Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ed384e-9949-4cc0-8a37-3bb2cd80a2c9/1/r_imyFL4oZ-vtbgXczILjqbaz4M.roa
File: r_imyFL4oZ-vtbgXczILjqbaz4M.roa (raw, json)
Hash identifier: 4T5gE5BfwiIeOi65SX3UQ//3vnQOj75zu6ZxgxYDD9Q=
Subject key identifier: AF:F8:A6:C8:52:F8:A1:9F:AF:B5:B8:17:73:32:0B:8E:A6:DA:CF:83
Certificate issuer: /CN=4eae6f524eed0f73c849b0643827b80e37c46c71
Certificate serial: 01856C939FCFB84A1BED94AE7932E2BF96F6
Authority key identifier: 4E:AE:6F:52:4E:ED:0F:73:C8:49:B0:64:38:27:B8:0E:37:C4:6C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq5vUk7tD3PISbBkOCe4DjfEbHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ed384e-9949-4cc0-8a37-3bb2cd80a2c9/1/r_imyFL4oZ-vtbgXczILjqbaz4M.roa
Signing time: Sun 01 Jan 2023 09:04:51 +0000
ROA not before: Sun 01 Jan 2023 09:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201401
IP address blocks: 185.168.200.0/22 maxlen: 22
2a0a:1d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:9f:cf:b8:4a:1b:ed:94:ae:79:32:e2:bf:96:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eae6f524eed0f73c849b0643827b80e37c46c71
Validity
Not Before: Jan 1 09:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aff8a6c852f8a19fafb5b81773320b8ea6dacf83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:4e:8d:75:c0:21:b9:54:ec:cc:8f:fc:d0:
1d:82:0b:c2:3f:1c:d9:3b:70:76:13:87:23:87:11:
b1:df:ba:fa:c0:aa:9c:d8:ea:03:16:6a:9d:68:e6:
c6:3b:93:69:0d:9f:be:9b:ab:c3:b0:46:83:bb:f4:
be:4d:9d:5d:45:60:20:68:40:ed:d3:6f:16:4e:79:
2c:5b:09:6d:aa:0e:b3:c5:40:b2:5c:05:72:89:e7:
41:2e:6b:a2:34:bc:3c:4f:84:be:13:a6:8f:34:d4:
74:1f:59:ee:23:9c:ac:cb:b3:4d:28:10:46:90:13:
93:f5:b7:4c:8c:79:f1:13:82:41:4f:77:07:3f:40:
aa:c2:37:d0:6a:59:89:40:3b:62:9e:ef:46:7b:0b:
35:51:40:a2:5c:e0:06:af:96:49:de:80:91:1a:6d:
14:c1:e7:5a:f7:7c:4e:3d:01:2a:45:ac:6e:e8:cd:
2f:84:8b:06:5c:bd:d7:a3:b0:e3:94:03:53:2e:c6:
ba:8d:03:5a:82:32:fb:be:44:e6:2f:c5:7e:1a:af:
a2:ea:2b:46:ee:22:46:81:5a:79:85:39:7d:c1:8b:
dd:d0:e6:a1:c8:0e:6a:f5:06:c2:05:c3:3a:e5:47:
44:cd:9b:9a:d2:cd:db:e0:04:30:01:b7:82:f6:a6:
fa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F8:A6:C8:52:F8:A1:9F:AF:B5:B8:17:73:32:0B:8E:A6:DA:CF:83
X509v3 Authority Key Identifier:
keyid:4E:AE:6F:52:4E:ED:0F:73:C8:49:B0:64:38:27:B8:0E:37:C4:6C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq5vUk7tD3PISbBkOCe4DjfEbHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ed384e-9949-4cc0-8a37-3bb2cd80a2c9/1/r_imyFL4oZ-vtbgXczILjqbaz4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ed384e-9949-4cc0-8a37-3bb2cd80a2c9/1/Tq5vUk7tD3PISbBkOCe4DjfEbHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.200.0/22
IPv6:
2a0a:1d00::/32
Signature Algorithm: sha256WithRSAEncryption
ad:67:a3:a6:b9:20:cc:8c:73:02:13:f0:fb:8e:00:da:32:27:
ad:b8:a0:e5:84:87:eb:65:cd:e3:3f:f1:85:06:78:28:cd:06:
2d:7d:1a:38:8d:b4:0d:e5:dc:77:7d:26:c5:37:67:9a:68:20:
a7:f1:af:16:f3:a6:da:9a:16:a3:5f:54:a7:0f:0d:d0:04:98:
6b:f3:80:25:b9:aa:81:76:39:bb:ae:33:50:32:fc:3f:5a:2c:
61:ab:16:01:47:75:75:8c:8e:d9:85:2e:cf:96:cb:ab:9e:33:
52:9b:52:79:ea:a5:bb:41:7c:7a:6d:56:f2:0c:c9:84:2a:e7:
da:b9:aa:be:15:14:9a:49:07:25:03:82:0e:c3:f6:84:95:e2:
08:cc:bf:ff:bd:c3:48:2a:28:c8:31:5b:6b:38:e4:18:1c:fb:
f8:73:17:0e:10:29:1b:f3:19:63:c5:33:75:1d:8f:a1:f6:f8:
81:94:38:22:ba:d3:91:68:9c:86:74:cf:67:d5:49:d6:c5:70:
b6:ec:64:2d:67:eb:92:a3:df:c1:d1:ba:f7:cb:e0:cc:53:8e:
3f:93:e5:43:b6:70:d9:84:81:24:ae:b2:ba:e0:5c:7b:ae:4c:
f1:ff:98:9e:2e:5c:53:f0:73:72:c2:25:56:2b:ef:86:1f:3d:
32:cf:03:b1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsk5/PuEob7ZSueTLiv5b2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWU2ZjUyNGVlZDBmNzNjODQ5YjA2NDM4MjdiODBlMzdj
NDZjNzEwHhcNMjMwMTAxMDkwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY4YTZjODUyZjhhMTlmYWZiNWI4MTc3MzMyMGI4ZWE2ZGFjZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGhOjXXAIblU7MyP/NAdggvCPxzZ
O3B2E4cjhxGx37r6wKqc2OoDFmqdaObGO5NpDZ++m6vDsEaDu/S+TZ1dRWAgaEDt
028WTnksWwltqg6zxUCyXAVyiedBLmuiNLw8T4S+E6aPNNR0H1nuI5ysy7NNKBBG
kBOT9bdMjHnxE4JBT3cHP0CqwjfQalmJQDtinu9Gews1UUCiXOAGr5ZJ3oCRGm0U
weda93xOPQEqRaxu6M0vhIsGXL3Xo7DjlANTLsa6jQNagjL7vkTmL8V+Gq+i6itG
7iJGgVp5hTl9wYvd0OahyA5q9QbCBcM65UdEzZua0s3b4AQwAbeC9qb6XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK/4pshS+KGfr7W4F3MyC46m2s+DMB8GA1UdIwQY
MBaAFE6ub1JO7Q9zyEmwZDgnuA43xGxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE1dlVrN3REM1BJU2JCa09DZTREamZFYkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9lZDM4NGUtOTk0OS00Y2MwLThhMzct
M2JiMmNkODBhMmM5LzEvcl9pbXlGTDRvWi12dGJnWGN6SUxqcWJhejRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9lZDM4NGUtOTk0OS00Y2MwLThhMzctM2JiMmNkODBhMmM5
LzEvVHE1dlVrN3REM1BJU2JCa09DZTREamZFYkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuajIMA0E
AgACMAcDBQAqCh0AMA0GCSqGSIb3DQEBCwUAA4IBAQCtZ6OmuSDMjHMCE/D7jgDa
MietuKDlhIfrZc3jP/GFBngozQYtfRo4jbQN5dx3fSbFN2eaaCCn8a8W86bamhaj
X1SnDw3QBJhr84AluaqBdjm7rjNQMvw/WixhqxYBR3V1jI7ZhS7PlsurnjNSm1J5
6qW7QXx6bVbyDMmEKufauaq+FRSaSQclA4IOw/aEleIIzL//vcNIKijIMVtrOOQY
HPv4cxcOECkb8xljxTN1HY+h9viBlDgiutORaJyGdM9n1UnWxXC27GQtZ+uSo9/B
0br3y+DMU44/k+VDtnDZhIEkrrK64Fx7rkzx/5ieLlxT8HNywiVWK++GHz0yzwOx
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:23 2025 by rpki-client