Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/xtF5GJkG0IwqPtlHmsjdoonVF8c.roa
File: xtF5GJkG0IwqPtlHmsjdoonVF8c.roa (raw, json)
Hash identifier: jy9wHaotLbtvmKyEnc4Xqn87etqMfPth2w+VKq20984=
Subject key identifier: C6:D1:79:18:99:06:D0:8C:2A:3E:D9:47:9A:C8:DD:A2:89:D5:17:C7
Certificate issuer: /CN=25a3f511d0095606a525084ae460836dc5d24397
Certificate serial: 1B5C3B00
Authority key identifier: 25:A3:F5:11:D0:09:56:06:A5:25:08:4A:E4:60:83:6D:C5:D2:43:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaP1EdAJVgalJQhK5GCDbcXSQ5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/xtF5GJkG0IwqPtlHmsjdoonVF8c.roa
Signing time: Sat 01 Jan 2022 13:03:12 +0000
ROA not before: Sat 01 Jan 2022 13:03:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60608
IP address blocks: 185.28.122.0/24 maxlen: 24
185.28.121.0/24 maxlen: 24
185.28.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459029248 (0x1b5c3b00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a3f511d0095606a525084ae460836dc5d24397
Validity
Not Before: Jan 1 13:03:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6d179189906d08c2a3ed9479ac8dda289d517c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:63:59:45:b0:4c:0e:f5:49:e6:f9:e5:80:3f:
c8:e0:e9:d7:21:ef:84:01:6c:f8:c2:5f:57:13:0c:
de:80:87:ca:9c:9c:b0:d8:7c:e5:89:b2:10:02:dd:
8c:27:23:fa:94:c7:38:35:40:77:fb:f5:c3:79:75:
81:34:07:b6:8f:6b:48:52:db:05:7f:f6:02:96:4a:
6e:f0:34:fc:ee:73:f9:7f:36:fc:f8:1f:a4:f8:7b:
cb:2d:f4:7b:9c:77:5e:9e:8f:02:bb:af:3b:ef:2e:
18:a5:d1:2a:fe:ca:15:de:05:91:8a:ca:ed:08:3b:
52:f1:e8:3d:f6:44:08:eb:eb:2f:a0:c4:68:2c:09:
0c:06:83:98:d0:18:d8:0d:81:0f:75:24:c8:f8:0c:
b0:1d:40:ba:f5:ae:10:49:bd:a6:75:49:89:79:bb:
5a:9f:8b:02:3d:a7:f0:6b:4c:a2:92:0d:c4:17:9e:
98:47:3b:2d:ce:0e:a5:3a:63:6b:60:13:53:7c:e3:
5d:81:42:cc:9d:f8:8a:0e:68:a0:da:d9:5e:44:8e:
f1:8c:9f:88:63:0c:89:59:42:3b:37:f6:75:50:d3:
5a:49:86:f1:7d:d4:cd:74:d2:e2:a3:54:5d:90:11:
b7:dd:75:20:2d:5d:18:47:2b:4f:82:71:a1:fe:c1:
58:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:D1:79:18:99:06:D0:8C:2A:3E:D9:47:9A:C8:DD:A2:89:D5:17:C7
X509v3 Authority Key Identifier:
keyid:25:A3:F5:11:D0:09:56:06:A5:25:08:4A:E4:60:83:6D:C5:D2:43:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaP1EdAJVgalJQhK5GCDbcXSQ5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/xtF5GJkG0IwqPtlHmsjdoonVF8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/JaP1EdAJVgalJQhK5GCDbcXSQ5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.120.0-185.28.122.255
Signature Algorithm: sha256WithRSAEncryption
17:3e:d5:a6:45:06:0b:d8:cc:e0:a8:37:b4:d6:f2:30:d7:19:
d6:fa:9f:1b:c3:81:a1:49:2d:ab:a3:b3:55:27:c6:2b:c3:d0:
ba:e7:d0:0d:84:02:fa:04:3f:c2:5e:c3:fb:1e:06:bd:c5:b7:
d5:9f:b5:32:b9:45:7f:f2:41:7a:06:28:19:e5:94:c5:ae:40:
c4:74:3d:c4:d3:40:d4:96:bf:51:c4:d3:24:b9:b3:a8:9d:5e:
df:18:3b:33:4d:dd:5d:c9:d4:36:39:14:9b:3d:cf:50:5d:f3:
67:55:50:f6:1a:b4:50:13:47:10:83:5e:0b:01:d0:18:6a:63:
69:bf:0f:d8:ef:12:22:89:b9:7a:04:ad:24:8e:d1:02:a8:11:
f7:d6:0a:d3:63:1b:9a:be:70:7b:d2:d5:bd:65:95:2f:44:29:
8e:50:94:e3:8c:9e:ab:d6:5d:2e:7c:f8:99:c6:41:47:b1:67:
5d:d7:16:18:b4:69:62:e5:32:0d:a6:bf:05:37:94:25:d9:ca:
1b:71:db:73:bd:d7:20:21:65:b7:37:26:cf:8a:02:6f:d9:2d:
2e:cb:8e:bf:b5:e8:b4:db:17:b0:3a:f0:7a:1a:36:ff:1a:fe:
bc:31:ba:ca:dc:e1:62:bb:e4:aa:85:03:08:66:08:11:bd:da:
ce:48:78:68
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEG1w7ADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWEzZjUxMWQwMDk1NjA2YTUyNTA4NGFlNDYwODM2ZGM1ZDI0Mzk3MB4XDTIyMDEw
MTEzMDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZkMTc5MTg5OTA2
ZDA4YzJhM2VkOTQ3OWFjOGRkYTI4OWQ1MTdjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVjWUWwTA71Seb55YA/yODp1yHvhAFs+MJfVxMM3oCHypyc
sNh85YmyEALdjCcj+pTHODVAd/v1w3l1gTQHto9rSFLbBX/2ApZKbvA0/O5z+X82
/PgfpPh7yy30e5x3Xp6PAruvO+8uGKXRKv7KFd4FkYrK7Qg7UvHoPfZECOvrL6DE
aCwJDAaDmNAY2A2BD3UkyPgMsB1AuvWuEEm9pnVJiXm7Wp+LAj2n8GtMopINxBee
mEc7Lc4OpTpja2ATU3zjXYFCzJ34ig5ooNrZXkSO8YyfiGMMiVlCOzf2dVDTWkmG
8X3UzXTS4qNUXZARt911IC1dGEcrT4Jxof7BWAkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTG0XkYmQbQjCo+2UeayN2iidUXxzAfBgNVHSMEGDAWgBQlo/UR0AlWBqUl
CErkYINtxdJDlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0phUDFFZEFKVmdhbEpRaEs1R0NEYmNYU1E1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvZDhiMDA5LWQ5MjMtNGJmZi1hODJmLWU4YjcwYWE0NDJmZC8x
L3h0RjVHSmtHMEl3cVB0bEhtc2pkb29uVkY4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
ZDhiMDA5LWQ5MjMtNGJmZi1hODJmLWU4YjcwYWE0NDJmZC8xL0phUDFFZEFKVmdh
bEpRaEs1R0NEYmNYU1E1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDuRx4AwQAuRx6MA0GCSqGSIb3
DQEBCwUAA4IBAQAXPtWmRQYL2MzgqDe01vIw1xnW+p8bw4GhSS2ro7NVJ8Yrw9C6
59ANhAL6BD/CXsP7Hga9xbfVn7UyuUV/8kF6BigZ5ZTFrkDEdD3E00DUlr9RxNMk
ubOonV7fGDszTd1dydQ2ORSbPc9QXfNnVVD2GrRQE0cQg14LAdAYamNpvw/Y7xIi
ibl6BK0kjtECqBH31grTYxuavnB70tW9ZZUvRCmOUJTjjJ6r1l0ufPiZxkFHsWdd
1xYYtGli5TINpr8FN5Ql2cobcdtzvdcgIWW3NybPigJv2S0uy46/tei02xewOvB6
Gjb/Gv68MbrK3OFiu+SqhQMIZggRvdrOSHho
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:52:56 2025 by rpki-client