:d6:e9:55:fc:36:74:7c:35:e7:a6:5b:8d:13:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Nov 10 19:00:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c1ff975f4be7e3e9ced027590d24c0115a5c529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:69:8a:5f:70:08:23:94:55:24:74:10:36:bd:
29:2b:bd:4e:6a:13:a5:55:f4:90:fa:53:87:1b:f6:
6e:24:6d:0b:6f:1d:72:0c:da:da:8f:dd:49:6a:97:
c5:a5:73:fa:7f:91:a6:12:73:ea:3c:5c:2a:f2:8f:
50:6f:83:f3:d6:ce:02:a4:79:48:fd:ce:66:b1:25:
67:b1:f6:3b:74:09:f5:a3:67:23:fa:5e:32:00:bb:
b5:2d:a0:45:b1:c2:66:21:d2:9b:81:16:71:8b:ea:
01:30:a5:bc:99:42:53:93:9a:61:95:56:59:ac:a8:
41:8a:10:37:98:a0:fe:46:e6:f0:6e:8d:c1:73:fb:
59:ae:63:b7:7f:60:79:5a:95:ea:82:42:10:5b:75:
64:fb:75:ee:a5:5a:dd:0b:cf:50:a1:63:cd:f2:e9:
a4:4d:86:9e:4d:49:bc:27:ba:e6:5c:e6:8d:7f:5a:
83:aa:7a:d1:24:e6:0a:03:10:08:4e:3b:0b:e1:50:
92:81:03:1d:a6:97:75:31:99:c4:71:ab:a2:5b:db:
1e:69:48:99:3d:f3:75:d5:e7:8f:17:02:d0:d3:7b:
28:f4:6b:8e:aa:a8:84:a6:b9:9b:77:93:29:b6:7c:
d1:f8:37:f2:ea:1c:40:53:2c:78:dc:9b:63:0a:bb:
8a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:1F:F9:75:F4:BE:7E:3E:9C:ED:02:75:90:D2:4C:01:15:A5:C5:29
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/bB_5dfS-fj6c7QJ1kNJMARWlxSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.200.0/22
IPv6:
2a06:cd00::/29
2a0d:5900::/29
Signature Algorithm: sha256WithRSAEncryption
77:eb:07:a8:7b:3d:bc:72:ee:1a:a8:74:c3:1a:33:43:0d:f3:
f5:73:35:05:a7:57:56:ee:f1:37:9a:bf:57:42:41:a2:f9:fd:
f0:fc:57:e3:1e:1e:14:f4:50:14:ef:5f:10:ff:05:f0:a6:bd:
50:c3:34:5e:37:b6:4e:60:99:cb:f8:fc:95:28:8f:ec:cf:95:
65:4f:b3:ec:3b:b5:d1:0e:a5:90:28:d8:f1:e2:78:9a:f7:a6:
36:04:ab:ce:8c:54:7f:6a:1d:34:2c:cf:cf:3d:8f:96:f5:24:
fd:ee:55:cf:66:57:46:0a:d5:5d:86:28:81:f6:8b:28:8e:a4:
33:50:a4:11:3e:aa:9d:b0:1e:d2:82:40:f0:59:53:d0:e1:7d:
24:b5:ed:4c:33:9f:8a:a1:a1:a2:5d:c8:30:84:48:cc:08:fa:
10:1f:0d:51:38:ba:09:29:dc:90:43:00:31:40:7f:2a:28:11:
4c:78:ed:e6:a6:37:60:54:64:b4:74:e3:06:92:c3:2d:a7:e3:
a4:d0:25:c9:1f:ce:76:4f:be:f4:2a:65:ad:29:0d:79:95:64:
67:78:7f:20:b3:0e:86:bf:68:49:88:56:e9:58:ba:0c:26:e2:
18:6b:ba:58:b4:cf:d5:88:cc:9b:c2:67:65:dd:16:83:38:0e:
59:a6:71:18
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYRi6dbpVfw2dHw156ZbjRM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjIxMTEwMTkwMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzFmZjk3NWY0YmU3ZTNlOWNlZDAyNzU5MGQyNGMwMTE1YTVjNTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWmKX3AII5RVJHQQNr0pK71OahOl
VfSQ+lOHG/ZuJG0Lbx1yDNraj91JapfFpXP6f5GmEnPqPFwq8o9Qb4Pz1s4CpHlI
/c5msSVnsfY7dAn1o2cj+l4yALu1LaBFscJmIdKbgRZxi+oBMKW8mUJTk5phlVZZ
rKhBihA3mKD+Rubwbo3Bc/tZrmO3f2B5WpXqgkIQW3Vk+3XupVrdC89QoWPN8umk
TYaeTUm8J7rmXOaNf1qDqnrRJOYKAxAITjsL4VCSgQMdppd1MZnEcauiW9seaUiZ
PfN11eePFwLQ03so9GuOqqiEprmbd5MptnzR+Dfy6hxAUyx43JtjCruKRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGwf+XX0vn4+nO0CdZDSTAEVpcUpMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvYkJfNWRmUy1majZjN1FKMWtOSk1BUldseFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCucrIMBQE
AgACMA4DBQMqBs0AAwUDKg1ZADANBgkqhkiG9w0BAQsFAAOCAQEAd+sHqHs9vHLu
Gqh0wxozQw3z9XM1BadXVu7xN5q/V0JBovn98PxX4x4eFPRQFO9fEP8F8Ka9UMM0
Xje2TmCZy/j8lSiP7M+VZU+z7Du10Q6lkCjY8eJ4mvemNgSrzoxUf2odNCzPzz2P
lvUk/e5Vz2ZXRgrVXYYogfaLKI6kM1CkET6qnbAe0oJA8FlT0OF9JLXtTDOfiqGh
ol3IMIRIzAj6EB8NUTi6CSnckEMAMUB/KigRTHjt5qY3YFRktHTjBpLDLafjpNAl
yR/Odk++9CplrSkNeZVkZ3h/ILMOhr9oSYhW6Vi6DCbiGGu6WLTP1YjMm8JnZd0W
gzgOWaZxGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:05 2024 by rpki-client on console-fra.rpki-client.org