Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/aLbF7iRdcRiZNdS0cveF71tG9x0.roa
File: aLbF7iRdcRiZNdS0cveF71tG9x0.roa (raw, json)
Hash identifier: gXnbA2pDjsc/Ie+dyaE4+XY3AwoknYO7ZjVy89tKUvI=
Subject key identifier: 68:B6:C5:EE:24:5D:71:18:99:35:D4:B4:72:F7:85:EF:5B:46:F7:1D
Certificate issuer: /CN=ea9a580a4cf64a884190a5b0fb227f309e9040eb
Certificate serial: 0185965A9E550E114830FFA2632E69C235E7
Authority key identifier: EA:9A:58:0A:4C:F6:4A:88:41:90:A5:B0:FB:22:7F:30:9E:90:40:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/aLbF7iRdcRiZNdS0cveF71tG9x0.roa
Signing time: Mon 09 Jan 2023 11:46:39 +0000
ROA not before: Mon 09 Jan 2023 11:46:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198498
IP address blocks: 185.245.192.0/22 maxlen: 22
91.235.192.0/22 maxlen: 22
213.108.84.0/22 maxlen: 22
213.108.80.0/22 maxlen: 22
176.109.164.0/22 maxlen: 22
176.109.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:96:5a:9e:55:0e:11:48:30:ff:a2:63:2e:69:c2:35:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9a580a4cf64a884190a5b0fb227f309e9040eb
Validity
Not Before: Jan 9 11:46:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68b6c5ee245d71189935d4b472f785ef5b46f71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c7:14:a9:02:f9:9a:6a:6f:dc:23:ca:9a:29:
bf:e5:ce:9f:8e:8f:96:45:83:ed:16:e4:74:38:b0:
0a:0a:28:9e:68:99:39:68:56:00:f9:bd:96:ca:db:
78:04:b5:7c:5e:43:8e:8b:d9:70:90:23:e7:c5:c5:
8e:6d:d9:50:18:fe:80:f6:62:a6:a5:a5:e4:f2:d4:
dc:b7:3a:c3:df:3a:c8:f6:e9:74:b7:4f:5a:c1:4c:
31:87:c5:9c:41:ee:ee:25:fd:d4:d4:e0:ec:1d:f7:
f7:97:e5:55:15:d2:c5:8b:08:0c:2c:e8:e7:9c:ca:
1c:1e:a1:91:cf:60:b7:df:a4:24:50:53:df:fe:f3:
2d:ce:8e:62:76:af:10:5f:13:f8:7a:fc:6e:41:72:
78:14:f9:0e:e7:f6:0f:98:05:55:be:94:c5:05:e6:
40:80:a9:ea:f9:d2:da:1c:49:35:6d:da:88:8f:6e:
15:5a:a6:e9:d4:e3:4e:f8:2b:bd:20:74:da:ca:ae:
d2:94:41:e2:4d:54:b1:f5:18:74:83:77:f6:f9:92:
8e:12:4b:f8:8b:9c:fc:3e:61:0c:94:6a:d1:07:ed:
9c:23:3a:64:31:b9:ff:6e:c5:aa:d2:d2:a9:ea:a7:
e5:96:52:38:48:d6:bd:70:43:45:30:8e:1c:cd:fa:
a4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B6:C5:EE:24:5D:71:18:99:35:D4:B4:72:F7:85:EF:5B:46:F7:1D
X509v3 Authority Key Identifier:
keyid:EA:9A:58:0A:4C:F6:4A:88:41:90:A5:B0:FB:22:7F:30:9E:90:40:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/aLbF7iRdcRiZNdS0cveF71tG9x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/73d3b2-9bd1-410f-91ec-8074a55250ea/1/6ppYCkz2SohBkKWw-yJ_MJ6QQOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.192.0/22
176.109.160.0/21
185.245.192.0/22
213.108.80.0/21
Signature Algorithm: sha256WithRSAEncryption
19:d1:5c:67:6f:8c:9f:91:b5:79:97:41:8a:ae:5e:1e:04:27:
12:52:c1:cf:91:8e:b1:0d:8f:c3:f6:5b:33:bf:fc:6c:30:e0:
70:84:63:cd:82:fb:23:9b:17:3d:e3:dd:65:17:fe:7c:21:b2:
cb:7e:67:09:35:c9:18:6a:c3:26:03:dc:37:25:46:f1:d7:34:
52:fb:b4:dc:3d:e7:6c:9c:88:20:65:ec:ad:9e:22:58:6e:38:
0c:85:8f:9f:6e:6e:11:1c:3a:2b:bb:09:b1:4f:2e:46:aa:79:
a9:09:c2:0b:ae:ec:20:78:42:3c:25:ff:a0:6f:8f:72:09:2d:
bc:6a:b9:50:7c:4d:27:9c:02:3e:70:cf:1d:c7:b1:44:2b:a9:
3c:46:13:45:0d:e3:25:35:88:9b:3b:ed:61:5f:d5:5e:6c:e9:
0c:14:3f:5d:9c:b8:11:d1:38:ee:fd:4e:40:68:2c:c3:e0:2b:
79:2f:86:a2:32:6b:d0:ec:29:c7:71:60:4b:05:da:98:80:58:
13:c1:bd:1c:c2:30:fe:83:b2:a4:52:99:45:4f:08:8b:af:84:
75:a2:9a:a7:c4:a6:4c:aa:cc:71:3a:a9:82:65:09:f8:28:5e:
c6:40:7e:f2:e8:3f:06:3d:9a:c7:74:a3:c9:88:0e:1b:68:cb:
ca:2d:7c:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYWWWp5VDhFIMP+iYy5pwjXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWE1ODBhNGNmNjRhODg0MTkwYTViMGZiMjI3ZjMwOWU5
MDQwZWIwHhcNMjMwMTA5MTE0NjM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI2YzVlZTI0NWQ3MTE4OTkzNWQ0YjQ3MmY3ODVlZjViNDZmNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtccUqQL5mmpv3CPKmim/5c6fjo+W
RYPtFuR0OLAKCiieaJk5aFYA+b2Wytt4BLV8XkOOi9lwkCPnxcWObdlQGP6A9mKm
paXk8tTctzrD3zrI9ul0t09awUwxh8WcQe7uJf3U1ODsHff3l+VVFdLFiwgMLOjn
nMocHqGRz2C336QkUFPf/vMtzo5idq8QXxP4evxuQXJ4FPkO5/YPmAVVvpTFBeZA
gKnq+dLaHEk1bdqIj24VWqbp1ONO+Cu9IHTayq7SlEHiTVSx9Rh0g3f2+ZKOEkv4
i5z8PmEMlGrRB+2cIzpkMbn/bsWq0tKp6qflllI4SNa9cENFMI4czfqk+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGi2xe4kXXEYmTXUtHL3he9bRvcdMB8GA1UdIwQY
MBaAFOqaWApM9kqIQZClsPsifzCekEDrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnBwWUNrejJTb2hCa0tXdy15Sl9NSjZRUU9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83M2QzYjItOWJkMS00MTBmLTkxZWMt
ODA3NGE1NTI1MGVhLzEvYUxiRjdpUmRjUmlaTmRTMGN2ZUY3MXRHOXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83M2QzYjItOWJkMS00MTBmLTkxZWMtODA3NGE1NTI1MGVh
LzEvNnBwWUNrejJTb2hCa0tXdy15Sl9NSjZRUU9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+vAAwQD
sG2gAwQCufXAAwQD1WxQMA0GCSqGSIb3DQEBCwUAA4IBAQAZ0Vxnb4yfkbV5l0GK
rl4eBCcSUsHPkY6xDY/D9lszv/xsMOBwhGPNgvsjmxc9491lF/58IbLLfmcJNckY
asMmA9w3JUbx1zRS+7TcPedsnIggZeytniJYbjgMhY+fbm4RHDoruwmxTy5Gqnmp
CcILruwgeEI8Jf+gb49yCS28arlQfE0nnAI+cM8dx7FEK6k8RhNFDeMlNYibO+1h
X9VebOkMFD9dnLgR0Tju/U5AaCzD4Ct5L4aiMmvQ7CnHcWBLBdqYgFgTwb0cwjD+
g7KkUplFTwiLr4R1opqnxKZMqsxxOqmCZQn4KF7GQH7y6D8GPZrHdKPJiA4baMvK
LXxZ
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:40:15 2025 by rpki-client