Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/44AZqeiZCFGQPiTa3m8JG9HlgWg.roa
File: 44AZqeiZCFGQPiTa3m8JG9HlgWg.roa (raw, json)
Hash identifier: EX9cdchopHInpKFIu6pJJct5nvbW6RLYLHiBQaQgmTc=
Subject key identifier: E3:80:19:A9:E8:99:08:51:90:3E:24:DA:DE:6F:09:1B:D1:E5:81:68
Certificate issuer: /CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Certificate serial: 0188E8328836E589EDBF6A37192BE9ECF3F5
Authority key identifier: 79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/44AZqeiZCFGQPiTa3m8JG9HlgWg.roa
Signing time: Fri 23 Jun 2023 12:20:05 +0000
ROA not before: Fri 23 Jun 2023 12:20:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209346
IP address blocks: 185.157.0.0/22 maxlen: 24
2a0b:2ec0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e8:32:88:36:e5:89:ed:bf:6a:37:19:2b:e9:ec:f3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79bb7749abde6f5da4eb1c6ed1c57681617846b0
Validity
Not Before: Jun 23 12:20:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e38019a9e8990851903e24dade6f091bd1e58168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:53:81:28:3b:92:a1:e2:df:57:a0:20:c2:b1:
4c:36:d3:16:05:1a:43:15:8d:75:9c:62:79:25:02:
64:45:fa:ad:8c:9a:14:63:12:48:e7:5e:97:62:f2:
c9:ea:3b:c3:bc:84:be:19:3d:55:70:a6:9a:ad:ed:
4c:55:69:2c:58:c9:51:08:8d:b9:a2:43:17:08:9c:
d5:5e:78:76:ae:c7:3a:c4:a1:00:bd:9c:f7:5f:f5:
9b:a0:b8:9d:d2:ad:4b:6e:4f:f0:7c:01:c7:73:11:
b7:ea:0c:ec:86:69:29:1a:f7:77:cd:fd:08:88:8f:
9b:97:d8:64:d4:9d:79:81:5a:54:6a:c2:29:35:c1:
b1:cb:3e:f8:a7:88:01:57:f0:ba:f6:5b:df:b4:02:
86:c3:17:67:0b:61:6e:b3:d5:42:bb:82:24:89:90:
34:04:48:b0:fe:45:18:ff:08:f1:59:0e:c1:ff:35:
cf:87:0a:ff:83:7f:8e:2d:35:7e:c0:b3:54:57:bc:
bd:64:97:d8:9c:26:88:f0:49:93:3c:af:d8:4c:4a:
6e:00:60:04:e5:76:4c:e2:e8:9d:b4:63:20:8e:8e:
eb:8e:15:29:50:8b:03:ac:1c:5a:73:ef:73:6a:cc:
14:04:91:62:6c:95:09:4c:72:86:d2:3a:97:6a:36:
7b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:80:19:A9:E8:99:08:51:90:3E:24:DA:DE:6F:09:1B:D1:E5:81:68
X509v3 Authority Key Identifier:
keyid:79:BB:77:49:AB:DE:6F:5D:A4:EB:1C:6E:D1:C5:76:81:61:78:46:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebt3Saveb12k6xxu0cV2gWF4RrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/44AZqeiZCFGQPiTa3m8JG9HlgWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/25b7b8-c302-4dda-898a-4825e18d7301/1/ebt3Saveb12k6xxu0cV2gWF4RrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.0.0/22
IPv6:
2a0b:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:a9:21:14:35:6e:75:d0:74:68:d9:42:62:7b:45:9b:94:34:
ce:b4:25:b3:3a:21:56:fc:88:1c:f7:36:50:fc:2c:aa:df:ec:
7d:2a:c0:f2:64:2a:f2:8c:06:b2:cf:a7:b3:2b:92:76:6e:d8:
9b:ce:37:c3:1f:ef:fd:d2:e6:5b:b2:47:13:da:97:55:76:f4:
29:99:e4:fd:28:e1:a8:05:b7:c7:3d:ea:06:67:12:19:b8:d7:
14:e4:6f:19:a4:17:2a:bb:d5:f5:d5:b1:a4:3e:a5:ae:a6:e3:
d7:31:e6:c0:c8:97:c2:c6:25:c9:35:af:2d:97:13:c7:f9:23:
2d:cd:90:fb:08:20:2d:a8:db:bf:55:74:47:79:af:84:99:43:
0c:ce:82:49:c7:39:a4:4f:46:4c:ff:0f:f8:d9:fa:bb:73:64:
5e:8a:a5:6d:85:7d:30:60:fc:21:0c:11:aa:37:3a:82:03:1f:
82:e4:38:55:41:91:71:51:c4:93:35:d8:17:7b:ca:23:2d:eb:
2c:45:0d:04:6c:ab:00:c8:80:e5:6b:c5:92:be:ea:54:ce:44:
a5:a8:ef:a0:f6:8f:af:a4:b4:1b:e0:8b:5b:0d:57:89:3f:f8:
8d:87:73:c5:ce:16:0b:ed:46:b4:e7:6c:65:00:e4:8d:64:63:
55:85:15:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjoMog25Yntv2o3GSvp7PP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YmI3NzQ5YWJkZTZmNWRhNGViMWM2ZWQxYzU3NjgxNjE3
ODQ2YjAwHhcNMjMwNjIzMTIyMDA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzgwMTlhOWU4OTkwODUxOTAzZTI0ZGFkZTZmMDkxYmQxZTU4MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVOBKDuSoeLfV6AgwrFMNtMWBRpD
FY11nGJ5JQJkRfqtjJoUYxJI516XYvLJ6jvDvIS+GT1VcKaare1MVWksWMlRCI25
okMXCJzVXnh2rsc6xKEAvZz3X/WboLid0q1Lbk/wfAHHcxG36gzshmkpGvd3zf0I
iI+bl9hk1J15gVpUasIpNcGxyz74p4gBV/C69lvftAKGwxdnC2Fus9VCu4IkiZA0
BEiw/kUY/wjxWQ7B/zXPhwr/g3+OLTV+wLNUV7y9ZJfYnCaI8EmTPK/YTEpuAGAE
5XZM4uidtGMgjo7rjhUpUIsDrBxac+9zaswUBJFibJUJTHKG0jqXajZ7WQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOOAGanomQhRkD4k2t5vCRvR5YFoMB8GA1UdIwQY
MBaAFHm7d0mr3m9dpOscbtHFdoFheEawMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEt
NDgyNWUxOGQ3MzAxLzEvNDRBWnFlaVpDRkdRUGlUYTNtOEpHOUhsZ1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yNWI3YjgtYzMwMi00ZGRhLTg5OGEtNDgyNWUxOGQ3MzAx
LzEvZWJ0M1NhdmViMTJrNnh4dTBjVjJnV0Y0UnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ0AMA0E
AgACMAcDBQMqCy7AMA0GCSqGSIb3DQEBCwUAA4IBAQCPqSEUNW510HRo2UJie0Wb
lDTOtCWzOiFW/Igc9zZQ/Cyq3+x9KsDyZCryjAayz6ezK5J2btibzjfDH+/90uZb
skcT2pdVdvQpmeT9KOGoBbfHPeoGZxIZuNcU5G8ZpBcqu9X11bGkPqWupuPXMebA
yJfCxiXJNa8tlxPH+SMtzZD7CCAtqNu/VXRHea+EmUMMzoJJxzmkT0ZM/w/42fq7
c2ReiqVthX0wYPwhDBGqNzqCAx+C5DhVQZFxUcSTNdgXe8ojLessRQ0EbKsAyIDl
a8WSvupUzkSlqO+g9o+vpLQb4ItbDVeJP/iNh3PFzhYL7Ua052xlAOSNZGNVhRU4
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:22:02 2025 by rpki-client