Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/8XTAOt8AYOir_Z9yBRZTs7YZY1g.roa
File: 8XTAOt8AYOir_Z9yBRZTs7YZY1g.roa (raw, json)
Hash identifier: YAAxvp2o80m0W2ecB5vpilmVHgaD+u7mreydvnTjqQQ=
Subject key identifier: F1:74:C0:3A:DF:00:60:E8:AB:FD:9F:72:05:16:53:B3:B6:19:63:58
Certificate issuer: /CN=522107ed07b5ac0d8269d7229d9fd2ca0e32658b
Certificate serial: 018571308307F2D1A76B9E1457D33FEA18A9
Authority key identifier: 52:21:07:ED:07:B5:AC:0D:82:69:D7:22:9D:9F:D2:CA:0E:32:65:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiEH7Qe1rA2CadcinZ_Syg4yZYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/8XTAOt8AYOir_Z9yBRZTs7YZY1g.roa
Signing time: Mon 02 Jan 2023 06:34:42 +0000
ROA not before: Mon 02 Jan 2023 06:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200645
IP address blocks: 185.177.156.0/22 maxlen: 22
185.100.44.0/22 maxlen: 22
185.174.200.0/22 maxlen: 22
185.117.136.0/22 maxlen: 22
185.179.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:83:07:f2:d1:a7:6b:9e:14:57:d3:3f:ea:18:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=522107ed07b5ac0d8269d7229d9fd2ca0e32658b
Validity
Not Before: Jan 2 06:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f174c03adf0060e8abfd9f72051653b3b6196358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:cd:f7:c3:a9:58:5b:df:df:b2:c5:84:73:37:
0f:e3:f8:4d:b4:a8:45:6b:95:69:69:c9:b9:1d:6b:
68:a5:54:e2:a0:3d:94:bf:f3:b5:60:b4:b9:46:43:
fc:87:68:49:67:ea:ee:0a:42:4d:35:ae:f0:7d:23:
47:b6:a8:0f:99:21:bd:3d:0b:ef:47:48:cd:c2:0b:
25:99:23:54:8c:84:4b:a6:d1:90:08:ce:50:7d:72:
fd:0b:0e:ca:1e:5a:52:8b:82:fa:b3:e6:b7:dd:34:
65:3a:d6:9d:6b:2d:3a:c8:d2:be:2e:18:af:73:a8:
e4:d1:a4:d9:26:78:23:28:f0:5f:4b:35:8e:2f:2c:
5a:c6:21:e7:e6:51:5a:78:29:5b:a8:14:a0:d3:39:
cf:8d:50:38:7d:36:a8:a0:f6:cc:cc:4c:36:67:12:
f5:58:d5:6c:f6:9e:b0:c8:c6:fd:3a:a6:4c:9b:7b:
42:c5:6e:ec:7c:d0:46:58:ab:32:52:9d:f4:e4:59:
00:b3:a4:5e:67:f5:82:c5:9b:e2:e3:b8:46:06:bf:
eb:b2:ed:a8:28:2b:81:28:36:a7:25:fe:a9:29:e5:
7f:6c:bf:53:9b:a8:6a:65:f0:d8:9a:a6:a3:b1:be:
39:9f:e6:29:a0:72:4a:57:20:4b:95:7c:e4:5f:0e:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:74:C0:3A:DF:00:60:E8:AB:FD:9F:72:05:16:53:B3:B6:19:63:58
X509v3 Authority Key Identifier:
keyid:52:21:07:ED:07:B5:AC:0D:82:69:D7:22:9D:9F:D2:CA:0E:32:65:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiEH7Qe1rA2CadcinZ_Syg4yZYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/8XTAOt8AYOir_Z9yBRZTs7YZY1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/02c568-91ee-485d-99a2-59bce319c1cb/1/UiEH7Qe1rA2CadcinZ_Syg4yZYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.44.0/22
185.117.136.0/22
185.174.200.0/22
185.177.156.0/22
185.179.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:fc:35:98:c7:a3:1a:cc:fd:5c:74:ec:92:c0:91:a0:d4:96:
a4:a7:12:41:f9:29:fd:f0:24:5a:74:43:48:8e:8a:2b:94:70:
84:3d:fa:1b:84:82:89:9a:6a:57:e0:53:d9:cb:83:0f:1f:98:
4e:d1:e7:e7:d1:4a:09:95:a5:28:cc:2c:33:47:29:96:98:da:
3e:72:88:17:b8:96:ef:80:28:72:8e:96:3d:3b:db:75:13:1c:
98:7e:78:ab:44:7a:80:69:70:5c:cc:d2:29:a7:6c:48:1a:5d:
ba:65:0b:57:f5:70:7f:af:b2:31:b1:d8:83:ce:86:ba:4f:8b:
22:be:7e:59:c8:8a:57:b6:39:07:79:d3:f6:4c:84:6d:9b:c7:
3f:65:e9:55:be:6a:b3:04:34:33:58:23:2a:e4:b3:84:95:fa:
1f:ff:4c:8d:cf:2e:01:3a:c5:5e:2c:9c:8c:2d:28:4b:c5:c5:
8e:3c:b9:5f:54:fe:b7:08:0d:30:b4:db:35:81:24:6e:32:8f:
84:90:9b:f6:d6:98:0c:48:04:04:b9:27:6d:35:a5:99:44:d5:
cf:b3:3a:66:b7:38:e1:d5:e3:85:36:b6:a7:97:0b:75:43:d9:
e6:30:9b:c9:83:20:4f:85:3f:cf:71:80:91:e0:7b:c4:62:2a:
d8:2a:c1:e3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxMIMH8tGna54UV9M/6hipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMjEwN2VkMDdiNWFjMGQ4MjY5ZDcyMjlkOWZkMmNhMGUz
MjY1OGIwHhcNMjMwMTAyMDYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTc0YzAzYWRmMDA2MGU4YWJmZDlmNzIwNTE2NTNiM2I2MTk2MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi833w6lYW9/fssWEczcP4/hNtKhF
a5Vpacm5HWtopVTioD2Uv/O1YLS5RkP8h2hJZ+ruCkJNNa7wfSNHtqgPmSG9PQvv
R0jNwgslmSNUjIRLptGQCM5QfXL9Cw7KHlpSi4L6s+a33TRlOtaday06yNK+Lhiv
c6jk0aTZJngjKPBfSzWOLyxaxiHn5lFaeClbqBSg0znPjVA4fTaooPbMzEw2ZxL1
WNVs9p6wyMb9OqZMm3tCxW7sfNBGWKsyUp305FkAs6ReZ/WCxZvi47hGBr/rsu2o
KCuBKDanJf6pKeV/bL9Tm6hqZfDYmqajsb45n+YpoHJKVyBLlXzkXw5AAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPF0wDrfAGDoq/2fcgUWU7O2GWNYMB8GA1UdIwQY
MBaAFFIhB+0HtawNgmnXIp2f0soOMmWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWlFSDdRZTFyQTJDYWRjaW5aX1N5ZzR5WllzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8wMmM1NjgtOTFlZS00ODVkLTk5YTIt
NTliY2UzMTljMWNiLzEvOFhUQU90OEFZT2lyX1o5eUJSWlRzN1laWTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8wMmM1NjgtOTFlZS00ODVkLTk5YTItNTliY2UzMTljMWNi
LzEvVWlFSDdRZTFyQTJDYWRjaW5aX1N5ZzR5WllzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuWQsAwQC
uXWIAwQCua7IAwQCubGcAwQCubPcMA0GCSqGSIb3DQEBCwUAA4IBAQA+/DWYx6Ma
zP1cdOySwJGg1JakpxJB+Sn98CRadENIjoorlHCEPfobhIKJmmpX4FPZy4MPH5hO
0efn0UoJlaUozCwzRymWmNo+cogXuJbvgChyjpY9O9t1ExyYfnirRHqAaXBczNIp
p2xIGl26ZQtX9XB/r7IxsdiDzoa6T4sivn5ZyIpXtjkHedP2TIRtm8c/ZelVvmqz
BDQzWCMq5LOElfof/0yNzy4BOsVeLJyMLShLxcWOPLlfVP63CA0wtNs1gSRuMo+E
kJv21pgMSAQEuSdtNaWZRNXPszpmtzjh1eOFNranlwt1Q9nmMJvJgyBPhT/PcYCR
4HvEYirYKsHj
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:04:13 2025 by rpki-client