Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/lR9GjRyDFsBim5eSutQpD1KTYlg.roa
File: lR9GjRyDFsBim5eSutQpD1KTYlg.roa (raw, json)
Hash identifier: CwhYcFtKrqwBhucwOoob1HMCaI6xWedOa+RHbQfXEe4=
Subject key identifier: 95:1F:46:8D:1C:83:16:C0:62:9B:97:92:BA:D4:29:0F:52:93:62:58
Certificate issuer: /CN=317ef55ae76d422504eae5b206724d36443311c7
Certificate serial: 01856ECB94C54E00ECE0ACDAD4AD09EFE5A2
Authority key identifier: 31:7E:F5:5A:E7:6D:42:25:04:EA:E5:B2:06:72:4D:36:44:33:11:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MX71WudtQiUE6uWyBnJNNkQzEcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/lR9GjRyDFsBim5eSutQpD1KTYlg.roa
Signing time: Sun 01 Jan 2023 19:25:13 +0000
ROA not before: Sun 01 Jan 2023 19:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197480
IP address blocks: 178.21.136.0/21 maxlen: 21
185.3.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:94:c5:4e:00:ec:e0:ac:da:d4:ad:09:ef:e5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317ef55ae76d422504eae5b206724d36443311c7
Validity
Not Before: Jan 1 19:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=951f468d1c8316c0629b9792bad4290f52936258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:59:51:b2:4e:39:da:ca:b4:44:13:9a:a3:
b0:2a:37:4a:d9:f6:db:ab:9d:9b:21:9b:02:48:fc:
d3:8b:55:4d:e4:94:d9:c3:36:c4:d2:cf:82:8a:9e:
0e:88:4f:da:27:a3:60:51:fc:ec:fb:10:e4:9f:fb:
ce:c8:66:3f:48:f8:b0:d0:48:50:83:d6:c4:0b:12:
c3:4b:12:2e:28:3e:ae:00:1f:d0:0f:38:8d:f3:ba:
55:26:39:03:4a:cf:4a:25:b1:88:63:f4:65:78:df:
e2:2f:c1:70:12:8c:3f:34:b9:a1:4c:42:c7:7c:05:
fe:7c:6c:c9:12:75:16:f8:03:07:c3:3c:f8:da:18:
81:74:7b:f9:a2:50:ec:da:12:2e:32:ab:72:33:3c:
3c:b8:9c:4f:5a:ae:7b:1e:0e:1b:28:5d:b3:90:55:
83:6e:a8:50:49:27:71:72:da:4c:20:99:a7:ab:8e:
85:ba:01:ea:46:da:b5:12:af:59:f6:74:c3:63:45:
d1:1f:bf:ed:cd:d6:a5:e4:e1:1e:8b:d4:29:b6:6a:
af:2e:78:fc:bc:de:e5:d9:bd:1d:1e:05:2c:58:37:
b5:ce:18:fa:b7:d8:7c:a2:f1:91:2f:6e:42:77:88:
0c:32:88:61:44:20:60:46:07:c3:53:74:cf:30:62:
1c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1F:46:8D:1C:83:16:C0:62:9B:97:92:BA:D4:29:0F:52:93:62:58
X509v3 Authority Key Identifier:
keyid:31:7E:F5:5A:E7:6D:42:25:04:EA:E5:B2:06:72:4D:36:44:33:11:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MX71WudtQiUE6uWyBnJNNkQzEcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/lR9GjRyDFsBim5eSutQpD1KTYlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/84f86e-4ea7-4db3-aa30-c2c9e2393a32/1/MX71WudtQiUE6uWyBnJNNkQzEcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.136.0/21
185.3.224.0/22
Signature Algorithm: sha256WithRSAEncryption
60:13:26:44:6c:b4:ec:f4:67:1a:bf:be:e5:50:2b:62:3d:74:
9a:28:cf:c4:22:55:f9:63:3c:f9:fb:bb:96:6d:50:94:b2:2b:
e7:09:94:35:f1:8c:a3:c3:2b:38:1f:56:f6:a5:51:59:c7:d4:
34:d7:03:e5:4f:d5:70:b2:66:81:b0:ef:65:19:c9:47:e7:af:
66:6a:4f:c6:e9:44:b0:76:4e:ac:77:ba:83:b7:70:68:9e:18:
09:cd:bf:01:e7:c0:19:4e:39:ed:cf:b3:18:d3:a7:85:cb:82:
fe:64:24:fd:18:fc:f8:71:72:e4:b1:69:7e:dc:6d:c0:10:eb:
70:21:a3:54:8a:d1:0b:19:de:fe:e5:1a:c0:c7:eb:e8:da:ca:
c5:c9:ee:bb:37:1c:2e:c4:68:5b:d0:5b:ad:63:7e:bc:f3:9b:
3d:aa:17:26:44:2e:86:8d:e0:ae:67:0e:3e:99:88:c4:cb:9b:
4e:33:6b:2a:c1:39:53:97:99:de:a5:33:32:0a:5c:7f:76:39:
bf:c6:e0:22:08:03:58:5a:1d:4e:a2:dc:99:e2:be:6e:aa:c4:
5d:b5:1f:3b:6e:23:1f:a7:76:87:76:65:e1:d2:30:17:1c:14:
c3:c1:5b:9b:3e:37:22:cf:b1:86:89:5f:19:4f:89:1f:eb:98:
88:7a:c3:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy5TFTgDs4Kza1K0J7+WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxN2VmNTVhZTc2ZDQyMjUwNGVhZTViMjA2NzI0ZDM2NDQz
MzExYzcwHhcNMjMwMTAxMTkyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFmNDY4ZDFjODMxNmMwNjI5Yjk3OTJiYWQ0MjkwZjUyOTM2MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuU1ZUbJOOdrKtEQTmqOwKjdK2fbb
q52bIZsCSPzTi1VN5JTZwzbE0s+Cip4OiE/aJ6NgUfzs+xDkn/vOyGY/SPiw0EhQ
g9bECxLDSxIuKD6uAB/QDziN87pVJjkDSs9KJbGIY/RleN/iL8FwEow/NLmhTELH
fAX+fGzJEnUW+AMHwzz42hiBdHv5olDs2hIuMqtyMzw8uJxPWq57Hg4bKF2zkFWD
bqhQSSdxctpMIJmnq46FugHqRtq1Eq9Z9nTDY0XRH7/tzdal5OEei9QptmqvLnj8
vN7l2b0dHgUsWDe1zhj6t9h8ovGRL25Cd4gMMohhRCBgRgfDU3TPMGIckQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUfRo0cgxbAYpuXkrrUKQ9Sk2JYMB8GA1UdIwQY
MBaAFDF+9VrnbUIlBOrlsgZyTTZEMxHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVg3MVd1ZHRRaVVFNnVXeUJuSk5Oa1F6RWNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84NGY4NmUtNGVhNy00ZGIzLWFhMzAt
YzJjOWUyMzkzYTMyLzEvbFI5R2pSeURGc0JpbTVlU3V0UXBEMUtUWWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84NGY4NmUtNGVhNy00ZGIzLWFhMzAtYzJjOWUyMzkzYTMy
LzEvTVg3MVd1ZHRRaVVFNnVXeUJuSk5Oa1F6RWNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshWIAwQC
uQPgMA0GCSqGSIb3DQEBCwUAA4IBAQBgEyZEbLTs9Gcav77lUCtiPXSaKM/EIlX5
Yzz5+7uWbVCUsivnCZQ18Yyjwys4H1b2pVFZx9Q01wPlT9VwsmaBsO9lGclH569m
ak/G6USwdk6sd7qDt3BonhgJzb8B58AZTjntz7MY06eFy4L+ZCT9GPz4cXLksWl+
3G3AEOtwIaNUitELGd7+5RrAx+vo2srFye67NxwuxGhb0FutY36885s9qhcmRC6G
jeCuZw4+mYjEy5tOM2sqwTlTl5nepTMyClx/djm/xuAiCANYWh1OotyZ4r5uqsRd
tR87biMfp3aHdmXh0jAXHBTDwVubPjciz7GGiV8ZT4kf65iIesMg
-----END CERTIFICATE-----
Generated at Thu Mar 13 08:07:12 2025 by rpki-client