Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/35d598-c32c-49a7-b1f6-8f913e2696e5/1/l3kJiksX95SKnTW_3z2SFGzlygI.roa
File: l3kJiksX95SKnTW_3z2SFGzlygI.roa (raw, json)
Hash identifier: QvzBxpK52wPFsK2Kq0tBkKK3OKh6KmLLmymi3hAI7Jg=
Subject key identifier: 97:79:09:8A:4B:17:F7:94:8A:9D:35:BF:DF:3D:92:14:6C:E5:CA:02
Certificate issuer: /CN=aac575cafa00bc41d57c494ac1f5dbcfee78332e
Certificate serial: 0D718602
Authority key identifier: AA:C5:75:CA:FA:00:BC:41:D5:7C:49:4A:C1:F5:DB:CF:EE:78:33:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qsV1yvoAvEHVfElKwfXbz-54My4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/35d598-c32c-49a7-b1f6-8f913e2696e5/1/l3kJiksX95SKnTW_3z2SFGzlygI.roa
Signing time: Sat 01 Jan 2022 16:06:17 +0000
ROA not before: Sat 01 Jan 2022 16:06:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206478
IP address blocks: 185.174.32.0/22 maxlen: 22
195.225.200.0/22 maxlen: 22
2a10:4140::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225543682 (0xd718602)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aac575cafa00bc41d57c494ac1f5dbcfee78332e
Validity
Not Before: Jan 1 16:06:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9779098a4b17f7948a9d35bfdf3d92146ce5ca02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:38:3e:7f:7a:38:b2:ae:2a:02:d7:2d:d9:
0c:45:f0:2c:5e:bf:7a:10:ad:91:bd:4b:71:3a:a4:
70:de:15:4f:95:ec:24:dd:fe:f8:d4:2a:16:d1:ff:
fd:31:74:b7:60:e0:02:dd:15:1f:02:bc:eb:42:4b:
ec:ab:ec:4f:df:82:ea:18:83:eb:2d:d4:fd:09:b5:
13:63:71:14:03:5b:24:e6:74:76:b5:2a:b0:68:2b:
bb:79:bd:b0:b1:8a:7c:79:74:9c:29:94:31:dd:f1:
c9:81:ca:77:0f:5a:40:52:84:2a:99:66:97:98:53:
e3:fd:62:95:47:89:3c:f1:73:9b:ff:f5:5f:9f:57:
e0:bf:4b:1f:c6:fd:7d:47:36:be:05:bf:84:2a:02:
92:0a:18:2a:45:4e:ab:40:49:25:7b:56:34:14:84:
bc:7f:d4:df:e1:b1:55:03:57:ab:ad:b8:82:29:ab:
27:fb:3d:aa:28:0a:19:9c:a2:d0:cd:11:e3:a7:5a:
22:41:f4:c3:f6:f3:b6:cb:7b:e2:9e:83:ef:64:2a:
63:e0:94:25:0d:6b:ee:2f:30:05:6b:42:f2:01:a3:
2d:b2:f0:ec:e1:6f:ed:ba:4b:db:6e:14:7f:b5:6c:
63:cf:e4:6a:57:4f:67:67:1b:40:98:d7:1e:2f:87:
47:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:79:09:8A:4B:17:F7:94:8A:9D:35:BF:DF:3D:92:14:6C:E5:CA:02
X509v3 Authority Key Identifier:
keyid:AA:C5:75:CA:FA:00:BC:41:D5:7C:49:4A:C1:F5:DB:CF:EE:78:33:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qsV1yvoAvEHVfElKwfXbz-54My4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/35d598-c32c-49a7-b1f6-8f913e2696e5/1/l3kJiksX95SKnTW_3z2SFGzlygI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/35d598-c32c-49a7-b1f6-8f913e2696e5/1/qsV1yvoAvEHVfElKwfXbz-54My4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.32.0/22
195.225.200.0/22
IPv6:
2a10:4140::/29
Signature Algorithm: sha256WithRSAEncryption
1f:e5:00:f2:2a:85:73:68:21:71:95:92:b4:ea:78:d1:f8:d2:
ce:6e:73:ea:97:7d:76:0a:0a:68:4a:1f:58:87:3f:65:63:d8:
63:e8:42:6f:fd:f1:5c:3c:28:7b:82:53:d0:10:23:b2:10:86:
a8:aa:b4:34:cb:13:3a:02:b1:b7:95:e1:89:04:5f:cf:0a:c4:
a5:89:ec:e3:18:73:fc:9f:2e:91:d7:f8:cd:7b:32:a6:69:83:
d1:d9:39:03:ee:46:8a:f3:86:6f:a8:7c:fd:ef:33:6c:5d:db:
82:4e:5a:a7:43:66:03:66:1b:8c:3a:2a:fb:77:4c:f4:b0:8f:
2d:b2:ba:be:c1:46:89:1d:28:a4:30:2a:56:f1:f2:53:8e:49:
0f:89:8c:3f:a3:bc:b6:ed:33:2a:0c:f1:09:9e:be:f6:cd:87:
49:a2:59:78:18:16:04:a9:55:c5:8d:65:38:ab:02:23:27:a9:
0a:96:68:55:92:6b:4d:21:1b:35:ec:a4:bf:e0:a1:26:ff:fa:
ae:9d:3f:35:dd:12:11:39:6e:ef:c5:06:76:01:54:64:0d:86:
39:e8:5c:4b:ed:de:d1:c5:58:f5:8c:94:ff:8e:f7:f8:65:13:
63:03:06:a2:b3:70:33:24:4d:16:f6:c6:63:56:3e:11:8a:11:
15:c4:99:1b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDXGGAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWM1NzVjYWZhMDBiYzQxZDU3YzQ5NGFjMWY1ZGJjZmVlNzgzMzJlMB4XDTIyMDEw
MTE2MDYxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc3OTA5OGE0YjE3
Zjc5NDhhOWQzNWJmZGYzZDkyMTQ2Y2U1Y2EwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKztOD5/ejiyrioC1y3ZDEXwLF6/ehCtkb1LcTqkcN4VT5Xs
JN3++NQqFtH//TF0t2DgAt0VHwK860JL7KvsT9+C6hiD6y3U/Qm1E2NxFANbJOZ0
drUqsGgru3m9sLGKfHl0nCmUMd3xyYHKdw9aQFKEKplml5hT4/1ilUeJPPFzm//1
X59X4L9LH8b9fUc2vgW/hCoCkgoYKkVOq0BJJXtWNBSEvH/U3+GxVQNXq624gimr
J/s9qigKGZyi0M0R46daIkH0w/bztst74p6D72QqY+CUJQ1r7i8wBWtC8gGjLbLw
7OFv7bpL224Uf7VsY8/kaldPZ2cbQJjXHi+HR4sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSXeQmKSxf3lIqdNb/fPZIUbOXKAjAfBgNVHSMEGDAWgBSqxXXK+gC8QdV8
SUrB9dvP7ngzLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FzVjF5dm9BdkVIVmZFbEt3Zlhiei01NE15NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvMzVkNTk4LWMzMmMtNDlhNy1iMWY2LThmOTEzZTI2OTZlNS8x
L2wza0ppa3NYOTVTS25UV18zejJTRkd6bHlnSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
MzVkNTk4LWMzMmMtNDlhNy1iMWY2LThmOTEzZTI2OTZlNS8xL3FzVjF5dm9BdkVI
VmZFbEt3Zlhiei01NE15NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArmuIAMEAsPhyDANBAIAAjAHAwUD
KhBBQDANBgkqhkiG9w0BAQsFAAOCAQEAH+UA8iqFc2ghcZWStOp40fjSzm5z6pd9
dgoKaEofWIc/ZWPYY+hCb/3xXDwoe4JT0BAjshCGqKq0NMsTOgKxt5XhiQRfzwrE
pYns4xhz/J8ukdf4zXsypmmD0dk5A+5GivOGb6h8/e8zbF3bgk5ap0NmA2YbjDoq
+3dM9LCPLbK6vsFGiR0opDAqVvHyU45JD4mMP6O8tu0zKgzxCZ6+9s2HSaJZeBgW
BKlVxY1lOKsCIyepCpZoVZJrTSEbNeykv+ChJv/6rp0/Nd0SETlu78UGdgFUZA2G
OehcS+3e0cVY9YyU/473+GUTYwMGorNwMyRNFvbGY1Y+EYoRFcSZGw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:32 2025 by rpki-client