Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a-UxQ00aH7UICCzZ-pf8O0gtcvU.roa
File: a-UxQ00aH7UICCzZ-pf8O0gtcvU.roa (raw, json)
Hash identifier: ds0jK5loQUuQW8pZk4J7NnrYz7ftiO5DCd9bvP7dOCs=
Subject key identifier: 6B:E5:31:43:4D:1A:1F:B5:08:08:2C:D9:FA:97:FC:3B:48:2D:72:F5
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 040C85
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a-UxQ00aH7UICCzZ-pf8O0gtcvU.roa
Signing time: Sat 12 Feb 2022 13:40:53 +0000
ROA not before: Sat 12 Feb 2022 13:40:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206766
IP address blocks: 45.153.72.0/23 maxlen: 23
185.183.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265349 (0x40c85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Feb 12 13:40:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6be531434d1a1fb508082cd9fa97fc3b482d72f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:38:5d:84:8a:29:cc:90:64:3a:10:94:cb:2a:
30:f3:96:34:54:0c:60:2b:8a:22:7f:bc:76:af:2b:
1d:50:2f:75:6d:2d:57:58:7b:de:2a:a8:ae:e4:33:
71:1f:c5:92:93:0d:c1:23:af:1f:8c:a6:93:66:48:
59:d1:7d:85:77:74:3a:91:b1:c7:ed:c4:0c:e5:6e:
93:30:a0:a4:25:9d:18:8c:4b:1a:01:98:1d:6e:98:
6d:8d:8f:f3:0d:2d:ad:28:ed:dd:4e:02:c7:e2:dc:
04:df:a3:c7:79:99:05:4f:15:0a:58:f1:25:0f:9d:
b3:72:83:22:9e:51:b1:95:f6:b2:17:22:7b:72:f0:
e2:f1:2f:84:6a:3d:c3:47:e0:20:25:c2:f7:0f:4c:
dd:5f:38:12:e9:f2:d4:8c:2b:18:72:b9:3a:4d:c5:
9f:e9:fd:e9:fb:eb:8e:ff:d0:53:ab:c9:f0:36:d8:
f3:0a:a0:3c:09:67:12:b1:fb:23:86:3d:33:04:45:
3a:58:47:2b:02:5c:0f:f4:61:15:05:1e:49:31:81:
54:d3:a3:30:24:f1:9d:8d:dd:8f:10:3a:03:30:4a:
b8:4d:5a:cb:42:93:c5:09:43:cb:e0:ea:6f:eb:1b:
4e:aa:1d:67:e5:a0:01:0d:85:dd:d1:d5:39:cc:d0:
d5:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E5:31:43:4D:1A:1F:B5:08:08:2C:D9:FA:97:FC:3B:48:2D:72:F5
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/a-UxQ00aH7UICCzZ-pf8O0gtcvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.72.0/23
185.183.160.0/22
Signature Algorithm: sha256WithRSAEncryption
75:96:24:7d:bb:aa:c7:bb:10:23:18:4b:36:a9:2a:14:d5:10:
89:88:4f:1f:84:b3:c7:fd:c1:82:ad:60:09:af:ea:53:55:77:
67:cf:27:be:37:ca:3a:8b:a8:b2:cd:69:f7:d0:7f:41:33:f5:
a2:88:65:0c:8b:46:a6:78:e3:6f:bb:c2:ed:96:7d:c1:45:b7:
2d:95:6d:b3:2d:73:09:5c:17:70:e7:d3:15:5f:52:3e:33:e7:
0f:6f:4f:31:a2:52:45:a1:40:db:67:d3:bf:bf:f9:4e:8d:f6:
60:5f:0a:50:08:30:b2:54:25:d4:87:5b:8b:18:14:9f:50:22:
c4:50:8a:3b:a3:8b:3b:09:c2:37:8e:de:5d:09:dc:13:1d:e2:
4f:e4:81:97:78:a3:96:ce:72:f0:08:98:ee:bf:8b:d8:19:7f:
82:e5:e9:7f:b4:c6:ef:0b:be:12:81:6a:ec:ed:e4:4e:a4:e6:
c0:ed:c7:26:65:43:f4:66:3e:09:b8:b2:29:d3:b5:87:fb:17:
e7:7b:44:3a:04:a6:8d:9e:c2:77:a4:47:a7:61:77:51:17:20:
68:01:38:58:5a:7f:3e:80:3e:ee:50:f9:ab:bd:53:9e:de:28:
c3:dd:38:b5:50:a3:1c:15:5c:4b:2c:6f:f6:59:ab:15:e5:2e:
1b:df:8a:71
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDBAyFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc2
NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFkYzY2ZjcwHhcNMjIwMjEy
MTM0MDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YmU1MzE0MzRkMWEx
ZmI1MDgwODJjZDlmYTk3ZmMzYjQ4MmQ3MmY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiDhdhIopzJBkOhCUyyow85Y0VAxgK4oif7x2rysdUC91bS1X
WHveKqiu5DNxH8WSkw3BI68fjKaTZkhZ0X2Fd3Q6kbHH7cQM5W6TMKCkJZ0YjEsa
AZgdbphtjY/zDS2tKO3dTgLH4twE36PHeZkFTxUKWPElD52zcoMinlGxlfayFyJ7
cvDi8S+Eaj3DR+AgJcL3D0zdXzgS6fLUjCsYcrk6TcWf6f3p++uO/9BTq8nwNtjz
CqA8CWcSsfsjhj0zBEU6WEcrAlwP9GEVBR5JMYFU06MwJPGdjd2PEDoDMEq4TVrL
QpPFCUPL4Opv6xtOqh1n5aABDYXd0dU5zNDVrwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFGvlMUNNGh+1CAgs2fqX/DtILXL1MB8GA1UdIwQYMBaAFHZnAjbNDgOGhKMx
lL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNlLzEv
YS1VeFEwMGFIN1VJQ0N6Wi1wZjhPMGd0Y3ZVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8x
ODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNlLzEvZG1jQ05zME9BNGFF
b3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZlIAwQCubegMA0GCSqGSIb3DQEB
CwUAA4IBAQB1liR9u6rHuxAjGEs2qSoU1RCJiE8fhLPH/cGCrWAJr+pTVXdnzye+
N8o6i6iyzWn30H9BM/WiiGUMi0ameONvu8Ltln3BRbctlW2zLXMJXBdw59MVX1I+
M+cPb08xolJFoUDbZ9O/v/lOjfZgXwpQCDCyVCXUh1uLGBSfUCLEUIo7o4s7CcI3
jt5dCdwTHeJP5IGXeKOWznLwCJjuv4vYGX+C5el/tMbvC74SgWrs7eROpObA7ccm
ZUP0Zj4JuLIp07WH+xfne0Q6BKaNnsJ3pEenYXdRFyBoAThYWn8+gD7uUPmrvVOe
3ijD3Ti1UKMcFVxLLG/2WasV5S4b34px
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:54:17 2025 by rpki-client