Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/0681bc-e278-46c5-b1e3-7f67442f9f32/1/4FevXVlvRnhYfa4xtS0kGF2qmx0.roa
File: 4FevXVlvRnhYfa4xtS0kGF2qmx0.roa (raw, json)
Hash identifier: 4P7uNYyYJ5HgI+Fq/1lXXYagRd3n9stttTntaUGhuR8=
Subject key identifier: E0:57:AF:5D:59:6F:46:78:58:7D:AE:31:B5:2D:24:18:5D:AA:9B:1D
Certificate issuer: /CN=6f65b2fa8bbad6501c7d21ef475dc445413fb28b
Certificate serial: 1702F0E9
Authority key identifier: 6F:65:B2:FA:8B:BA:D6:50:1C:7D:21:EF:47:5D:C4:45:41:3F:B2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b2Wy-ou61lAcfSHvR13ERUE_sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/0681bc-e278-46c5-b1e3-7f67442f9f32/1/4FevXVlvRnhYfa4xtS0kGF2qmx0.roa
Signing time: Sat 01 Jan 2022 15:04:35 +0000
ROA not before: Sat 01 Jan 2022 15:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62141
IP address blocks: 185.38.92.0/22 maxlen: 22
2a04:74c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386068713 (0x1702f0e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f65b2fa8bbad6501c7d21ef475dc445413fb28b
Validity
Not Before: Jan 1 15:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e057af5d596f4678587dae31b52d24185daa9b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:e7:95:a8:cd:35:88:bb:d4:91:b2:11:f0:
2d:3d:50:d0:52:18:65:c0:78:5e:0f:9c:3b:2f:f1:
88:33:ee:8c:fa:75:4b:e6:a7:6b:00:86:a2:52:65:
d9:5e:bc:a1:e5:81:8b:63:5a:af:3e:eb:d7:aa:36:
f3:54:10:22:5b:3e:3c:b5:69:d3:7c:7e:95:96:1a:
9e:20:a8:1e:30:0c:9e:c8:0b:07:10:1d:44:f1:f3:
14:46:3b:24:ec:cd:41:04:ed:01:ec:9e:bf:97:95:
e1:ec:7c:4a:1e:fd:85:cc:65:9b:0a:f3:6a:09:36:
44:b9:d9:e3:b1:91:32:c1:37:84:2d:e3:51:d6:b9:
f8:69:61:77:8c:f8:72:41:1b:4f:c9:3f:66:78:f1:
c7:a0:1f:5f:6f:58:7b:f7:c4:20:7d:5a:1a:c8:4f:
20:09:d0:be:54:d6:31:c9:c0:9a:64:37:61:eb:3f:
70:ce:2f:f8:4e:8a:78:d7:6e:40:89:91:02:62:bc:
08:94:50:a0:51:cb:e9:82:8d:2c:08:07:8b:00:00:
76:df:f0:72:b1:39:58:03:4a:c2:fd:58:9b:0b:c8:
24:79:bb:31:bb:8a:ea:85:2b:1e:5e:b1:68:f8:c8:
c5:d8:7c:3d:df:d0:d8:41:8b:57:6f:43:20:aa:98:
e3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:57:AF:5D:59:6F:46:78:58:7D:AE:31:B5:2D:24:18:5D:AA:9B:1D
X509v3 Authority Key Identifier:
keyid:6F:65:B2:FA:8B:BA:D6:50:1C:7D:21:EF:47:5D:C4:45:41:3F:B2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2Wy-ou61lAcfSHvR13ERUE_sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0681bc-e278-46c5-b1e3-7f67442f9f32/1/4FevXVlvRnhYfa4xtS0kGF2qmx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0681bc-e278-46c5-b1e3-7f67442f9f32/1/b2Wy-ou61lAcfSHvR13ERUE_sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.92.0/22
IPv6:
2a04:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:6a:da:17:1a:e3:ac:52:df:ab:e2:b5:0f:02:d0:93:c7:e5:
b1:72:cf:4e:1b:f8:1d:c7:b9:35:2a:37:a5:c5:ed:8c:f8:41:
83:ce:93:43:74:5e:50:14:ab:17:dc:ed:23:dc:50:db:7b:fa:
03:e2:a1:68:d2:92:72:20:8f:c9:d0:6a:b3:1b:43:11:b2:fe:
fc:08:37:cf:a0:8f:08:9b:db:0b:19:7a:b8:94:70:a2:a6:b7:
d6:3e:77:2f:af:d8:2b:41:7f:45:7b:a9:04:d3:d9:2a:45:ea:
44:66:32:30:2f:a6:5e:35:d7:ef:1f:b7:12:b2:4d:02:99:56:
8f:30:a7:ea:f2:15:f0:ba:74:f5:1e:0c:c3:d1:8b:3d:ce:9e:
14:b3:3c:a8:cf:de:ca:05:01:6f:6e:09:47:9f:66:a9:c3:42:
e6:2a:63:9a:41:ef:97:99:2f:64:cd:44:6a:25:67:03:70:c7:
66:1a:c4:bb:f7:18:77:0e:af:71:a7:ac:1d:ed:ec:65:1f:76:
3e:bc:af:41:a5:e9:7b:4b:1d:a6:47:7c:cb:8f:8d:63:59:40:
af:6d:ea:67:27:e5:24:c7:12:94:ad:e4:d7:b7:af:2c:9b:6f:
15:19:81:97:d0:fd:4b:b8:a8:7a:64:db:53:51:67:e4:c9:0e:
2f:1e:25:67
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFwLw6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZjY1YjJmYThiYmFkNjUwMWM3ZDIxZWY0NzVkYzQ0NTQxM2ZiMjhiMB4XDTIyMDEw
MTE1MDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA1N2FmNWQ1OTZm
NDY3ODU4N2RhZTMxYjUyZDI0MTg1ZGFhOWIxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCK55WozTWIu9SRshHwLT1Q0FIYZcB4Xg+cOy/xiDPujPp1
S+anawCGolJl2V68oeWBi2Narz7r16o281QQIls+PLVp03x+lZYaniCoHjAMnsgL
BxAdRPHzFEY7JOzNQQTtAeyev5eV4ex8Sh79hcxlmwrzagk2RLnZ47GRMsE3hC3j
Uda5+Glhd4z4ckEbT8k/Znjxx6AfX29Ye/fEIH1aGshPIAnQvlTWMcnAmmQ3Yes/
cM4v+E6KeNduQImRAmK8CJRQoFHL6YKNLAgHiwAAdt/wcrE5WANKwv1YmwvIJHm7
MbuK6oUrHl6xaPjIxdh8Pd/Q2EGLV29DIKqY458CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTgV69dWW9GeFh9rjG1LSQYXaqbHTAfBgNVHSMEGDAWgBRvZbL6i7rWUBx9
Ie9HXcRFQT+yizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2IyV3ktb3U2MWxBY2ZTSHZSMTNFUlVFX3Nvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMDY4MWJjLWUyNzgtNDZjNS1iMWUzLTdmNjc0NDJmOWYzMi8x
LzRGZXZYVmx2Um5oWWZhNHh0UzBrR0YycW14MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MDY4MWJjLWUyNzgtNDZjNS1iMWUzLTdmNjc0NDJmOWYzMi8xL2IyV3ktb3U2MWxB
Y2ZTSHZSMTNFUlVFX3Nvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkmXDANBAIAAjAHAwUDKgR0wDAN
BgkqhkiG9w0BAQsFAAOCAQEAIWraFxrjrFLfq+K1DwLQk8flsXLPThv4Hce5NSo3
pcXtjPhBg86TQ3ReUBSrF9ztI9xQ23v6A+KhaNKSciCPydBqsxtDEbL+/Ag3z6CP
CJvbCxl6uJRwoqa31j53L6/YK0F/RXupBNPZKkXqRGYyMC+mXjXX7x+3ErJNAplW
jzCn6vIV8Lp09R4Mw9GLPc6eFLM8qM/eygUBb24JR59mqcNC5ipjmkHvl5kvZM1E
aiVnA3DHZhrEu/cYdw6vcaesHe3sZR92PryvQaXpe0sdpkd8y4+NY1lAr23qZyfl
JMcSlK3k17evLJtvFRmBl9D9S7ioemTbU1Fn5MkOLx4lZw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:04 2025 by rpki-client