Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/_PddagfJk1tB7AAbbsi3Xs5GyBc.roa
File: _PddagfJk1tB7AAbbsi3Xs5GyBc.roa (raw, json)
Hash identifier: pFhnf9ZvuLkeYkyVf53UJE9Z/fbJYz7AqoNSX79nMcU=
Subject key identifier: FC:F7:5D:6A:07:C9:93:5B:41:EC:00:1B:6E:C8:B7:5E:CE:46:C8:17
Certificate issuer: /CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Certificate serial: 01856F14A77087710F37CC49EADAF1ABA0C9
Authority key identifier: 4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/_PddagfJk1tB7AAbbsi3Xs5GyBc.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38719
IP address blocks: 176.74.24.0/21 maxlen: 24
185.184.152.0/22 maxlen: 24
2a00:fd80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a7:70:87:71:0f:37:cc:49:ea:da:f1:ab:a0:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d77ccd7a94415dfc68ccca874e94c2e8c22202d
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcf75d6a07c9935b41ec001b6ec8b75ece46c817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3a:3d:84:da:2c:4b:83:c4:5a:95:47:55:74:
0d:5e:11:d8:0c:5b:34:ce:81:3d:a2:3d:9e:1a:28:
97:a0:25:ba:9c:a7:48:3a:2b:e0:08:58:8b:25:31:
f9:71:a8:2f:c1:8a:8f:91:8e:3c:5b:1e:0a:50:f3:
86:3f:39:71:b8:24:e8:ee:74:2b:5a:f1:42:a9:39:
27:79:60:35:a6:77:92:8f:f0:56:ff:b0:bc:cc:68:
43:c1:31:43:e6:58:04:34:f2:12:6a:89:aa:fd:11:
bf:4c:2f:25:e1:69:08:ba:51:c8:6a:f9:93:67:89:
23:5b:49:e5:60:ca:64:22:d1:02:70:74:77:ec:ac:
28:51:04:80:de:47:6f:6c:26:b8:a7:a5:e6:78:14:
d6:3e:7a:7b:2e:21:32:5e:d6:c1:fa:87:c8:aa:21:
cb:a7:02:fe:5a:ad:e3:15:1f:d7:e2:20:6e:77:12:
46:a4:6d:73:a9:81:6d:23:9c:a9:30:35:70:31:aa:
19:13:09:d7:ff:7d:1c:4b:62:38:a7:aa:07:c6:39:
01:6a:1f:94:a7:61:bf:60:8e:20:c8:d6:37:c1:00:
76:ec:44:fe:db:ae:35:1a:5f:e4:2f:70:f6:ec:58:
21:4e:52:83:01:c3:68:e9:5d:85:10:b7:d1:c4:b6:
56:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F7:5D:6A:07:C9:93:5B:41:EC:00:1B:6E:C8:B7:5E:CE:46:C8:17
X509v3 Authority Key Identifier:
keyid:4D:77:CC:D7:A9:44:15:DF:C6:8C:CC:A8:74:E9:4C:2E:8C:22:20:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXfM16lEFd_GjMyodOlMLowiIC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/_PddagfJk1tB7AAbbsi3Xs5GyBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d608b8-501f-491f-a2f2-10e57f56a17a/1/TXfM16lEFd_GjMyodOlMLowiIC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.24.0/21
185.184.152.0/22
IPv6:
2a00:fd80::/32
Signature Algorithm: sha256WithRSAEncryption
a2:48:61:eb:63:8d:0c:45:fa:ea:81:c3:72:1a:f0:9d:73:92:
3e:56:51:22:9a:45:5a:e1:e2:dc:4e:92:76:85:d2:a7:40:de:
46:12:02:61:2b:c8:8e:0b:0f:8f:1a:ee:a9:6e:d6:2b:de:50:
70:a5:6d:3d:74:e3:2b:58:46:31:fd:4c:69:d7:50:20:ce:7e:
f1:d5:a3:7d:80:11:26:05:87:a8:46:a5:4e:9a:04:01:cf:77:
d2:0f:bf:3c:39:1a:46:a5:58:b7:8a:89:6d:9d:53:b2:99:5d:
56:99:18:f6:2f:12:95:59:61:33:d2:a9:34:a8:0f:ab:4c:d3:
3c:b7:8d:47:4a:8c:88:af:51:38:3a:db:5e:81:15:9a:54:72:
52:0b:01:37:74:9b:d9:fb:ba:73:b7:39:8d:1c:cb:06:28:7e:
b9:13:4b:b0:83:b0:9e:37:da:93:7d:cc:73:2f:36:39:be:f9:
52:cf:0f:49:6a:dc:05:1e:a1:77:33:25:c2:ba:c2:45:b0:e2:
eb:bb:94:10:e2:51:84:df:99:18:27:96:77:7c:f7:99:63:22:
14:84:61:11:5c:cf:5d:55:43:d2:45:e3:fd:dc:ae:a9:75:9c:
81:1c:23:79:25:00:b6:5c:58:5e:5f:f4:2d:cd:ee:24:75:90:
a2:54:eb:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvFKdwh3EPN8xJ6trxq6DJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzdjY2Q3YTk0NDE1ZGZjNjhjY2NhODc0ZTk0YzJlOGMy
MjIwMmQwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Y3NWQ2YTA3Yzk5MzViNDFlYzAwMWI2ZWM4Yjc1ZWNlNDZjODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jo9hNosS4PEWpVHVXQNXhHYDFs0
zoE9oj2eGiiXoCW6nKdIOivgCFiLJTH5cagvwYqPkY48Wx4KUPOGPzlxuCTo7nQr
WvFCqTkneWA1pneSj/BW/7C8zGhDwTFD5lgENPISaomq/RG/TC8l4WkIulHIavmT
Z4kjW0nlYMpkItECcHR37KwoUQSA3kdvbCa4p6XmeBTWPnp7LiEyXtbB+ofIqiHL
pwL+Wq3jFR/X4iBudxJGpG1zqYFtI5ypMDVwMaoZEwnX/30cS2I4p6oHxjkBah+U
p2G/YI4gyNY3wQB27ET+2641Gl/kL3D27FghTlKDAcNo6V2FELfRxLZWkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPz3XWoHyZNbQewAG27It17ORsgXMB8GA1UdIwQY
MBaAFE13zNepRBXfxozMqHTpTC6MIiAtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjIt
MTBlNTdmNTZhMTdhLzEvX1BkZGFnZkprMXRCN0FBYmJzaTNYczVHeUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kNjA4YjgtNTAxZi00OTFmLWEyZjItMTBlNTdmNTZhMTdh
LzEvVFhmTTE2bEVGZF9Hak15b2RPbE1Mb3dpSUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsEoYAwQC
ubiYMA0EAgACMAcDBQAqAP2AMA0GCSqGSIb3DQEBCwUAA4IBAQCiSGHrY40MRfrq
gcNyGvCdc5I+VlEimkVa4eLcTpJ2hdKnQN5GEgJhK8iOCw+PGu6pbtYr3lBwpW09
dOMrWEYx/Uxp11Agzn7x1aN9gBEmBYeoRqVOmgQBz3fSD788ORpGpVi3ioltnVOy
mV1WmRj2LxKVWWEz0qk0qA+rTNM8t41HSoyIr1E4OttegRWaVHJSCwE3dJvZ+7pz
tzmNHMsGKH65E0uwg7CeN9qTfcxzLzY5vvlSzw9JatwFHqF3MyXCusJFsOLru5QQ
4lGE35kYJ5Z3fPeZYyIUhGERXM9dVUPSReP93K6pdZyBHCN5JQC2XFheX/Qtze4k
dZCiVOui
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:03:21 2025 by rpki-client