Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/XPa0Ftrg5QfD4A6FgpB8wOB_Ua4.roa
File: XPa0Ftrg5QfD4A6FgpB8wOB_Ua4.roa (raw, json)
Hash identifier: MHIUAF8OTxV9I9ly2+9PPpRCzPevSEGyCTp4dSu3310=
Subject key identifier: 5C:F6:B4:16:DA:E0:E5:07:C3:E0:0E:85:82:90:7C:C0:E0:7F:51:AE
Certificate issuer: /CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Certificate serial: 36DB3CB7
Authority key identifier: 45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/XPa0Ftrg5QfD4A6FgpB8wOB_Ua4.roa
Signing time: Mon 21 Feb 2022 11:51:12 +0000
ROA not before: Mon 21 Feb 2022 11:51:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196921
IP address blocks: 94.187.165.0/24 maxlen: 24
94.187.166.0/24 maxlen: 24
94.187.168.0/21 maxlen: 21
94.187.167.0/24 maxlen: 24
94.187.179.0/24 maxlen: 24
94.187.178.0/24 maxlen: 24
94.187.176.0/24 maxlen: 24
94.187.177.0/24 maxlen: 24
94.187.176.0/21 maxlen: 21
94.187.184.0/21 maxlen: 21
94.187.180.0/24 maxlen: 24
94.187.183.0/24 maxlen: 24
94.187.184.0/23 maxlen: 23
94.187.181.0/24 maxlen: 24
94.187.182.0/24 maxlen: 24
94.187.187.0/24 maxlen: 24
94.187.191.0/24 maxlen: 24
94.187.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920337591 (0x36db3cb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Validity
Not Before: Feb 21 11:51:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cf6b416dae0e507c3e00e8582907cc0e07f51ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:29:07:77:bd:d0:ed:7d:92:9f:48:54:e9:7f:
92:95:f5:6f:87:91:da:98:47:10:64:dd:99:dd:37:
95:0d:d4:8a:2a:b5:a9:c6:9e:42:7e:af:45:be:e5:
1f:11:2a:6a:79:83:01:a6:b1:85:c7:ab:a9:c9:d3:
0d:54:58:67:ad:37:a9:23:f7:0e:0f:4c:92:b7:ff:
54:2f:df:23:04:4b:f4:69:75:60:83:5b:1b:2f:56:
28:06:76:dd:d0:7a:c1:05:5c:50:e4:50:c5:38:3b:
d1:2f:00:fc:e4:b0:b3:18:97:81:26:27:da:28:87:
49:24:ba:21:bd:77:68:f6:5f:49:ed:0e:ef:ad:84:
87:f8:7b:de:14:12:67:56:85:1e:43:e3:34:d0:0d:
45:2d:47:e7:03:af:c7:fa:b7:e4:d2:52:65:09:00:
92:fb:01:d3:1a:3a:31:79:41:27:15:d6:6b:35:5c:
2c:53:87:97:6e:66:cf:85:12:2a:b7:75:99:09:a4:
d6:18:2d:1a:9a:9c:fe:ef:02:85:69:ae:a8:24:c9:
c2:71:49:b7:f1:a7:c1:bc:64:05:3b:1e:21:3e:61:
8d:a7:72:f3:f9:7b:7e:07:f4:9a:c2:a2:ef:ad:b1:
95:aa:79:02:3f:b2:6f:c5:93:a8:22:f9:fc:a8:22:
e6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F6:B4:16:DA:E0:E5:07:C3:E0:0E:85:82:90:7C:C0:E0:7F:51:AE
X509v3 Authority Key Identifier:
keyid:45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/XPa0Ftrg5QfD4A6FgpB8wOB_Ua4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/RW7LO-EGXh5xWJUIvsbXS1p7Htc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.187.165.0-94.187.191.255
Signature Algorithm: sha256WithRSAEncryption
a1:ca:41:d6:13:29:0d:d3:e9:d2:09:c7:63:6a:d7:59:77:74:
5b:46:e8:d3:03:bf:69:8d:d5:77:cc:ac:ae:36:0b:4f:f5:fb:
c4:d9:06:58:d6:94:fd:eb:e4:35:43:5d:8f:7d:69:25:3c:d5:
f4:c9:69:ca:ab:18:67:3a:ee:bc:a6:79:52:f7:ad:76:c1:ac:
82:aa:6d:25:d4:16:57:d2:c2:57:8c:df:08:46:35:98:6d:96:
54:f6:c0:2f:3f:11:e3:f8:2d:b5:8a:df:cc:f7:c7:6b:a1:4b:
95:de:49:cd:15:7a:67:98:3a:f2:3c:1e:6a:57:44:d5:39:95:
ee:8a:08:1c:da:97:bc:e5:0c:a7:45:f2:f6:e7:66:33:5a:62:
4a:5f:51:04:21:86:0e:9e:60:62:49:d9:a3:a4:21:0d:8b:06:
b0:bb:4f:3a:b8:97:4b:2e:6f:f9:d5:f5:c9:35:98:e2:96:94:
e4:41:9f:96:65:37:f2:57:66:de:41:c0:f3:38:73:f2:e4:38:
32:05:82:ba:34:86:6e:ab:ba:a7:e2:80:a9:28:69:5d:f0:e3:
4f:07:14:ad:44:5e:d9:5f:2f:7c:68:f0:b7:85:0d:97:79:95:
cf:cd:a6:32:0d:0e:0e:28:cf:0d:db:4c:a2:f5:91:c4:e7:b2:
21:1c:c5:39
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIENts8tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NTZlY2IzYmUxMDY1ZTFlNzE1ODk1MDhiZWM2ZDc0YjVhN2IxZWQ3MB4XDTIyMDIy
MTExNTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNmNmI0MTZkYWUw
ZTUwN2MzZTAwZTg1ODI5MDdjYzBlMDdmNTFhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMpB3e90O19kp9IVOl/kpX1b4eR2phHEGTdmd03lQ3Uiiq1
qcaeQn6vRb7lHxEqanmDAaaxhcerqcnTDVRYZ603qSP3Dg9Mkrf/VC/fIwRL9Gl1
YINbGy9WKAZ23dB6wQVcUORQxTg70S8A/OSwsxiXgSYn2iiHSSS6Ib13aPZfSe0O
762Eh/h73hQSZ1aFHkPjNNANRS1H5wOvx/q35NJSZQkAkvsB0xo6MXlBJxXWazVc
LFOHl25mz4USKrd1mQmk1hgtGpqc/u8ChWmuqCTJwnFJt/GnwbxkBTseIT5hjady
8/l7fgf0msKi762xlap5Aj+yb8WTqCL5/Kgi5k8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRc9rQW2uDlB8PgDoWCkHzA4H9RrjAfBgNVHSMEGDAWgBRFbss74QZeHnFY
lQi+xtdLWnse1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JXN0xPLUVHWGg1eFdKVUl2c2JYUzFwN0h0Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvMzY3MTVhLTMyZmMtNGU5Zi1hNTc3LTVhYzc0ZGJhMTdiOC8x
L1hQYTBGdHJnNVFmRDRBNkZncEI4d09CX1VhNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
MzY3MTVhLTMyZmMtNGU5Zi1hNTc3LTVhYzc0ZGJhMTdiOC8xL1JXN0xPLUVHWGg1
eFdKVUl2c2JYUzFwN0h0Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAXrulAwQGXruAMA0GCSqGSIb3
DQEBCwUAA4IBAQChykHWEykN0+nSCcdjatdZd3RbRujTA79pjdV3zKyuNgtP9fvE
2QZY1pT96+Q1Q12PfWklPNX0yWnKqxhnOu68pnlS9612wayCqm0l1BZX0sJXjN8I
RjWYbZZU9sAvPxHj+C21it/M98droUuV3knNFXpnmDryPB5qV0TVOZXuiggc2pe8
5QynRfL252YzWmJKX1EEIYYOnmBiSdmjpCENiwawu086uJdLLm/51fXJNZjilpTk
QZ+WZTfyV2beQcDzOHPy5DgyBYK6NIZuq7qn4oCpKGld8ONPBxStRF7ZXy98aPC3
hQ2XeZXPzaYyDQ4OKM8N20yi9ZHE57IhHMU5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:57 2025 by rpki-client