Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/lW_-U7P-BYXlM5xGZ7GN6etnH1Y.roa
File: lW_-U7P-BYXlM5xGZ7GN6etnH1Y.roa (raw, json)
Hash identifier: 2yz4E08pJXx6gqmRiXNjaugfwISNLPfAzrAB+1qWfwY=
Subject key identifier: 95:6F:FE:53:B3:FE:05:85:E5:33:9C:46:67:B1:8D:E9:EB:67:1F:56
Certificate issuer: /CN=e0d435784da8c218e0ff107cdcfe24ca4569c949
Certificate serial: 0185719552F5DBD65986BB61CEA47A54E81A
Authority key identifier: E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/lW_-U7P-BYXlM5xGZ7GN6etnH1Y.roa
Signing time: Mon 02 Jan 2023 08:24:49 +0000
ROA not before: Mon 02 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59742
IP address blocks: 185.73.236.0/22 maxlen: 22
2a03:46a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:52:f5:db:d6:59:86:bb:61:ce:a4:7a:54:e8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0d435784da8c218e0ff107cdcfe24ca4569c949
Validity
Not Before: Jan 2 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956ffe53b3fe0585e5339c4667b18de9eb671f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d5:96:3f:09:23:ef:0a:ea:75:84:ac:59:9b:
9b:cf:70:17:a3:96:3e:d9:0b:7e:49:60:8d:80:cc:
4b:a7:b2:2a:1e:f3:98:64:f6:e1:05:99:62:29:43:
5c:d5:39:28:81:19:0b:7a:72:bf:19:40:db:84:99:
7e:98:88:82:c2:18:04:5a:96:cb:21:13:7a:1f:e1:
74:a5:82:4f:d9:e0:02:9d:14:31:50:d4:d6:97:0f:
17:2c:e0:81:28:8a:03:b4:6c:98:24:d0:2b:11:cf:
81:31:28:56:dc:1b:2b:1f:8d:9d:00:7b:25:12:80:
ee:bd:bd:15:02:fc:59:0c:1e:32:05:3f:a4:89:b0:
90:65:1f:a9:5a:66:fa:08:6b:0a:e4:6e:be:05:47:
30:a9:1b:7a:51:f8:f1:97:a7:6a:d7:8a:b5:ab:15:
91:63:ab:72:ec:2c:26:ee:ff:94:62:99:73:7c:82:
43:f3:eb:c1:fc:17:0a:51:93:5d:a5:7e:94:bc:24:
e5:69:9b:0f:56:4a:1b:97:83:36:93:49:93:6a:cf:
50:9d:ce:84:a2:4b:8f:03:3f:7f:c9:36:2b:34:85:
d2:52:7c:ec:40:13:3b:20:29:1f:c0:65:24:6a:23:
15:6e:de:8a:ee:5c:81:20:2e:10:c2:30:f0:8a:2c:
7e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6F:FE:53:B3:FE:05:85:E5:33:9C:46:67:B1:8D:E9:EB:67:1F:56
X509v3 Authority Key Identifier:
keyid:E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/lW_-U7P-BYXlM5xGZ7GN6etnH1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/4NQ1eE2owhjg_xB83P4kykVpyUk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.236.0/22
IPv6:
2a03:46a0::/32
Signature Algorithm: sha256WithRSAEncryption
b3:29:b9:1a:50:ae:95:54:f5:f2:2a:c0:22:ca:35:3b:eb:bc:
4f:6d:d0:29:b7:0e:db:b2:b5:00:21:0f:ba:ba:36:96:e4:dc:
8c:38:2a:51:b9:0a:70:b8:fa:3d:7a:5e:96:8f:71:2d:3a:7b:
41:be:33:3f:33:f3:6b:ba:67:47:b6:69:f1:80:89:85:35:39:
42:51:47:04:3f:de:9f:9f:31:9b:f4:f0:ad:e8:d6:b7:42:28:
26:2d:da:87:a7:a8:1f:87:91:c1:a6:de:4e:15:39:d0:b4:66:
fe:9a:37:de:b7:df:1e:a5:00:71:30:f5:a0:2d:1a:26:9c:1c:
00:7d:0c:24:83:df:47:42:49:f3:5d:c6:3e:b1:fc:5f:1d:61:
8f:4f:22:bd:df:2e:12:82:31:bd:81:0b:b3:fa:8d:00:22:48:
76:36:c6:d4:2a:fc:74:b1:fe:a6:e9:44:4e:72:46:23:2b:8a:
e2:df:d8:a2:94:d5:1c:53:23:d7:dd:9d:a3:80:9c:e0:7f:fd:
66:34:8f:e0:ca:aa:7f:eb:ba:23:22:ed:85:90:7a:4e:43:43:
58:7f:67:c5:5f:9c:c7:f0:8b:1e:b2:6a:1e:ee:a1:ad:03:5d:
cc:87:fc:a7:23:94:2f:44:cb:6b:30:13:96:5c:c8:69:1f:16:
e1:96:57:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxlVL129ZZhrthzqR6VOgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZDQzNTc4NGRhOGMyMThlMGZmMTA3Y2RjZmUyNGNhNDU2
OWM5NDkwHhcNMjMwMTAyMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZmZmU1M2IzZmUwNTg1ZTUzMzljNDY2N2IxOGRlOWViNjcxZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNWWPwkj7wrqdYSsWZubz3AXo5Y+
2Qt+SWCNgMxLp7IqHvOYZPbhBZliKUNc1TkogRkLenK/GUDbhJl+mIiCwhgEWpbL
IRN6H+F0pYJP2eACnRQxUNTWlw8XLOCBKIoDtGyYJNArEc+BMShW3BsrH42dAHsl
EoDuvb0VAvxZDB4yBT+kibCQZR+pWmb6CGsK5G6+BUcwqRt6Ufjxl6dq14q1qxWR
Y6ty7Cwm7v+UYplzfIJD8+vB/BcKUZNdpX6UvCTlaZsPVkobl4M2k0mTas9Qnc6E
okuPAz9/yTYrNIXSUnzsQBM7ICkfwGUkaiMVbt6K7lyBIC4QwjDwiix+/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJVv/lOz/gWF5TOcRmexjenrZx9WMB8GA1UdIwQY
MBaAFODUNXhNqMIY4P8QfNz+JMpFaclJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzct
ZWQ0MmQzYTYyNWE0LzEvbFdfLVU3UC1CWVhsTTV4R1o3R042ZXRuSDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzctZWQ0MmQzYTYyNWE0
LzEvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUnsMA0E
AgACMAcDBQAqA0agMA0GCSqGSIb3DQEBCwUAA4IBAQCzKbkaUK6VVPXyKsAiyjU7
67xPbdAptw7bsrUAIQ+6ujaW5NyMOCpRuQpwuPo9el6Wj3EtOntBvjM/M/NrumdH
tmnxgImFNTlCUUcEP96fnzGb9PCt6Na3QigmLdqHp6gfh5HBpt5OFTnQtGb+mjfe
t98epQBxMPWgLRomnBwAfQwkg99HQknzXcY+sfxfHWGPTyK93y4SgjG9gQuz+o0A
Ikh2NsbUKvx0sf6m6UROckYjK4ri39iilNUcUyPX3Z2jgJzgf/1mNI/gyqp/67oj
Iu2FkHpOQ0NYf2fFX5zH8Isesmoe7qGtA13Mh/ynI5QvRMtrMBOWXMhpHxbhllfa
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:16:49 2025 by rpki-client