Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/RIDvd9xAsXFIfHpT-N-v5CO5Fjg.roa
File: RIDvd9xAsXFIfHpT-N-v5CO5Fjg.roa (raw, json)
Hash identifier: GqKxW9SXadVUn+3IGjXWOaVuJBWwhouVOfT2zk5/vic=
Subject key identifier: 44:80:EF:77:DC:40:B1:71:48:7C:7A:53:F8:DF:AF:E4:23:B9:16:38
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 0186450CBE0B61B27F9793D643638C3DBE37
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/RIDvd9xAsXFIfHpT-N-v5CO5Fjg.roa
Signing time: Sun 12 Feb 2023 09:55:08 +0000
ROA not before: Sun 12 Feb 2023 09:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202468
IP address blocks: 130.185.120.0/22 maxlen: 24
185.235.40.0/22 maxlen: 24
194.5.206.0/23 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:0c:be:0b:61:b2:7f:97:93:d6:43:63:8c:3d:be:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 12 09:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4480ef77dc40b171487c7a53f8dfafe423b91638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:aa:aa:33:88:2d:38:c3:a5:18:5f:a2:f5:a3:
ff:1b:a9:60:a9:80:a8:b0:3f:b1:b4:79:6c:6a:98:
e3:73:0d:77:7a:33:d0:65:99:03:2e:e6:f2:b8:14:
1d:13:f7:91:fb:aa:b9:73:f5:f4:d0:4e:ac:bf:21:
b6:c9:97:93:10:87:ab:bf:fd:60:34:b3:cf:dd:c6:
81:40:6e:ff:7d:bf:9d:10:57:83:a8:be:e2:24:13:
c9:79:81:5b:2b:90:f8:6c:69:46:a3:36:b9:24:c5:
da:4f:5d:25:eb:22:73:61:72:02:7e:31:2e:95:3d:
cb:6c:0b:e6:e0:fc:68:b1:c4:b6:0a:fa:84:40:75:
82:70:f9:13:c9:29:f1:c2:03:44:12:fa:65:dc:9c:
85:57:9a:89:ea:28:c4:f6:94:75:8d:fc:81:2c:6d:
fc:8a:ed:99:21:fa:2d:2b:4e:21:35:ad:3e:3e:27:
46:b2:19:2d:78:a8:84:74:98:cc:19:7e:b1:07:99:
96:0b:71:4c:32:92:24:0d:93:a5:ef:71:a4:9f:02:
b8:f0:8e:71:aa:28:3a:2a:b0:cf:50:63:d8:17:ca:
0c:fe:bd:9e:6e:df:ee:71:40:5f:b5:e1:45:54:40:
b8:67:4f:b8:ca:8a:8e:c4:15:95:21:4e:f0:1c:dd:
46:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:80:EF:77:DC:40:B1:71:48:7C:7A:53:F8:DF:AF:E4:23:B9:16:38
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/RIDvd9xAsXFIfHpT-N-v5CO5Fjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
194.5.206.0/23
Signature Algorithm: sha256WithRSAEncryption
c2:aa:0d:d9:84:ef:04:e2:75:4c:10:a9:2c:41:7e:9c:7c:05:
72:9c:d1:02:c8:f0:cf:ff:b2:73:e9:e7:8a:5c:32:ad:8e:60:
fc:a1:1f:22:e1:9e:32:b4:b6:e8:3e:22:92:ec:66:86:a0:14:
31:92:a5:75:f8:4a:1b:e4:d9:de:91:72:64:47:54:95:d6:48:
91:47:d6:0b:dc:02:3a:e9:7c:02:4a:b1:98:c7:4e:4c:83:69:
44:28:46:d1:6a:7b:c9:cb:d5:fb:89:d4:ab:e2:b2:01:ef:5a:
35:a2:03:66:b9:96:fe:95:97:f2:d8:58:74:7b:84:c8:a6:b3:
c2:f8:c9:e0:f9:21:73:65:33:f5:3b:00:84:aa:4a:21:2d:f6:
c9:3f:6a:8c:15:fd:c4:79:2d:de:db:14:9f:da:9a:b5:1d:ab:
83:77:15:08:5e:91:0a:99:d6:cf:5f:15:ce:d3:4b:3f:8c:3d:
f8:08:29:22:34:f2:80:a9:e7:8d:6c:c1:77:70:07:cb:0f:49:
00:58:0f:35:85:66:cd:95:41:1d:c9:da:f4:b8:f5:36:4c:ad:
b0:63:b1:2c:a2:34:e1:bd:39:f4:8b:83:6a:be:a6:bd:45:7e:
58:6b:a2:16:47:30:0e:cf:35:80:29:7e:4c:47:d6:7f:0e:59:
6b:89:07:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZFDL4LYbJ/l5PWQ2OMPb43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjEyMDk1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDgwZWY3N2RjNDBiMTcxNDg3YzdhNTNmOGRmYWZlNDIzYjkxNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6qqM4gtOMOlGF+i9aP/G6lgqYCo
sD+xtHlsapjjcw13ejPQZZkDLubyuBQdE/eR+6q5c/X00E6svyG2yZeTEIerv/1g
NLPP3caBQG7/fb+dEFeDqL7iJBPJeYFbK5D4bGlGoza5JMXaT10l6yJzYXICfjEu
lT3LbAvm4PxoscS2CvqEQHWCcPkTySnxwgNEEvpl3JyFV5qJ6ijE9pR1jfyBLG38
iu2ZIfotK04hNa0+PidGshkteKiEdJjMGX6xB5mWC3FMMpIkDZOl73GknwK48I5x
qig6KrDPUGPYF8oM/r2ebt/ucUBfteFFVEC4Z0+4yoqOxBWVIU7wHN1G3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFESA73fcQLFxSHx6U/jfr+QjuRY4MB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvUklEdmQ5eEFzWEZJZkhwVC1OLXY1Q081RmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCgrl4AwQC
ucyoAwQCuesoAwQBwgXOMA0GCSqGSIb3DQEBCwUAA4IBAQDCqg3ZhO8E4nVMEKks
QX6cfAVynNECyPDP/7Jz6eeKXDKtjmD8oR8i4Z4ytLboPiKS7GaGoBQxkqV1+Eob
5NnekXJkR1SV1kiRR9YL3AI66XwCSrGYx05Mg2lEKEbRanvJy9X7idSr4rIB71o1
ogNmuZb+lZfy2Fh0e4TIprPC+Mng+SFzZTP1OwCEqkohLfbJP2qMFf3EeS3e2xSf
2pq1HauDdxUIXpEKmdbPXxXO00s/jD34CCkiNPKAqeeNbMF3cAfLD0kAWA81hWbN
lUEdydr0uPU2TK2wY7EsojThvTn0i4Nqvqa9RX5Ya6IWRzAOzzWAKX5MR9Z/Dllr
iQc6
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:43:34 2025 by rpki-client