Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/6fMYvQP-BAfNtO8G3Kz4y_Fe5is.roa
File: 6fMYvQP-BAfNtO8G3Kz4y_Fe5is.roa (raw, json)
Hash identifier: nNtdrySppPnHckpp4D+F4Lgf30C9mdoVKXL0IPlwSNE=
Subject key identifier: E9:F3:18:BD:03:FE:04:07:CD:B4:EF:06:DC:AC:F8:CB:F1:5E:E6:2B
Certificate issuer: /CN=49e305d79cacdbefbf1e832b34d7c06bbb5f627a
Certificate serial: 01857169B18834F889CB6CF993B217FC813F
Authority key identifier: 49:E3:05:D7:9C:AC:DB:EF:BF:1E:83:2B:34:D7:C0:6B:BB:5F:62:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeMF15ys2--_HoMrNNfAa7tfYno.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/6fMYvQP-BAfNtO8G3Kz4y_Fe5is.roa
Signing time: Mon 02 Jan 2023 07:37:10 +0000
ROA not before: Mon 02 Jan 2023 07:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60868
IP address blocks: 185.25.32.0/22 maxlen: 24
2a00:77e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:b1:88:34:f8:89:cb:6c:f9:93:b2:17:fc:81:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e305d79cacdbefbf1e832b34d7c06bbb5f627a
Validity
Not Before: Jan 2 07:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9f318bd03fe0407cdb4ef06dcacf8cbf15ee62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5e:02:0e:9d:be:c2:44:42:47:c2:08:6a:72:
83:5d:85:c0:43:44:b1:cc:9f:63:a3:b9:54:ef:9a:
66:cc:2a:80:98:16:c0:a3:cc:82:12:7a:de:94:b9:
92:eb:67:c9:4a:17:7d:79:2c:af:3f:0d:cd:a3:84:
71:e4:ab:89:60:ec:91:62:91:4c:06:5e:31:ee:a1:
e8:d4:c0:cc:2e:ec:f8:1c:3d:cd:17:d0:5d:41:fa:
01:60:68:0a:49:38:ff:7f:b6:11:83:48:c4:76:6a:
ed:f9:b7:94:82:1a:81:13:b5:af:73:08:57:d7:6b:
a0:2f:3b:cd:85:08:a7:4c:1d:dd:b4:1d:ae:94:26:
3b:4e:85:68:ab:8d:3b:35:70:2a:25:80:4e:df:32:
6d:90:26:c0:3c:61:47:6c:47:ff:68:2f:de:90:e9:
31:05:e3:4f:6f:e8:b7:82:ab:ec:8e:82:3a:45:8c:
19:0a:25:34:5f:6b:e5:a7:9e:03:77:0e:ee:e5:61:
82:f6:d2:8b:67:0e:37:41:7b:e1:f3:a6:bc:39:c5:
67:22:68:e7:8b:27:c7:f0:73:32:75:6b:95:6f:74:
3d:ab:be:6f:b8:00:3a:cd:fb:40:cb:99:07:77:dd:
f4:18:3e:a0:15:74:3c:fe:7a:9e:50:5a:45:8c:f0:
40:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F3:18:BD:03:FE:04:07:CD:B4:EF:06:DC:AC:F8:CB:F1:5E:E6:2B
X509v3 Authority Key Identifier:
keyid:49:E3:05:D7:9C:AC:DB:EF:BF:1E:83:2B:34:D7:C0:6B:BB:5F:62:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeMF15ys2--_HoMrNNfAa7tfYno.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/6fMYvQP-BAfNtO8G3Kz4y_Fe5is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/dbf997-cdba-4930-8553-fd0989487b16/1/SeMF15ys2--_HoMrNNfAa7tfYno.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.32.0/22
IPv6:
2a00:77e0::/32
Signature Algorithm: sha256WithRSAEncryption
16:cd:c6:b8:49:37:24:99:be:08:33:2e:72:7b:69:22:b2:b8:
1d:0e:c8:86:4c:52:75:2e:ae:7a:a2:aa:38:9a:f4:8f:04:aa:
88:49:7d:90:77:43:a0:36:06:01:8c:82:02:96:1b:99:2c:13:
59:21:0b:9d:df:bc:65:5d:9d:cc:53:9f:7c:c2:e6:82:36:65:
cc:41:43:1c:8e:1d:1d:74:b1:bf:6c:f9:9b:c1:16:fc:23:a7:
76:2f:a7:a5:1e:04:e8:57:20:db:e1:d9:49:c7:1d:e2:9f:16:
61:26:2c:0b:b8:0e:2b:cd:a2:e8:86:ac:d2:57:f6:14:58:57:
d6:52:63:c2:8c:30:53:ad:c4:72:8a:ad:9c:5a:14:77:54:ad:
7b:82:51:50:d3:51:a7:91:3f:0e:61:da:27:15:c7:63:f9:c9:
98:d0:23:ee:9b:1c:10:35:89:96:5e:d5:e9:da:d5:44:db:46:
95:1a:df:4a:56:0e:d9:3b:da:c5:5d:1e:b4:d8:b1:ce:62:b7:
4c:a1:d3:fa:f0:d0:72:33:ed:d6:0f:a9:a6:73:8d:94:b4:55:
78:21:59:fb:e1:5a:60:31:fa:ba:e7:8a:be:20:b6:61:48:ff:
1b:4b:30:0f:4c:a5:29:68:08:18:7e:13:59:2f:f3:36:ba:84:
2f:bf:a3:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxabGINPiJy2z5k7IX/IE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTMwNWQ3OWNhY2RiZWZiZjFlODMyYjM0ZDdjMDZiYmI1
ZjYyN2EwHhcNMjMwMTAyMDczNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWYzMThiZDAzZmUwNDA3Y2RiNGVmMDZkY2FjZjhjYmYxNWVlNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV4CDp2+wkRCR8IIanKDXYXAQ0Sx
zJ9jo7lU75pmzCqAmBbAo8yCEnrelLmS62fJShd9eSyvPw3No4Rx5KuJYOyRYpFM
Bl4x7qHo1MDMLuz4HD3NF9BdQfoBYGgKSTj/f7YRg0jEdmrt+beUghqBE7WvcwhX
12ugLzvNhQinTB3dtB2ulCY7ToVoq407NXAqJYBO3zJtkCbAPGFHbEf/aC/ekOkx
BeNPb+i3gqvsjoI6RYwZCiU0X2vlp54Ddw7u5WGC9tKLZw43QXvh86a8OcVnImjn
iyfH8HMydWuVb3Q9q75vuAA6zftAy5kHd930GD6gFXQ8/nqeUFpFjPBAIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOnzGL0D/gQHzbTvBtys+MvxXuYrMB8GA1UdIwQY
MBaAFEnjBdecrNvvvx6DKzTXwGu7X2J6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VNRjE1eXMyLS1fSG9Nck5OZkFhN3RmWW5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYmY5OTctY2RiYS00OTMwLTg1NTMt
ZmQwOTg5NDg3YjE2LzEvNmZNWXZRUC1CQWZOdE84RzNLejR5X0ZlNWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYmY5OTctY2RiYS00OTMwLTg1NTMtZmQwOTg5NDg3YjE2
LzEvU2VNRjE1eXMyLS1fSG9Nck5OZkFhN3RmWW5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRkgMA0E
AgACMAcDBQAqAHfgMA0GCSqGSIb3DQEBCwUAA4IBAQAWzca4STckmb4IMy5ye2ki
srgdDsiGTFJ1Lq56oqo4mvSPBKqISX2Qd0OgNgYBjIIClhuZLBNZIQud37xlXZ3M
U598wuaCNmXMQUMcjh0ddLG/bPmbwRb8I6d2L6elHgToVyDb4dlJxx3inxZhJiwL
uA4rzaLohqzSV/YUWFfWUmPCjDBTrcRyiq2cWhR3VK17glFQ01GnkT8OYdonFcdj
+cmY0CPumxwQNYmWXtXp2tVE20aVGt9KVg7ZO9rFXR602LHOYrdModP68NByM+3W
D6mmc42UtFV4IVn74VpgMfq654q+ILZhSP8bSzAPTKUpaAgYfhNZL/M2uoQvv6P6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:08 2025 by rpki-client