Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/d6374g5xN4NK8l4wHOa3UAgBeZs.roa
File: d6374g5xN4NK8l4wHOa3UAgBeZs.roa (raw, json)
Hash identifier: +gNVLTtI+RVRGwWcqhZVTGXjY0SeJ6S2wDEP6lOYaSI=
Subject key identifier: 77:AD:FB:E2:0E:71:37:83:4A:F2:5E:30:1C:E6:B7:50:08:01:79:9B
Certificate issuer: /CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Certificate serial: 363E673C
Authority key identifier: FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/d6374g5xN4NK8l4wHOa3UAgBeZs.roa
Signing time: Sat 01 Jan 2022 11:54:32 +0000
ROA not before: Sat 01 Jan 2022 11:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15866
IP address blocks: 185.45.88.0/22 maxlen: 22
94.232.192.0/21 maxlen: 21
217.171.240.0/20 maxlen: 20
2a00:1920::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 910059324 (0x363e673c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde8d1c6aaf4a93ff41bbfa1bd1dac6197d59575
Validity
Not Before: Jan 1 11:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77adfbe20e7137834af25e301ce6b7500801799b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:aa:da:ba:3a:3f:17:2e:41:6d:1e:02:1a:8e:
45:02:e2:69:90:ea:63:ac:9b:6d:19:b1:62:82:7d:
45:a7:3f:0c:be:3d:9d:60:a7:b5:97:02:0c:41:0e:
95:5a:13:61:c6:c4:9c:a2:21:f4:fd:2a:6d:81:b7:
2d:78:d5:f2:81:eb:f7:e2:dd:c3:6e:b1:a3:2d:0e:
0a:6a:78:a0:81:72:5e:16:97:0e:e2:f0:55:ca:4c:
f7:27:10:14:63:0d:19:51:ea:b4:26:90:9a:9a:58:
2a:6d:b7:ed:5c:17:2d:fe:7e:8c:6c:ef:b6:d6:23:
bb:e8:16:8a:bb:72:01:d5:b1:70:fd:21:aa:16:9b:
b7:1a:0f:94:1c:b1:77:2e:43:2b:db:df:4c:9c:21:
44:9d:df:7c:ab:3f:f2:da:4b:fc:89:d1:9b:4b:c0:
8a:40:85:76:8a:67:80:24:a0:b0:5c:e5:be:31:7e:
33:83:be:90:a8:ba:ec:40:39:ea:72:90:15:97:9e:
f9:78:83:21:6e:2f:bd:fd:18:44:cc:b9:8b:43:94:
2f:21:e8:49:d8:01:b0:5e:67:c3:db:69:e4:42:71:
a3:8f:94:af:86:b1:39:c1:0c:5b:5b:a1:58:36:69:
84:17:97:63:2d:e4:e7:e6:44:06:1d:c2:df:6a:5b:
d0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AD:FB:E2:0E:71:37:83:4A:F2:5E:30:1C:E6:B7:50:08:01:79:9B
X509v3 Authority Key Identifier:
keyid:FD:E8:D1:C6:AA:F4:A9:3F:F4:1B:BF:A1:BD:1D:AC:61:97:D5:95:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ejRxqr0qT_0G7-hvR2sYZfVlXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/d6374g5xN4NK8l4wHOa3UAgBeZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/496885-709f-4bbb-9375-954d19549b61/1/_ejRxqr0qT_0G7-hvR2sYZfVlXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.192.0/21
185.45.88.0/22
217.171.240.0/20
IPv6:
2a00:1920::/48
Signature Algorithm: sha256WithRSAEncryption
96:e8:b4:3b:02:5a:4f:0a:02:73:e3:fb:ff:a6:0b:70:65:19:
68:05:36:a1:be:6b:df:02:eb:ac:fe:c5:e6:66:89:ca:e4:4c:
43:60:44:19:bc:29:e3:22:f8:39:40:7f:a7:ae:2f:ca:92:93:
1f:e8:d3:9e:e5:19:9e:ca:e8:0d:c4:12:b3:e9:f4:fa:31:81:
77:ac:2f:73:fb:7c:10:ba:7f:cb:91:20:53:b7:65:64:c4:00:
f5:0d:09:22:3a:59:ee:d4:e4:26:05:a1:c9:22:e0:06:49:cd:
65:47:5c:f9:1b:6a:2f:ab:c3:38:af:cd:14:e4:74:a6:7b:e9:
6c:b4:88:15:2c:b0:1d:7e:5d:a8:3d:a9:95:23:d2:6a:84:67:
0b:80:a5:3e:c1:e3:15:90:5f:71:d0:e1:1d:22:77:3b:d3:ba:
fc:f2:dd:4c:29:ff:61:1e:0e:c8:bf:3b:be:e8:a3:e5:e8:62:
dd:e1:14:28:50:5f:18:61:1e:4d:c1:d5:19:e9:0b:34:ce:be:
cf:d5:ee:36:f9:69:bc:85:30:2d:3a:34:e0:6c:3c:fa:bc:d0:
56:20:ca:9b:ff:25:74:03:a9:9a:a8:86:b8:3e:81:94:2d:ac:
15:25:42:0f:a1:e0:73:b0:ac:19:fb:5c:93:5f:a8:e1:59:80:
f5:3a:72:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIENj5nPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZGU4ZDFjNmFhZjRhOTNmZjQxYmJmYTFiZDFkYWM2MTk3ZDU5NTc1MB4XDTIyMDEw
MTExNTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzdhZGZiZTIwZTcx
Mzc4MzRhZjI1ZTMwMWNlNmI3NTAwODAxNzk5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2q2ro6PxcuQW0eAhqORQLiaZDqY6ybbRmxYoJ9Rac/DL49
nWCntZcCDEEOlVoTYcbEnKIh9P0qbYG3LXjV8oHr9+Ldw26xoy0OCmp4oIFyXhaX
DuLwVcpM9ycQFGMNGVHqtCaQmppYKm237VwXLf5+jGzvttYju+gWirtyAdWxcP0h
qhabtxoPlByxdy5DK9vfTJwhRJ3ffKs/8tpL/InRm0vAikCFdopngCSgsFzlvjF+
M4O+kKi67EA56nKQFZee+XiDIW4vvf0YRMy5i0OULyHoSdgBsF5nw9tp5EJxo4+U
r4axOcEMW1uhWDZphBeXYy3k5+ZEBh3C32pb0OkCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBR3rfviDnE3g0ryXjAc5rdQCAF5mzAfBgNVHSMEGDAWgBT96NHGqvSpP/Qb
v6G9Haxhl9WVdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19lalJ4cXIwcVRfMEc3LWh2UjJzWVpmVmxYVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvNDk2ODg1LTcwOWYtNGJiYi05Mzc1LTk1NGQxOTU0OWI2MS8x
L2Q2Mzc0ZzV4TjROSzhsNHdIT2EzVUFnQmVacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
NDk2ODg1LTcwOWYtNGJiYi05Mzc1LTk1NGQxOTU0OWI2MS8xL19lalJ4cXIwcVRf
MEc3LWh2UjJzWVpmVmxYVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEA17owAMEArktWAMEBNmr8DAPBAIA
AjAJAwcAKgAZIAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCW6LQ7AlpPCgJz4/v/pgtw
ZRloBTahvmvfAuus/sXmZonK5ExDYEQZvCnjIvg5QH+nri/KkpMf6NOe5RmeyugN
xBKz6fT6MYF3rC9z+3wQun/LkSBTt2VkxAD1DQkiOlnu1OQmBaHJIuAGSc1lR1z5
G2ovq8M4r80U5HSme+lstIgVLLAdfl2oPamVI9JqhGcLgKU+weMVkF9x0OEdInc7
07r88t1MKf9hHg7Ivzu+6KPl6GLd4RQoUF8YYR5NwdUZ6Qs0zr7P1e42+Wm8hTAt
OjTgbDz6vNBWIMqb/yV0A6maqIa4PoGULawVJUIPoeBzsKwZ+1yTX6jhWYD1OnLH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:14 2025 by rpki-client