Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/CNdFAlIKhi5bO3lDWLax85GEpQk.roa
File: CNdFAlIKhi5bO3lDWLax85GEpQk.roa (raw, json)
Hash identifier: vIUeMXRNCKCeHua7A0v94piNvW0TRtneDRsZbqtWvTA=
Subject key identifier: 08:D7:45:02:52:0A:86:2E:5B:3B:79:43:58:B6:B1:F3:91:84:A5:09
Certificate issuer: /CN=7d66d19e5388f12c1d28a16c328d86c364e9cc79
Certificate serial: 73DAA3
Authority key identifier: 7D:66:D1:9E:53:88:F1:2C:1D:28:A1:6C:32:8D:86:C3:64:E9:CC:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/CNdFAlIKhi5bO3lDWLax85GEpQk.roa
Signing time: Sat 01 Jan 2022 03:59:07 +0000
ROA not before: Sat 01 Jan 2022 03:59:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56909
IP address blocks: 185.164.40.0/24 maxlen: 24
185.164.43.0/24 maxlen: 24
185.164.42.0/24 maxlen: 24
185.164.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7592611 (0x73daa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d66d19e5388f12c1d28a16c328d86c364e9cc79
Validity
Not Before: Jan 1 03:59:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08d74502520a862e5b3b794358b6b1f39184a509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8c:c1:c8:2f:27:be:87:df:85:cb:70:4e:cf:
8b:cf:2c:8e:4a:a8:80:4e:9d:12:f0:9c:74:5d:26:
34:1e:51:00:c8:a5:ac:5b:b2:c3:ba:32:7a:13:b6:
7f:a2:a6:52:9f:d9:b0:3c:6a:85:b3:40:24:d2:de:
7e:82:45:70:b0:06:fa:b3:39:e7:7b:11:bc:3e:56:
16:db:1b:6b:6a:f9:4e:6a:01:37:ae:13:4d:87:7e:
1e:fc:c8:61:e7:1e:ed:92:06:fe:f5:88:ae:49:e9:
a4:34:8a:98:a1:96:0a:42:8a:2f:c2:6c:8b:0c:7c:
7d:48:b7:38:34:48:bf:c2:5f:8b:5f:c0:1d:83:c0:
6e:83:29:85:5b:4e:f5:3c:4f:59:46:04:82:79:36:
7a:d0:4d:e4:84:d0:ba:08:a3:ce:b4:ab:7a:3c:64:
14:30:ca:0c:aa:f1:2f:b7:67:fc:1f:14:61:99:b5:
13:ac:74:7b:00:99:36:d5:f4:33:fa:35:b5:77:47:
76:0e:29:67:54:f9:c9:04:c9:36:a4:d5:80:3a:c2:
d9:54:a6:21:29:3c:92:1d:91:61:a6:96:2b:87:8e:
d4:f0:5d:cf:57:0e:99:35:63:75:34:09:61:b5:84:
a2:67:c8:51:67:46:01:3b:eb:8b:71:f9:cf:c0:de:
45:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D7:45:02:52:0A:86:2E:5B:3B:79:43:58:B6:B1:F3:91:84:A5:09
X509v3 Authority Key Identifier:
keyid:7D:66:D1:9E:53:88:F1:2C:1D:28:A1:6C:32:8D:86:C3:64:E9:CC:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/CNdFAlIKhi5bO3lDWLax85GEpQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/ace9bd-f33d-486e-b394-f0d075a437f1/1/fWbRnlOI8SwdKKFsMo2Gw2TpzHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.40.0/22
Signature Algorithm: sha256WithRSAEncryption
98:e2:d7:47:25:71:02:98:c5:07:fb:f6:bb:bb:b8:92:fd:b2:
6c:6f:45:ed:ef:e4:8e:b3:ea:aa:69:45:5c:eb:0e:bb:d4:0c:
1c:f3:d0:8f:b1:57:30:31:4e:c4:02:de:0d:25:97:df:8d:db:
12:d1:45:85:a2:f7:c8:31:5f:6e:d8:8e:71:43:3f:57:c1:d6:
d1:7e:89:c7:2c:69:e4:b9:45:86:f6:12:ed:11:20:4d:ca:52:
52:bc:72:b1:31:dd:3d:e3:1f:11:84:26:59:cc:4e:96:38:9b:
cd:8a:98:40:b3:17:cd:2f:08:11:d0:75:34:d3:e4:a7:1f:6a:
c4:a7:7d:e5:11:57:6b:57:34:84:f4:5b:ac:79:6f:9d:a0:c0:
82:34:2b:66:c1:13:79:97:30:cb:49:27:5d:0f:c7:e1:9d:49:
5b:23:00:47:e2:7c:c5:ac:40:a9:de:83:33:c1:2c:4f:80:1d:
2a:59:02:54:35:8d:ca:a5:1e:42:ab:fa:67:28:6f:bc:f6:fa:
f8:a6:15:87:fb:3d:4a:68:21:fd:58:ad:8e:63:4b:3d:5e:48:
58:4b:97:be:96:04:c9:03:f7:f3:a9:5b:63:24:47:95:cb:c0:
c2:9f:79:18:08:ea:be:bc:fd:ba:23:48:23:cc:8d:c3:57:a2:
46:85:4b:d5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDc9qjMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdk
NjZkMTllNTM4OGYxMmMxZDI4YTE2YzMyOGQ4NmMzNjRlOWNjNzkwHhcNMjIwMTAx
MDM1OTA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwOGQ3NDUwMjUyMGE4
NjJlNWIzYjc5NDM1OGI2YjFmMzkxODRhNTA5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAn4zByC8nvoffhctwTs+LzyyOSqiATp0S8Jx0XSY0HlEAyKWs
W7LDujJ6E7Z/oqZSn9mwPGqFs0Ak0t5+gkVwsAb6sznnexG8PlYW2xtravlOagE3
rhNNh34e/Mhh5x7tkgb+9YiuSemkNIqYoZYKQoovwmyLDHx9SLc4NEi/wl+LX8Ad
g8BugymFW071PE9ZRgSCeTZ60E3khNC6CKPOtKt6PGQUMMoMqvEvt2f8HxRhmbUT
rHR7AJk21fQz+jW1d0d2DilnVPnJBMk2pNWAOsLZVKYhKTySHZFhppYrh47U8F3P
Vw6ZNWN1NAlhtYSiZ8hRZ0YBO+uLcfnPwN5F/QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAjXRQJSCoYuWzt5Q1i2sfORhKUJMB8GA1UdIwQYMBaAFH1m0Z5TiPEsHSih
bDKNhsNk6cx5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZldiUm5sT0k4U3dkS0tGc01vMkd3MlRwekhrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81OC9hY2U5YmQtZjMzZC00ODZlLWIzOTQtZjBkMDc1YTQzN2YxLzEv
Q05kRkFsSUtoaTViTzNsRFdMYXg4NUdFcFFrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9h
Y2U5YmQtZjMzZC00ODZlLWIzOTQtZjBkMDc1YTQzN2YxLzEvZldiUm5sT0k4U3dk
S0tGc01vMkd3MlRwekhrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaQoMA0GCSqGSIb3DQEBCwUAA4IB
AQCY4tdHJXECmMUH+/a7u7iS/bJsb0Xt7+SOs+qqaUVc6w671Awc89CPsVcwMU7E
At4NJZffjdsS0UWFovfIMV9u2I5xQz9XwdbRfonHLGnkuUWG9hLtESBNylJSvHKx
Md094x8RhCZZzE6WOJvNiphAsxfNLwgR0HU00+SnH2rEp33lEVdrVzSE9FuseW+d
oMCCNCtmwRN5lzDLSSddD8fhnUlbIwBH4nzFrECp3oMzwSxPgB0qWQJUNY3KpR5C
q/pnKG+89vr4phWH+z1KaCH9WK2OY0s9XkhYS5e+lgTJA/fzqVtjJEeVy8DCn3kY
COq+vP26I0gjzI3DV6JGhUvV
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:02:31 2025 by rpki-client