Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pu8srvSZi2Kw1pvrdn7uXMkA2xk.roa
File: pu8srvSZi2Kw1pvrdn7uXMkA2xk.roa (raw, json)
Hash identifier: n13xLVZu/MVCz1A9Pmmr3e3i7LYyBunQu7g7/X1r9G0=
Subject key identifier: A6:EF:2C:AE:F4:99:8B:62:B0:D6:9B:EB:76:7E:EE:5C:C9:00:DB:19
Certificate issuer: /CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Certificate serial: 0405360B
Authority key identifier: A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pu8srvSZi2Kw1pvrdn7uXMkA2xk.roa
Signing time: Thu 03 Feb 2022 23:23:39 +0000
ROA not before: Thu 03 Feb 2022 23:23:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203965
IP address blocks: 185.118.172.0/24 maxlen: 24
185.118.172.0/22 maxlen: 22
185.118.175.0/24 maxlen: 24
185.118.174.0/24 maxlen: 24
185.118.173.0/24 maxlen: 24
2a06:9380::/29 maxlen: 48
2a06:9380:172::/48 maxlen: 48
2a06:9380:173::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67450379 (0x405360b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Validity
Not Before: Feb 3 23:23:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6ef2caef4998b62b0d69beb767eee5cc900db19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:00:03:4c:74:3c:20:f5:65:32:ae:5f:f9:93:
d9:4b:a4:f6:80:b2:7b:79:0e:9a:aa:cf:e7:7e:77:
27:08:ad:b2:9e:78:3d:47:6b:a5:ee:0f:54:bf:db:
49:54:b7:87:9d:c5:6e:96:24:b5:5a:ef:4f:38:76:
60:2b:81:28:35:32:02:95:f6:64:f2:36:50:a0:6a:
8f:d5:53:8c:0f:9e:40:a7:e2:8e:d0:6d:9c:aa:0c:
82:ff:a2:29:00:87:67:87:5d:2e:8b:98:c2:61:cc:
6c:53:66:8e:d0:8e:53:81:74:a8:17:59:ae:6a:c3:
2c:7d:27:f4:ab:7b:b3:ee:af:1e:80:e6:0d:7c:73:
1c:42:03:8a:81:ef:0b:c9:b7:ef:37:f8:02:63:5d:
0a:ed:58:51:ad:c1:6f:93:ed:0f:24:e7:0c:4a:22:
7b:0a:ec:61:f5:5a:cf:ad:a4:ac:fa:61:98:40:bc:
97:7e:cc:78:9c:e2:a9:b3:4e:7e:9b:a9:10:80:b6:
f9:4a:40:6a:1e:3f:4b:ae:91:44:9f:7b:8f:f9:4f:
9e:9b:31:05:22:8f:44:6d:53:7b:4e:e1:53:84:c4:
b4:99:75:80:4e:74:22:5b:48:70:e1:e5:19:49:2c:
a1:60:a4:4a:fc:1f:7d:71:ec:d5:28:84:57:1a:dd:
e5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:EF:2C:AE:F4:99:8B:62:B0:D6:9B:EB:76:7E:EE:5C:C9:00:DB:19
X509v3 Authority Key Identifier:
keyid:A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/pu8srvSZi2Kw1pvrdn7uXMkA2xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.172.0/22
IPv6:
2a06:9380::/29
Signature Algorithm: sha256WithRSAEncryption
81:4e:76:7a:ff:20:0f:ef:93:fc:2d:80:e6:58:03:55:c4:a9:
f7:72:cd:21:77:33:21:3a:6b:61:8b:f2:bc:f0:53:f2:a5:95:
75:39:e9:eb:b6:d2:2f:1e:10:64:70:d8:0c:d9:a7:7a:de:02:
c4:15:99:83:ed:ef:5d:e5:f9:37:a8:28:eb:61:9d:30:2c:4f:
37:be:6b:4a:4e:73:53:ba:5f:bf:e5:48:60:a2:7b:92:15:2a:
c4:0c:fc:2e:78:83:3b:df:5b:40:bd:5a:04:9e:e2:4d:f3:86:
64:9b:ea:09:35:6f:c1:c1:65:8b:12:67:4b:32:f8:f7:d5:82:
37:c1:29:80:17:a9:ca:dc:24:42:93:0a:b5:4f:86:a3:c2:04:
e7:c3:e2:90:e0:c6:a4:e2:78:46:b1:78:76:08:ef:8a:95:c7:
cc:e4:6c:01:36:d9:4a:12:65:76:53:f5:ad:e5:db:da:09:4e:
14:e8:e3:d0:5b:d5:25:0c:d7:2b:4a:6d:7f:32:f9:99:d4:ac:
2b:9f:fb:14:90:57:37:39:61:d9:1c:16:42:0d:2e:af:fc:50:
fa:6f:8e:c5:0e:66:2e:94:2a:24:b0:fb:e8:c8:67:f7:1a:3c:
18:1a:37:11:2a:79:5f:66:f9:88:f9:e4:de:de:de:37:81:bd:
cd:05:37:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBAU2CzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzJkMTc4YzhlNTNmNTIxMzFjMWZiNjQ3NDNjOTYwY2Y4OTdmZDBjMB4XDTIyMDIw
MzIzMjMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTZlZjJjYWVmNDk5
OGI2MmIwZDY5YmViNzY3ZWVlNWNjOTAwZGIxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQAA0x0PCD1ZTKuX/mT2Uuk9oCye3kOmqrP5353Jwitsp54
PUdrpe4PVL/bSVS3h53FbpYktVrvTzh2YCuBKDUyApX2ZPI2UKBqj9VTjA+eQKfi
jtBtnKoMgv+iKQCHZ4ddLouYwmHMbFNmjtCOU4F0qBdZrmrDLH0n9Kt7s+6vHoDm
DXxzHEIDioHvC8m37zf4AmNdCu1YUa3Bb5PtDyTnDEoiewrsYfVaz62krPphmEC8
l37MeJziqbNOfpupEIC2+UpAah4/S66RRJ97j/lPnpsxBSKPRG1Te07hU4TEtJl1
gE50IltIcOHlGUksoWCkSvwffXHs1SiEVxrd5eUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSm7yyu9JmLYrDWm+t2fu5cyQDbGTAfBgNVHSMEGDAWgBSnLReMjlP1ITHB
+2R0PJYM+Jf9DDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3B5MFhqSTVUOVNFeHdmdGtkRHlXRFBpWF9Rdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMWI4MTNhLTVlODYtNDViMC05OWNkLTI4YjlkMjYxZWNiMS8x
L3B1OHNydlNaaTJLdzFwdnJkbjd1WE1rQTJ4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MWI4MTNhLTVlODYtNDViMC05OWNkLTI4YjlkMjYxZWNiMS8xL3B5MFhqSTVUOVNF
eHdmdGtkRHlXRFBpWF9Rdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl2rDANBAIAAjAHAwUDKgaTgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgU52ev8gD++T/C2A5lgDVcSp93LNIXczITprYYvy
vPBT8qWVdTnp67bSLx4QZHDYDNmnet4CxBWZg+3vXeX5N6go62GdMCxPN75rSk5z
U7pfv+VIYKJ7khUqxAz8LniDO99bQL1aBJ7iTfOGZJvqCTVvwcFlixJnSzL499WC
N8EpgBepytwkQpMKtU+Go8IE58PikODGpOJ4RrF4dgjvipXHzORsATbZShJldlP1
reXb2glOFOjj0FvVJQzXK0ptfzL5mdSsK5/7FJBXNzlh2RwWQg0ur/xQ+m+OxQ5m
LpQqJLD76Mhn9xo8GBo3ESp5X2b5iPnk3t7eN4G9zQU3kg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:27 2025 by rpki-client