Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/4cyZXgH-iTdCQ5rStW5t6f8kK4I.roa
File: 4cyZXgH-iTdCQ5rStW5t6f8kK4I.roa (raw, json)
Hash identifier: d3gDKL8UJ6Ea6XdxFqrGfKfYXsMj8A7Z9XyCy+1tYdg=
Subject key identifier: E1:CC:99:5E:01:FE:89:37:42:43:9A:D2:B5:6E:6D:E9:FF:24:2B:82
Certificate issuer: /CN=736ef5730050c720f8c790466eb8b8a48efbe749
Certificate serial: 0A71315F
Authority key identifier: 73:6E:F5:73:00:50:C7:20:F8:C7:90:46:6E:B8:B8:A4:8E:FB:E7:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c271cwBQxyD4x5BGbri4pI7750k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/4cyZXgH-iTdCQ5rStW5t6f8kK4I.roa
Signing time: Fri 11 Feb 2022 07:33:49 +0000
ROA not before: Fri 11 Feb 2022 07:33:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42977
IP address blocks: 185.192.14.0/24 maxlen: 24
185.192.12.0/24 maxlen: 24
185.192.13.0/24 maxlen: 24
2a0a:25c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175190367 (0xa71315f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736ef5730050c720f8c790466eb8b8a48efbe749
Validity
Not Before: Feb 11 07:33:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1cc995e01fe893742439ad2b56e6de9ff242b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:d3:59:fd:6a:f3:46:b6:2b:62:84:41:6b:
0f:e4:f3:91:f0:3b:e6:2b:f7:4e:1f:5d:c9:41:3b:
cd:93:9a:99:ad:eb:84:c4:7d:65:a0:84:5c:c9:c8:
62:ad:5d:45:94:e4:5e:be:c1:b4:2a:be:8d:12:c7:
d6:40:99:ac:2f:97:de:92:db:bb:38:6c:c9:47:58:
f9:c2:b7:dc:ab:67:e5:bd:55:dc:98:ef:69:e1:36:
e2:2c:d3:8c:97:9f:28:a2:5f:7b:67:96:c7:8e:70:
85:d9:cc:45:96:77:43:fa:28:26:b9:24:70:a3:d3:
f1:c7:97:df:7e:30:47:75:d1:be:7a:6b:14:20:c9:
97:0f:0a:62:4d:f0:53:63:cf:06:69:11:dd:42:52:
1d:8b:5c:05:1f:28:e4:ed:da:ee:f2:aa:26:e5:32:
5e:db:29:a0:fd:a3:2e:4a:af:37:0d:83:7d:49:f7:
51:39:20:4a:97:86:27:d6:0b:f4:26:fa:1e:32:d2:
ca:bc:80:7d:40:36:ec:e9:15:78:73:95:a0:87:55:
b6:70:64:51:24:bd:b5:1a:4b:87:4a:af:cf:c4:f3:
9b:b7:eb:26:ab:15:f3:d5:c9:9c:33:3b:62:e0:17:
29:aa:0c:cc:5f:64:80:85:5f:f2:26:2a:dc:4b:79:
ff:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CC:99:5E:01:FE:89:37:42:43:9A:D2:B5:6E:6D:E9:FF:24:2B:82
X509v3 Authority Key Identifier:
keyid:73:6E:F5:73:00:50:C7:20:F8:C7:90:46:6E:B8:B8:A4:8E:FB:E7:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c271cwBQxyD4x5BGbri4pI7750k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/4cyZXgH-iTdCQ5rStW5t6f8kK4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/c271cwBQxyD4x5BGbri4pI7750k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.12.0-185.192.14.255
IPv6:
2a0a:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
af:7e:fe:04:f2:91:2f:d3:d4:f1:f4:9f:d4:fb:30:20:e2:ba:
25:65:c2:62:fb:80:8d:8a:a2:04:a1:81:70:68:a7:45:1e:9d:
4a:aa:6b:66:09:9f:22:bd:30:31:78:98:4a:b6:fa:72:1b:cf:
78:56:fb:69:bd:f9:32:b3:2a:49:08:db:dc:92:b0:9b:25:43:
b5:6c:bf:77:85:0e:8f:4c:67:37:19:b1:c5:36:91:77:07:c8:
70:3c:b2:0b:e7:63:41:fa:db:56:0d:b9:79:8d:c2:f5:42:69:
45:56:73:5c:0c:47:b8:2e:89:bf:3c:4f:75:8f:2a:9a:76:12:
28:9f:0d:85:6c:64:0d:11:f8:66:31:22:40:b6:48:a2:d3:89:
6f:7f:1c:b2:16:c1:20:13:0e:c1:79:60:2d:fc:da:d9:b4:f0:
74:70:14:11:1d:3d:3b:6f:25:96:1e:1c:de:1c:8d:0e:df:a4:
61:a6:c8:a9:d5:25:c5:3f:77:44:f1:66:d3:24:8c:57:eb:1a:
2f:1f:67:64:c0:9b:ca:78:cb:71:62:ac:95:dc:c5:c7:6e:40:
67:9d:f7:ac:dc:aa:98:ca:ac:ac:9d:af:8b:3d:d4:3d:27:4c:
d2:dc:02:cf:5f:62:38:ff:0c:dc:70:e0:f1:01:e3:4a:af:1f:
4b:32:5e:68
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECnExXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MzZlZjU3MzAwNTBjNzIwZjhjNzkwNDY2ZWI4YjhhNDhlZmJlNzQ5MB4XDTIyMDIx
MTA3MzM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFjYzk5NWUwMWZl
ODkzNzQyNDM5YWQyYjU2ZTZkZTlmZjI0MmI4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcZ01n9avNGtitihEFrD+TzkfA75iv3Th9dyUE7zZOama3r
hMR9ZaCEXMnIYq1dRZTkXr7BtCq+jRLH1kCZrC+X3pLbuzhsyUdY+cK33Ktn5b1V
3JjvaeE24izTjJefKKJfe2eWx45whdnMRZZ3Q/ooJrkkcKPT8ceX334wR3XRvnpr
FCDJlw8KYk3wU2PPBmkR3UJSHYtcBR8o5O3a7vKqJuUyXtspoP2jLkqvNw2DfUn3
UTkgSpeGJ9YL9Cb6HjLSyryAfUA27OkVeHOVoIdVtnBkUSS9tRpLh0qvz8Tzm7fr
JqsV89XJnDM7YuAXKaoMzF9kgIVf8iYq3Et5/0ECAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBThzJleAf6JN0JDmtK1bm3p/yQrgjAfBgNVHSMEGDAWgBRzbvVzAFDHIPjH
kEZuuLikjvvnSTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2MyNzFjd0JReHlENHg1Qkdicmk0cEk3NzUway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvODQ5MjgxLWEzMDItNGZmOC05MmUzLTNhZTRmOWNmMjY4My8x
LzRjeVpYZ0gtaVRkQ1E1clN0VzV0NmY4a0s0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ODQ5MjgxLWEzMDItNGZmOC05MmUzLTNhZTRmOWNmMjY4My8xL2MyNzFjd0JReHlE
NHg1Qkdicmk0cEk3NzUway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQCucAMAwQAucAOMA0EAgACMAcD
BQMqCiXAMA0GCSqGSIb3DQEBCwUAA4IBAQCvfv4E8pEv09Tx9J/U+zAg4rolZcJi
+4CNiqIEoYFwaKdFHp1KqmtmCZ8ivTAxeJhKtvpyG894VvtpvfkysypJCNvckrCb
JUO1bL93hQ6PTGc3GbHFNpF3B8hwPLIL52NB+ttWDbl5jcL1QmlFVnNcDEe4Lom/
PE91jyqadhIonw2FbGQNEfhmMSJAtkii04lvfxyyFsEgEw7BeWAt/NrZtPB0cBQR
HT07byWWHhzeHI0O36Rhpsip1SXFP3dE8WbTJIxX6xovH2dkwJvKeMtxYqyV3MXH
bkBnnfes3KqYyqysna+LPdQ9J0zS3ALPX2I4/wzccODxAeNKrx9LMl5o
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:34 2025 by rpki-client