Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/xp8T5wpcEom8ZT13WuZPkmBKHSs.roa
File: xp8T5wpcEom8ZT13WuZPkmBKHSs.roa (raw, json)
Hash identifier: 6ZnjWFQtKsMIJXhL5W8Wcz1JDdNRIsfpZ8mrMm4mPFc=
Subject key identifier: C6:9F:13:E7:0A:5C:12:89:BC:65:3D:77:5A:E6:4F:92:60:4A:1D:2B
Certificate issuer: /CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Certificate serial: 01820077DF47CFC1691B3E51BB77F4D052C6
Authority key identifier: 37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/xp8T5wpcEom8ZT13WuZPkmBKHSs.roa
Signing time: Fri 15 Jul 2022 06:07:12 +0000
ROA not before: Fri 15 Jul 2022 06:07:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201510
IP address blocks: 185.73.92.0/24 maxlen: 24
185.73.94.0/24 maxlen: 24
185.73.93.0/24 maxlen: 24
2a03:41e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:00:77:df:47:cf:c1:69:1b:3e:51:bb:77:f4:d0:52:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374c2617a372e466e98d42532dd0bd8e5cdd993d
Validity
Not Before: Jul 15 06:07:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c69f13e70a5c1289bc653d775ae64f92604a1d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:89:65:aa:36:cc:8a:a1:fa:15:bb:a5:e1:06:
24:cc:91:4f:30:39:c9:2d:f7:71:be:b5:38:ef:cf:
9d:5c:be:a7:14:94:dc:4b:44:6c:87:02:13:63:76:
fa:23:d1:cf:e5:38:75:05:11:d0:41:1b:59:fb:98:
60:69:03:a9:9c:f2:57:ac:0b:c6:89:27:00:0f:6a:
7d:30:55:e9:49:fa:f9:1f:90:2b:c2:45:07:3e:f0:
11:e6:3b:c9:5f:04:f5:23:9e:bb:db:74:5b:2b:34:
77:13:61:1e:ee:f8:d0:76:6b:51:01:28:50:f7:09:
ec:1f:29:4b:33:64:97:34:7d:bb:28:f0:75:17:6e:
6f:d6:5f:ac:68:d4:9d:56:fa:a0:9f:d0:d9:46:d1:
73:1d:73:36:cc:05:c8:b6:51:96:8e:36:50:60:b7:
58:f4:68:42:8d:76:dd:31:3a:1a:fc:88:95:c3:de:
e9:89:ae:eb:4b:9a:36:81:8f:c8:f3:46:5d:50:0d:
e2:8a:08:dd:c9:2f:4d:92:0c:f3:d6:20:7d:31:3f:
81:f6:b7:59:63:e2:62:89:bc:a3:f5:a3:6d:19:04:
ff:63:21:7e:92:ba:75:f5:6a:77:e2:ca:1b:e0:6e:
dc:89:28:af:53:8c:97:2a:59:e5:e9:b3:57:4d:9e:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9F:13:E7:0A:5C:12:89:BC:65:3D:77:5A:E6:4F:92:60:4A:1D:2B
X509v3 Authority Key Identifier:
keyid:37:4C:26:17:A3:72:E4:66:E9:8D:42:53:2D:D0:BD:8E:5C:DD:99:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/xp8T5wpcEom8ZT13WuZPkmBKHSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/381125-0248-4ebc-a74d-b8dad6e5c3bf/1/N0wmF6Ny5GbpjUJTLdC9jlzdmT0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.92.0-185.73.94.255
IPv6:
2a03:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
68:1e:c6:de:7b:95:5f:2c:99:f5:c0:ec:c9:d4:14:80:e0:fb:
16:96:80:67:8e:cb:2c:33:43:74:a9:81:97:88:d5:ad:21:9e:
e5:60:2e:49:a0:2d:9a:38:54:8c:af:84:b9:e6:06:8d:da:16:
e3:c5:00:cd:56:a8:b8:25:10:d7:57:48:4d:ae:57:96:4a:fa:
7e:c4:31:af:d2:f3:27:56:37:67:1d:02:fb:87:c6:db:8d:c4:
c0:9f:ba:d4:e2:23:21:70:71:9d:7d:98:0f:23:c1:18:5c:b9:
dc:ba:e8:b1:f3:ac:f2:6a:83:50:0d:b3:77:5e:96:09:90:38:
18:55:22:18:9d:61:12:6a:5f:d3:82:9f:6a:3f:d0:86:0e:cf:
fc:bb:b0:be:57:e1:48:c0:ac:4f:26:6e:32:a6:2e:47:ff:02:
b4:41:f8:96:1e:50:0c:ee:ac:91:7c:03:74:82:5a:13:22:a1:
84:2a:a7:78:99:1c:2c:94:28:84:e6:56:13:d3:4e:f8:b1:26:
84:c7:fc:b4:1e:a4:41:c9:f2:6c:78:8f:5d:07:c6:e6:c0:34:
f7:c8:e9:da:43:af:8d:11:fd:82:e8:e6:6f:a1:50:e1:58:a9:
08:d9:b9:7a:79:c3:96:0e:9c:31:20:1d:d5:1f:f2:85:b4:d6:
16:43:5d:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYIAd99Hz8FpGz5Ru3f00FLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGMyNjE3YTM3MmU0NjZlOThkNDI1MzJkZDBiZDhlNWNk
ZDk5M2QwHhcNMjIwNzE1MDYwNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlmMTNlNzBhNWMxMjg5YmM2NTNkNzc1YWU2NGY5MjYwNGExZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgollqjbMiqH6Fbul4QYkzJFPMDnJ
LfdxvrU478+dXL6nFJTcS0RshwITY3b6I9HP5Th1BRHQQRtZ+5hgaQOpnPJXrAvG
iScAD2p9MFXpSfr5H5ArwkUHPvAR5jvJXwT1I56723RbKzR3E2Ee7vjQdmtRAShQ
9wnsHylLM2SXNH27KPB1F25v1l+saNSdVvqgn9DZRtFzHXM2zAXItlGWjjZQYLdY
9GhCjXbdMToa/IiVw97pia7rS5o2gY/I80ZdUA3iigjdyS9Nkgzz1iB9MT+B9rdZ
Y+Jiibyj9aNtGQT/YyF+krp19Wp34sob4G7ciSivU4yXKlnl6bNXTZ5KTQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMafE+cKXBKJvGU9d1rmT5JgSh0rMB8GA1UdIwQY
MBaAFDdMJhejcuRm6Y1CUy3QvY5c3Zk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQt
YjhkYWQ2ZTVjM2JmLzEveHA4VDV3cGNFb204WlQxM1d1WlBrbUJLSFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zODExMjUtMDI0OC00ZWJjLWE3NGQtYjhkYWQ2ZTVjM2Jm
LzEvTjB3bUY2Tnk1R2JwalVKVExkQzlqbHpkbVQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5SVwD
BAC5SV4wDQQCAAIwBwMFACoDQeAwDQYJKoZIhvcNAQELBQADggEBAGgext57lV8s
mfXA7MnUFIDg+xaWgGeOyywzQ3SpgZeI1a0hnuVgLkmgLZo4VIyvhLnmBo3aFuPF
AM1WqLglENdXSE2uV5ZK+n7EMa/S8ydWN2cdAvuHxtuNxMCfutTiIyFwcZ19mA8j
wRhcudy66LHzrPJqg1ANs3delgmQOBhVIhidYRJqX9OCn2o/0IYOz/y7sL5X4UjA
rE8mbjKmLkf/ArRB+JYeUAzurJF8A3SCWhMioYQqp3iZHCyUKITmVhPTTvixJoTH
/LQepEHJ8mx4j10HxubANPfI6dpDr40R/YLo5m+hUOFYqQjZuXp5w5YOnDEgHdUf
8oW01hZDXfQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:25 2025 by rpki-client