Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/79e439-fc0b-4e6e-8b06-39fb66a26ef8/1/tW-ytyL-FqlUZSkOUlkVWNFu42M.roa
File: tW-ytyL-FqlUZSkOUlkVWNFu42M.roa (raw, json)
Hash identifier: I96YBtJlnGsvY6nWbPOTy/rVY/DlnRCTx8qjTh4CShE=
Subject key identifier: B5:6F:B2:B7:22:FE:16:A9:54:65:29:0E:52:59:15:58:D1:6E:E3:63
Certificate issuer: /CN=5f93da757c17fe38a0e6cd70275c73c8c69c896e
Certificate serial: 018ADBCC3206FB06039BADC8D72700EAD8CD
Authority key identifier: 5F:93:DA:75:7C:17:FE:38:A0:E6:CD:70:27:5C:73:C8:C6:9C:89:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5PadXwX_jig5s1wJ1xzyMaciW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/79e439-fc0b-4e6e-8b06-39fb66a26ef8/1/tW-ytyL-FqlUZSkOUlkVWNFu42M.roa
Signing time: Thu 28 Sep 2023 12:38:27 +0000
ROA not before: Thu 28 Sep 2023 12:38:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201073
IP address blocks: 185.86.206.0/24 maxlen: 24
2a05:bb80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:cc:32:06:fb:06:03:9b:ad:c8:d7:27:00:ea:d8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f93da757c17fe38a0e6cd70275c73c8c69c896e
Validity
Not Before: Sep 28 12:38:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b56fb2b722fe16a95465290e52591558d16ee363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:7e:21:1e:b5:b1:e0:ec:ce:3d:b1:45:5f:
8a:3b:0c:75:f8:a2:10:f7:1f:2b:b3:9f:23:43:f9:
d1:3a:69:d3:a3:b1:8f:83:a9:f2:38:eb:5f:79:37:
fe:32:64:c8:bd:5d:7a:f2:c9:cc:64:0d:c8:8f:71:
75:d7:47:3c:f9:70:41:3b:bc:21:4f:fb:81:1a:11:
88:78:9c:4e:f4:71:62:5a:8b:aa:01:ee:79:a3:79:
66:58:68:04:ce:13:12:b7:be:c4:81:7d:71:8a:a3:
6a:1c:35:1d:53:14:c8:4d:dd:85:86:f8:c4:95:ad:
28:de:d9:b2:e3:3a:f1:f4:85:38:a8:a3:02:3d:0a:
38:92:66:64:ff:d4:75:e2:f8:6b:a8:2e:1e:7b:78:
35:4a:87:0b:c5:4e:5b:c7:80:e3:61:ef:f1:30:cf:
cb:a8:2a:1a:70:29:10:ab:b5:2c:65:2e:f4:f0:1f:
8e:e7:86:05:34:19:30:27:d6:75:0b:86:a0:0a:7e:
2f:e9:85:4f:a8:fe:73:d4:b1:e8:93:ee:8b:b5:fc:
e6:62:86:28:b1:18:30:3f:21:ab:42:b6:2d:29:a8:
17:0b:0f:d5:af:b4:85:e4:12:78:46:f1:ec:fb:88:
88:8a:9d:d9:8b:c0:cd:fe:0f:22:5b:8b:39:20:5a:
25:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6F:B2:B7:22:FE:16:A9:54:65:29:0E:52:59:15:58:D1:6E:E3:63
X509v3 Authority Key Identifier:
keyid:5F:93:DA:75:7C:17:FE:38:A0:E6:CD:70:27:5C:73:C8:C6:9C:89:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5PadXwX_jig5s1wJ1xzyMaciW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/79e439-fc0b-4e6e-8b06-39fb66a26ef8/1/tW-ytyL-FqlUZSkOUlkVWNFu42M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/79e439-fc0b-4e6e-8b06-39fb66a26ef8/1/X5PadXwX_jig5s1wJ1xzyMaciW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.206.0/24
IPv6:
2a05:bb80::/29
Signature Algorithm: sha256WithRSAEncryption
40:dd:67:5d:52:38:d6:37:0e:bf:e8:3c:d0:95:49:1e:5b:66:
6a:f9:fa:58:45:c8:24:d9:04:50:fd:7b:3e:8e:05:ae:7f:f0:
b7:e4:c5:9f:88:f5:2d:69:2d:9c:2a:68:cb:4a:e0:07:f5:09:
eb:51:89:a8:e0:34:e0:b4:2c:80:d7:c2:e1:5c:ef:c6:54:bf:
05:22:f0:3f:6c:29:c5:f0:0c:69:c6:68:91:e2:11:7c:3d:67:
ad:f1:2c:da:e7:3a:1a:67:f3:fb:89:b5:4b:cc:11:6b:2d:2f:
e4:33:66:98:58:df:9c:f1:34:81:13:5b:08:f7:d4:50:6e:70:
dd:a7:39:28:c1:96:a7:02:97:10:15:29:8a:25:96:f5:77:bd:
29:75:6f:dc:78:ab:ea:ef:5e:b6:71:0e:a2:b4:0e:96:3a:62:
ed:cd:27:12:13:29:e7:d0:cc:0d:98:f3:92:59:5a:36:f7:9a:
21:e1:ec:f5:c1:a2:44:41:85:50:a7:1a:e1:c5:34:57:70:f5:
47:32:03:08:9b:05:ee:f0:7a:a2:ef:b5:b3:8b:0e:df:eb:ce:
4c:d8:8f:5e:e3:81:12:95:a8:19:2d:de:73:fd:f9:76:47:bf:
52:8a:d5:0e:bd:be:81:83:b5:3d:be:56:42:ea:6b:fc:f9:9b:
85:cf:aa:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrbzDIG+wYDm63I1ycA6tjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTNkYTc1N2MxN2ZlMzhhMGU2Y2Q3MDI3NWM3M2M4YzY5
Yzg5NmUwHhcNMjMwOTI4MTIzODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZmYjJiNzIyZmUxNmE5NTQ2NTI5MGU1MjU5MTU1OGQxNmVlMzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArll+IR61seDszj2xRV+KOwx1+KIQ
9x8rs58jQ/nROmnTo7GPg6nyOOtfeTf+MmTIvV168snMZA3Ij3F110c8+XBBO7wh
T/uBGhGIeJxO9HFiWouqAe55o3lmWGgEzhMSt77EgX1xiqNqHDUdUxTITd2FhvjE
la0o3tmy4zrx9IU4qKMCPQo4kmZk/9R14vhrqC4ee3g1SocLxU5bx4DjYe/xMM/L
qCoacCkQq7UsZS708B+O54YFNBkwJ9Z1C4agCn4v6YVPqP5z1LHok+6LtfzmYoYo
sRgwPyGrQrYtKagXCw/Vr7SF5BJ4RvHs+4iIip3Zi8DN/g8iW4s5IFol0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLVvsrci/hapVGUpDlJZFVjRbuNjMB8GA1UdIwQY
MBaAFF+T2nV8F/44oObNcCdcc8jGnIluMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVQYWRYd1hfamlnNXMxd0oxeHp5TWFjaVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS83OWU0MzktZmMwYi00ZTZlLThiMDYt
MzlmYjY2YTI2ZWY4LzEvdFcteXR5TC1GcWxVWlNrT1Vsa1ZXTkZ1NDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS83OWU0MzktZmMwYi00ZTZlLThiMDYtMzlmYjY2YTI2ZWY4
LzEvWDVQYWRYd1hfamlnNXMxd0oxeHp5TWFjaVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVbOMA0E
AgACMAcDBQMqBbuAMA0GCSqGSIb3DQEBCwUAA4IBAQBA3WddUjjWNw6/6DzQlUke
W2Zq+fpYRcgk2QRQ/Xs+jgWuf/C35MWfiPUtaS2cKmjLSuAH9QnrUYmo4DTgtCyA
18LhXO/GVL8FIvA/bCnF8AxpxmiR4hF8PWet8Sza5zoaZ/P7ibVLzBFrLS/kM2aY
WN+c8TSBE1sI99RQbnDdpzkowZanApcQFSmKJZb1d70pdW/ceKvq7162cQ6itA6W
OmLtzScSEynn0MwNmPOSWVo295oh4ez1waJEQYVQpxrhxTRXcPVHMgMImwXu8Hqi
77Wziw7f685M2I9e44ESlagZLd5z/fl2R79SitUOvb6Bg7U9vlZC6mv8+ZuFz6r/
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:58:42 2025 by rpki-client