Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/crx1xyuLbMJstCf5QIjePswzh-U.roa
File: crx1xyuLbMJstCf5QIjePswzh-U.roa (raw, json)
Hash identifier: 9HVpYB8SWxt3mxWw1pQy4pjLfNnlTs58kTaYCxDwoG0=
Subject key identifier: 72:BC:75:C7:2B:8B:6C:C2:6C:B4:27:F9:40:88:DE:3E:CC:33:87:E5
Certificate issuer: /CN=14c66a786e6ef31674bec6833c78aebec1633972
Certificate serial: 1AA03E75
Authority key identifier: 14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/crx1xyuLbMJstCf5QIjePswzh-U.roa
Signing time: Sat 01 Jan 2022 12:06:58 +0000
ROA not before: Sat 01 Jan 2022 12:06:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28685
IP address blocks: 46.44.128.0/18 maxlen: 24
89.146.0.0/18 maxlen: 24
37.0.80.0/20 maxlen: 24
213.144.224.0/19 maxlen: 24
37.153.192.0/18 maxlen: 24
213.247.64.0/18 maxlen: 24
212.121.96.0/19 maxlen: 24
84.246.0.0/18 maxlen: 24
2a02:22a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 446709365 (0x1aa03e75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14c66a786e6ef31674bec6833c78aebec1633972
Validity
Not Before: Jan 1 12:06:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72bc75c72b8b6cc26cb427f94088de3ecc3387e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:fd:d7:f1:08:bb:b5:48:22:fb:6e:b7:6b:49:
d5:b4:f6:02:57:e2:7b:16:19:be:5a:de:b8:51:fe:
09:7b:8e:ce:55:84:43:80:c3:2f:b6:fb:91:b8:71:
99:44:0b:9b:6a:43:73:17:bb:af:19:c3:7a:cc:b6:
81:ce:ab:89:24:9f:41:0b:ac:c3:57:7a:fa:ee:e0:
d0:76:1e:b2:43:1c:a4:a6:4c:c7:90:04:20:9e:8a:
85:7d:5e:d8:3e:11:d6:10:2e:8c:c3:38:3a:67:61:
2a:8e:7a:58:71:6c:64:ae:5d:07:ad:27:53:12:28:
82:5b:93:fa:dd:3e:de:d4:f7:70:62:69:e1:f6:ce:
07:65:01:0d:77:ed:69:01:e2:ae:10:c6:df:d6:1c:
18:1f:2c:26:4d:d3:2c:14:f5:b6:d0:05:47:9e:8a:
64:e6:fc:a7:15:18:99:04:6a:02:de:ed:5a:24:ed:
4e:3a:e8:e2:50:4e:71:a7:79:ad:ad:9e:93:23:dd:
82:f8:7f:2a:6d:31:be:7c:ed:08:4e:6b:89:a7:1c:
35:cd:37:76:0f:5c:73:73:3e:d4:87:f1:7f:b7:b0:
5f:23:1b:79:f9:5a:93:cf:3e:ab:26:2a:aa:40:3d:
6e:18:b5:6a:f8:9d:f0:39:91:06:d4:30:fe:41:04:
81:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BC:75:C7:2B:8B:6C:C2:6C:B4:27:F9:40:88:DE:3E:CC:33:87:E5
X509v3 Authority Key Identifier:
keyid:14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/crx1xyuLbMJstCf5QIjePswzh-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.80.0/20
37.153.192.0/18
46.44.128.0/18
84.246.0.0/18
89.146.0.0/18
212.121.96.0/19
213.144.224.0/19
213.247.64.0/18
IPv6:
2a02:22a0::/32
Signature Algorithm: sha256WithRSAEncryption
03:f2:62:8e:96:b4:53:cd:38:11:a4:57:ce:6a:01:1d:31:a9:
82:cf:6b:9c:73:45:60:8c:74:f0:6b:a1:1e:96:63:ad:c4:12:
83:49:2c:e6:98:be:ae:cf:e4:07:59:53:83:dc:58:01:a5:86:
78:0d:aa:09:2d:21:b7:a0:ea:5a:c4:3d:3d:55:75:14:fc:7f:
47:90:c1:0f:d8:93:13:dd:e7:2f:fc:f5:a0:9a:f9:2d:35:64:
c8:eb:6f:96:5f:c6:13:2d:e9:15:f5:a3:69:37:35:4e:29:1d:
b6:0f:9b:6e:16:aa:fa:0e:97:7a:f7:8c:c6:18:6b:92:be:1b:
33:ea:09:65:b6:c7:90:9a:74:4f:24:b0:51:d3:95:2e:c8:2a:
13:fe:e7:76:b7:19:9e:19:1b:72:0e:04:89:3e:68:dd:8a:1a:
25:2f:f6:3a:21:62:98:25:e4:9c:5a:e0:3a:35:29:50:3e:04:
e1:6c:a4:42:18:dc:0a:08:c2:3d:c0:3b:da:f2:eb:4a:a5:82:
4a:d4:25:e9:fa:9a:45:82:37:a7:a1:75:0b:2f:2c:d6:c4:7f:
f2:51:88:75:ef:9e:a1:31:5a:2a:cc:43:7c:8a:db:bc:73:1c:
56:9c:aa:33:7f:b6:6d:4b:a0:2a:6a:89:41:a5:d4:c0:94:13:
e2:43:6a:74
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEGqA+dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGM2NmE3ODZlNmVmMzE2NzRiZWM2ODMzYzc4YWViZWMxNjMzOTcyMB4XDTIyMDEw
MTEyMDY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJiYzc1YzcyYjhi
NmNjMjZjYjQyN2Y5NDA4OGRlM2VjYzMzODdlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMT91/EIu7VIIvtut2tJ1bT2AlfiexYZvlreuFH+CXuOzlWE
Q4DDL7b7kbhxmUQLm2pDcxe7rxnDesy2gc6riSSfQQusw1d6+u7g0HYeskMcpKZM
x5AEIJ6KhX1e2D4R1hAujMM4OmdhKo56WHFsZK5dB60nUxIogluT+t0+3tT3cGJp
4fbOB2UBDXftaQHirhDG39YcGB8sJk3TLBT1ttAFR56KZOb8pxUYmQRqAt7tWiTt
Tjro4lBOcad5ra2ekyPdgvh/Km0xvnztCE5riaccNc03dg9cc3M+1Ifxf7ewXyMb
eflak88+qyYqqkA9bhi1avid8DmRBtQw/kEEgUcCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRyvHXHK4tswmy0J/lAiN4+zDOH5TAfBgNVHSMEGDAWgBQUxmp4bm7zFnS+
xoM8eK6+wWM5cjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZNWnFlRzV1OHhaMHZzYURQSGl1dnNGak9YSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYTE2YzRlLWI1YWQtNDdkNy04YjViLTM5ZTc2ZGIyZjgwOC8x
L2NyeDF4eXVMYk1Kc3RDZjVRSWplUHN3emgtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
YTE2YzRlLWI1YWQtNDdkNy04YjViLTM5ZTc2ZGIyZjgwOC8xL0ZNWnFlRzV1OHha
MHZzYURQSGl1dnNGak9YSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBCUAUAMEBiWZwAMEBi4sgAMEBlT2
AAMEBlmSAAMEBdR5YAMEBdWQ4AMEBtX3QDANBAIAAjAHAwUAKgIioDANBgkqhkiG
9w0BAQsFAAOCAQEAA/Jijpa0U804EaRXzmoBHTGpgs9rnHNFYIx08GuhHpZjrcQS
g0ks5pi+rs/kB1lTg9xYAaWGeA2qCS0ht6DqWsQ9PVV1FPx/R5DBD9iTE93nL/z1
oJr5LTVkyOtvll/GEy3pFfWjaTc1Tikdtg+bbhaq+g6XeveMxhhrkr4bM+oJZbbH
kJp0TySwUdOVLsgqE/7ndrcZnhkbcg4EiT5o3YoaJS/2OiFimCXknFrgOjUpUD4E
4WykQhjcCgjCPcA72vLrSqWCStQl6fqaRYI3p6F1Cy8s1sR/8lGIde+eoTFaKsxD
fIrbvHMcVpyqM3+2bUugKmqJQaXUwJQT4kNqdA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:41 2025 by rpki-client