Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/RPS2JSIvinM0mvI5NSYmu3J87yw.roa
File: RPS2JSIvinM0mvI5NSYmu3J87yw.roa (raw, json)
Hash identifier: tUfL1d/gl1XNmBw50FN7l+Hl47w770/fNPCztBgWNdY=
Subject key identifier: 44:F4:B6:25:22:2F:8A:73:34:9A:F2:39:35:26:26:BB:72:7C:EF:2C
Certificate issuer: /CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Certificate serial: 018963E955D44EEF81A66E44EC2887BDE9BC
Authority key identifier: 40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/RPS2JSIvinM0mvI5NSYmu3J87yw.roa
Signing time: Mon 17 Jul 2023 12:53:03 +0000
ROA not before: Mon 17 Jul 2023 12:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199811
IP address blocks: 185.210.64.0/22 maxlen: 22
2a0b:55c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:e9:55:d4:4e:ef:81:a6:6e:44:ec:28:87:bd:e9:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407c7083460e1a4c72c4bc4276313d3a85944a87
Validity
Not Before: Jul 17 12:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44f4b625222f8a73349af239352626bb727cef2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d8:fb:6a:32:41:c8:5a:4b:7b:a9:58:7b:c2:
e7:3c:4a:92:97:de:1f:bb:95:c7:8d:30:ef:eb:5c:
ba:9b:c1:44:35:d8:f7:ef:e2:c8:a7:a4:cb:67:64:
c4:87:97:8c:3b:19:1f:14:00:1f:0f:7c:3c:b4:56:
e7:2e:34:50:05:4f:6c:7c:20:d8:00:4e:e5:af:2a:
2c:ca:25:8a:dc:2f:ba:dd:b1:fc:53:3d:1d:b0:c4:
37:4c:3b:35:85:f3:e8:22:21:59:6f:35:54:ba:b3:
7f:ea:9c:40:3f:7f:63:63:8e:b2:42:a0:19:00:11:
23:5a:90:4b:44:6b:78:bc:a7:98:1b:0a:a0:c7:9b:
74:22:8a:43:aa:34:67:72:09:30:e2:37:59:dd:c9:
5f:0b:8a:c5:32:84:ac:19:91:81:94:2b:a7:a4:65:
32:23:69:92:21:b8:24:be:f4:c5:b2:e0:8c:17:ba:
38:df:12:3c:ac:65:75:2e:5c:ba:98:d5:72:f9:9e:
74:d2:ef:4f:67:f9:97:86:e6:34:e5:b3:e3:6b:22:
35:fc:05:6c:e6:a1:36:3d:bd:16:cf:24:b1:58:4f:
8e:0d:34:3b:94:1f:04:bf:f6:81:2b:34:82:4b:b8:
c9:dd:d3:a5:70:6f:ed:35:4d:a4:96:21:c6:64:98:
f6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F4:B6:25:22:2F:8A:73:34:9A:F2:39:35:26:26:BB:72:7C:EF:2C
X509v3 Authority Key Identifier:
keyid:40:7C:70:83:46:0E:1A:4C:72:C4:BC:42:76:31:3D:3A:85:94:4A:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHxwg0YOGkxyxLxCdjE9OoWUSoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/RPS2JSIvinM0mvI5NSYmu3J87yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8a7569-ed74-4a92-8627-985ed15c9aeb/1/QHxwg0YOGkxyxLxCdjE9OoWUSoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.64.0/22
IPv6:
2a0b:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:14:41:25:fe:4f:3e:2b:5f:f6:62:83:62:f8:fc:2d:a6:71:
cb:53:23:50:c8:a9:3f:1c:2a:d0:61:3b:a7:4f:c8:50:94:5b:
e0:95:5d:35:58:15:60:21:dd:0d:a6:d4:96:1b:2c:1c:cf:c9:
8c:de:ca:de:69:a9:b3:49:99:1a:ca:b0:fa:da:0f:88:81:4e:
d6:d1:cc:02:e9:79:a0:8d:6e:4a:44:ae:a6:b2:35:a0:48:7a:
72:07:88:d3:69:de:40:48:29:5c:7d:c2:5c:f3:37:05:16:ea:
a8:bf:a2:4a:27:6c:23:e7:51:cb:0d:52:64:90:5b:61:81:f9:
d7:8d:97:1f:03:80:1c:20:d3:30:2e:ed:da:34:81:c1:10:13:
84:e9:bc:0d:5c:d3:32:42:43:21:2e:ba:7b:61:4a:13:96:33:
d2:cb:eb:c5:1f:aa:06:ba:43:aa:e8:0c:d7:6f:72:4b:d5:2a:
ac:d0:a9:73:01:80:fe:ce:a1:31:5c:06:46:93:6f:bf:41:02:
da:44:5f:e7:d1:1c:3e:7c:54:42:60:15:4d:34:f5:28:54:aa:
12:0a:e7:a8:ea:90:fc:da:0c:f6:b1:b6:de:ca:ab:1a:35:54:
09:e7:00:a5:ee:1f:82:ca:3b:6b:83:50:f9:cd:b6:d0:37:66:
75:7f:20:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYlj6VXUTu+Bpm5E7CiHvem8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2M3MDgzNDYwZTFhNGM3MmM0YmM0Mjc2MzEzZDNhODU5
NDRhODcwHhcNMjMwNzE3MTI1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGY0YjYyNTIyMmY4YTczMzQ5YWYyMzkzNTI2MjZiYjcyN2NlZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Nj7ajJByFpLe6lYe8LnPEqSl94f
u5XHjTDv61y6m8FENdj37+LIp6TLZ2TEh5eMOxkfFAAfD3w8tFbnLjRQBU9sfCDY
AE7lryosyiWK3C+63bH8Uz0dsMQ3TDs1hfPoIiFZbzVUurN/6pxAP39jY46yQqAZ
ABEjWpBLRGt4vKeYGwqgx5t0IopDqjRncgkw4jdZ3clfC4rFMoSsGZGBlCunpGUy
I2mSIbgkvvTFsuCMF7o43xI8rGV1Lly6mNVy+Z500u9PZ/mXhuY05bPjayI1/AVs
5qE2Pb0WzySxWE+ODTQ7lB8Ev/aBKzSCS7jJ3dOlcG/tNU2kliHGZJj2hQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFET0tiUiL4pzNJryOTUmJrtyfO8sMB8GA1UdIwQY
MBaAFEB8cINGDhpMcsS8QnYxPTqFlEqHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2Mjct
OTg1ZWQxNWM5YWViLzEvUlBTMkpTSXZpbk0wbXZJNU5TWW11M0o4N3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84YTc1NjktZWQ3NC00YTkyLTg2MjctOTg1ZWQxNWM5YWVi
LzEvUUh4d2cwWU9Ha3h5eEx4Q2RqRTlPb1dVU29jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudJAMA0E
AgACMAcDBQMqC1XAMA0GCSqGSIb3DQEBCwUAA4IBAQApFEEl/k8+K1/2YoNi+Pwt
pnHLUyNQyKk/HCrQYTunT8hQlFvglV01WBVgId0NptSWGywcz8mM3sreaamzSZka
yrD62g+IgU7W0cwC6XmgjW5KRK6msjWgSHpyB4jTad5ASClcfcJc8zcFFuqov6JK
J2wj51HLDVJkkFthgfnXjZcfA4AcINMwLu3aNIHBEBOE6bwNXNMyQkMhLrp7YUoT
ljPSy+vFH6oGukOq6AzXb3JL1Sqs0KlzAYD+zqExXAZGk2+/QQLaRF/n0Rw+fFRC
YBVNNPUoVKoSCueo6pD82gz2sbbeyqsaNVQJ5wCl7h+Cyjtrg1D5zbbQN2Z1fyD1
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:43:46 2025 by rpki-client