Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/K3f7HiaB58dLSv78QxBCmBHDroI.roa
File: K3f7HiaB58dLSv78QxBCmBHDroI.roa (raw, json)
Hash identifier: UP4vtulfxIOcvE99KYKL1SDZwOebK6Xkcmy87Vw1M6I=
Subject key identifier: 2B:77:FB:1E:26:81:E7:C7:4B:4A:FE:FC:43:10:42:98:11:C3:AE:82
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 01877FCAFD7E77312F12689F0C09832A92B6
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/K3f7HiaB58dLSv78QxBCmBHDroI.roa
Signing time: Fri 14 Apr 2023 12:43:42 +0000
ROA not before: Fri 14 Apr 2023 12:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205394
IP address blocks: 185.201.164.0/22 maxlen: 24
185.176.124.0/22 maxlen: 24
46.226.72.0/21 maxlen: 24
2a0a:c840::/29 maxlen: 32
2a00:5a00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:ca:fd:7e:77:31:2f:12:68:9f:0c:09:83:2a:92:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Apr 14 12:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b77fb1e2681e7c74b4afefc4310429811c3ae82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:0a:7a:80:0d:90:e6:c6:1e:8b:7a:67:a4:
b4:98:17:94:9c:e6:fc:a5:30:84:0f:ce:4a:8f:ae:
a6:83:c6:3f:30:dc:8a:89:47:69:6c:94:07:5f:9c:
0d:2d:ab:d0:37:5e:25:6f:0e:50:b7:47:0b:55:7d:
71:62:1c:e5:a7:c9:43:7c:c1:e4:10:2b:a8:9c:8a:
d6:46:d5:8b:91:af:aa:7f:8a:0b:6b:53:54:31:10:
ad:d4:1b:1a:7a:c6:a2:d1:95:2b:df:67:9f:ae:e9:
d8:35:1d:30:21:fe:3c:90:67:18:f2:2a:e2:10:86:
5a:22:2d:22:f5:74:48:7c:df:68:5b:ec:a5:d2:58:
d4:73:01:b9:47:99:cc:35:ab:6b:a5:4b:96:4b:0e:
39:2d:a3:3c:ca:79:b1:71:5a:89:ab:a3:e9:bf:e2:
4c:e3:6b:66:17:b4:c4:4c:77:84:d6:ff:fb:2f:1a:
22:f5:a8:51:66:b6:73:3e:8b:bf:f9:e4:90:a0:6c:
26:e5:cf:d8:9c:8a:ff:30:7a:4c:66:82:de:61:36:
fc:e3:c4:9e:3c:0b:92:d4:e5:73:5f:5d:5a:24:45:
a7:1a:55:d5:7b:04:f3:8f:ab:71:9a:68:de:09:82:
9d:5a:4a:17:60:ae:bb:01:03:4c:0e:63:8d:3c:e5:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:77:FB:1E:26:81:E7:C7:4B:4A:FE:FC:43:10:42:98:11:C3:AE:82
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/K3f7HiaB58dLSv78QxBCmBHDroI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
185.176.124.0/22
185.201.164.0/22
IPv6:
2a00:5a00::/32
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
67:a3:c7:49:86:a7:2b:ab:32:f0:a9:e3:d5:36:cf:b4:99:22:
fb:95:28:65:67:cc:6f:2d:72:2d:bd:28:6a:9c:a4:4b:50:bb:
d2:ac:ed:0b:d2:6e:26:2c:53:d8:1f:c2:3f:0f:dc:a0:de:aa:
2b:c6:ab:77:22:35:ec:bb:ed:64:e9:6c:95:7c:50:01:de:45:
15:34:8e:3f:c1:58:a7:34:1f:d3:9a:76:44:ae:fa:64:68:8c:
83:77:b1:56:49:2c:57:c4:0d:d3:2d:18:3f:ea:ee:fe:c8:b4:
9e:ff:1f:8f:9b:cc:89:bb:e3:32:17:6f:5d:6b:19:e8:fb:25:
64:b4:0c:3f:d4:02:23:cf:9a:5f:50:dc:26:c3:fa:40:fd:a3:
ca:45:7b:9c:20:a0:9f:95:2e:ac:ce:9f:03:b7:fc:b1:39:7b:
6f:c3:ba:c4:e1:b2:bc:d6:36:76:3e:59:b4:e8:ad:22:5b:00:
ca:3f:3b:03:70:0b:f4:00:9c:b6:a8:46:6e:64:33:19:6e:fa:
78:6c:e7:55:d0:b6:7c:56:77:37:42:b6:10:22:b3:9d:62:de:
8e:af:8a:59:90:66:fe:b6:ce:b3:f4:0b:41:b1:22:2b:a3:55:
40:90:12:3f:5f:64:7c:67:ec:f8:c7:3a:78:5a:db:cd:6d:23:
5e:ce:89:ee
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYd/yv1+dzEvEmifDAmDKpK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjMwNDE0MTI0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc3ZmIxZTI2ODFlN2M3NGI0YWZlZmM0MzEwNDI5ODExYzNhZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAwKeoANkObGHot6Z6S0mBeUnOb8
pTCED85Kj66mg8Y/MNyKiUdpbJQHX5wNLavQN14lbw5Qt0cLVX1xYhzlp8lDfMHk
ECuonIrWRtWLka+qf4oLa1NUMRCt1Bsaesai0ZUr32efrunYNR0wIf48kGcY8iri
EIZaIi0i9XRIfN9oW+yl0ljUcwG5R5nMNatrpUuWSw45LaM8ynmxcVqJq6Ppv+JM
42tmF7TETHeE1v/7Lxoi9ahRZrZzPou/+eSQoGwm5c/YnIr/MHpMZoLeYTb848Se
PAuS1OVzX11aJEWnGlXVewTzj6txmmjeCYKdWkoXYK67AQNMDmONPOV0mQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCt3+x4mgefHS0r+/EMQQpgRw66CMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvSzNmN0hpYUI1OGRMU3Y3OFF4QkNtQkhEcm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDLuJIAwQC
ubB8AwQCucmkMBQEAgACMA4DBQAqAFoAAwUDKgrIQDANBgkqhkiG9w0BAQsFAAOC
AQEAZ6PHSYanK6sy8Knj1TbPtJki+5UoZWfMby1yLb0oapykS1C70qztC9JuJixT
2B/CPw/coN6qK8ardyI17LvtZOlslXxQAd5FFTSOP8FYpzQf05p2RK76ZGiMg3ex
VkksV8QN0y0YP+ru/si0nv8fj5vMibvjMhdvXWsZ6PslZLQMP9QCI8+aX1DcJsP6
QP2jykV7nCCgn5UurM6fA7f8sTl7b8O6xOGyvNY2dj5ZtOitIlsAyj87A3AL9ACc
tqhGbmQzGW76eGznVdC2fFZ3N0K2ECKznWLejq+KWZBm/rbOs/QLQbEiK6NVQJAS
P19kfGfs+Mc6eFrbzW0jXs6J7g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:08:18 2025 by rpki-client