Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/byDptgXBp0qnnTAPAwhKuvqirU4.roa
File: byDptgXBp0qnnTAPAwhKuvqirU4.roa (raw, json)
Hash identifier: 6a9JBewCa/RhicVYRsJNnjeYccyhhcEPdOHzMlB3dsU=
Subject key identifier: 6F:20:E9:B6:05:C1:A7:4A:A7:9D:30:0F:03:08:4A:BA:FA:A2:AD:4E
Certificate issuer: /CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Certificate serial: 018570026FA46AE36C8594ECAA1DA08AEA5E
Authority key identifier: 80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/byDptgXBp0qnnTAPAwhKuvqirU4.roa
Signing time: Mon 02 Jan 2023 01:04:45 +0000
ROA not before: Mon 02 Jan 2023 01:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50297
IP address blocks: 193.200.209.0/24 maxlen: 24
185.110.132.0/24 maxlen: 24
2a06:5600:28f8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:6f:a4:6a:e3:6c:85:94:ec:aa:1d:a0:8a:ea:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80bd00829536d47745f47da9d1a8a72f6dd462d4
Validity
Not Before: Jan 2 01:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f20e9b605c1a74aa79d300f03084abafaa2ad4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6a:7e:46:b8:4f:48:ee:91:7f:b0:13:55:cd:
66:1e:75:f5:2c:cd:dc:ef:18:89:61:8d:32:a0:d4:
d0:11:ab:2a:00:56:1f:78:ee:5f:84:fb:6b:b7:60:
51:c9:c6:1d:0a:9c:c9:56:ec:6d:be:ca:ce:26:a4:
3e:3b:bb:fb:ef:b1:a4:d2:42:85:2d:ab:48:74:e8:
71:7b:95:b6:45:5b:e4:1b:3d:89:c5:be:f1:b6:d2:
ff:f3:3f:b7:7d:50:33:c4:40:37:9b:f9:03:f2:84:
41:e3:d5:8f:15:71:02:8c:a6:f1:6c:66:f9:df:6d:
16:e3:7e:62:8e:c3:97:c5:8c:12:90:3d:03:77:d4:
b6:52:bf:d6:17:2d:08:9e:e9:8a:3e:a5:49:6b:82:
41:73:2e:19:39:24:9a:f8:ee:1c:6a:99:37:f5:4c:
77:49:21:68:51:ff:4e:51:69:3a:64:94:da:2d:62:
9d:72:f1:d9:1e:b9:8e:c4:93:41:0c:d3:fa:5d:0d:
08:dd:88:db:f4:3c:3c:10:0e:f1:f1:25:68:e9:cb:
d3:e5:7e:73:9b:75:07:2d:4d:19:18:fa:10:b0:64:
da:55:60:05:fd:7f:8c:69:4f:f9:66:e7:91:00:06:
76:cc:cc:f1:44:be:04:af:b7:82:aa:70:89:ac:b3:
a4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:20:E9:B6:05:C1:A7:4A:A7:9D:30:0F:03:08:4A:BA:FA:A2:AD:4E
X509v3 Authority Key Identifier:
keyid:80:BD:00:82:95:36:D4:77:45:F4:7D:A9:D1:A8:A7:2F:6D:D4:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gL0AgpU21HdF9H2p0ainL23UYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/byDptgXBp0qnnTAPAwhKuvqirU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/64e19f-fe54-42cd-8923-09b9920fe00f/1/gL0AgpU21HdF9H2p0ainL23UYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.132.0/24
193.200.209.0/24
IPv6:
2a06:5600:28f8::/48
Signature Algorithm: sha256WithRSAEncryption
9b:24:10:cf:46:55:8e:bf:9a:f6:3a:f6:69:52:65:f4:46:c3:
92:ef:91:48:ed:3d:b3:76:a2:8a:20:40:6c:60:a3:4b:d7:d8:
57:4f:1d:15:4c:f3:67:c7:64:95:ba:25:41:94:52:96:f4:f6:
90:61:5e:34:63:b2:d9:21:cb:88:07:89:3c:d9:31:ac:a7:70:
d1:23:88:6f:b6:fb:ba:ce:33:8c:77:c9:b4:08:38:67:54:de:
e6:98:a9:20:46:e9:6b:e1:fd:cf:7f:a4:46:81:30:35:df:49:
9f:2d:c1:10:5c:33:1e:76:76:8c:17:18:de:a0:e6:14:e7:0b:
fe:d4:f0:e6:6c:94:6c:88:0c:08:27:8f:6a:21:aa:74:5c:cb:
15:91:41:8b:62:c4:ad:49:36:f3:d1:2a:5d:9f:0a:54:cf:02:
5c:04:3e:75:6c:0f:70:72:a1:df:5d:e1:b3:86:27:c9:07:ec:
13:f0:2e:89:91:68:d6:11:ad:50:68:2d:77:5e:75:9c:79:de:
8f:68:fd:ba:b1:b6:18:bb:ee:22:f1:ff:95:94:47:85:92:bb:
62:9f:2b:09:ff:2d:ec:17:12:a9:c8:5b:fe:9a:4b:96:16:97:
5e:74:b0:be:4b:47:29:3c:c1:87:cc:2e:9e:f2:84:2c:89:c4:
35:65:ec:0e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwAm+kauNshZTsqh2giupeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYmQwMDgyOTUzNmQ0Nzc0NWY0N2RhOWQxYThhNzJmNmRk
NDYyZDQwHhcNMjMwMTAyMDEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjIwZTliNjA1YzFhNzRhYTc5ZDMwMGYwMzA4NGFiYWZhYTJhZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWp+RrhPSO6Rf7ATVc1mHnX1LM3c
7xiJYY0yoNTQEasqAFYfeO5fhPtrt2BRycYdCpzJVuxtvsrOJqQ+O7v777Gk0kKF
LatIdOhxe5W2RVvkGz2Jxb7xttL/8z+3fVAzxEA3m/kD8oRB49WPFXECjKbxbGb5
320W435ijsOXxYwSkD0Dd9S2Ur/WFy0InumKPqVJa4JBcy4ZOSSa+O4capk39Ux3
SSFoUf9OUWk6ZJTaLWKdcvHZHrmOxJNBDNP6XQ0I3Yjb9Dw8EA7x8SVo6cvT5X5z
m3UHLU0ZGPoQsGTaVWAF/X+MaU/5ZueRAAZ2zMzxRL4Er7eCqnCJrLOk2QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG8g6bYFwadKp50wDwMISrr6oq1OMB8GA1UdIwQY
MBaAFIC9AIKVNtR3RfR9qdGopy9t1GLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMt
MDliOTkyMGZlMDBmLzEvYnlEcHRnWEJwMHFublRBUEF3aEt1dnFpclU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi82NGUxOWYtZmU1NC00MmNkLTg5MjMtMDliOTkyMGZlMDBm
LzEvZ0wwQWdwVTIxSGRGOUgycDBhaW5MMjNVWXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuW6EAwQA
wcjRMA8EAgACMAkDBwAqBlYAKPgwDQYJKoZIhvcNAQELBQADggEBAJskEM9GVY6/
mvY69mlSZfRGw5LvkUjtPbN2ooogQGxgo0vX2FdPHRVM82fHZJW6JUGUUpb09pBh
XjRjstkhy4gHiTzZMayncNEjiG+2+7rOM4x3ybQIOGdU3uaYqSBG6Wvh/c9/pEaB
MDXfSZ8twRBcMx52dowXGN6g5hTnC/7U8OZslGyIDAgnj2ohqnRcyxWRQYtixK1J
NvPRKl2fClTPAlwEPnVsD3Byod9d4bOGJ8kH7BPwLomRaNYRrVBoLXdedZx53o9o
/bqxthi77iLx/5WUR4WSu2KfKwn/LewXEqnIW/6aS5YWl150sL5LRyk8wYfMLp7y
hCyJxDVl7A4=
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:02:34 2025 by rpki-client