Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/1mKTYxzxOqzB-3fHSIzzZqTzS_w.roa
File: 1mKTYxzxOqzB-3fHSIzzZqTzS_w.roa (raw, json)
Hash identifier: 8e5R3EHhMJn05exiKXVEVv3X4VcRdbQuWQhQSHw9PMU=
Subject key identifier: D6:62:93:63:1C:F1:3A:AC:C1:FB:77:C7:48:8C:F3:66:A4:F3:4B:FC
Certificate issuer: /CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Certificate serial: 0185704BAE4FB921EF2F63CFC5E4E667E472
Authority key identifier: 90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/1mKTYxzxOqzB-3fHSIzzZqTzS_w.roa
Signing time: Mon 02 Jan 2023 02:24:45 +0000
ROA not before: Mon 02 Jan 2023 02:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212911
IP address blocks: 185.220.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:ae:4f:b9:21:ef:2f:63:cf:c5:e4:e6:67:e4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Validity
Not Before: Jan 2 02:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d66293631cf13aacc1fb77c7488cf366a4f34bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7d:16:fb:f1:94:b9:ab:47:c9:b9:56:75:9b:
3c:af:69:22:b8:1c:46:70:d5:ce:d8:95:11:c7:65:
ba:46:8a:a3:c9:40:56:d1:d3:ae:3c:06:a5:61:66:
a3:5b:d2:12:a6:37:61:b9:fe:d6:19:4e:79:67:bb:
62:3b:fa:8d:bc:a3:f4:e8:54:01:eb:b1:4d:0e:8c:
b9:b3:d4:21:a4:f1:76:e7:47:e2:6e:21:d1:f9:1d:
56:90:c3:47:76:b2:f1:61:c5:2b:71:aa:08:d4:d5:
0c:cf:0a:d5:98:e1:d3:9a:cb:23:01:28:6f:8d:fb:
88:61:e8:cd:cf:94:c2:17:f8:92:22:31:f3:f5:e0:
8f:2a:e2:f4:93:ad:29:ef:d7:0f:eb:23:e5:ba:ea:
4a:64:02:43:9f:87:0d:42:6f:01:4e:3e:9d:8d:35:
20:0d:9d:1f:77:1d:9b:26:6f:1e:71:66:73:81:44:
9f:63:d2:de:d6:80:15:11:23:07:6a:83:9d:21:10:
4a:ad:68:81:c2:0e:d7:27:ae:16:38:04:90:88:37:
d7:0b:4b:d8:01:f3:bd:ff:e2:d0:b5:a8:c6:21:db:
5e:37:e6:9f:d6:90:1d:9c:62:f3:f5:e7:11:96:38:
5d:4b:14:f4:58:66:ad:db:db:d5:1b:db:93:fd:5e:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:62:93:63:1C:F1:3A:AC:C1:FB:77:C7:48:8C:F3:66:A4:F3:4B:FC
X509v3 Authority Key Identifier:
keyid:90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/1mKTYxzxOqzB-3fHSIzzZqTzS_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.119.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:49:e3:3b:63:30:65:94:93:83:64:08:d9:63:5e:7d:0f:a6:
57:c3:10:e8:0b:80:6c:ee:fc:99:16:05:32:f4:40:ad:fc:3b:
23:14:a8:9f:5e:d0:2a:6b:2b:57:c2:dd:58:b6:34:c6:84:5e:
05:29:5d:78:cb:2b:8a:d0:c7:91:dc:91:11:9e:f5:c3:01:9c:
16:15:e2:ca:ca:ce:b9:11:13:60:a1:46:84:5a:ef:fd:fc:fd:
ca:5f:db:ca:52:60:79:29:fa:dd:a9:09:1f:55:ea:91:57:32:
83:f7:97:90:46:68:e0:4d:61:a1:52:cc:f6:c4:7c:b4:ff:9d:
f6:e6:e4:cc:6e:a7:f7:ab:3a:53:85:12:ce:24:54:10:d3:1e:
42:90:3c:63:a2:43:58:fa:0d:64:09:14:a2:5a:4a:99:5d:5b:
dd:e2:20:0d:27:73:50:56:15:4d:e6:be:68:83:09:7b:5b:f7:
11:45:d7:cb:f9:4d:ad:b8:2b:84:c9:a9:8b:f0:f0:99:d7:41:
e9:b7:44:16:6c:e4:32:0f:f4:0f:2b:0c:2f:c1:1e:f3:27:ab:
44:07:81:e2:25:8a:d2:bc:33:9d:7e:bc:0f:44:c8:27:31:23:
5e:5a:f9:ff:92:70:cd:23:2c:06:63:77:59:ec:7b:89:c4:fd:
b9:fb:9a:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS65PuSHvL2PPxeTmZ+RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI3M2E2M2M1MWVhZjNmOWU1YWU3YjlmYWFmZGIyOTMx
MzQwZGYwHhcNMjMwMTAyMDIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjYyOTM2MzFjZjEzYWFjYzFmYjc3Yzc0ODhjZjM2NmE0ZjM0YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz30W+/GUuatHyblWdZs8r2kiuBxG
cNXO2JURx2W6RoqjyUBW0dOuPAalYWajW9ISpjdhuf7WGU55Z7tiO/qNvKP06FQB
67FNDoy5s9QhpPF250fibiHR+R1WkMNHdrLxYcUrcaoI1NUMzwrVmOHTmssjAShv
jfuIYejNz5TCF/iSIjHz9eCPKuL0k60p79cP6yPluupKZAJDn4cNQm8BTj6djTUg
DZ0fdx2bJm8ecWZzgUSfY9Le1oAVESMHaoOdIRBKrWiBwg7XJ64WOASQiDfXC0vY
AfO9/+LQtajGIdteN+af1pAdnGLz9ecRljhdSxT0WGat29vVG9uT/V7kLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZik2Mc8Tqswft3x0iM82ak80v8MB8GA1UdIwQY
MBaAFJDyc6Y8Uerz+eWue5+q/bKTE0DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2Yt
NTA4MmMyOGI3MTVmLzEvMW1LVFl4enhPcXpCLTNmSFNJenpacVR6U193LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2YtNTA4MmMyOGI3MTVm
LzEva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudx3MA0G
CSqGSIb3DQEBCwUAA4IBAQBaSeM7YzBllJODZAjZY159D6ZXwxDoC4Bs7vyZFgUy
9ECt/DsjFKifXtAqaytXwt1YtjTGhF4FKV14yyuK0MeR3JERnvXDAZwWFeLKys65
ERNgoUaEWu/9/P3KX9vKUmB5KfrdqQkfVeqRVzKD95eQRmjgTWGhUsz2xHy0/532
5uTMbqf3qzpThRLOJFQQ0x5CkDxjokNY+g1kCRSiWkqZXVvd4iANJ3NQVhVN5r5o
gwl7W/cRRdfL+U2tuCuEyamL8PCZ10Hpt0QWbOQyD/QPKwwvwR7zJ6tEB4HiJYrS
vDOdfrwPRMgnMSNeWvn/knDNIywGY3dZ7HuJxP25+5oo
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:22 2025 by rpki-client