Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IdWlJgXy-1M-XRfBtB4Zjppi4fM.roa
File: IdWlJgXy-1M-XRfBtB4Zjppi4fM.roa (raw, json)
Hash identifier: 8UDnF2YMNVdcCr4RkUtVaRE9ALW3lxN+pmuIe7FrDA4=
Subject key identifier: 21:D5:A5:26:05:F2:FB:53:3E:5D:17:C1:B4:1E:19:8E:9A:62:E1:F3
Certificate issuer: /CN=5d7f63401407c1cc797b17034e813d2254f9773e
Certificate serial: 0183000D1C055D3139AADB3DE57AF008EB1A
Authority key identifier: 5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IdWlJgXy-1M-XRfBtB4Zjppi4fM.roa
Signing time: Fri 02 Sep 2022 21:13:22 +0000
ROA not before: Fri 02 Sep 2022 21:13:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59895
IP address blocks: 194.26.222.0/24 maxlen: 24
185.65.206.0/24 maxlen: 24
185.65.205.0/24 maxlen: 24
185.65.204.0/24 maxlen: 24
185.65.207.0/24 maxlen: 24
2a05:300:1::/48 maxlen: 48
2a05:300:2::/48 maxlen: 48
2a05:300::/48 maxlen: 48
2a05:300:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:00:0d:1c:05:5d:31:39:aa:db:3d:e5:7a:f0:08:eb:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d7f63401407c1cc797b17034e813d2254f9773e
Validity
Not Before: Sep 2 21:13:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21d5a52605f2fb533e5d17c1b41e198e9a62e1f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:09:fa:43:a2:90:57:34:de:b3:20:37:d8:6b:
47:47:e3:bb:52:3a:98:6c:17:df:d6:1a:f3:7f:97:
4d:0e:bc:67:e9:f1:48:98:7a:f9:02:99:da:3a:b8:
8a:5b:66:80:40:0d:ac:75:d3:b2:0b:95:84:6b:f2:
0d:3f:57:d1:db:f4:eb:d9:cd:8a:9c:57:ff:58:ea:
d7:b8:f6:6d:dd:74:42:00:d0:84:f8:62:40:95:ae:
48:6a:c7:36:8a:c8:e8:b3:62:4f:c7:40:1c:ec:8a:
1c:e1:3a:d2:f0:ed:8c:33:29:ca:92:1e:89:74:c4:
05:88:a2:47:2f:bb:81:7b:e4:7b:ed:80:93:69:42:
e4:32:9c:79:e3:8e:7c:9f:70:25:cb:66:4a:d8:80:
32:76:30:c7:99:e6:37:d3:80:6d:5b:41:a1:c4:24:
90:5f:13:0d:6c:88:ee:8e:6d:91:17:e0:61:b9:c0:
e0:93:99:68:c9:76:89:3c:a8:a6:69:26:2c:41:64:
e2:9b:be:fc:13:9c:20:f4:57:21:f6:21:d2:bc:f9:
56:09:08:dc:9b:af:83:4f:4f:b9:f1:65:0b:1d:4e:
26:2b:b9:df:0f:6b:e0:c8:06:35:7c:45:19:80:4b:
cd:2c:f2:a2:37:5d:d4:97:42:22:44:7f:89:58:2b:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D5:A5:26:05:F2:FB:53:3E:5D:17:C1:B4:1E:19:8E:9A:62:E1:F3
X509v3 Authority Key Identifier:
keyid:5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IdWlJgXy-1M-XRfBtB4Zjppi4fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.204.0/22
194.26.222.0/24
IPv6:
2a05:300::/46
Signature Algorithm: sha256WithRSAEncryption
09:21:e8:17:f7:59:e6:b4:6f:79:aa:da:a1:a5:54:3f:eb:5f:
a2:29:96:3d:ed:4f:6d:7c:07:eb:87:95:92:db:8a:d3:48:f2:
e3:dc:d6:7f:e4:31:f9:8a:4b:02:b1:5c:fb:3d:d0:94:64:cc:
27:83:68:1f:a1:89:18:00:65:d7:e6:82:8d:ae:7b:64:c2:dc:
62:e1:b9:b1:c5:de:26:d5:ba:f0:c2:15:aa:dc:ff:00:5d:88:
e1:3a:63:aa:0b:ef:2e:87:ca:36:76:34:0d:bc:3b:73:94:ba:
58:7e:55:9a:2d:32:32:0d:39:5b:d3:af:d8:b5:aa:a3:d8:04:
12:9d:19:15:d7:36:63:ee:10:2b:c3:94:d1:92:e3:60:99:3e:
5a:e0:06:71:52:9a:5d:d1:6b:c8:69:8a:9d:49:3c:ca:4a:99:
76:bd:de:63:3f:39:f4:20:8c:39:64:77:60:4f:07:16:f2:73:
7d:7f:a2:2a:0f:5a:0a:ac:65:11:b0:91:9d:3d:a7:ee:f2:46:
2f:30:70:e2:bf:47:36:b0:f2:fc:5e:14:af:bf:44:99:f5:32:
29:59:4f:2c:ac:80:84:6e:68:56:69:b1:9e:bc:76:81:40:f3:
c8:37:8d:7c:84:16:b9:25:52:f1:05:e5:7a:b5:00:05:a0:77:
c7:0f:c0:0c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYMADRwFXTE5qts95XrwCOsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2Y2MzQwMTQwN2MxY2M3OTdiMTcwMzRlODEzZDIyNTRm
OTc3M2UwHhcNMjIwOTAyMjExMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ1YTUyNjA1ZjJmYjUzM2U1ZDE3YzFiNDFlMTk4ZTlhNjJlMWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAn6Q6KQVzTesyA32GtHR+O7UjqY
bBff1hrzf5dNDrxn6fFImHr5ApnaOriKW2aAQA2sddOyC5WEa/INP1fR2/Tr2c2K
nFf/WOrXuPZt3XRCANCE+GJAla5Iasc2isjos2JPx0Ac7Ioc4TrS8O2MMynKkh6J
dMQFiKJHL7uBe+R77YCTaULkMpx54458n3Aly2ZK2IAydjDHmeY304BtW0GhxCSQ
XxMNbIjujm2RF+BhucDgk5loyXaJPKimaSYsQWTim778E5wg9Fch9iHSvPlWCQjc
m6+DT0+58WULHU4mK7nfD2vgyAY1fEUZgEvNLPKiN13Ul0IiRH+JWCtgfwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCHVpSYF8vtTPl0XwbQeGY6aYuHzMB8GA1UdIwQY
MBaAFF1/Y0AUB8HMeXsXA06BPSJU+Xc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMt
MzNmYjE0NTJiYjBhLzEvSWRXbEpnWHktMU0tWFJmQnRCNFpqcHBpNGZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMtMzNmYjE0NTJiYjBh
LzEvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUHMAwQA
whreMA8EAgACMAkDBwIqBQMAAAAwDQYJKoZIhvcNAQELBQADggEBAAkh6Bf3Wea0
b3mq2qGlVD/rX6Iplj3tT218B+uHlZLbitNI8uPc1n/kMfmKSwKxXPs90JRkzCeD
aB+hiRgAZdfmgo2ue2TC3GLhubHF3ibVuvDCFarc/wBdiOE6Y6oL7y6HyjZ2NA28
O3OUulh+VZotMjINOVvTr9i1qqPYBBKdGRXXNmPuECvDlNGS42CZPlrgBnFSml3R
a8hpip1JPMpKmXa93mM/OfQgjDlkd2BPBxbyc31/oioPWgqsZRGwkZ09p+7yRi8w
cOK/Rzaw8vxeFK+/RJn1MilZTyysgIRuaFZpsZ68doFA88g3jXyEFrklUvEF5Xq1
AAWgd8cPwAw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:29 2025 by rpki-client