Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/bLfQrlUN8gjdvvmHe-1dymXSht8.roa
File: bLfQrlUN8gjdvvmHe-1dymXSht8.roa (raw, json)
Hash identifier: SrFXU1NYXjvvOwRoJy9TxAOmIsYgZ23uSfaSM+t2gzQ=
Subject key identifier: 6C:B7:D0:AE:55:0D:F2:08:DD:BE:F9:87:7B:ED:5D:CA:65:D2:86:DF
Certificate issuer: /CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Certificate serial: B175BB
Authority key identifier: DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/bLfQrlUN8gjdvvmHe-1dymXSht8.roa
Signing time: Sat 01 Jan 2022 10:53:32 +0000
ROA not before: Sat 01 Jan 2022 10:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210744
IP address blocks: 185.22.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11630011 (0xb175bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de4794d9fcab23ec05dddd5048a3fc7204002a2a
Validity
Not Before: Jan 1 10:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cb7d0ae550df208ddbef9877bed5dca65d286df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ce:e5:7b:b4:cc:7f:82:f9:30:11:f1:a3:4c:
1f:ee:d7:9e:cd:59:b3:86:bf:9a:8f:5a:dc:92:9c:
a9:81:16:b3:f4:8f:0c:1f:e6:4b:cb:2d:bc:28:20:
ba:a4:2f:c0:7d:c5:9a:d3:c8:3d:d8:6e:c2:e7:d9:
3e:45:7c:a1:76:be:e2:fb:d3:8b:03:ce:79:19:75:
85:10:bc:41:4f:de:75:80:2b:45:99:8e:ad:0d:02:
3f:f9:27:7b:78:37:19:d6:05:40:4f:3d:96:32:bf:
bf:eb:89:62:77:77:03:c7:6e:2d:e0:bf:a4:61:9d:
42:b2:4d:c7:40:6c:3e:6e:29:d4:0e:ec:4d:90:a3:
5b:a2:cb:1d:32:8a:b8:13:e7:90:80:ca:66:4f:a2:
c1:e2:5a:ea:19:eb:6c:f8:30:dd:0d:2f:fd:a5:1b:
71:c8:ba:88:98:60:14:92:58:08:e9:49:09:80:f3:
b2:78:e5:b4:7d:95:52:65:61:90:f2:cb:84:eb:70:
68:e1:11:72:86:1e:50:61:fe:8d:b4:5a:63:45:cd:
a4:c2:c7:a8:c2:ed:ad:c1:5a:e7:6e:22:d3:35:72:
39:bc:6b:28:65:58:66:a0:37:44:01:6d:03:ad:94:
dc:47:c4:3b:ed:32:da:55:31:45:ec:0e:42:7b:3d:
9c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B7:D0:AE:55:0D:F2:08:DD:BE:F9:87:7B:ED:5D:CA:65:D2:86:DF
X509v3 Authority Key Identifier:
keyid:DE:47:94:D9:FC:AB:23:EC:05:DD:DD:50:48:A3:FC:72:04:00:2A:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3keU2fyrI-wF3d1QSKP8cgQAKio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/bLfQrlUN8gjdvvmHe-1dymXSht8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0800fe-9bd2-488b-8c42-f011293953f5/1/3keU2fyrI-wF3d1QSKP8cgQAKio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.228.0/24
Signature Algorithm: sha256WithRSAEncryption
29:4e:5d:87:0c:15:9b:65:1b:6f:b6:1c:83:31:c7:cd:47:c4:
03:e6:b6:ea:b8:34:c4:63:50:b4:f1:7d:a7:64:a7:bc:d3:9e:
bd:58:bd:9b:7d:bb:96:69:5d:d9:e7:07:36:20:04:89:1c:24:
8d:1f:49:f0:8f:09:c5:64:4d:1e:10:bc:ed:ce:79:0b:51:91:
d7:66:bb:7f:f3:79:4d:c4:0e:c7:3a:3f:66:f1:06:c3:8a:55:
da:ae:91:18:5d:7c:0e:48:35:64:99:fe:20:93:1e:fc:ba:7a:
d7:d7:56:2f:e1:e0:44:ae:da:71:ef:e0:e8:4c:f9:8c:32:c5:
48:2e:f9:9e:2b:bc:58:5d:8d:bc:14:8b:3c:1f:d8:b6:2a:fc:
df:5b:a6:6f:64:df:8f:24:54:0f:ab:27:16:3a:71:1f:6a:d7:
c2:a4:93:8a:e4:1c:58:c2:61:a0:cb:f4:09:84:05:fb:74:cf:
3e:d5:02:bc:3e:a3:20:1a:39:9b:4e:68:58:d0:a5:cd:29:1f:
fe:65:26:94:a2:0e:f6:d6:d1:92:32:0d:06:3a:01:a9:74:05:
18:03:e0:17:b8:5a:c4:95:37:26:6f:ee:93:eb:7d:d6:bd:6c:
4a:16:72:a9:b8:59:15:94:e8:5a:d9:92:60:92:4b:00:98:a8:
2d:bf:63:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEALF1uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTQ3OTRkOWZjYWIyM2VjMDVkZGRkNTA0OGEzZmM3MjA0MDAyYTJhMB4XDTIyMDEw
MTEwNTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNiN2QwYWU1NTBk
ZjIwOGRkYmVmOTg3N2JlZDVkY2E2NWQyODZkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/O5Xu0zH+C+TAR8aNMH+7Xns1Zs4a/mo9a3JKcqYEWs/SP
DB/mS8stvCgguqQvwH3FmtPIPdhuwufZPkV8oXa+4vvTiwPOeRl1hRC8QU/edYAr
RZmOrQ0CP/kne3g3GdYFQE89ljK/v+uJYnd3A8duLeC/pGGdQrJNx0BsPm4p1A7s
TZCjW6LLHTKKuBPnkIDKZk+iweJa6hnrbPgw3Q0v/aUbcci6iJhgFJJYCOlJCYDz
snjltH2VUmVhkPLLhOtwaOERcoYeUGH+jbRaY0XNpMLHqMLtrcFa524i0zVyObxr
KGVYZqA3RAFtA62U3EfEO+0y2lUxRewOQns9nN0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRst9CuVQ3yCN2++Yd77V3KZdKG3zAfBgNVHSMEGDAWgBTeR5TZ/Ksj7AXd
3VBIo/xyBAAqKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNrZVUyZnlySS13RjNkMVFTS1A4Y2dRQUtpby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvMDgwMGZlLTliZDItNDg4Yi04YzQyLWYwMTEyOTM5NTNmNS8x
L2JMZlFybFVOOGdqZHZ2bUhlLTFkeW1YU2h0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
MDgwMGZlLTliZDItNDg4Yi04YzQyLWYwMTEyOTM5NTNmNS8xLzNrZVUyZnlySS13
RjNkMVFTS1A4Y2dRQUtpby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkW5DANBgkqhkiG9w0BAQsFAAOC
AQEAKU5dhwwVm2Ubb7YcgzHHzUfEA+a26rg0xGNQtPF9p2SnvNOevVi9m327lmld
2ecHNiAEiRwkjR9J8I8JxWRNHhC87c55C1GR12a7f/N5TcQOxzo/ZvEGw4pV2q6R
GF18Dkg1ZJn+IJMe/Lp619dWL+HgRK7ace/g6Ez5jDLFSC75niu8WF2NvBSLPB/Y
tir831umb2TfjyRUD6snFjpxH2rXwqSTiuQcWMJhoMv0CYQF+3TPPtUCvD6jIBo5
m05oWNClzSkf/mUmlKIO9tbRkjINBjoBqXQFGAPgF7haxJU3Jm/uk+t91r1sShZy
qbhZFZToWtmSYJJLAJioLb9jBg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:09 2025 by rpki-client