Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/bYquo0Af_E6Y8DY9LgQHWHONp8w.roa
File: bYquo0Af_E6Y8DY9LgQHWHONp8w.roa (raw, json)
Hash identifier: hLEetLXWNktNKfdydTJaebC4/VO0V/jRfb9SskWzmho=
Subject key identifier: 6D:8A:AE:A3:40:1F:FC:4E:98:F0:36:3D:2E:04:07:58:73:8D:A7:CC
Certificate issuer: /CN=082a6e377f1c885a6d73f3f569fd06d7ea4c7a45
Certificate serial: 01857042A808A623B055B6573CF009C8A26F
Authority key identifier: 08:2A:6E:37:7F:1C:88:5A:6D:73:F3:F5:69:FD:06:D7:EA:4C:7A:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CCpuN38ciFptc_P1af0G1-pMekU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/bYquo0Af_E6Y8DY9LgQHWHONp8w.roa
Signing time: Mon 02 Jan 2023 02:14:54 +0000
ROA not before: Mon 02 Jan 2023 02:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20559
IP address blocks: 185.157.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a8:08:a6:23:b0:55:b6:57:3c:f0:09:c8:a2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=082a6e377f1c885a6d73f3f569fd06d7ea4c7a45
Validity
Not Before: Jan 2 02:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d8aaea3401ffc4e98f0363d2e040758738da7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:80:32:c6:ee:15:1f:9a:49:5f:1e:7f:cf:8a:
7b:d8:e0:55:ab:29:7f:44:90:d7:e3:c7:89:95:a9:
dd:02:6a:b3:50:14:40:6c:c2:a3:e6:e2:c6:88:99:
62:85:a1:40:36:1d:ff:c1:87:77:d0:fa:cb:1d:f5:
5d:7f:0d:6a:1c:24:2b:91:69:2b:e5:eb:b2:36:b1:
f3:5b:33:22:19:f5:6f:e2:d8:02:e6:00:c1:c5:e8:
16:68:f3:e4:fd:f5:97:6e:21:6d:1c:1d:7a:db:bf:
8f:d8:50:31:4c:1c:4e:59:c3:a3:a3:fe:10:bd:99:
de:f0:f5:20:4c:c0:64:0f:51:3f:eb:fe:d0:24:c2:
ce:27:2e:78:2e:0f:a2:f9:16:b1:d0:65:de:01:ed:
70:be:11:99:0a:42:aa:c2:b3:f5:82:43:e1:df:d5:
93:6f:30:52:c6:c2:c2:88:37:c6:58:73:9d:9e:fa:
99:5b:64:d0:a1:2f:e8:82:3e:c4:6a:0c:5e:99:28:
d2:9e:7f:27:f8:af:cf:81:5b:94:72:8a:3c:1a:b7:
76:0e:a5:4e:7d:da:ee:fd:8a:02:2c:26:b5:85:d1:
a6:4a:59:86:ab:0f:6e:dc:51:6f:da:99:27:f9:7b:
f3:ff:11:fe:a3:08:1f:10:92:40:9d:a8:de:da:bb:
07:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8A:AE:A3:40:1F:FC:4E:98:F0:36:3D:2E:04:07:58:73:8D:A7:CC
X509v3 Authority Key Identifier:
keyid:08:2A:6E:37:7F:1C:88:5A:6D:73:F3:F5:69:FD:06:D7:EA:4C:7A:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CCpuN38ciFptc_P1af0G1-pMekU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/bYquo0Af_E6Y8DY9LgQHWHONp8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/18feb3-f3d2-49f3-90d2-9d4b16b59de6/1/CCpuN38ciFptc_P1af0G1-pMekU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.145.0/24
Signature Algorithm: sha256WithRSAEncryption
87:bb:ea:66:82:29:68:2f:9c:30:4d:8b:52:7b:d9:4d:f5:90:
e8:c7:a7:1f:c4:31:e4:61:6b:b3:23:62:ff:0b:a8:2f:35:47:
af:bb:f7:ad:f2:ec:93:30:e0:80:ff:f3:16:89:cd:db:a9:70:
f3:88:82:9a:44:29:b6:ea:37:32:9c:9b:35:fc:f6:50:bb:14:
4a:40:01:1e:b2:06:9e:5a:af:0b:2d:3d:09:d8:7a:eb:a9:8e:
7a:60:27:22:fa:b9:59:f0:43:51:1e:96:74:02:b2:74:5f:14:
d1:7c:1f:3f:46:00:49:9e:4d:00:4a:bb:93:8f:1c:28:f9:93:
04:db:40:23:90:20:1d:27:25:74:04:dc:c8:18:12:08:23:4e:
02:a4:dd:cf:d8:6f:78:de:e4:f9:3d:34:9b:af:91:bf:c9:20:
38:74:f6:20:d7:2e:00:c2:c6:83:0b:fd:ab:26:ea:c2:06:c0:
61:65:3d:74:40:07:34:2e:7e:4a:d8:3f:10:2d:c5:6b:d5:47:
7d:91:74:b4:7c:ba:50:2d:9f:41:bf:8a:7a:68:fc:4e:7a:d1:
cb:14:4a:27:b2:d5:d8:a3:19:53:e7:d5:d7:86:58:57:3d:31:
cd:f9:a4:81:ba:b3:a8:a6:55:41:1a:98:e2:5e:05:94:8d:74:
32:a0:06:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqgIpiOwVbZXPPAJyKJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MmE2ZTM3N2YxYzg4NWE2ZDczZjNmNTY5ZmQwNmQ3ZWE0
YzdhNDUwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhhYWVhMzQwMWZmYzRlOThmMDM2M2QyZTA0MDc1ODczOGRhN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoAyxu4VH5pJXx5/z4p72OBVqyl/
RJDX48eJlandAmqzUBRAbMKj5uLGiJlihaFANh3/wYd30PrLHfVdfw1qHCQrkWkr
5euyNrHzWzMiGfVv4tgC5gDBxegWaPPk/fWXbiFtHB1627+P2FAxTBxOWcOjo/4Q
vZne8PUgTMBkD1E/6/7QJMLOJy54Lg+i+Rax0GXeAe1wvhGZCkKqwrP1gkPh39WT
bzBSxsLCiDfGWHOdnvqZW2TQoS/ogj7EagxemSjSnn8n+K/PgVuUcoo8Grd2DqVO
fdru/YoCLCa1hdGmSlmGqw9u3FFv2pkn+Xvz/xH+owgfEJJAnaje2rsHJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2KrqNAH/xOmPA2PS4EB1hzjafMMB8GA1UdIwQY
MBaAFAgqbjd/HIhabXPz9Wn9BtfqTHpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0NwdU4zOGNpRnB0Y19QMWFmMEcxLXBNZWtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8xOGZlYjMtZjNkMi00OWYzLTkwZDIt
OWQ0YjE2YjU5ZGU2LzEvYllxdW8wQWZfRTZZOERZOUxnUUhXSE9OcDh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8xOGZlYjMtZjNkMi00OWYzLTkwZDItOWQ0YjE2YjU5ZGU2
LzEvQ0NwdU4zOGNpRnB0Y19QMWFmMEcxLXBNZWtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ2RMA0G
CSqGSIb3DQEBCwUAA4IBAQCHu+pmgiloL5wwTYtSe9lN9ZDox6cfxDHkYWuzI2L/
C6gvNUevu/et8uyTMOCA//MWic3bqXDziIKaRCm26jcynJs1/PZQuxRKQAEesgae
Wq8LLT0J2HrrqY56YCci+rlZ8ENRHpZ0ArJ0XxTRfB8/RgBJnk0ASruTjxwo+ZME
20AjkCAdJyV0BNzIGBIII04CpN3P2G943uT5PTSbr5G/ySA4dPYg1y4AwsaDC/2r
JurCBsBhZT10QAc0Ln5K2D8QLcVr1Ud9kXS0fLpQLZ9Bv4p6aPxOetHLFEonstXY
oxlT59XXhlhXPTHN+aSBurOoplVBGpjiXgWUjXQyoAYJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:41 2025 by rpki-client