Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/k4onUEU-FO55RlsyjBjyjwYMrlc.roa
File: k4onUEU-FO55RlsyjBjyjwYMrlc.roa (raw, json)
Hash identifier: LDwJeoFlBVQiJbxrSx4OgrL5K75TSTajdMgDQaqMwHc=
Subject key identifier: 93:8A:27:50:45:3E:14:EE:79:46:5B:32:8C:18:F2:8F:06:0C:AE:57
Certificate issuer: /CN=f58df2c469c978895f8458024c506e801c8fb21a
Certificate serial: 04082628
Authority key identifier: F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/k4onUEU-FO55RlsyjBjyjwYMrlc.roa
Signing time: Sat 01 Jan 2022 10:56:38 +0000
ROA not before: Sat 01 Jan 2022 10:56:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201127
IP address blocks: 185.189.60.0/22 maxlen: 24
2a0b:d680::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67642920 (0x4082628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58df2c469c978895f8458024c506e801c8fb21a
Validity
Not Before: Jan 1 10:56:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=938a2750453e14ee79465b328c18f28f060cae57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:62:41:98:22:71:3d:be:5a:f6:1d:ff:58:a9:
82:24:b6:2b:47:95:d0:48:2a:a0:0e:73:10:9e:a8:
af:8a:43:e8:8a:76:16:88:72:cf:37:f3:cc:c5:e7:
57:33:e0:01:dd:84:7f:ff:c6:53:a2:5f:80:68:66:
c3:ea:c3:f7:9d:7a:15:13:30:5a:a6:3d:bf:73:3d:
d0:66:e5:11:bb:72:a7:4e:80:02:a0:5a:e0:39:7a:
b3:f6:d4:4a:65:f1:55:74:fc:31:e5:05:df:ce:29:
a9:e1:ef:43:7b:45:b3:77:cc:4e:35:ca:ab:9b:d8:
d6:10:5a:c3:63:b5:22:6a:aa:5b:ed:84:8a:b8:13:
92:28:a2:6b:ec:9c:e9:f6:7f:df:6d:31:56:03:80:
3c:90:db:f4:4f:e4:3f:1b:fd:e5:6d:36:15:87:f8:
cc:5f:d2:f4:bf:23:f3:fe:7e:21:01:f2:51:59:ba:
ab:55:73:6b:3a:ab:61:6d:e0:b7:8b:e9:ed:28:e6:
25:a4:d0:15:46:fb:b0:69:2c:ae:eb:13:5b:61:34:
94:8e:05:df:f1:2a:20:b5:ae:ae:cf:25:90:50:16:
b6:fa:d3:d8:51:e1:9f:9e:2b:56:03:98:53:1a:2e:
40:bc:6a:d4:01:ca:5b:e9:f5:6b:0e:6b:8a:1a:3e:
eb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8A:27:50:45:3E:14:EE:79:46:5B:32:8C:18:F2:8F:06:0C:AE:57
X509v3 Authority Key Identifier:
keyid:F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/k4onUEU-FO55RlsyjBjyjwYMrlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.60.0/22
IPv6:
2a0b:d680::/32
Signature Algorithm: sha256WithRSAEncryption
21:12:82:a6:e4:88:86:db:e6:2a:e5:fe:99:80:b6:02:65:bc:
9d:90:5b:76:cb:f4:fa:2b:19:44:81:22:ec:6b:9f:b1:df:34:
55:88:09:22:ff:15:49:da:da:b6:f6:fb:fc:67:0c:d1:e0:b2:
bf:15:40:51:ad:5f:4f:34:6b:7a:2a:fc:8e:27:1c:32:2d:a0:
7e:cd:71:b5:cd:f3:39:3d:46:59:b8:bf:b3:a4:c9:99:b0:f8:
f0:89:20:1d:d4:c2:2f:2b:2b:6e:42:50:d0:98:cc:5b:86:c0:
9a:f7:8a:35:55:ca:d8:2a:30:51:9e:bd:3d:a4:58:1c:70:2c:
47:71:4e:7c:44:36:7e:a9:a8:b7:91:bd:75:be:cc:67:61:cc:
4d:e9:f3:d0:c0:8a:32:47:58:bf:39:42:54:c6:a7:8b:84:80:
d7:62:12:67:6d:f2:6d:6b:ce:ea:58:33:f6:11:e3:bc:09:b7:
c6:18:8b:02:6e:26:de:1f:ad:78:63:3e:09:e7:7f:ee:5c:65:
6b:75:ad:9b:75:df:70:8a:7d:aa:65:13:61:33:31:6c:0f:35:
dc:7d:6d:1a:dd:a9:c4:2c:af:53:7c:0c:4a:2e:9d:6e:8a:e7:
0c:92:f2:4b:9d:6a:07:f3:b4:0a:8c:76:60:9d:81:69:d2:c3:
60:36:fc:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBAgmKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NThkZjJjNDY5Yzk3ODg5NWY4NDU4MDI0YzUwNmU4MDFjOGZiMjFhMB4XDTIyMDEw
MTEwNTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM4YTI3NTA0NTNl
MTRlZTc5NDY1YjMyOGMxOGYyOGYwNjBjYWU1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpiQZgicT2+WvYd/1ipgiS2K0eV0EgqoA5zEJ6or4pD6Ip2
FohyzzfzzMXnVzPgAd2Ef//GU6JfgGhmw+rD9516FRMwWqY9v3M90GblEbtyp06A
AqBa4Dl6s/bUSmXxVXT8MeUF384pqeHvQ3tFs3fMTjXKq5vY1hBaw2O1ImqqW+2E
irgTkiiia+yc6fZ/320xVgOAPJDb9E/kPxv95W02FYf4zF/S9L8j8/5+IQHyUVm6
q1VzazqrYW3gt4vp7SjmJaTQFUb7sGksrusTW2E0lI4F3/EqILWurs8lkFAWtvrT
2FHhn54rVgOYUxouQLxq1AHKW+n1aw5riho+6/8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSTiidQRT4U7nlGWzKMGPKPBgyuVzAfBgNVHSMEGDAWgBT1jfLEacl4iV+E
WAJMUG6AHI+yGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlZM3l4R25KZUlsZmhGZ0NURkJ1Z0J5UHNoby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvMWU5NjIxLTYyNmUtNDAzMi05YjU0LTc2ZTMzNDljOTdjMi8x
L2s0b25VRVUtRk81NVJsc3lqQmp5andZTXJsYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
MWU5NjIxLTYyNmUtNDAzMi05YjU0LTc2ZTMzNDljOTdjMi8xLzlZM3l4R25KZUls
ZmhGZ0NURkJ1Z0J5UHNoby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm9PDANBAIAAjAHAwUAKgvWgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIRKCpuSIhtvmKuX+mYC2AmW8nZBbdsv0+isZRIEi
7Gufsd80VYgJIv8VSdratvb7/GcM0eCyvxVAUa1fTzRreir8jiccMi2gfs1xtc3z
OT1GWbi/s6TJmbD48IkgHdTCLysrbkJQ0JjMW4bAmveKNVXK2CowUZ69PaRYHHAs
R3FOfEQ2fqmot5G9db7MZ2HMTenz0MCKMkdYvzlCVMani4SA12ISZ23ybWvO6lgz
9hHjvAm3xhiLAm4m3h+teGM+Ced/7lxla3Wtm3XfcIp9qmUTYTMxbA813H1tGt2p
xCyvU3wMSi6dbornDJLyS51qB/O0Cox2YJ2BadLDYDb80Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:39 2025 by rpki-client