Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/ag13YC5hsBFZnS5P_CiJ0r8p6iw.roa
File: ag13YC5hsBFZnS5P_CiJ0r8p6iw.roa (raw, json)
Hash identifier: IDDWqw3SLn3Ia91xHxaKzN7jJ2LEU0GXyKdnWD0wXqY=
Subject key identifier: 6A:0D:77:60:2E:61:B0:11:59:9D:2E:4F:FC:28:89:D2:BF:29:EA:2C
Certificate issuer: /CN=553f4bc416639a7e1b6c4f0199e02e3160a1e642
Certificate serial: 0183C23D8A161EE6527B17EC23CB12E9E0CA
Authority key identifier: 55:3F:4B:C4:16:63:9A:7E:1B:6C:4F:01:99:E0:2E:31:60:A1:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VT9LxBZjmn4bbE8BmeAuMWCh5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/ag13YC5hsBFZnS5P_CiJ0r8p6iw.roa
Signing time: Mon 10 Oct 2022 14:12:36 +0000
ROA not before: Mon 10 Oct 2022 14:12:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20910
IP address blocks: 185.242.184.0/24 maxlen: 24
2a13:6000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c2:3d:8a:16:1e:e6:52:7b:17:ec:23:cb:12:e9:e0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=553f4bc416639a7e1b6c4f0199e02e3160a1e642
Validity
Not Before: Oct 10 14:12:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a0d77602e61b011599d2e4ffc2889d2bf29ea2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:eb:fa:30:82:b3:57:ed:b9:84:88:8d:b3:0d:
d6:91:1f:b0:64:99:fb:ce:ec:38:17:e7:a7:02:d2:
ab:38:37:1a:2f:1a:8b:eb:8d:f8:e1:af:22:ad:02:
9e:1c:0e:d2:10:93:33:b3:06:6a:48:a9:c6:73:da:
c1:46:a6:a2:64:9f:e4:c3:48:0b:73:16:f6:dc:69:
91:49:27:ab:46:f4:35:32:f9:61:5b:96:d7:16:40:
5c:6d:6b:9a:8b:0c:80:17:a7:9b:b7:22:29:f9:43:
4d:61:2c:57:d8:d0:36:04:8a:4a:36:e7:57:45:ef:
e7:9a:fd:59:0e:0a:15:8a:39:72:cd:09:11:c8:06:
5d:b6:8b:be:8a:fc:be:c3:7f:6d:eb:fc:67:29:61:
1c:14:94:cd:58:15:83:1e:fc:47:4f:8f:f3:49:05:
ab:f3:cb:6d:07:90:93:b5:03:44:f7:58:f5:b8:5a:
d1:c5:08:01:d4:7c:2f:6b:5e:58:08:eb:4e:6d:e1:
06:00:e6:b9:0a:11:de:3f:60:69:a5:92:c1:af:4d:
fb:ac:eb:67:67:38:73:24:1c:81:3b:2e:90:01:47:
18:67:e9:dd:52:44:20:87:25:de:f4:9e:e2:e0:67:
00:42:46:3c:2e:5a:36:5b:59:d6:00:d6:11:22:eb:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0D:77:60:2E:61:B0:11:59:9D:2E:4F:FC:28:89:D2:BF:29:EA:2C
X509v3 Authority Key Identifier:
keyid:55:3F:4B:C4:16:63:9A:7E:1B:6C:4F:01:99:E0:2E:31:60:A1:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VT9LxBZjmn4bbE8BmeAuMWCh5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/ag13YC5hsBFZnS5P_CiJ0r8p6iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d119f6-880d-4f5b-b079-5ddafb5954ba/1/VT9LxBZjmn4bbE8BmeAuMWCh5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.184.0/24
IPv6:
2a13:6000::/29
Signature Algorithm: sha256WithRSAEncryption
0a:4c:5f:fa:07:01:91:44:e4:66:99:ec:a6:40:39:fb:ef:99:
a9:55:a2:94:0a:9c:e2:ec:19:07:45:72:3e:e2:64:b6:4d:8b:
d0:ee:83:59:9d:c5:15:91:8b:21:27:8a:9c:fa:eb:95:41:78:
d6:cf:c8:74:9e:16:cd:7a:58:86:af:bb:98:9f:74:9d:c8:1a:
73:2e:a0:23:ad:f7:2f:6e:39:ae:73:22:b1:14:20:34:b8:0e:
4d:5d:a9:1e:1a:18:5b:7c:9c:98:f5:d9:b8:d1:da:76:29:d0:
dd:e2:5f:97:f9:b7:a9:71:61:89:8d:a3:44:f6:e8:3f:a1:a3:
7b:74:38:10:20:b7:b6:17:17:f4:9e:6c:37:51:41:3c:cb:7f:
e9:a2:ec:75:c6:8a:a4:6c:37:a8:2e:c6:77:8d:bf:fa:c0:cd:
85:01:e1:bd:34:04:9e:a3:c8:16:42:1f:e5:97:8c:9b:44:4f:
2f:b8:c9:bd:8e:c0:c4:86:c2:9d:8b:67:20:67:eb:f3:23:5d:
dc:02:c5:16:fe:db:2d:92:bc:11:2f:ae:b8:6e:27:be:ef:dc:
d5:eb:a6:0f:a2:90:32:b7:90:bb:f3:ab:b3:e7:17:2b:45:dc:
f4:06:9f:5b:09:47:75:33:5c:64:5f:54:a0:fd:07:10:59:51:
60:c0:96:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPCPYoWHuZSexfsI8sS6eDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1M2Y0YmM0MTY2MzlhN2UxYjZjNGYwMTk5ZTAyZTMxNjBh
MWU2NDIwHhcNMjIxMDEwMTQxMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBkNzc2MDJlNjFiMDExNTk5ZDJlNGZmYzI4ODlkMmJmMjllYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ev6MIKzV+25hIiNsw3WkR+wZJn7
zuw4F+enAtKrODcaLxqL64344a8irQKeHA7SEJMzswZqSKnGc9rBRqaiZJ/kw0gL
cxb23GmRSSerRvQ1MvlhW5bXFkBcbWuaiwyAF6ebtyIp+UNNYSxX2NA2BIpKNudX
Re/nmv1ZDgoVijlyzQkRyAZdtou+ivy+w39t6/xnKWEcFJTNWBWDHvxHT4/zSQWr
88ttB5CTtQNE91j1uFrRxQgB1Hwva15YCOtObeEGAOa5ChHeP2BppZLBr037rOtn
ZzhzJByBOy6QAUcYZ+ndUkQghyXe9J7i4GcAQkY8Llo2W1nWANYRIuvDywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGoNd2AuYbARWZ0uT/woidK/KeosMB8GA1UdIwQY
MBaAFFU/S8QWY5p+G2xPAZngLjFgoeZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlQ5THhCWmptbjRiYkU4Qm1lQXVNV0NoNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kMTE5ZjYtODgwZC00ZjViLWIwNzkt
NWRkYWZiNTk1NGJhLzEvYWcxM1lDNWhzQkZablM1UF9DaUowcjhwNml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kMTE5ZjYtODgwZC00ZjViLWIwNzktNWRkYWZiNTk1NGJh
LzEvVlQ5THhCWmptbjRiYkU4Qm1lQXVNV0NoNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufK4MA0E
AgACMAcDBQMqE2AAMA0GCSqGSIb3DQEBCwUAA4IBAQAKTF/6BwGRRORmmeymQDn7
75mpVaKUCpzi7BkHRXI+4mS2TYvQ7oNZncUVkYshJ4qc+uuVQXjWz8h0nhbNeliG
r7uYn3SdyBpzLqAjrfcvbjmucyKxFCA0uA5NXakeGhhbfJyY9dm40dp2KdDd4l+X
+bepcWGJjaNE9ug/oaN7dDgQILe2Fxf0nmw3UUE8y3/poux1xoqkbDeoLsZ3jb/6
wM2FAeG9NASeo8gWQh/ll4ybRE8vuMm9jsDEhsKdi2cgZ+vzI13cAsUW/tstkrwR
L664bie+79zV66YPopAyt5C786uz5xcrRdz0Bp9bCUd1M1xkX1Sg/QcQWVFgwJYL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:22 2025 by rpki-client