Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/oXFGghEBtELXvN6NMKipmTRLFOI.roa
File: oXFGghEBtELXvN6NMKipmTRLFOI.roa (raw, json)
Hash identifier: Qv41emYg4r5dU8KdL0z25JNrn/6knSIxxRMpci/h9mk=
Subject key identifier: A1:71:46:82:11:01:B4:42:D7:BC:DE:8D:30:A8:A9:99:34:4B:14:E2
Certificate issuer: /CN=805c0c9f23763c037bd6884745cf8464d2db663e
Certificate serial: 0C4ECBE6
Authority key identifier: 80:5C:0C:9F:23:76:3C:03:7B:D6:88:47:45:CF:84:64:D2:DB:66:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gFwMnyN2PAN71ohHRc-EZNLbZj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/oXFGghEBtELXvN6NMKipmTRLFOI.roa
Signing time: Sat 01 Jan 2022 03:01:18 +0000
ROA not before: Sat 01 Jan 2022 03:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41480
IP address blocks: 185.25.164.0/22 maxlen: 22
185.67.24.0/22 maxlen: 22
2a00:8120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206490598 (0xc4ecbe6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=805c0c9f23763c037bd6884745cf8464d2db663e
Validity
Not Before: Jan 1 03:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a17146821101b442d7bcde8d30a8a999344b14e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:ab:4c:29:a4:b9:82:0a:74:1a:41:a3:d6:
a9:e1:47:4d:6e:63:51:bb:0f:45:0e:4e:d7:c0:1c:
35:02:05:39:78:d1:0d:29:a7:f2:a6:7e:72:d5:7b:
34:ac:28:08:e1:60:72:7f:e6:ba:cb:73:02:aa:80:
cc:94:1e:fe:13:fa:7e:27:28:95:68:bc:20:25:b2:
cb:7b:93:47:d6:82:3d:57:c7:3e:83:fe:11:9c:e5:
40:d7:95:0f:dd:33:50:21:13:d8:ce:d4:4c:4a:4b:
c1:89:7e:14:54:0f:20:01:f6:22:1b:ad:6a:25:f3:
39:b5:dc:76:08:20:00:34:e3:ba:15:0d:d5:e9:37:
f1:de:b2:20:63:58:cd:1c:1e:08:cf:91:b4:9a:41:
19:ac:ba:ee:9c:44:c3:e6:47:a0:c2:3e:0a:89:f0:
8b:15:6e:c4:a4:58:50:7b:67:f3:d7:5b:d9:26:a5:
7a:f4:b0:4a:65:7f:07:78:99:15:db:7d:b7:28:85:
a8:09:89:ea:47:ac:25:51:7f:2f:07:1f:2d:65:ba:
e2:6b:87:ce:ab:44:e7:f9:ac:7b:a2:07:db:cf:95:
aa:34:05:ec:16:79:b5:a4:0c:eb:99:2a:02:ab:a6:
ab:90:d8:9c:80:db:ce:e1:10:c5:97:6c:8c:fd:28:
27:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:71:46:82:11:01:B4:42:D7:BC:DE:8D:30:A8:A9:99:34:4B:14:E2
X509v3 Authority Key Identifier:
keyid:80:5C:0C:9F:23:76:3C:03:7B:D6:88:47:45:CF:84:64:D2:DB:66:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gFwMnyN2PAN71ohHRc-EZNLbZj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/oXFGghEBtELXvN6NMKipmTRLFOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7247d5-e283-4b29-acfd-82e1e200504e/1/gFwMnyN2PAN71ohHRc-EZNLbZj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.164.0/22
185.67.24.0/22
IPv6:
2a00:8120::/32
Signature Algorithm: sha256WithRSAEncryption
79:fb:ae:82:d2:b6:a9:9e:96:bf:df:aa:0d:73:ea:43:32:9b:
e6:8d:62:db:ce:0e:20:0d:5a:c8:7a:03:cb:7f:5f:4a:28:fd:
a0:d3:0c:ed:69:dc:55:c1:1a:96:fe:5c:70:03:1c:b5:58:f7:
32:17:2d:04:35:e3:98:7b:15:f7:25:89:27:e2:7c:7d:16:bc:
94:0c:26:17:05:c0:09:7c:5f:d1:b4:53:6b:cc:ea:5e:03:1a:
42:10:c1:84:5a:de:60:84:8d:8f:ca:47:b6:33:b4:05:52:fa:
7f:7d:04:24:54:9a:ac:c6:76:3d:61:43:6c:00:30:41:ad:78:
4e:28:08:c5:15:df:39:d3:03:2d:68:32:e4:7d:51:ba:a1:28:
ae:2f:ff:a8:6c:1e:41:8f:2e:68:e3:67:6e:0d:cb:ae:cb:90:
6f:d7:95:33:ad:5d:d0:8f:49:b8:d3:15:ac:a0:ad:87:9f:8a:
93:53:cd:bf:91:bd:db:2a:18:c8:1b:1a:e4:26:b7:52:49:29:
7e:75:dd:0e:cf:4f:c2:32:25:50:db:56:1b:36:d4:22:31:27:
6b:1c:4f:fc:f7:13:f1:92:15:8e:e7:e4:74:7c:77:68:bc:f1:
07:07:93:89:5d:db:5c:65:d3:ed:b4:c0:9e:c3:9e:d8:d0:26:
42:7b:d4:ee
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDE7L5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDVjMGM5ZjIzNzYzYzAzN2JkNjg4NDc0NWNmODQ2NGQyZGI2NjNlMB4XDTIyMDEw
MTAzMDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3MTQ2ODIxMTAx
YjQ0MmQ3YmNkZThkMzBhOGE5OTkzNDRiMTRlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK73q0wppLmCCnQaQaPWqeFHTW5jUbsPRQ5O18AcNQIFOXjR
DSmn8qZ+ctV7NKwoCOFgcn/mustzAqqAzJQe/hP6ficolWi8ICWyy3uTR9aCPVfH
PoP+EZzlQNeVD90zUCET2M7UTEpLwYl+FFQPIAH2IhutaiXzObXcdgggADTjuhUN
1ek38d6yIGNYzRweCM+RtJpBGay67pxEw+ZHoMI+ConwixVuxKRYUHtn89db2Sal
evSwSmV/B3iZFdt9tyiFqAmJ6kesJVF/LwcfLWW64muHzqtE5/mse6IH28+VqjQF
7BZ5taQM65kqAqumq5DYnIDbzuEQxZdsjP0oJ3ECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBShcUaCEQG0Qte83o0wqKmZNEsU4jAfBgNVHSMEGDAWgBSAXAyfI3Y8A3vW
iEdFz4Rk0ttmPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dGd01ueU4yUEFONzFvaEhSYy1FWk5MYlpqNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvNzI0N2Q1LWUyODMtNGIyOS1hY2ZkLTgyZTFlMjAwNTA0ZS8x
L29YRkdnaEVCdEVMWHZONk5NS2lwbVRSTEZPSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
NzI0N2Q1LWUyODMtNGIyOS1hY2ZkLTgyZTFlMjAwNTA0ZS8xL2dGd01ueU4yUEFO
NzFvaEhSYy1FWk5MYlpqNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkZpAMEArlDGDANBAIAAjAHAwUA
KgCBIDANBgkqhkiG9w0BAQsFAAOCAQEAefuugtK2qZ6Wv9+qDXPqQzKb5o1i284O
IA1ayHoDy39fSij9oNMM7WncVcEalv5ccAMctVj3MhctBDXjmHsV9yWJJ+J8fRa8
lAwmFwXACXxf0bRTa8zqXgMaQhDBhFreYISNj8pHtjO0BVL6f30EJFSarMZ2PWFD
bAAwQa14TigIxRXfOdMDLWgy5H1RuqEori//qGweQY8uaONnbg3LrsuQb9eVM61d
0I9JuNMVrKCth5+Kk1PNv5G92yoYyBsa5Ca3UkkpfnXdDs9PwjIlUNtWGzbUIjEn
axxP/PcT8ZIVjufkdHx3aLzxBweTiV3bXGXT7bTAnsOe2NAmQnvU7g==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:37:47 2025 by rpki-client