Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/cZfibIVAWI25YF8Uz4ZweyuZ-wg.roa
File: cZfibIVAWI25YF8Uz4ZweyuZ-wg.roa (raw, json)
Hash identifier: GoUE3aTWobcYke/cA5KxGDYRciOsLvTOwWeRV/bfDZw=
Subject key identifier: 71:97:E2:6C:85:40:58:8D:B9:60:5F:14:CF:86:70:7B:2B:99:FB:08
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0184A92D67EFDF4CCF17A6FE462240B39B25
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/cZfibIVAWI25YF8Uz4ZweyuZ-wg.roa
Signing time: Thu 24 Nov 2022 10:27:15 +0000
ROA not before: Thu 24 Nov 2022 10:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.224.0/20 maxlen: 20
46.229.230.0/24 maxlen: 24
176.109.56.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:2d:67:ef:df:4c:cf:17:a6:fe:46:22:40:b3:9b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Nov 24 10:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7197e26c8540588db9605f14cf86707b2b99fb08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:49:82:d7:a4:87:b4:9c:ed:da:ab:1f:47:
de:51:43:76:e8:9d:ff:e8:9b:0f:68:58:ac:82:78:
d7:5f:81:60:0f:76:ba:a7:9b:3f:c7:28:52:1b:d2:
20:f5:b8:8a:a3:d8:ad:08:dd:46:9c:c5:c7:bb:a6:
99:8e:3e:c4:25:d6:05:dd:41:ff:9d:62:2a:7f:22:
25:a4:7f:60:1f:80:84:3b:5f:aa:cc:22:46:c1:4a:
58:1b:b5:7c:78:95:cd:ee:3c:5b:f4:3e:17:16:f0:
4a:3a:74:e1:2f:c5:9f:c1:f8:87:55:68:78:1b:a4:
bd:6e:ec:8e:1b:01:4f:08:01:65:45:5b:79:6d:d4:
60:fa:f6:ac:1d:b5:43:b2:02:63:60:79:b0:76:c4:
f3:7e:6c:48:df:7b:76:da:8f:d9:ba:96:85:7a:58:
62:4c:5f:f1:fd:6f:63:1d:b3:90:d5:f1:77:f5:1e:
57:f9:d1:d9:62:87:8b:28:51:ae:92:6e:1c:fa:d7:
44:1b:b1:4d:b4:c6:b8:28:f1:45:20:ee:45:35:0e:
f3:a0:6d:90:ee:d9:75:1c:57:5a:52:07:69:76:20:
e6:be:8a:ea:58:f8:87:31:a2:1a:81:ea:57:0e:95:
81:5d:89:55:9c:dc:af:a3:93:9e:6c:eb:5b:5a:22:
62:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:97:E2:6C:85:40:58:8D:B9:60:5F:14:CF:86:70:7B:2B:99:FB:08
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/cZfibIVAWI25YF8Uz4ZweyuZ-wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
176.109.56.0/21
185.176.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:0e:b4:4f:a5:0b:ea:5d:b4:8e:20:2f:30:52:2e:8e:35:fb:
4d:fa:6a:b4:92:35:d6:26:d2:f4:97:a3:2e:11:a4:eb:5c:d5:
4d:1b:d7:1f:f0:84:c7:0e:af:47:01:cd:11:03:19:15:72:71:
4d:ae:b7:0c:4a:c5:c2:57:fe:dc:fa:91:12:55:5e:76:03:16:
78:5e:98:1f:49:76:75:10:72:61:c8:43:f6:c2:eb:5c:bb:2e:
eb:cd:7e:53:4c:9c:de:5b:bb:3a:ee:51:09:a6:cd:39:04:bd:
98:03:04:22:44:98:9e:e4:41:7c:c7:2a:32:7e:9d:10:34:49:
8a:2e:3f:c8:6c:2c:e5:b7:f8:e8:34:d3:d4:30:80:75:f2:42:
a1:7e:be:44:4a:63:77:1c:11:19:12:83:36:63:4a:0c:2c:ed:
30:ea:36:e2:4b:82:ad:22:18:95:2f:46:27:98:f1:55:3c:2b:
98:99:e2:8b:5e:1f:be:2f:34:d3:7e:33:a5:46:53:cb:26:86:
fa:a9:e5:4f:13:62:17:54:42:ca:cd:2a:63:c6:b6:e1:9b:50:
d4:0f:52:64:bb:62:d2:69:4d:e7:79:54:d2:dd:a9:ee:10:bb:
9c:85:85:2a:61:f7:50:47:aa:ce:2b:db:0a:42:fb:52:99:be:
d8:58:35:11
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSpLWfv30zPF6b+RiJAs5slMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjIxMTI0MTAyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk3ZTI2Yzg1NDA1ODhkYjk2MDVmMTRjZjg2NzA3YjJiOTlmYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfxJgtekh7Sc7dqrH0feUUN26J3/
6JsPaFisgnjXX4FgD3a6p5s/xyhSG9Ig9biKo9itCN1GnMXHu6aZjj7EJdYF3UH/
nWIqfyIlpH9gH4CEO1+qzCJGwUpYG7V8eJXN7jxb9D4XFvBKOnThL8WfwfiHVWh4
G6S9buyOGwFPCAFlRVt5bdRg+vasHbVDsgJjYHmwdsTzfmxI33t22o/ZupaFelhi
TF/x/W9jHbOQ1fF39R5X+dHZYoeLKFGukm4c+tdEG7FNtMa4KPFFIO5FNQ7zoG2Q
7tl1HFdaUgdpdiDmvorqWPiHMaIagepXDpWBXYlVnNyvo5OebOtbWiJi+wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHGX4myFQFiNuWBfFM+GcHsrmfsIMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvY1pmaWJJVkFXSTI1WUY4VXo0WndleXVaLXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELuXgAwQD
sG04AwQCubBIMA0GCSqGSIb3DQEBCwUAA4IBAQClDrRPpQvqXbSOIC8wUi6ONftN
+mq0kjXWJtL0l6MuEaTrXNVNG9cf8ITHDq9HAc0RAxkVcnFNrrcMSsXCV/7c+pES
VV52AxZ4XpgfSXZ1EHJhyEP2wutcuy7rzX5TTJzeW7s67lEJps05BL2YAwQiRJie
5EF8xyoyfp0QNEmKLj/IbCzlt/joNNPUMIB18kKhfr5ESmN3HBEZEoM2Y0oMLO0w
6jbiS4KtIhiVL0YnmPFVPCuYmeKLXh++LzTTfjOlRlPLJob6qeVPE2IXVELKzSpj
xrbhm1DUD1Jku2LSaU3neVTS3anuELuchYUqYfdQR6rOK9sKQvtSmb7YWDUR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:37 2025 by rpki-client