Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/50f9e5-913c-4be6-9949-4c8ad7c46203/1/tsNb5YP42nanR8v8lgNtwHignyE.roa
File: tsNb5YP42nanR8v8lgNtwHignyE.roa (raw, json)
Hash identifier: QFGmVUe5o5x1HRkpyA8yCzdjMCbvgt0OBYnCFUnqYjc=
Subject key identifier: B6:C3:5B:E5:83:F8:DA:76:A7:47:CB:FC:96:03:6D:C0:78:A0:9F:21
Certificate issuer: /CN=6713b9c04ca698c0b7fafd1d17fc068b7099f6ac
Certificate serial: 018570674A8E4597D5CE37FFB29F7E427B68
Authority key identifier: 67:13:B9:C0:4C:A6:98:C0:B7:FA:FD:1D:17:FC:06:8B:70:99:F6:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZxO5wEymmMC3-v0dF_wGi3CZ9qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/50f9e5-913c-4be6-9949-4c8ad7c46203/1/tsNb5YP42nanR8v8lgNtwHignyE.roa
Signing time: Mon 02 Jan 2023 02:54:55 +0000
ROA not before: Mon 02 Jan 2023 02:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204120
IP address blocks: 185.114.48.0/22 maxlen: 24
2a06:6e40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:4a:8e:45:97:d5:ce:37:ff:b2:9f:7e:42:7b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6713b9c04ca698c0b7fafd1d17fc068b7099f6ac
Validity
Not Before: Jan 2 02:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6c35be583f8da76a747cbfc96036dc078a09f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:45:f6:72:e6:1c:d9:4d:5b:52:6f:7c:03:2a:
88:98:6e:2f:17:ee:f1:9b:08:39:68:21:87:c8:84:
e6:c5:f8:e4:4a:e0:f0:c6:fc:70:0d:ec:e8:21:ce:
b3:88:ac:d7:51:31:85:39:83:1d:7b:ab:0b:30:6a:
f3:bb:19:93:fe:e4:62:e1:23:a6:7c:46:c1:58:90:
e3:c7:04:90:86:b2:f1:8b:aa:b2:59:f4:f8:11:69:
2c:7e:a1:22:cd:ac:07:4b:2d:d2:26:53:47:83:f0:
80:67:a6:d8:f4:05:63:5a:0b:f8:2a:66:0b:c4:c6:
4e:ae:06:27:af:4e:29:d2:b7:8f:9c:a4:4c:82:69:
47:25:ee:dc:5f:f9:a6:eb:b7:6a:09:aa:5c:9e:91:
95:60:4d:07:fd:69:4e:28:84:bd:88:05:ce:ec:d1:
ff:9a:30:07:ae:6d:87:1d:37:8b:8c:a6:3a:26:9c:
98:f4:73:b4:1e:ae:f5:4a:44:78:19:57:c1:75:81:
5d:2c:2f:88:58:67:e8:48:8b:e4:ce:c0:41:49:25:
85:5b:cc:8a:13:51:cf:e9:5b:85:08:09:60:a1:c1:
53:05:0d:3f:f8:c5:74:d8:74:9c:e6:b5:40:1f:3e:
5c:42:bb:88:85:9d:b0:54:35:94:aa:a0:cb:5a:46:
bb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:5B:E5:83:F8:DA:76:A7:47:CB:FC:96:03:6D:C0:78:A0:9F:21
X509v3 Authority Key Identifier:
keyid:67:13:B9:C0:4C:A6:98:C0:B7:FA:FD:1D:17:FC:06:8B:70:99:F6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZxO5wEymmMC3-v0dF_wGi3CZ9qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/50f9e5-913c-4be6-9949-4c8ad7c46203/1/tsNb5YP42nanR8v8lgNtwHignyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/50f9e5-913c-4be6-9949-4c8ad7c46203/1/ZxO5wEymmMC3-v0dF_wGi3CZ9qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.48.0/22
IPv6:
2a06:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
51:3b:75:85:d8:85:7c:4d:8c:a4:e6:2a:c6:96:41:d2:3f:da:
08:27:cd:e3:34:7a:70:41:38:3c:bf:1e:21:cc:dc:2f:31:b5:
06:bc:89:09:60:7b:ab:c4:aa:db:22:71:3f:fa:60:69:37:27:
a6:72:9b:cb:c8:c7:ea:cd:61:a1:c7:02:19:52:10:7c:dd:8d:
48:72:88:07:49:17:ee:91:d5:5d:ef:ad:62:29:69:b8:2b:93:
e4:58:2e:f1:4d:88:4d:f2:57:69:15:3b:d5:8e:f6:ad:11:e9:
67:c2:e0:cd:14:ba:75:c2:d3:89:af:b1:00:0a:b7:15:4f:d0:
ea:5a:f3:be:6b:a3:ff:c5:f3:c4:73:fa:a3:5a:28:a3:30:d5:
a1:bc:9b:03:b1:22:ed:ce:74:68:aa:61:98:13:db:4a:ac:e7:
77:c5:ec:16:c0:9d:b8:39:88:2d:eb:0b:53:20:ac:37:7c:60:
f3:34:c6:80:94:60:a7:94:e6:27:e0:a2:69:85:51:58:89:26:
c0:20:ec:6e:4b:61:9b:c9:95:25:f6:cd:f1:6e:35:1d:7e:1c:
67:70:be:c7:a2:f9:5f:8c:14:07:93:f6:d3:5a:6b:ba:e3:83:
2b:17:fe:56:85:a2:a4:58:a8:55:2d:0f:42:3f:94:24:03:60:
01:77:6b:81
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZ0qORZfVzjf/sp9+QntoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MTNiOWMwNGNhNjk4YzBiN2ZhZmQxZDE3ZmMwNjhiNzA5
OWY2YWMwHhcNMjMwMTAyMDI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMzNWJlNTgzZjhkYTc2YTc0N2NiZmM5NjAzNmRjMDc4YTA5ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEX2cuYc2U1bUm98AyqImG4vF+7x
mwg5aCGHyITmxfjkSuDwxvxwDezoIc6ziKzXUTGFOYMde6sLMGrzuxmT/uRi4SOm
fEbBWJDjxwSQhrLxi6qyWfT4EWksfqEizawHSy3SJlNHg/CAZ6bY9AVjWgv4KmYL
xMZOrgYnr04p0rePnKRMgmlHJe7cX/mm67dqCapcnpGVYE0H/WlOKIS9iAXO7NH/
mjAHrm2HHTeLjKY6JpyY9HO0Hq71SkR4GVfBdYFdLC+IWGfoSIvkzsBBSSWFW8yK
E1HP6VuFCAlgocFTBQ0/+MV02HSc5rVAHz5cQruIhZ2wVDWUqqDLWka7SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLbDW+WD+Np2p0fL/JYDbcB4oJ8hMB8GA1UdIwQY
MBaAFGcTucBMppjAt/r9HRf8BotwmfasMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnhPNXdFeW1tTUMzLXYwZEZfd0dpM0NaOXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81MGY5ZTUtOTEzYy00YmU2LTk5NDkt
NGM4YWQ3YzQ2MjAzLzEvdHNOYjVZUDQybmFuUjh2OGxnTnR3SGlnbnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81MGY5ZTUtOTEzYy00YmU2LTk5NDktNGM4YWQ3YzQ2MjAz
LzEvWnhPNXdFeW1tTUMzLXYwZEZfd0dpM0NaOXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXIwMA0E
AgACMAcDBQMqBm5AMA0GCSqGSIb3DQEBCwUAA4IBAQBRO3WF2IV8TYyk5irGlkHS
P9oIJ83jNHpwQTg8vx4hzNwvMbUGvIkJYHurxKrbInE/+mBpNyemcpvLyMfqzWGh
xwIZUhB83Y1IcogHSRfukdVd761iKWm4K5PkWC7xTYhN8ldpFTvVjvatEelnwuDN
FLp1wtOJr7EACrcVT9DqWvO+a6P/xfPEc/qjWiijMNWhvJsDsSLtznRoqmGYE9tK
rOd3xewWwJ24OYgt6wtTIKw3fGDzNMaAlGCnlOYn4KJphVFYiSbAIOxuS2GbyZUl
9s3xbjUdfhxncL7HovlfjBQHk/bTWmu644MrF/5WhaKkWKhVLQ9CP5QkA2ABd2uB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:29 2025 by rpki-client