Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/xxvajHclkOH9Hi8O_FFyEV5HG5o.roa
File: xxvajHclkOH9Hi8O_FFyEV5HG5o.roa (raw, json)
Hash identifier: 3BF3MaRNPzrem+1fPI7yFMG4yQdRYR3qqlTTSgI5Z6g=
Subject key identifier: C7:1B:DA:8C:77:25:90:E1:FD:1E:2F:0E:FC:51:72:11:5E:47:1B:9A
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 01856E38C28997D25F18A5F4C75F435C01E6
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/xxvajHclkOH9Hi8O_FFyEV5HG5o.roa
Signing time: Sun 01 Jan 2023 16:44:51 +0000
ROA not before: Sun 01 Jan 2023 16:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7155
IP address blocks: 185.15.100.0/24 maxlen: 24
185.15.100.0/22 maxlen: 22
5.8.184.0/21 maxlen: 21
5.8.188.0/24 maxlen: 24
5.8.189.0/24 maxlen: 24
37.1.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:c2:89:97:d2:5f:18:a5:f4:c7:5f:43:5c:01:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Jan 1 16:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c71bda8c772590e1fd1e2f0efc5172115e471b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:8a:0b:94:72:78:40:e8:69:74:89:b8:29:
24:b3:d7:a3:67:04:f5:8c:9d:b7:f4:90:f9:d8:51:
0c:32:8e:6d:ac:95:08:d0:e9:e5:3a:7d:6b:45:7b:
09:dd:a9:60:a8:33:48:fa:0f:c5:1e:f2:4b:44:02:
4d:8f:ae:ab:b1:e3:8a:7e:6f:cb:d4:94:9b:e3:db:
52:d8:68:ab:c3:4d:d6:aa:8e:95:e2:3c:04:db:1f:
61:26:57:05:eb:b3:39:77:90:4b:66:d5:de:03:81:
48:5f:eb:9d:9f:22:be:a8:0a:83:2f:75:47:28:83:
95:69:e5:76:ac:c9:63:62:60:e9:f9:bf:1d:47:b8:
85:85:ad:95:a0:0e:b7:e1:56:45:0b:37:02:b2:4a:
0e:29:6b:31:a9:1c:38:dc:cb:ab:a2:ac:c2:53:b0:
79:ba:b6:eb:89:34:fb:27:e9:48:fb:d0:98:59:c7:
29:a2:eb:dc:ab:ce:29:13:ab:db:f6:ef:18:22:b2:
cf:95:aa:3b:6f:fe:a3:8f:d1:1a:80:4b:54:e3:9f:
8b:d1:08:84:96:14:3f:9d:ce:26:4a:2d:fc:b3:4c:
dc:f3:e9:60:ab:b9:f5:dc:48:77:91:8d:95:22:59:
94:62:6e:d4:84:6f:82:1b:e4:ca:ed:0d:fd:44:d5:
c8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1B:DA:8C:77:25:90:E1:FD:1E:2F:0E:FC:51:72:11:5E:47:1B:9A
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/xxvajHclkOH9Hi8O_FFyEV5HG5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/21
37.1.176.0/21
185.15.100.0/22
Signature Algorithm: sha256WithRSAEncryption
da:bb:9a:07:63:e2:6b:d1:4c:24:2b:83:8c:76:96:84:86:00:
76:4c:ad:6a:96:db:9c:1e:9e:2d:60:c5:87:04:b8:37:7e:f7:
9a:8d:e3:4e:35:a9:97:59:ed:af:a8:c3:9d:9e:e4:dc:6a:d1:
81:d0:93:36:80:8e:0a:10:de:f2:e3:da:c7:cd:4f:b6:ef:40:
f4:69:79:7c:bb:c4:02:7a:9b:dc:e3:46:43:03:c1:45:cc:33:
ce:e6:4f:63:78:d5:1f:bb:e1:75:2f:f9:bc:2b:04:48:6a:01:
e8:1f:28:57:51:f3:9a:6c:94:ee:dd:5b:a1:30:d4:e0:39:6e:
11:e8:90:0b:e3:b0:5b:3b:7e:d7:ff:d5:92:39:55:8b:21:3a:
8a:b4:53:15:de:c0:79:9b:33:42:07:33:fe:93:a9:9b:51:93:
93:e6:db:b2:9a:2a:a9:b7:4f:5b:97:4e:d7:48:16:d6:8e:9a:
35:71:ac:81:80:b7:30:56:98:b0:c4:6f:45:46:63:14:68:c3:
e8:38:44:0e:98:bd:93:a2:24:48:cc:1a:48:dc:46:77:d2:ab:
3f:7b:98:55:4f:8e:1f:0c:8b:00:78:62:27:b1:15:13:c7:1e:
0c:78:84:c2:f7:37:0e:23:d5:61:4b:0a:ff:57:94:53:5a:1f:
2e:3e:ca:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuOMKJl9JfGKX0x19DXAHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTg5YjY3YzY2ZGViZjVkZWQzZjI4ODBiYjQ5NDFkMzA0
MTEyNTcwHhcNMjMwMTAxMTY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFiZGE4Yzc3MjU5MGUxZmQxZTJmMGVmYzUxNzIxMTVlNDcxYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfmKC5RyeEDoaXSJuCkks9ejZwT1
jJ239JD52FEMMo5trJUI0OnlOn1rRXsJ3algqDNI+g/FHvJLRAJNj66rseOKfm/L
1JSb49tS2Girw03Wqo6V4jwE2x9hJlcF67M5d5BLZtXeA4FIX+udnyK+qAqDL3VH
KIOVaeV2rMljYmDp+b8dR7iFha2VoA634VZFCzcCskoOKWsxqRw43MuroqzCU7B5
urbriTT7J+lI+9CYWccpouvcq84pE6vb9u8YIrLPlao7b/6jj9EagEtU45+L0QiE
lhQ/nc4mSi38s0zc8+lgq7n13Eh3kY2VIlmUYm7UhG+CG+TK7Q39RNXIZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMcb2ox3JZDh/R4vDvxRchFeRxuaMB8GA1UdIwQY
MBaAFLGom2fGbev13tPyiAu0lB0wQRJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTct
MjEwMGJmMGYxNDBhLzEveHh2YWpIY2xrT0g5SGk4T19GRnlFVjVIRzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9iYzRkN2ItM2NiNy00ZjMzLTg5ZTctMjEwMGJmMGYxNDBh
LzEvc2FpYlo4WnQ2X1hlMF9LSUM3U1VIVEJCRWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBQi4AwQD
JQGwAwQCuQ9kMA0GCSqGSIb3DQEBCwUAA4IBAQDau5oHY+Jr0UwkK4OMdpaEhgB2
TK1qltucHp4tYMWHBLg3fveajeNONamXWe2vqMOdnuTcatGB0JM2gI4KEN7y49rH
zU+270D0aXl8u8QCepvc40ZDA8FFzDPO5k9jeNUfu+F1L/m8KwRIagHoHyhXUfOa
bJTu3VuhMNTgOW4R6JAL47BbO37X/9WSOVWLITqKtFMV3sB5mzNCBzP+k6mbUZOT
5tuymiqpt09bl07XSBbWjpo1cayBgLcwVpiwxG9FRmMUaMPoOEQOmL2ToiRIzBpI
3EZ30qs/e5hVT44fDIsAeGInsRUTxx4MeITC9zcOI9VhSwr/V5RTWh8uPsqX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:58 2025 by rpki-client