Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/lyUw20nPpzcaKkcpT5VHvN-Ldbk.roa
File: lyUw20nPpzcaKkcpT5VHvN-Ldbk.roa (raw, json)
Hash identifier: d7URj9/4EaMhb7AX4sqOEFyca3Om5Yu8MO/0+dyiKjA=
Subject key identifier: 97:25:30:DB:49:CF:A7:37:1A:2A:47:29:4F:95:47:BC:DF:8B:75:B9
Certificate issuer: /CN=fa307821230e7ba81a4d471a591e78ea759c6934
Certificate serial: 0185704BBE2F69B5370A42B17DCC40ED1A90
Authority key identifier: FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/lyUw20nPpzcaKkcpT5VHvN-Ldbk.roa
Signing time: Mon 02 Jan 2023 02:24:50 +0000
ROA not before: Mon 02 Jan 2023 02:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203034
IP address blocks: 185.147.20.0/22 maxlen: 22
2a07:5480::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:be:2f:69:b5:37:0a:42:b1:7d:cc:40:ed:1a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa307821230e7ba81a4d471a591e78ea759c6934
Validity
Not Before: Jan 2 02:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972530db49cfa7371a2a47294f9547bcdf8b75b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:e7:0a:ed:cc:da:84:1f:a0:f3:7d:02:ab:
85:e6:d0:0a:f6:39:b8:6a:c4:fe:64:27:50:5c:60:
b4:5d:a1:04:7b:71:59:5e:d2:bf:1d:6b:ab:63:2b:
4d:78:a6:2f:f5:b7:38:33:1f:3f:51:b1:56:80:3d:
8b:d3:fb:3f:1d:90:d4:2d:61:a2:f9:cd:90:11:3b:
b2:7c:35:66:c3:68:e2:44:a9:f1:a2:f4:6c:9d:10:
fb:2f:a1:22:2f:83:92:2e:a8:06:11:8e:d9:57:78:
23:50:ec:6d:8e:f9:e0:34:b1:f1:f2:9a:3f:49:6a:
3c:4c:bd:68:55:64:d6:80:b4:1f:44:55:4d:99:0f:
96:31:aa:df:34:90:35:c4:4c:6f:90:85:10:7e:b5:
e6:04:cb:b9:c9:de:7b:11:3e:9e:b4:f5:19:c7:ca:
03:ee:e1:35:96:bf:47:ff:ec:1a:84:95:03:a1:38:
6a:69:db:da:22:01:da:5f:08:cb:f1:5d:14:a8:37:
42:93:e5:80:9a:98:ec:db:f0:1b:58:e3:da:3b:ff:
6a:de:97:da:28:1a:6c:67:2d:83:a3:30:bf:f2:c5:
fa:f9:05:04:e1:7f:9e:19:95:13:b3:c9:db:1a:c7:
b7:f2:0a:6a:1b:e2:82:5c:d9:ce:26:62:76:2b:02:
09:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:25:30:DB:49:CF:A7:37:1A:2A:47:29:4F:95:47:BC:DF:8B:75:B9
X509v3 Authority Key Identifier:
keyid:FA:30:78:21:23:0E:7B:A8:1A:4D:47:1A:59:1E:78:EA:75:9C:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-jB4ISMOe6gaTUcaWR546nWcaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/lyUw20nPpzcaKkcpT5VHvN-Ldbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/910f67-1ffc-41c4-a2ea-f1e65f97c89a/1/1-jB4ISMOe6gaTUcaWR546nWcaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.20.0/22
IPv6:
2a07:5480::/29
Signature Algorithm: sha256WithRSAEncryption
17:e9:61:d8:5a:0a:ed:96:c5:69:1e:98:ff:f7:eb:f9:16:28:
72:09:23:de:00:be:54:1f:26:f9:2a:af:c0:66:f2:38:12:bd:
3d:a0:fb:21:79:77:12:71:7f:7b:72:05:da:71:e5:81:3f:0a:
5f:b9:ef:c3:1e:7a:fd:b7:fe:6d:c7:f2:a5:4b:79:54:ec:7e:
4f:2d:28:ed:fe:5b:7d:29:6e:76:f1:80:7c:7e:c0:85:1b:cb:
9c:0d:64:c0:00:cc:5d:85:04:81:67:63:41:ac:7d:08:5c:6a:
38:29:d1:fc:9e:b4:13:a9:32:1b:6a:59:0e:df:b4:14:45:c6:
33:e6:11:b3:04:59:10:2f:64:f3:bb:dc:60:02:93:a8:b2:5f:
47:b8:c9:8c:2f:b0:e0:a0:ac:90:b4:34:04:a5:0b:0c:7d:0f:
1a:f5:39:20:f9:27:d8:3a:de:0c:25:c5:4b:a7:e0:bc:79:82:
a5:02:cd:02:f5:83:b4:3c:f5:e6:46:8e:df:7a:60:b4:47:53:
41:43:dd:4c:24:5c:05:4b:6b:46:30:52:34:47:50:69:21:20:
d7:1d:e4:68:1c:b8:16:be:b0:ea:8d:31:58:22:6b:e5:dc:91:
0d:86:c7:85:ac:47:26:b0:7f:6f:03:52:66:2d:00:b1:e0:f7:
22:83:86:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwS74vabU3CkKxfcxA7RqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMzA3ODIxMjMwZTdiYTgxYTRkNDcxYTU5MWU3OGVhNzU5
YzY5MzQwHhcNMjMwMTAyMDIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI1MzBkYjQ5Y2ZhNzM3MWEyYTQ3Mjk0Zjk1NDdiY2RmOGI3NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiHnCu3M2oQfoPN9AquF5tAK9jm4
asT+ZCdQXGC0XaEEe3FZXtK/HWurYytNeKYv9bc4Mx8/UbFWgD2L0/s/HZDULWGi
+c2QETuyfDVmw2jiRKnxovRsnRD7L6EiL4OSLqgGEY7ZV3gjUOxtjvngNLHx8po/
SWo8TL1oVWTWgLQfRFVNmQ+WMarfNJA1xExvkIUQfrXmBMu5yd57ET6etPUZx8oD
7uE1lr9H/+wahJUDoThqadvaIgHaXwjL8V0UqDdCk+WAmpjs2/AbWOPaO/9q3pfa
KBpsZy2DozC/8sX6+QUE4X+eGZUTs8nbGse38gpqG+KCXNnOJmJ2KwIJCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJclMNtJz6c3GipHKU+VR7zfi3W5MB8GA1UdIwQY
MBaAFPoweCEjDnuoGk1HGlkeeOp1nGk0MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qQjRJU01PZTZnYVRVY2FXUjU0Nm5XY2FUUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVh
LWYxZTY1Zjk3Yzg5YS8xL2x5VXcyMG5QcHpjYUtrY3BUNVZIdk4tTGRiay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2UvOTEwZjY3LTFmZmMtNDFjNC1hMmVhLWYxZTY1Zjk3Yzg5
YS8xLzEtakI0SVNNT2U2Z2FUVWNhV1I1NDZuV2NhVFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5kxQw
DQQCAAIwBwMFAyoHVIAwDQYJKoZIhvcNAQELBQADggEBABfpYdhaCu2WxWkemP/3
6/kWKHIJI94AvlQfJvkqr8Bm8jgSvT2g+yF5dxJxf3tyBdpx5YE/Cl+578Meev23
/m3H8qVLeVTsfk8tKO3+W30pbnbxgHx+wIUby5wNZMAAzF2FBIFnY0GsfQhcajgp
0fyetBOpMhtqWQ7ftBRFxjPmEbMEWRAvZPO73GACk6iyX0e4yYwvsOCgrJC0NASl
Cwx9Dxr1OSD5J9g63gwlxUun4Lx5gqUCzQL1g7Q89eZGjt96YLRHU0FD3UwkXAVL
a0YwUjRHUGkhINcd5GgcuBa+sOqNMVgia+XckQ2Gx4WsRyawf28DUmYtALHg9yKD
hg4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:17 2025 by rpki-client