Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/DxpxRbnYal4c4rWAYaHb9IiIPJw.roa
File: DxpxRbnYal4c4rWAYaHb9IiIPJw.roa (raw, json)
Hash identifier: 6E+Wb6saxSdsuhe0lZZ5gCoRIQAiYNX956XoMnaU1SY=
Subject key identifier: 0F:1A:71:45:B9:D8:6A:5E:1C:E2:B5:80:61:A1:DB:F4:88:88:3C:9C
Certificate issuer: /CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Certificate serial: 4500
Authority key identifier: F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/DxpxRbnYal4c4rWAYaHb9IiIPJw.roa
Signing time: Mon 13 Jun 2022 07:33:02 +0000
ROA not before: Mon 13 Jun 2022 07:33:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200810
IP address blocks: 185.77.176.0/22 maxlen: 24
185.246.248.0/22 maxlen: 24
185.245.188.0/22 maxlen: 24
89.36.80.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17664 (0x4500)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Validity
Not Before: Jun 13 07:33:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f1a7145b9d86a5e1ce2b58061a1dbf488883c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:de:a0:20:8b:92:5b:9c:48:ec:45:e4:8f:
73:eb:ef:09:dc:eb:35:8b:ff:a7:d0:8d:ac:1b:c3:
1f:6c:5f:15:80:76:d3:b1:a4:da:e5:be:59:bc:ca:
22:bc:5d:eb:d4:4c:b4:29:70:40:6e:eb:6a:a6:07:
a0:4b:7f:68:88:db:40:6e:ab:a1:25:cd:05:0d:b9:
82:c0:fe:35:0e:88:f6:39:0a:1a:28:31:88:56:38:
cd:db:0a:70:36:69:59:0e:80:5c:90:77:13:0b:2c:
cb:b7:23:34:75:76:9d:8d:7c:43:d7:61:8f:2e:66:
32:6d:0e:9e:ee:b3:17:5d:d3:37:79:63:8f:47:2d:
89:fe:6d:ab:38:b8:e2:f9:b5:a2:e2:5b:78:aa:23:
11:48:88:a8:e3:58:ef:ff:f6:d1:de:f9:cf:e1:a3:
f0:53:25:46:dc:68:a1:8f:8d:f6:e2:00:e3:05:fa:
da:27:e9:aa:8d:f7:bf:c6:b0:52:9b:12:d6:44:9a:
fc:bb:7a:43:d6:75:05:a2:d1:8c:2c:20:8b:48:8e:
3a:45:68:e0:1f:05:2a:49:74:7d:b7:aa:0e:98:59:
61:9f:69:a6:02:7c:2d:71:da:31:fc:22:3e:7a:c2:
48:f5:97:ab:0e:eb:73:f8:82:ec:3d:1b:28:60:80:
38:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1A:71:45:B9:D8:6A:5E:1C:E2:B5:80:61:A1:DB:F4:88:88:3C:9C
X509v3 Authority Key Identifier:
keyid:F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/DxpxRbnYal4c4rWAYaHb9IiIPJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.80.0/21
185.77.176.0/22
185.245.188.0/22
185.246.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:9f:de:b1:ac:eb:6a:99:32:40:43:fb:89:fc:90:9d:6a:60:
00:b3:17:94:52:c0:a3:a2:83:1f:ab:8a:d9:35:8b:de:dc:83:
23:54:a2:63:c2:66:5b:0e:af:65:34:d8:08:d6:ba:68:f9:34:
1e:68:b5:c2:60:3e:c7:b2:9e:bd:7a:61:e6:48:6f:9f:82:ad:
ed:39:bf:96:6d:78:d5:95:d6:0f:39:2f:82:7e:9f:71:d5:c7:
26:29:16:94:01:62:82:80:aa:6c:8b:3f:d7:a4:99:43:0c:e0:
57:55:3f:e3:97:8c:b0:9c:33:cf:23:2e:a8:a3:92:b3:83:30:
5a:26:b6:02:52:24:db:f2:89:0b:47:a7:16:d5:92:e5:24:f9:
19:c8:7e:da:a9:2b:ce:99:7c:4e:55:b8:94:26:0f:0a:af:1e:
1a:8a:e3:98:d4:89:3e:cf:4d:4f:f0:d2:2f:0d:29:f7:b2:d0:
73:9b:2a:4d:ed:2f:aa:6d:bf:3e:de:79:35:e2:7c:c1:5a:73:
40:a8:26:cc:71:0e:f4:5d:31:eb:42:ce:c2:41:be:d3:7f:10:
ed:16:9a:fb:a3:94:6c:ae:9d:33:8b:39:e9:db:ab:23:6b:c2:
c6:df:0b:ec:69:98:7b:fc:a6:e5:76:5a:68:70:03:3f:f3:14:
d5:e6:53:67
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgICRQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoZjI3
YzkzZGRiMWExNzE1MWM1NmYyMmRjYWYzMWRkODIyOTQ2Mzc0MjAeFw0yMjA2MTMw
NzMzMDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBmMWE3MTQ1YjlkODZh
NWUxY2UyYjU4MDYxYTFkYmY0ODg4ODNjOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzHN6gIIuSW5xI7EXkj3Pr7wnc6zWL/6fQjawbwx9sXxWAdtOx
pNrlvlm8yiK8XevUTLQpcEBu62qmB6BLf2iI20Buq6ElzQUNuYLA/jUOiPY5Choo
MYhWOM3bCnA2aVkOgFyQdxMLLMu3IzR1dp2NfEPXYY8uZjJtDp7usxdd0zd5Y49H
LYn+bas4uOL5taLiW3iqIxFIiKjjWO//9tHe+c/ho/BTJUbcaKGPjfbiAOMF+ton
6aqN97/GsFKbEtZEmvy7ekPWdQWi0YwsIItIjjpFaOAfBSpJdH23qg6YWWGfaaYC
fC1x2jH8Ij56wkj1l6sO63P4guw9GyhggDjFAgMBAAGjggIbMIICFzAdBgNVHQ4E
FgQUDxpxRbnYal4c4rWAYaHb9IiIPJwwHwYDVR0jBBgwFoAU8nyT3bGhcVHFbyLc
rzHdgilGN0IwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84
bnlUM2JHaGNWSEZieUxjcnpIZGdpbEdOMEkuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzM5Lzk0NGYwOS00MDZlLTQ5ODUtOTkyOS0zNmUwYzhhZmUyNmEvMS9E
eHB4UmJuWWFsNGM0cldBWWFIYjlJaUlQSncucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM5Lzk0
NGYwOS00MDZlLTQ5ODUtOTkyOS0zNmUwYzhhZmUyNmEvMS84bnlUM2JHaGNWSEZi
eUxjcnpIZGdpbEdOMEkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwMQYI
KwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBANZJFADBAK5TbADBAK59bwDBAK59vgw
DQYJKoZIhvcNAQELBQADggEBAIuf3rGs62qZMkBD+4n8kJ1qYACzF5RSwKOigx+r
itk1i97cgyNUomPCZlsOr2U02AjWumj5NB5otcJgPseynr16YeZIb5+Cre05v5Zt
eNWV1g85L4J+n3HVxyYpFpQBYoKAqmyLP9ekmUMM4FdVP+OXjLCcM88jLqijkrOD
MFomtgJSJNvyiQtHpxbVkuUk+RnIftqpK86ZfE5VuJQmDwqvHhqK45jUiT7PTU/w
0i8NKfey0HObKk3tL6ptvz7eeTXifMFac0CoJsxxDvRdMetCzsJBvtN/EO0Wmvuj
lGyunTOLOenbqyNrwsbfC+xpmHv8puV2WmhwAz/zFNXmU2c=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:20 2025 by rpki-client