Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/57J-DDZPXCKkLw1GNsTO6i4mk3Q.roa
File: 57J-DDZPXCKkLw1GNsTO6i4mk3Q.roa (raw, json)
Hash identifier: vS+23L31/bK80xANIwpgzEHOMXCM/6m4j9NLi3hynlo=
Subject key identifier: E7:B2:7E:0C:36:4F:5C:22:A4:2F:0D:46:36:C4:CE:EA:2E:26:93:74
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01855CEB49D84E3CFD54CAB9D0B77FCA9DDD
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/57J-DDZPXCKkLw1GNsTO6i4mk3Q.roa
Signing time: Thu 29 Dec 2022 08:06:41 +0000
ROA not before: Thu 29 Dec 2022 08:06:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201128
IP address blocks: 194.110.168.0/24 maxlen: 24
194.110.171.0/24 maxlen: 24
194.110.170.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:eb:49:d8:4e:3c:fd:54:ca:b9:d0:b7:7f:ca:9d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Dec 29 08:06:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7b27e0c364f5c22a42f0d4636c4ceea2e269374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:49:23:f0:4b:10:ed:3e:14:bf:46:ed:e2:14:
a6:5b:f2:1d:5c:f1:4a:54:2a:99:6c:29:e9:f1:66:
67:8d:d5:01:a0:d8:db:a6:ea:95:f0:62:c8:ee:f5:
35:d6:9d:53:75:76:1b:70:5c:73:ed:30:a0:8c:ff:
1d:c8:96:a4:50:d7:da:da:a2:e0:ac:2d:83:86:ff:
67:e1:d3:21:e7:5d:df:a8:fe:23:2b:8c:63:ef:27:
9a:1e:b3:d2:06:0b:98:3a:16:7b:b6:e2:79:f3:0e:
82:5d:5f:d2:5f:f4:02:57:5a:d6:95:52:27:6b:eb:
cf:6b:f6:88:e7:ce:1e:e0:15:f6:cf:e1:7e:42:c9:
4a:2e:1d:15:c9:b9:f3:56:60:25:41:06:d5:e8:49:
3a:e4:5d:36:06:b9:fd:19:fc:40:c3:cf:3f:79:dc:
83:8c:34:fc:f0:dc:4c:15:7a:57:7e:c4:0a:14:14:
50:1d:3e:6e:dd:5c:fa:54:30:e0:0d:cf:f0:45:48:
03:f0:35:0f:d0:fb:2b:f3:e4:41:07:e8:89:66:22:
5f:70:f5:ea:92:7d:66:48:8e:80:b9:f5:5a:a4:89:
03:20:ba:7d:1b:bd:74:77:11:45:dc:f0:90:95:fc:
f6:f8:a0:8d:37:82:32:3d:48:45:9c:67:8d:b2:a9:
14:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:B2:7E:0C:36:4F:5C:22:A4:2F:0D:46:36:C4:CE:EA:2E:26:93:74
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/57J-DDZPXCKkLw1GNsTO6i4mk3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/23
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
a6:b6:50:11:2b:4a:7f:b9:9f:4d:44:ec:f5:60:b2:15:56:f8:
55:25:7f:21:51:a4:32:cb:8e:20:01:41:14:20:f9:ea:1d:02:
ce:d1:b9:e6:38:b3:db:2a:0c:e3:9a:e9:6d:ef:5d:a9:42:f4:
4d:28:67:ec:8e:a3:41:94:6c:8a:7b:7d:54:13:24:55:c9:9c:
5c:c2:c5:c2:2f:71:31:f4:7e:5c:e8:a6:25:75:73:43:38:7e:
76:07:17:b9:95:e0:bc:c0:2a:a7:e6:39:a4:a6:35:66:df:9a:
82:3d:1a:80:bd:d0:f8:92:af:4c:ca:c0:cd:39:2c:02:6c:e8:
fb:8c:ac:4b:c2:f5:17:0e:12:10:72:c5:2d:9a:1f:2c:8e:20:
cc:6b:6a:1d:2a:0d:81:a7:51:ea:70:42:be:e5:73:63:fa:07:
f7:56:f6:93:26:47:9f:85:5b:2c:d2:a8:79:73:4c:09:40:0c:
68:79:75:36:39:8a:5c:1c:f0:e1:9e:1f:3d:16:02:cd:81:20:
a2:a6:64:8f:26:f1:54:5d:0b:51:7e:90:f1:13:d7:47:1c:97:
04:42:88:f9:96:df:a8:76:ee:55:8a:82:fb:90:ee:c7:55:45:
92:c6:f6:df:3e:17:1c:c4:a7:04:21:d3:5a:d0:57:73:90:7c:
41:0e:99:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVc60nYTjz9VMq50Ld/yp3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjIxMjI5MDgwNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2IyN2UwYzM2NGY1YzIyYTQyZjBkNDYzNmM0Y2VlYTJlMjY5Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkkj8EsQ7T4Uv0bt4hSmW/IdXPFK
VCqZbCnp8WZnjdUBoNjbpuqV8GLI7vU11p1TdXYbcFxz7TCgjP8dyJakUNfa2qLg
rC2Dhv9n4dMh513fqP4jK4xj7yeaHrPSBguYOhZ7tuJ58w6CXV/SX/QCV1rWlVIn
a+vPa/aI584e4BX2z+F+QslKLh0VybnzVmAlQQbV6Ek65F02Brn9GfxAw88/edyD
jDT88NxMFXpXfsQKFBRQHT5u3Vz6VDDgDc/wRUgD8DUP0Psr8+RBB+iJZiJfcPXq
kn1mSI6AufVapIkDILp9G710dxFF3PCQlfz2+KCNN4IyPUhFnGeNsqkUXwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOeyfgw2T1wipC8NRjbEzuouJpN0MB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvNTdKLUREWlBYQ0trTHcxR05zVE82aTRtazNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQBwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQCmtlAR
K0p/uZ9NROz1YLIVVvhVJX8hUaQyy44gAUEUIPnqHQLO0bnmOLPbKgzjmult712p
QvRNKGfsjqNBlGyKe31UEyRVyZxcwsXCL3Ex9H5c6KYldXNDOH52Bxe5leC8wCqn
5jmkpjVm35qCPRqAvdD4kq9MysDNOSwCbOj7jKxLwvUXDhIQcsUtmh8sjiDMa2od
Kg2Bp1HqcEK+5XNj+gf3VvaTJkefhVss0qh5c0wJQAxoeXU2OYpcHPDhnh89FgLN
gSCipmSPJvFUXQtRfpDxE9dHHJcEQoj5lt+odu5VioL7kO7HVUWSxvbfPhccxKcE
IdNa0FdzkHxBDplt
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:01:07 2025 by rpki-client