Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/XtIfG-vWgGnit0JV0GsepcowGms.roa
File: XtIfG-vWgGnit0JV0GsepcowGms.roa (raw, json)
Hash identifier: 1Tpn1KsF6TKug0E0w1VCzb9xbnlQmrroomuSQqhYgeQ=
Subject key identifier: 5E:D2:1F:1B:EB:D6:80:69:E2:B7:42:55:D0:6B:1E:A5:CA:30:1A:6B
Certificate issuer: /CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Certificate serial: 02A3AC
Authority key identifier: C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/XtIfG-vWgGnit0JV0GsepcowGms.roa
Signing time: Sun 23 Jan 2022 17:43:33 +0000
ROA not before: Sun 23 Jan 2022 17:43:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205645
IP address blocks: 185.210.244.0/22 maxlen: 22
193.30.8.0/22 maxlen: 22
2a0a:3b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172972 (0x2a3ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Validity
Not Before: Jan 23 17:43:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ed21f1bebd68069e2b74255d06b1ea5ca301a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4b:15:ff:e2:76:02:77:92:cc:54:7b:46:1c:
10:20:60:7f:86:99:50:cc:63:99:be:c7:04:2d:ba:
e0:47:72:ac:77:18:6a:a1:a1:fe:92:b4:a2:33:a0:
73:65:a1:e7:64:93:fa:2a:2a:ba:3b:ff:ca:16:f7:
6a:b1:c4:3e:69:cb:f9:4d:96:6a:47:51:b5:a8:d3:
1b:41:6d:e0:b6:00:d7:80:75:f0:98:7f:cc:b4:66:
52:e6:b3:00:db:83:b1:2a:05:05:44:6b:ad:f7:10:
b3:18:9f:83:0b:61:a2:e3:c1:83:a7:24:2b:50:28:
40:b4:40:d3:77:25:e6:51:95:b6:2d:ca:80:57:82:
50:ad:2f:c9:91:92:92:b9:09:da:13:57:e3:8c:ef:
ea:71:2a:3f:54:db:17:27:20:a8:17:8f:a8:eb:25:
66:a0:a2:b0:70:f7:22:e3:eb:90:66:39:c4:87:27:
0e:eb:94:77:8c:aa:a3:51:2a:7b:e7:c5:dd:bb:e8:
92:32:08:d5:78:6b:5a:ef:9c:d5:5a:1a:f2:ec:1c:
2b:65:fe:54:ec:5b:b6:c0:cf:a4:b4:de:ec:19:68:
3b:3b:af:78:93:c9:83:a5:83:f6:df:f6:8c:f4:f7:
60:b5:2a:82:48:5b:a4:17:81:61:17:ca:ff:32:8c:
f5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D2:1F:1B:EB:D6:80:69:E2:B7:42:55:D0:6B:1E:A5:CA:30:1A:6B
X509v3 Authority Key Identifier:
keyid:C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/XtIfG-vWgGnit0JV0GsepcowGms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.244.0/22
193.30.8.0/22
IPv6:
2a0a:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
49:58:bd:d0:c7:16:33:5d:df:df:05:1e:75:01:03:d8:86:a3:
74:7a:15:bb:f3:de:d1:81:77:60:09:6d:62:6d:21:f4:ed:ef:
67:84:7b:b5:b3:4e:2a:62:81:2c:00:b1:7d:0d:12:27:ef:09:
7c:f0:8a:5d:a8:9d:6d:c4:40:40:d2:4b:3b:9e:f6:2f:b9:db:
a3:3f:77:d2:c2:2b:74:a2:7f:e5:48:1d:09:e3:6b:d3:b9:5d:
d4:80:87:fd:55:5b:df:30:ea:96:4e:24:26:6a:ff:ab:c2:c2:
c5:1f:10:36:b7:1a:85:0f:34:a9:5b:c2:6f:44:66:95:a8:2a:
c0:fe:b7:08:2e:37:17:46:37:da:c1:54:b2:88:7c:93:51:c5:
8b:d1:84:6f:1f:e1:1f:62:cd:f3:c3:8c:da:78:87:70:38:10:
ba:3d:d7:51:43:c8:30:af:d2:2d:94:99:7d:f8:3d:df:52:94:
47:5f:55:52:a8:80:5c:b0:98:8e:b7:5d:61:8e:10:7f:94:19:
e0:fe:42:e8:52:ea:1f:59:15:2e:8d:df:d4:77:ba:b6:80:c1:
6e:21:aa:83:4b:88:5b:c6:e9:a9:c1:f1:d7:eb:5d:f2:0b:53:
31:38:37:77:49:90:49:56:23:13:62:24:a9:af:f7:70:83:80:
b8:97:97:2a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDAqOsMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGMz
MzQ4NDU5MGNjZmYwOWEzZGQ1ZGQ4MDg1YmVlZGI0MmZjNGFkODQwHhcNMjIwMTIz
MTc0MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZWQyMWYxYmViZDY4
MDY5ZTJiNzQyNTVkMDZiMWVhNWNhMzAxYTZiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyEsV/+J2AneSzFR7RhwQIGB/hplQzGOZvscELbrgR3Ksdxhq
oaH+krSiM6BzZaHnZJP6Kiq6O//KFvdqscQ+acv5TZZqR1G1qNMbQW3gtgDXgHXw
mH/MtGZS5rMA24OxKgUFRGut9xCzGJ+DC2Gi48GDpyQrUChAtEDTdyXmUZW2LcqA
V4JQrS/JkZKSuQnaE1fjjO/qcSo/VNsXJyCoF4+o6yVmoKKwcPci4+uQZjnEhycO
65R3jKqjUSp758Xdu+iSMgjVeGta75zVWhry7BwrZf5U7Fu2wM+ktN7sGWg7O694
k8mDpYP23/aM9PdgtSqCSFukF4FhF8r/Moz13wIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFF7SHxvr1oBp4rdCVdBrHqXKMBprMB8GA1UdIwQYMBaAFMM0hFkMz/CaPdXd
gIW+7bQvxK2EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
d3pTRVdRelA4Sm85MWQyQWhiN3R0Q19FcllRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81NS9iOGE1MGEtODZhMC00YmY0LThlZmYtZjY0N2M1MGMyMWE1LzEv
WHRJZkctdldnR25pdDBKVjBHc2VwY293R21zLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9i
OGE1MGEtODZhMC00YmY0LThlZmYtZjY0N2M1MGMyMWE1LzEvd3pTRVdRelA4Sm85
MWQyQWhiN3R0Q19FcllRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudL0AwQCwR4IMA0EAgACMAcDBQMq
CjuAMA0GCSqGSIb3DQEBCwUAA4IBAQBJWL3QxxYzXd/fBR51AQPYhqN0ehW7897R
gXdgCW1ibSH07e9nhHu1s04qYoEsALF9DRIn7wl88IpdqJ1txEBA0ks7nvYvuduj
P3fSwit0on/lSB0J42vTuV3UgIf9VVvfMOqWTiQmav+rwsLFHxA2txqFDzSpW8Jv
RGaVqCrA/rcILjcXRjfawVSyiHyTUcWL0YRvH+EfYs3zw4zaeIdwOBC6PddRQ8gw
r9ItlJl9+D3fUpRHX1VSqIBcsJiOt11hjhB/lBng/kLoUuofWRUujd/Ud7q2gMFu
IaqDS4hbxumpwfHX613yC1MxODd3SZBJViMTYiSpr/dwg4C4l5cq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:58 2025 by rpki-client