Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa
File: xMujRv4Nz3-QszCpB8ZO86t2Il4.roa (raw, json)
Hash identifier: xXsoIHOfv0JzJOs8cekFlVGpigtAC98x0+3jlBPa/V8=
Subject key identifier: C4:CB:A3:46:FE:0D:CF:7F:90:B3:30:A9:07:C6:4E:F3:AB:76:22:5E
Certificate issuer: /CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Certificate serial: 0185720C6F9B884DDA46C9C81B6845061E1D
Authority key identifier: 7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa
Signing time: Mon 02 Jan 2023 10:34:55 +0000
ROA not before: Mon 02 Jan 2023 10:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12859
IP address blocks: 185.173.21.0/24 maxlen: 24
185.173.22.0/24 maxlen: 24
185.173.20.0/24 maxlen: 24
2a0b:3100:100::/40 maxlen: 48
2a0b:3100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:6f:9b:88:4d:da:46:c9:c8:1b:68:45:06:1e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Validity
Not Before: Jan 2 10:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4cba346fe0dcf7f90b330a907c64ef3ab76225e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ef:d3:02:f1:6b:cd:fb:32:71:55:e7:eb:ae:
6a:4a:ac:57:38:55:50:52:4a:7c:82:bf:75:b9:5f:
b2:39:f1:f6:81:61:f9:6b:e0:80:ed:93:b9:a3:62:
c9:71:b1:0d:4a:4a:ff:e6:8a:47:e7:b1:01:a7:9b:
7a:c5:12:7c:95:93:fb:66:6d:56:3c:d2:b3:c1:05:
c5:f6:a1:a5:15:d5:1c:15:4d:39:6e:84:96:66:66:
05:e2:89:50:5b:87:6d:11:e8:08:cf:8a:9d:17:02:
e9:23:72:ff:56:9d:ed:e7:29:5d:0d:16:ce:58:4f:
3c:89:3c:31:45:8b:ce:15:4a:4e:36:4f:b9:50:28:
34:81:eb:80:6b:45:58:5d:16:32:80:9a:dd:6f:7e:
45:b8:20:34:fb:b1:32:57:5f:88:ad:ce:09:88:3d:
8f:68:9d:b1:dd:68:a0:d6:02:85:94:b2:9d:d1:f9:
f8:15:fc:fa:64:40:41:a4:b5:f9:7b:01:a3:80:cb:
78:ee:29:ce:40:bd:9b:df:55:be:c2:ff:fa:80:05:
08:83:08:f5:0a:d9:7a:a6:a6:a2:af:78:5f:c1:42:
34:ec:12:c2:3f:07:2d:1d:ce:de:00:d7:87:e0:19:
43:28:7f:19:4b:2f:85:f4:af:0b:73:fc:23:39:3b:
a3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CB:A3:46:FE:0D:CF:7F:90:B3:30:A9:07:C6:4E:F3:AB:76:22:5E
X509v3 Authority Key Identifier:
keyid:7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/xMujRv4Nz3-QszCpB8ZO86t2Il4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.20.0-185.173.22.255
IPv6:
2a0b:3100::/39
Signature Algorithm: sha256WithRSAEncryption
b4:a0:5b:d0:3d:d6:76:45:8a:3c:14:50:1c:97:c9:41:b2:00:
12:96:58:ce:86:9f:68:68:65:d4:e7:12:70:5b:06:45:b7:55:
bf:e2:79:0a:09:42:bb:37:52:15:bf:26:79:d1:bb:5f:59:a2:
b9:96:7c:b7:8a:ee:8e:0f:d1:a7:77:bd:ef:8c:f1:be:2f:85:
9d:19:34:4d:5c:b5:50:cc:ed:ef:58:77:26:cd:d3:f6:b0:c8:
ca:5e:55:13:12:6a:08:ed:a2:01:fb:0c:7c:dc:a1:7e:58:af:
44:66:a1:f4:5d:14:05:fc:fd:2a:3b:a4:fa:13:0b:33:a9:ff:
4c:88:e6:61:d1:53:08:03:fe:5f:26:d1:df:32:74:a6:53:d7:
bd:31:e6:fb:de:bf:c0:fd:d7:2c:2e:18:4d:65:92:82:f9:42:
eb:fa:ae:b9:10:2f:f3:ac:1e:02:4d:03:c6:87:e6:cd:c4:c6:
df:2a:ab:bb:08:07:ad:ba:ec:7e:47:7c:1b:5c:77:38:eb:87:
b3:62:c8:c9:84:b4:b1:d0:7a:5c:97:e8:68:f8:06:94:e4:01:
30:c5:fe:8c:b8:90:09:fe:81:a5:a0:07:f3:4a:82:b7:73:bb:
f1:9b:12:81:e3:73:53:16:ca:da:f9:a4:94:8e:40:53:ef:2a:
d1:9f:0b:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyDG+biE3aRsnIG2hFBh4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODdmNmI5MTE5ZmE5ZGNkM2UxMmU3ZTZiZmI3MDZkZmY5
Nzg4MjUwHhcNMjMwMTAyMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNiYTM0NmZlMGRjZjdmOTBiMzMwYTkwN2M2NGVmM2FiNzYyMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+/TAvFrzfsycVXn665qSqxXOFVQ
Ukp8gr91uV+yOfH2gWH5a+CA7ZO5o2LJcbENSkr/5opH57EBp5t6xRJ8lZP7Zm1W
PNKzwQXF9qGlFdUcFU05boSWZmYF4olQW4dtEegIz4qdFwLpI3L/Vp3t5yldDRbO
WE88iTwxRYvOFUpONk+5UCg0geuAa0VYXRYygJrdb35FuCA0+7EyV1+Irc4JiD2P
aJ2x3Wig1gKFlLKd0fn4Ffz6ZEBBpLX5ewGjgMt47inOQL2b31W+wv/6gAUIgwj1
Ctl6pqair3hfwUI07BLCPwctHc7eANeH4BlDKH8ZSy+F9K8Lc/wjOTuj9wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMTLo0b+Dc9/kLMwqQfGTvOrdiJeMB8GA1UdIwQY
MBaAFHuH9rkRn6nc0+Eufmv7cG3/l4glMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYt
ZDc4NTE0ZTllODEyLzEveE11alJ2NE56My1Rc3pDcEI4Wk84NnQySWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYtZDc4NTE0ZTllODEy
LzEvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAK5rRQD
BAC5rRYwDgQCAAIwCAMGASoLMQAAMA0GCSqGSIb3DQEBCwUAA4IBAQC0oFvQPdZ2
RYo8FFAcl8lBsgASlljOhp9oaGXU5xJwWwZFt1W/4nkKCUK7N1IVvyZ50btfWaK5
lny3iu6OD9Gnd73vjPG+L4WdGTRNXLVQzO3vWHcmzdP2sMjKXlUTEmoI7aIB+wx8
3KF+WK9EZqH0XRQF/P0qO6T6Ewszqf9MiOZh0VMIA/5fJtHfMnSmU9e9Meb73r/A
/dcsLhhNZZKC+ULr+q65EC/zrB4CTQPGh+bNxMbfKqu7CAetuux+R3wbXHc464ez
YsjJhLSx0Hpcl+ho+AaU5AEwxf6MuJAJ/oGloAfzSoK3c7vxmxKB43NTFsra+aSU
jkBT7yrRnwvN
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:02:37 2025 by rpki-client