Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/x7MkR7FWbWFut0nRpJMEwSo_4o8.roa
File: x7MkR7FWbWFut0nRpJMEwSo_4o8.roa (raw, json)
Hash identifier: UtfwZqAXthxwEc4gVjrGM2XrdxffzC0FfYiiHZCm9rc=
Subject key identifier: C7:B3:24:47:B1:56:6D:61:6E:B7:49:D1:A4:93:04:C1:2A:3F:E2:8F
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 0184608B787C6F8BD93A2CE65E10CF1067DC
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/x7MkR7FWbWFut0nRpJMEwSo_4o8.roa
Signing time: Thu 10 Nov 2022 07:57:43 +0000
ROA not before: Thu 10 Nov 2022 07:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49409
IP address blocks: 95.141.80.0/20 maxlen: 24
185.134.124.0/22 maxlen: 24
2a02:f58::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:8b:78:7c:6f:8b:d9:3a:2c:e6:5e:10:cf:10:67:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Nov 10 07:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7b32447b1566d616eb749d1a49304c12a3fe28f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:72:7d:bb:f1:a9:38:c7:4a:2c:c4:e1:3d:e4:
64:70:2d:9d:c4:32:fc:8e:64:bd:30:57:86:fc:69:
2f:bb:ed:3e:90:30:78:eb:44:40:c2:9c:a0:56:6c:
ba:82:60:da:cd:5c:50:ce:1c:da:b7:36:ca:ed:e1:
d7:03:75:15:1d:74:0a:fa:bf:67:00:db:62:8c:6b:
9f:d0:31:27:02:7f:0b:64:25:e7:ee:23:09:90:91:
b4:8f:88:f2:9e:75:e2:f9:1e:db:ac:0a:d4:4a:2f:
30:17:56:bf:7b:ce:a3:97:27:de:9e:fd:2a:bf:25:
11:5f:23:7f:83:08:ce:01:76:e0:db:b6:bf:65:98:
8d:d5:93:3c:ba:9b:7e:d1:bc:10:42:aa:86:ef:0c:
b6:bb:0a:9b:8e:0c:0e:a2:88:32:17:2c:ac:ca:fe:
eb:ea:a0:00:32:86:aa:b7:aa:97:83:6d:98:a5:b1:
6b:2c:88:bd:0e:b5:55:12:ca:88:32:7a:88:4a:27:
af:32:32:0f:68:0c:03:fe:56:18:72:1b:0a:f9:97:
6c:b1:5d:90:dc:f9:84:67:8b:8b:c5:8c:18:27:fe:
af:24:4e:86:80:69:89:21:fd:ac:c7:03:9f:c3:e0:
97:d2:96:2f:f1:ea:15:58:c3:02:99:a3:4c:59:f1:
60:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B3:24:47:B1:56:6D:61:6E:B7:49:D1:A4:93:04:C1:2A:3F:E2:8F
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/x7MkR7FWbWFut0nRpJMEwSo_4o8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.80.0/20
185.134.124.0/22
IPv6:
2a02:f58::/29
Signature Algorithm: sha256WithRSAEncryption
16:c0:1a:5b:5b:ce:0a:3e:7a:c3:1c:25:23:d8:ac:4b:08:ca:
c6:1c:7d:62:f9:80:ea:3b:1b:b0:ae:2c:0a:98:88:e1:65:54:
29:eb:0b:57:7b:c5:1c:0f:51:1b:86:43:c3:20:0d:dd:58:a6:
c1:4f:7d:8f:2f:ed:a7:e0:1a:7c:79:55:ce:d2:45:5f:5b:6c:
e6:b9:5c:11:a4:16:67:14:b1:d4:46:1a:db:54:e7:5c:f4:80:
c1:35:a5:77:1a:71:1b:1e:59:d1:47:55:29:08:af:f0:25:e9:
4d:00:cd:31:8c:3b:f6:f3:e2:e7:eb:d4:05:e8:7b:35:af:1a:
e0:f0:f7:3e:15:f0:68:1a:fc:a6:4e:f2:dd:af:91:5d:c3:dc:
88:0b:50:32:0e:5a:7f:93:71:73:7f:c1:f8:7a:69:91:ff:d7:
5d:36:f5:52:7f:44:a2:f3:3b:c3:4f:78:31:8c:7a:76:61:78:
6c:37:ee:69:2f:5d:98:42:8b:f7:ee:85:52:1d:e2:24:01:20:
fb:7a:e2:c5:aa:a3:95:f0:22:8a:d3:23:a3:6b:38:6c:79:8c:
75:b7:7e:30:5b:9c:7b:90:37:fc:67:b8:53:1b:6b:77:69:00:
6a:bb:05:13:98:bd:ad:04:34:5e:3d:a7:18:85:7f:53:51:f5:
51:73:ab:ac
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRgi3h8b4vZOizmXhDPEGfcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjIxMTEwMDc1NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2IzMjQ0N2IxNTY2ZDYxNmViNzQ5ZDFhNDkzMDRjMTJhM2ZlMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXJ9u/GpOMdKLMThPeRkcC2dxDL8
jmS9MFeG/Gkvu+0+kDB460RAwpygVmy6gmDazVxQzhzatzbK7eHXA3UVHXQK+r9n
ANtijGuf0DEnAn8LZCXn7iMJkJG0j4jynnXi+R7brArUSi8wF1a/e86jlyfenv0q
vyURXyN/gwjOAXbg27a/ZZiN1ZM8upt+0bwQQqqG7wy2uwqbjgwOoogyFyysyv7r
6qAAMoaqt6qXg22YpbFrLIi9DrVVEsqIMnqISievMjIPaAwD/lYYchsK+ZdssV2Q
3PmEZ4uLxYwYJ/6vJE6GgGmJIf2sxwOfw+CX0pYv8eoVWMMCmaNMWfFgVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMezJEexVm1hbrdJ0aSTBMEqP+KPMB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEveDdNa1I3RldiV0Z1dDBuUnBKTUV3U29fNG84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEX41QAwQC
uYZ8MA0EAgACMAcDBQMqAg9YMA0GCSqGSIb3DQEBCwUAA4IBAQAWwBpbW84KPnrD
HCUj2KxLCMrGHH1i+YDqOxuwriwKmIjhZVQp6wtXe8UcD1EbhkPDIA3dWKbBT32P
L+2n4Bp8eVXO0kVfW2zmuVwRpBZnFLHURhrbVOdc9IDBNaV3GnEbHlnRR1UpCK/w
JelNAM0xjDv28+Ln69QF6Hs1rxrg8Pc+FfBoGvymTvLdr5Fdw9yIC1AyDlp/k3Fz
f8H4emmR/9ddNvVSf0Si8zvDT3gxjHp2YXhsN+5pL12YQov37oVSHeIkASD7euLF
qqOV8CKK0yOjazhseYx1t34wW5x7kDf8Z7hTG2t3aQBquwUTmL2tBDRePacYhX9T
UfVRc6us
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:48:17 2025 by rpki-client