Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/nBTAOjIIEBbuoJCLefe1pLsF6Vs.roa
File: nBTAOjIIEBbuoJCLefe1pLsF6Vs.roa (raw, json)
Hash identifier: tpehu+c5B+ryk6yBIijyPmFoXIKdnl89VjknBTLIgA4=
Subject key identifier: 9C:14:C0:3A:32:08:10:16:EE:A0:90:8B:79:F7:B5:A4:BB:05:E9:5B
Certificate issuer: /CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Certificate serial: 01856C5CAA7E6396649AE338A7309F579D42
Authority key identifier: B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/nBTAOjIIEBbuoJCLefe1pLsF6Vs.roa
Signing time: Sun 01 Jan 2023 08:04:50 +0000
ROA not before: Sun 01 Jan 2023 08:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202377
IP address blocks: 185.255.140.0/22 maxlen: 22
2a0c:6540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:aa:7e:63:96:64:9a:e3:38:a7:30:9f:57:9d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81b03e22875bb070b1b7c58eada2e4bb1aabe7f
Validity
Not Before: Jan 1 08:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c14c03a32081016eea0908b79f7b5a4bb05e95b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f2:72:2a:db:57:06:dc:66:f7:64:ba:2c:b4:
c6:3a:98:0f:0e:60:78:55:d1:1d:db:97:26:7a:c6:
54:45:14:37:87:4d:73:75:87:2f:bb:0f:76:f3:29:
da:e1:58:86:19:e1:bc:11:91:98:f2:75:13:44:f0:
2c:64:ea:09:0f:50:d1:34:55:db:4b:4a:ba:04:ba:
c4:ca:fe:92:e5:49:ce:0a:0c:b6:d4:d2:ce:b3:14:
58:40:e8:24:b1:7b:30:eb:33:51:73:54:b8:e5:aa:
b0:06:af:6e:b5:f7:4e:8b:f7:b6:1d:ae:05:45:f6:
21:37:4b:0d:ab:cf:3f:61:d3:a4:ec:09:91:7d:88:
95:a9:8b:c6:59:81:cc:8e:52:1c:eb:1d:a7:41:d0:
02:91:a6:72:6c:27:74:74:d8:ac:77:bb:24:de:69:
dc:53:a7:93:c7:af:c5:0c:4f:0f:27:be:f0:a9:d9:
ba:df:6d:53:a0:6a:5d:12:ec:fe:89:ae:d2:14:bb:
2f:f3:1c:94:2f:fc:2b:39:b4:cb:d6:90:48:ba:1e:
c7:df:87:00:5d:e4:4d:c1:10:7a:dc:94:b1:5e:c6:
81:f4:2f:d4:fd:a6:07:ea:e2:43:02:08:26:b7:49:
48:93:d1:c9:22:dd:8f:f1:68:db:35:e8:ce:2a:8b:
30:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:14:C0:3A:32:08:10:16:EE:A0:90:8B:79:F7:B5:A4:BB:05:E9:5B
X509v3 Authority Key Identifier:
keyid:B8:1B:03:E2:28:75:BB:07:0B:1B:7C:58:EA:DA:2E:4B:B1:AA:BE:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBsD4ih1uwcLG3xY6touS7Gqvn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/nBTAOjIIEBbuoJCLefe1pLsF6Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e9146a-8ec9-4c31-ad9e-ad256643052b/1/uBsD4ih1uwcLG3xY6touS7Gqvn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.140.0/22
IPv6:
2a0c:6540::/32
Signature Algorithm: sha256WithRSAEncryption
54:73:19:cd:b2:35:a5:55:05:84:95:a7:80:5e:d7:3d:6c:e4:
64:17:64:d7:28:5e:81:66:4c:38:76:7a:19:8c:4b:16:dd:7b:
d5:81:0a:6c:ee:9a:53:7d:ad:92:03:a7:47:3b:ce:41:aa:b9:
6a:3e:94:ad:9d:31:9e:cf:cf:c8:65:bf:56:a9:8f:26:6e:1d:
b8:96:8e:b4:25:43:93:2f:e6:a0:94:1d:e1:f0:a1:56:f4:3b:
e1:fc:e5:5f:1d:34:60:3f:10:90:9b:fc:fb:40:42:db:01:90:
dd:0e:ce:6c:c1:60:f5:2f:f7:52:aa:2a:f9:25:c8:9f:1f:65:
d2:a0:bf:c4:f9:07:3b:16:f3:b4:f8:30:b1:bc:84:01:c6:1d:
31:1d:63:19:8c:08:17:22:07:d2:b1:b4:95:1d:76:33:a5:7a:
0e:07:e3:0e:e4:88:66:c4:32:04:ef:e3:91:01:60:cf:ca:aa:
3d:be:87:87:68:9d:44:16:48:9f:91:12:7a:9c:55:fe:c8:57:
1f:69:09:d8:ac:8e:e8:cc:2a:36:bb:3d:81:62:51:4b:1b:d6:
1b:5d:9d:03:b7:16:c4:90:67:47:72:5b:88:06:a6:62:5a:35:
71:59:ae:ba:50:a4:22:b2:37:20:5a:e4:3a:da:6c:4f:a5:58:
74:ea:ec:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsXKp+Y5ZkmuM4pzCfV51CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWIwM2UyMjg3NWJiMDcwYjFiN2M1OGVhZGEyZTRiYjFh
YWJlN2YwHhcNMjMwMTAxMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzE0YzAzYTMyMDgxMDE2ZWVhMDkwOGI3OWY3YjVhNGJiMDVlOTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPJyKttXBtxm92S6LLTGOpgPDmB4
VdEd25cmesZURRQ3h01zdYcvuw928yna4ViGGeG8EZGY8nUTRPAsZOoJD1DRNFXb
S0q6BLrEyv6S5UnOCgy21NLOsxRYQOgksXsw6zNRc1S45aqwBq9utfdOi/e2Ha4F
RfYhN0sNq88/YdOk7AmRfYiVqYvGWYHMjlIc6x2nQdACkaZybCd0dNisd7sk3mnc
U6eTx6/FDE8PJ77wqdm6321ToGpdEuz+ia7SFLsv8xyUL/wrObTL1pBIuh7H34cA
XeRNwRB63JSxXsaB9C/U/aYH6uJDAggmt0lIk9HJIt2P8WjbNejOKoswsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJwUwDoyCBAW7qCQi3n3taS7BelbMB8GA1UdIwQY
MBaAFLgbA+IodbsHCxt8WOraLkuxqr5/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUt
YWQyNTY2NDMwNTJiLzEvbkJUQU9qSUlFQmJ1b0pDTGVmZTFwTHNGNlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lOTE0NmEtOGVjOS00YzMxLWFkOWUtYWQyNTY2NDMwNTJi
LzEvdUJzRDRpaDF1d2NMRzN4WTZ0b3VTN0dxdm44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf+MMA0E
AgACMAcDBQAqDGVAMA0GCSqGSIb3DQEBCwUAA4IBAQBUcxnNsjWlVQWElaeAXtc9
bORkF2TXKF6BZkw4dnoZjEsW3XvVgQps7ppTfa2SA6dHO85BqrlqPpStnTGez8/I
Zb9WqY8mbh24lo60JUOTL+aglB3h8KFW9Dvh/OVfHTRgPxCQm/z7QELbAZDdDs5s
wWD1L/dSqir5JcifH2XSoL/E+Qc7FvO0+DCxvIQBxh0xHWMZjAgXIgfSsbSVHXYz
pXoOB+MO5IhmxDIE7+ORAWDPyqo9voeHaJ1EFkifkRJ6nFX+yFcfaQnYrI7ozCo2
uz2BYlFLG9YbXZ0DtxbEkGdHcluIBqZiWjVxWa66UKQisjcgWuQ62mxPpVh06uz8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:03 2025 by rpki-client