Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/a3FxIkYNI6JKNY_BMV7ywfutUpY.roa
File: a3FxIkYNI6JKNY_BMV7ywfutUpY.roa (raw, json)
Hash identifier: KXez41UVlsPLYxqf+Mpuxul/5dqB0SwOOcQEr70UpLQ=
Subject key identifier: 6B:71:71:22:46:0D:23:A2:4A:35:8F:C1:31:5E:F2:C1:FB:AD:52:96
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01855CC302243B3E19659697BE39996E8149
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/a3FxIkYNI6JKNY_BMV7ywfutUpY.roa
Signing time: Thu 29 Dec 2022 07:22:41 +0000
ROA not before: Thu 29 Dec 2022 07:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57877
IP address blocks: 185.76.216.0/22 maxlen: 22
195.135.12.0/23 maxlen: 23
195.135.48.0/24 maxlen: 24
195.135.48.0/20 maxlen: 20
37.139.120.0/21 maxlen: 21
2a05:5cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:c3:02:24:3b:3e:19:65:96:97:be:39:99:6e:81:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Dec 29 07:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b717122460d23a24a358fc1315ef2c1fbad5296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:9e:a2:71:c8:48:be:4f:bf:89:5c:6e:7e:
6a:26:8e:f3:a7:47:ca:dc:c9:cf:00:d6:10:ff:f6:
4f:a9:c5:53:77:b9:39:1d:8e:bf:5a:95:be:40:51:
4f:12:3d:ee:d0:47:8f:96:fd:da:2c:3e:3d:f7:36:
64:94:62:0f:80:c6:77:b8:2d:fe:7c:19:9c:27:7e:
13:20:a6:06:c5:10:f8:60:dd:c0:d6:e5:c4:eb:ec:
90:4c:11:08:e9:48:ce:a4:95:08:c5:0a:75:86:63:
41:72:41:df:47:c7:4a:c8:61:3d:91:ae:0e:c6:12:
f9:92:41:66:24:f3:8b:55:f8:15:e3:a0:29:9a:e8:
5a:84:8a:bb:33:ab:46:b9:89:b7:60:1c:5e:6a:9f:
93:bc:98:ac:a6:b2:0f:89:0b:bc:fc:03:bd:04:ec:
8d:34:b1:80:23:2e:2f:06:c5:5f:5f:ed:96:1f:9d:
57:6e:66:4c:79:db:29:52:da:9f:e8:18:9d:f0:a3:
73:7b:b2:22:11:56:5e:c0:6d:28:60:0c:3c:46:94:
09:d0:9b:6e:c5:f8:9d:97:e5:39:99:ef:15:61:cc:
7c:4f:35:72:b1:17:f1:65:4e:e1:44:c8:ea:44:ee:
4a:50:0e:ca:b3:b5:5f:f8:32:7c:e2:12:c2:52:d4:
42:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:71:71:22:46:0D:23:A2:4A:35:8F:C1:31:5E:F2:C1:FB:AD:52:96
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/a3FxIkYNI6JKNY_BMV7ywfutUpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.120.0/21
185.76.216.0/22
195.135.12.0/23
195.135.48.0/20
IPv6:
2a05:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:e7:26:b7:4e:c5:f2:f5:10:7c:d4:2f:c6:f0:ce:46:74:1f:
83:14:28:14:74:2c:ed:13:93:8f:d3:e4:36:13:bc:c0:13:f2:
9b:db:7a:9f:ef:ec:86:30:f0:df:60:77:06:0c:3a:f5:3c:22:
f2:44:6c:41:53:da:dd:64:c3:83:dc:83:95:ec:db:5b:09:dc:
0d:4f:96:fa:36:78:98:73:0a:89:40:1a:7c:71:d3:f5:b0:df:
96:16:90:02:51:c9:04:57:94:62:b0:1c:3e:35:33:4c:6b:25:
86:77:03:94:68:81:35:be:c3:cd:41:79:1f:e5:1e:f2:42:69:
44:e0:00:94:e7:ee:c4:65:04:ad:17:fb:62:0e:df:23:7b:2a:
3a:c0:6c:2c:e1:73:aa:08:ce:e6:1b:77:fc:a6:8e:42:2b:7e:
ed:92:a2:0e:0c:31:b4:66:91:97:7a:8d:a1:b2:5d:4b:18:75:
49:41:40:b7:b9:04:f0:74:28:96:55:e9:f8:aa:0d:85:7b:7a:
8a:82:2d:dc:8f:07:49:ad:b5:4f:84:04:b2:4b:6e:6d:e1:78:
7f:53:cf:33:55:2c:e2:fd:b7:a4:97:3c:b7:11:64:b7:da:8b:
e0:11:60:9a:28:90:81:75:06:2d:9e:7e:2a:49:59:4e:e2:fe:
69:c0:81:82
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVcwwIkOz4ZZZaXvjmZboFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIxMjI5MDcyMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjcxNzEyMjQ2MGQyM2EyNGEzNThmYzEzMTVlZjJjMWZiYWQ1Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAyeonHISL5Pv4lcbn5qJo7zp0fK
3MnPANYQ//ZPqcVTd7k5HY6/WpW+QFFPEj3u0EePlv3aLD499zZklGIPgMZ3uC3+
fBmcJ34TIKYGxRD4YN3A1uXE6+yQTBEI6UjOpJUIxQp1hmNBckHfR8dKyGE9ka4O
xhL5kkFmJPOLVfgV46ApmuhahIq7M6tGuYm3YBxeap+TvJisprIPiQu8/AO9BOyN
NLGAIy4vBsVfX+2WH51XbmZMedspUtqf6Bid8KNze7IiEVZewG0oYAw8RpQJ0Jtu
xfidl+U5me8VYcx8TzVysRfxZU7hRMjqRO5KUA7Ks7Vf+DJ84hLCUtRC4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGtxcSJGDSOiSjWPwTFe8sH7rVKWMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvYTNGeElrWU5JNkpLTllfQk1WN3l3ZnV0VXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJYt4AwQC
uUzYAwQBw4cMAwQEw4cwMA0EAgACMAcDBQMqBVzAMA0GCSqGSIb3DQEBCwUAA4IB
AQAL5ya3TsXy9RB81C/G8M5GdB+DFCgUdCztE5OP0+Q2E7zAE/Kb23qf7+yGMPDf
YHcGDDr1PCLyRGxBU9rdZMOD3IOV7NtbCdwNT5b6NniYcwqJQBp8cdP1sN+WFpAC
UckEV5RisBw+NTNMayWGdwOUaIE1vsPNQXkf5R7yQmlE4ACU5+7EZQStF/tiDt8j
eyo6wGws4XOqCM7mG3f8po5CK37tkqIODDG0ZpGXeo2hsl1LGHVJQUC3uQTwdCiW
Ven4qg2Fe3qKgi3cjwdJrbVPhASyS25t4Xh/U88zVSzi/beklzy3EWS32ovgEWCa
KJCBdQYtnn4qSVlO4v5pwIGC
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:02:37 2025 by rpki-client