Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/996Ledlo0q0QWI2k8AfJAThG6Bg.roa
File: 996Ledlo0q0QWI2k8AfJAThG6Bg.roa (raw, json)
Hash identifier: KMvtb/z3/7/hE7CW1JmfctTkmbIn46+3T1CkUrWw70Q=
Subject key identifier: F7:DE:8B:79:D9:68:D2:AD:10:58:8D:A4:F0:07:C9:01:38:46:E8:18
Certificate issuer: /CN=7d66d19e5388f12c1d28a16c328d86c364e9cc79
Certificate serial: 01856C53DA8C3BFD2E8101EBB4AFA6D2E93B
Authority key identifier: 7D:66:D1:9E:53:88:F1:2C:1D:28:A1:6C:32:8D:86:C3:64:E9:CC:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/996Ledlo0q0QWI2k8AfJAThG6Bg.roa
Signing time: Sun 01 Jan 2023 07:55:12 +0000
ROA not before: Sun 01 Jan 2023 07:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56909
IP address blocks: 185.164.40.0/24 maxlen: 24
185.164.43.0/24 maxlen: 24
185.164.42.0/24 maxlen: 24
185.164.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:da:8c:3b:fd:2e:81:01:eb:b4:af:a6:d2:e9:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d66d19e5388f12c1d28a16c328d86c364e9cc79
Validity
Not Before: Jan 1 07:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7de8b79d968d2ad10588da4f007c9013846e818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:75:83:cc:f4:f2:fe:e8:7b:49:56:2a:dc:
b4:53:ba:59:f6:56:b1:dc:dc:ec:e5:bf:c9:b0:a9:
c7:26:45:38:a6:4b:c9:fc:cf:a6:72:2c:5a:6b:bc:
da:8b:52:13:ac:d5:00:79:27:35:03:ac:f7:5c:6d:
c0:b0:8b:27:2c:3c:f8:59:06:2b:53:e8:3a:d9:9c:
4c:35:03:67:2e:3c:e8:b1:aa:cb:89:0f:7c:52:06:
5f:d6:4f:ac:2d:71:75:4a:b9:73:06:db:3a:c6:ea:
0d:76:b0:77:90:e1:e9:a8:3d:24:15:36:40:d3:ea:
1e:11:48:24:17:20:e7:2d:5d:76:e1:de:fa:e3:ca:
a1:72:bd:c8:38:5f:13:28:4f:02:c2:26:fe:a1:71:
af:d4:7c:8d:34:15:7d:84:47:6b:2f:db:c4:a1:d0:
b2:6e:cd:6a:5d:23:fa:f9:11:e3:55:fb:17:16:b4:
c1:44:48:60:92:22:d9:2a:3a:22:a8:1d:37:38:b1:
f8:7c:4b:67:45:cd:ae:0a:4a:8a:a8:4f:20:38:57:
09:85:75:df:4b:dd:e6:62:c1:2c:53:d5:7c:79:20:
c1:df:c0:b1:9d:e0:56:45:a9:c5:52:49:ca:f9:38:
b9:0d:04:18:ca:94:23:72:06:06:1e:fe:69:c9:fb:
82:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DE:8B:79:D9:68:D2:AD:10:58:8D:A4:F0:07:C9:01:38:46:E8:18
X509v3 Authority Key Identifier:
keyid:7D:66:D1:9E:53:88:F1:2C:1D:28:A1:6C:32:8D:86:C3:64:E9:CC:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/996Ledlo0q0QWI2k8AfJAThG6Bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.40.0/22
Signature Algorithm: sha256WithRSAEncryption
33:37:8f:ab:ea:a3:ff:5a:73:b6:3b:49:1d:25:5c:f8:8d:a6:
76:3d:6d:15:6f:e2:5c:09:be:ed:eb:53:68:2d:cd:01:d5:95:
b4:47:65:86:58:6a:22:40:a5:f7:ff:4d:01:49:6d:39:a6:54:
67:6c:56:3f:a9:da:ab:46:1d:ec:0d:e8:51:85:cc:48:3f:67:
07:a2:2e:77:85:5e:19:2c:ce:d8:26:f8:16:a5:65:ef:b5:fd:
67:17:94:e0:94:e7:dc:82:27:60:ba:a2:82:0e:a9:29:d0:07:
55:22:b7:31:8d:2f:25:ca:61:07:fd:8a:89:6e:12:e8:fc:49:
9b:a5:7e:4a:22:7d:73:2d:1c:c0:4d:40:28:f1:6a:68:2b:49:
3f:76:c3:9e:ca:53:bc:ee:13:3b:c4:dc:14:6c:b7:c7:50:b9:
d7:a0:ed:4d:91:c0:67:2a:b8:e6:3a:20:51:ee:b1:47:c4:33:
24:f1:cc:b3:27:dc:80:ce:ab:66:e1:a4:4f:1d:da:bd:e0:2c:
a4:51:44:2d:5c:71:73:c2:18:ea:3d:a8:8b:fc:ac:31:39:10:
39:a1:64:fb:3a:9e:d7:16:a4:e7:0f:2c:37:06:5b:bf:2e:ee:
39:d7:1b:ed:b5:67:3f:94:59:c0:b6:8a:a4:ed:d7:ab:f8:8a:
9d:02:e6:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU9qMO/0ugQHrtK+m0uk7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNjZkMTllNTM4OGYxMmMxZDI4YTE2YzMyOGQ4NmMzNjRl
OWNjNzkwHhcNMjMwMTAxMDc1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RlOGI3OWQ5NjhkMmFkMTA1ODhkYTRmMDA3YzkwMTM4NDZlODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzR1g8z08v7oe0lWKty0U7pZ9lax
3Nzs5b/JsKnHJkU4pkvJ/M+mcixaa7zai1ITrNUAeSc1A6z3XG3AsIsnLDz4WQYr
U+g62ZxMNQNnLjzosarLiQ98UgZf1k+sLXF1SrlzBts6xuoNdrB3kOHpqD0kFTZA
0+oeEUgkFyDnLV124d7648qhcr3IOF8TKE8Cwib+oXGv1HyNNBV9hEdrL9vEodCy
bs1qXSP6+RHjVfsXFrTBREhgkiLZKjoiqB03OLH4fEtnRc2uCkqKqE8gOFcJhXXf
S93mYsEsU9V8eSDB38CxneBWRanFUknK+Ti5DQQYypQjcgYGHv5pyfuCowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfei3nZaNKtEFiNpPAHyQE4RugYMB8GA1UdIwQY
MBaAFH1m0Z5TiPEsHSihbDKNhsNk6cx5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZldiUm5sT0k4U3dkS0tGc01vMkd3MlRwekhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hY2U5YmQtZjMzZC00ODZlLWIzOTQt
ZjBkMDc1YTQzN2YxLzEvOTk2TGVkbG8wcTBRV0kyazhBZkpBVGhHNkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hY2U5YmQtZjMzZC00ODZlLWIzOTQtZjBkMDc1YTQzN2Yx
LzEvZldiUm5sT0k4U3dkS0tGc01vMkd3MlRwekhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaQoMA0G
CSqGSIb3DQEBCwUAA4IBAQAzN4+r6qP/WnO2O0kdJVz4jaZ2PW0Vb+JcCb7t61No
Lc0B1ZW0R2WGWGoiQKX3/00BSW05plRnbFY/qdqrRh3sDehRhcxIP2cHoi53hV4Z
LM7YJvgWpWXvtf1nF5TglOfcgidguqKCDqkp0AdVIrcxjS8lymEH/YqJbhLo/Emb
pX5KIn1zLRzATUAo8WpoK0k/dsOeylO87hM7xNwUbLfHULnXoO1NkcBnKrjmOiBR
7rFHxDMk8cyzJ9yAzqtm4aRPHdq94CykUUQtXHFzwhjqPaiL/KwxORA5oWT7Op7X
FqTnDyw3Blu/Lu451xvttWc/lFnAtoqk7der+IqdAuZf
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:32:14 2025 by rpki-client