Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/bA_jWFxfR0TOVf4s8IXmfqEYCTc.roa
File: bA_jWFxfR0TOVf4s8IXmfqEYCTc.roa (raw, json)
Hash identifier: SACyAUrV6nnKnSwhonxk01WY/XFPvKEHZEaXG08Srb0=
Subject key identifier: 6C:0F:E3:58:5C:5F:47:44:CE:55:FE:2C:F0:85:E6:7E:A1:18:09:37
Certificate issuer: /CN=fad1863cbdec1b596daceeb901a0853d6c87e756
Certificate serial: 018691E69C773D09CF0F927E0D6F6D76663A
Authority key identifier: FA:D1:86:3C:BD:EC:1B:59:6D:AC:EE:B9:01:A0:85:3D:6C:87:E7:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tGGPL3sG1ltrO65AaCFPWyH51Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/bA_jWFxfR0TOVf4s8IXmfqEYCTc.roa
Signing time: Mon 27 Feb 2023 08:04:15 +0000
ROA not before: Mon 27 Feb 2023 08:04:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202652
IP address blocks: 185.157.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:91:e6:9c:77:3d:09:cf:0f:92:7e:0d:6f:6d:76:66:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad1863cbdec1b596daceeb901a0853d6c87e756
Validity
Not Before: Feb 27 08:04:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c0fe3585c5f4744ce55fe2cf085e67ea1180937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:8c:95:50:b1:16:d1:0a:64:67:5e:54:f4:
e0:3f:8b:6e:1d:57:98:51:f3:8e:76:77:49:65:ef:
f6:32:8a:e7:cc:1c:ed:58:2d:ff:ef:0e:a9:76:f7:
b9:ad:89:c1:2d:c1:d3:88:ea:ee:41:8d:10:a3:26:
1e:85:ff:66:40:22:ab:bc:30:cc:49:d4:d7:2e:a6:
fe:03:47:27:e9:e5:c2:3f:9d:67:e0:b6:4e:36:54:
09:fb:d9:d2:6e:71:81:a1:14:e7:1c:f8:6d:02:45:
41:cf:05:37:8f:c2:35:86:ab:3f:e3:03:60:2b:5a:
ef:84:5c:d2:a9:aa:52:e4:e0:1d:f9:86:4b:78:58:
95:b2:5a:8e:eb:ca:0f:d1:b8:48:e6:36:e0:4f:7c:
b1:42:42:71:8f:f9:36:22:10:cb:b1:8b:fa:f5:8c:
c6:74:5c:86:88:07:ac:6c:ea:0c:cb:77:74:f1:ee:
87:19:3c:07:b8:05:51:da:80:92:69:78:71:6f:cc:
09:3c:eb:22:33:9d:a7:17:91:05:98:2d:39:15:30:
ba:f1:42:f1:4a:9d:e6:ee:83:05:28:4e:b9:d6:da:
8a:93:3f:99:d6:d4:cf:e6:94:4d:1f:31:aa:75:c1:
bb:bb:01:17:44:82:ac:8c:d2:36:c6:21:b3:a9:82:
b8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0F:E3:58:5C:5F:47:44:CE:55:FE:2C:F0:85:E6:7E:A1:18:09:37
X509v3 Authority Key Identifier:
keyid:FA:D1:86:3C:BD:EC:1B:59:6D:AC:EE:B9:01:A0:85:3D:6C:87:E7:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tGGPL3sG1ltrO65AaCFPWyH51Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/bA_jWFxfR0TOVf4s8IXmfqEYCTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ddda7e-a037-4d38-9555-0a110c49749c/1/1-tGGPL3sG1ltrO65AaCFPWyH51Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.108.0/22
Signature Algorithm: sha256WithRSAEncryption
11:f0:fe:f4:c0:97:20:16:a0:f9:d4:30:ea:c1:f6:10:19:29:
b9:68:1c:2e:d7:f0:69:cf:09:1d:a3:fa:28:2a:36:87:4f:d1:
65:06:c4:5f:36:bc:75:b7:33:ee:c9:27:f6:54:dd:b0:72:23:
76:bc:dc:64:f4:aa:b0:13:ca:98:7d:de:dc:92:1e:8d:3e:13:
0f:2a:fe:82:5b:9b:64:d8:50:a3:7c:b4:1b:3e:92:f0:58:6a:
e2:50:26:59:b8:23:8f:7d:10:78:be:a4:dc:54:1a:0e:4e:ff:
34:8d:49:44:bb:ab:e8:81:98:bb:0a:d0:cf:1a:56:92:34:60:
b1:f2:34:80:41:4d:2c:86:0e:34:fa:d3:41:f6:10:4a:b7:be:
d4:16:4d:80:98:be:68:b3:10:7a:7e:cf:35:2a:7b:52:c5:24:
c5:17:69:ed:ac:be:f4:39:91:4b:fe:f5:25:2f:0d:73:7a:b3:
7f:45:f1:24:f6:8e:fe:e6:5c:4a:51:d8:a6:f0:49:a9:a1:5f:
9d:59:52:a1:39:59:dc:45:d4:ea:15:21:28:16:8f:c4:79:99:
e8:00:31:f1:b0:65:55:55:ae:47:51:48:58:bf:ca:67:49:49:
ed:12:94:ac:a0:ed:b3:b3:3d:6f:7e:5e:e5:ba:b6:63:0a:c9:
36:45:dc:1f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYaR5px3PQnPD5J+DW9tdmY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDE4NjNjYmRlYzFiNTk2ZGFjZWViOTAxYTA4NTNkNmM4
N2U3NTYwHhcNMjMwMjI3MDgwNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBmZTM1ODVjNWY0NzQ0Y2U1NWZlMmNmMDg1ZTY3ZWExMTgwOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsWMlVCxFtEKZGdeVPTgP4tuHVeY
UfOOdndJZe/2MornzBztWC3/7w6pdve5rYnBLcHTiOruQY0QoyYehf9mQCKrvDDM
SdTXLqb+A0cn6eXCP51n4LZONlQJ+9nSbnGBoRTnHPhtAkVBzwU3j8I1hqs/4wNg
K1rvhFzSqapS5OAd+YZLeFiVslqO68oP0bhI5jbgT3yxQkJxj/k2IhDLsYv69YzG
dFyGiAesbOoMy3d08e6HGTwHuAVR2oCSaXhxb8wJPOsiM52nF5EFmC05FTC68ULx
Sp3m7oMFKE651tqKkz+Z1tTP5pRNHzGqdcG7uwEXRIKsjNI2xiGzqYK49wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGwP41hcX0dEzlX+LPCF5n6hGAk3MB8GA1UdIwQY
MBaAFPrRhjy97BtZbazuuQGghT1sh+dWMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10R0dQTDNzRzFsdHJPNjVBYUNGUFd5SDUxWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYvZGRkYTdlLWEwMzctNGQzOC05NTU1
LTBhMTEwYzQ5NzQ5Yy8xL2JBX2pXRnhmUjBUT1ZmNHM4SVhtZnFFWUNUYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvZGRkYTdlLWEwMzctNGQzOC05NTU1LTBhMTEwYzQ5NzQ5
Yy8xLzEtdEdHUEwzc0cxbHRyTzY1QWFDRlBXeUg1MVkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5nWww
DQYJKoZIhvcNAQELBQADggEBABHw/vTAlyAWoPnUMOrB9hAZKbloHC7X8GnPCR2j
+igqNodP0WUGxF82vHW3M+7JJ/ZU3bByI3a83GT0qrATyph93tySHo0+Ew8q/oJb
m2TYUKN8tBs+kvBYauJQJlm4I499EHi+pNxUGg5O/zSNSUS7q+iBmLsK0M8aVpI0
YLHyNIBBTSyGDjT600H2EEq3vtQWTYCYvmizEHp+zzUqe1LFJMUXae2svvQ5kUv+
9SUvDXN6s39F8ST2jv7mXEpR2KbwSamhX51ZUqE5WdxF1OoVISgWj8R5megAMfGw
ZVVVrkdRSFi/ymdJSe0SlKyg7bOzPW9+XuW6tmMKyTZF3B8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:18 2025 by rpki-client