Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e93e9f-8caf-49a0-868e-a8c4adf98721/1/KXlO-IOKWpGHm8im7dKpa1JhTUI.roa
File: KXlO-IOKWpGHm8im7dKpa1JhTUI.roa (raw, json)
Hash identifier: p1/DdL6LXQjMma6a2cvUs/i6noX4Vn6ZCTjcb+zoSNw=
Subject key identifier: 29:79:4E:F8:83:8A:5A:91:87:9B:C8:A6:ED:D2:A9:6B:52:61:4D:42
Certificate issuer: /CN=f81f6ad0df383720d3a5d03ba88c193095c574ef
Certificate serial: 07CA2618
Authority key identifier: F8:1F:6A:D0:DF:38:37:20:D3:A5:D0:3B:A8:8C:19:30:95:C5:74:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B9q0N84NyDTpdA7qIwZMJXFdO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e93e9f-8caf-49a0-868e-a8c4adf98721/1/KXlO-IOKWpGHm8im7dKpa1JhTUI.roa
Signing time: Sat 01 Jan 2022 04:04:24 +0000
ROA not before: Sat 01 Jan 2022 04:04:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59754
IP address blocks: 185.73.78.0/23 maxlen: 23
185.73.78.0/24 maxlen: 24
185.73.76.0/24 maxlen: 24
185.73.76.0/23 maxlen: 23
185.73.76.0/22 maxlen: 22
185.73.77.0/24 maxlen: 24
185.73.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130688536 (0x7ca2618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81f6ad0df383720d3a5d03ba88c193095c574ef
Validity
Not Before: Jan 1 04:04:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29794ef8838a5a91879bc8a6edd2a96b52614d42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ea:20:1e:33:9e:b5:59:68:26:82:f9:71:a4:
f1:7c:6e:33:19:0b:ba:6e:45:f7:50:ea:af:fd:21:
70:18:44:22:e2:5a:3f:cf:63:fe:0f:52:04:73:e5:
56:34:ab:be:4c:25:fb:f7:37:e8:1c:71:5f:c3:5c:
aa:b1:c2:5d:53:bf:3c:d0:a2:cd:41:ff:55:7f:18:
78:63:c8:41:78:94:ba:23:2c:50:05:9f:fc:34:e9:
45:a3:c5:89:2a:5a:35:97:7b:3c:56:f5:7a:4e:85:
cf:44:e3:02:11:3b:71:7d:5d:8c:92:f1:a5:95:73:
d7:2d:1c:52:38:50:45:b3:be:87:8e:c2:ee:9c:2c:
ee:e4:94:64:14:24:a4:15:85:0f:92:e9:dc:ee:ef:
19:0d:d2:c7:f7:2e:93:9f:44:a6:b1:31:b6:56:7b:
69:7e:aa:e1:70:db:10:af:67:3b:e3:53:3f:95:ea:
6e:43:f1:66:1f:5f:6c:7d:19:3e:d4:4d:59:ca:fa:
c0:9b:d7:ee:13:79:44:71:63:e8:7f:36:69:7a:6e:
5a:d9:37:e2:22:1a:11:30:18:1a:a7:63:f5:a3:34:
53:d7:a8:10:00:6c:1e:bd:da:2f:23:11:40:e1:67:
52:28:cb:d5:fb:a6:cf:0c:7f:4a:7a:4e:ce:74:de:
d8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:79:4E:F8:83:8A:5A:91:87:9B:C8:A6:ED:D2:A9:6B:52:61:4D:42
X509v3 Authority Key Identifier:
keyid:F8:1F:6A:D0:DF:38:37:20:D3:A5:D0:3B:A8:8C:19:30:95:C5:74:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B9q0N84NyDTpdA7qIwZMJXFdO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e93e9f-8caf-49a0-868e-a8c4adf98721/1/KXlO-IOKWpGHm8im7dKpa1JhTUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e93e9f-8caf-49a0-868e-a8c4adf98721/1/1-B9q0N84NyDTpdA7qIwZMJXFdO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.76.0/22
Signature Algorithm: sha256WithRSAEncryption
12:84:96:3f:5c:64:3b:19:5d:b1:1e:c8:d1:05:9c:2d:d0:50:
93:05:39:36:66:db:4d:d1:2b:c6:72:07:98:e6:bb:25:6e:70:
38:ed:40:ee:1e:61:0b:c1:8b:d1:44:79:40:3d:ca:48:83:49:
5e:00:fa:16:44:9c:da:dc:24:b5:56:c9:b5:cb:16:24:f8:db:
de:4f:d7:27:ee:b4:f2:56:c8:fd:b1:0f:a5:d5:e5:c3:38:cd:
68:97:97:4b:45:be:b9:f2:eb:12:86:6a:71:33:b8:a9:ac:7b:
94:66:14:b3:3c:e6:d7:1b:1d:df:a3:37:e3:52:bb:7e:09:83:
f5:5a:f5:62:18:93:7f:ba:e4:de:38:e6:32:9e:e8:26:8f:b9:
ce:7e:ac:af:39:f5:76:0a:d7:2a:b5:68:77:78:d6:bc:c4:a5:
03:6c:d7:a0:82:3c:84:52:78:ed:5e:6a:d2:4d:00:e4:bf:75:
65:db:93:f0:13:f0:b0:54:df:ef:40:49:b8:f8:ab:0e:45:fa:
95:ef:ab:91:03:91:d7:b6:b3:f4:17:f7:32:b3:6d:06:68:42:
f6:46:29:74:ec:a4:bc:19:ef:b4:06:48:a6:14:e7:bd:e5:91:
19:af:e0:e7:66:b6:de:b5:12:d4:53:cb:1b:cf:01:b5:d9:39:
04:7c:6f:63
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB8omGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODFmNmFkMGRmMzgzNzIwZDNhNWQwM2JhODhjMTkzMDk1YzU3NGVmMB4XDTIyMDEw
MTA0MDQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjk3OTRlZjg4Mzhh
NWE5MTg3OWJjOGE2ZWRkMmE5NmI1MjYxNGQ0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/qIB4znrVZaCaC+XGk8XxuMxkLum5F91Dqr/0hcBhEIuJa
P89j/g9SBHPlVjSrvkwl+/c36BxxX8NcqrHCXVO/PNCizUH/VX8YeGPIQXiUuiMs
UAWf/DTpRaPFiSpaNZd7PFb1ek6Fz0TjAhE7cX1djJLxpZVz1y0cUjhQRbO+h47C
7pws7uSUZBQkpBWFD5Lp3O7vGQ3Sx/cuk59EprExtlZ7aX6q4XDbEK9nO+NTP5Xq
bkPxZh9fbH0ZPtRNWcr6wJvX7hN5RHFj6H82aXpuWtk34iIaETAYGqdj9aM0U9eo
EABsHr3aLyMRQOFnUijL1fumzwx/SnpOznTe2OECAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQpeU74g4pakYebyKbt0qlrUmFNQjAfBgNVHSMEGDAWgBT4H2rQ3zg3INOl
0DuojBkwlcV07zAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtQjlxME44NE55RFRwZEE3cUl3Wk1KWEZkTzguY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzA0L2U5M2U5Zi04Y2FmLTQ5YTAtODY4ZS1hOGM0YWRmOTg3MjEv
MS9LWGxPLUlPS1dwR0htOGltN2RLcGExSmhUVUkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA0
L2U5M2U5Zi04Y2FmLTQ5YTAtODY4ZS1hOGM0YWRmOTg3MjEvMS8xLUI5cTBOODRO
eURUcGRBN3FJd1pNSlhGZE84LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUlMMA0GCSqGSIb3DQEBCwUA
A4IBAQAShJY/XGQ7GV2xHsjRBZwt0FCTBTk2ZttN0SvGcgeY5rslbnA47UDuHmEL
wYvRRHlAPcpIg0leAPoWRJza3CS1Vsm1yxYk+NveT9cn7rTyVsj9sQ+l1eXDOM1o
l5dLRb658usShmpxM7iprHuUZhSzPObXGx3fozfjUrt+CYP1WvViGJN/uuTeOOYy
nugmj7nOfqyvOfV2CtcqtWh3eNa8xKUDbNeggjyEUnjtXmrSTQDkv3Vl25PwE/Cw
VN/vQEm4+KsORfqV76uRA5HXtrP0F/cys20GaEL2Ril07KS8Ge+0BkimFOe95ZEZ
r+DnZrbetRLUU8sbzwG12TkEfG9j
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:40:21 2025 by rpki-client