Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/PoXLlJsmkiMJjiHzbt0Mf3oMSWU.roa
File: PoXLlJsmkiMJjiHzbt0Mf3oMSWU.roa (raw, json)
Hash identifier: JSFnZtl3e9Fg8HyW7/AbDQDqg8ZNlwBL2xFxD8cEeU8=
Subject key identifier: 3E:85:CB:94:9B:26:92:23:09:8E:21:F3:6E:DD:0C:7F:7A:0C:49:65
Certificate issuer: /CN=370ea1b05cbd4e5c0926787c79533ee29d94be96
Certificate serial: 01856F4B778ADA54DB54A78E8FB1BE66B68B
Authority key identifier: 37:0E:A1:B0:5C:BD:4E:5C:09:26:78:7C:79:53:3E:E2:9D:94:BE:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/PoXLlJsmkiMJjiHzbt0Mf3oMSWU.roa
Signing time: Sun 01 Jan 2023 21:44:54 +0000
ROA not before: Sun 01 Jan 2023 21:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20704
IP address blocks: 185.158.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:77:8a:da:54:db:54:a7:8e:8f:b1:be:66:b6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370ea1b05cbd4e5c0926787c79533ee29d94be96
Validity
Not Before: Jan 1 21:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e85cb949b269223098e21f36edd0c7f7a0c4965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f2:e5:40:10:67:29:c8:e7:49:9f:56:d3:79:
c8:de:a4:40:52:7f:96:20:32:ba:2f:9a:90:50:9e:
95:d4:fa:45:32:88:ed:8c:4b:4b:28:6c:c2:c5:1e:
63:05:c4:c0:de:af:32:e2:70:28:11:7c:e1:b0:ce:
54:5d:8c:c1:d4:34:07:fa:4a:59:cf:75:9e:55:40:
32:5b:44:c3:43:60:58:48:6e:dd:4e:0d:84:8b:bc:
53:fa:6d:87:c4:ed:7d:2b:23:67:10:ec:71:23:37:
b0:b5:af:36:7c:a6:a2:56:6d:b3:19:13:ab:ab:c2:
12:14:4b:f5:b6:8c:34:21:50:4e:f6:d1:a6:a7:8c:
19:e7:4b:ef:8c:95:b5:d3:4e:9f:af:be:88:04:24:
c5:84:df:36:9c:3b:56:3e:0e:d8:41:44:00:e3:ff:
43:45:6a:1c:53:7d:be:f9:93:82:b5:97:ff:7a:62:
4d:c2:ea:29:02:37:4c:aa:c1:d1:51:82:2b:8f:b1:
fd:44:fa:10:e1:e7:0a:94:4e:6f:09:79:5a:b9:34:
2d:86:6f:dc:33:92:d4:0e:ce:0f:0a:18:44:bf:9c:
f0:85:6f:eb:a2:8b:5e:f5:bb:71:fd:28:c6:f4:a7:
03:25:86:37:7d:2c:09:d0:8c:24:7c:6e:21:0d:77:
d6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:85:CB:94:9B:26:92:23:09:8E:21:F3:6E:DD:0C:7F:7A:0C:49:65
X509v3 Authority Key Identifier:
keyid:37:0E:A1:B0:5C:BD:4E:5C:09:26:78:7C:79:53:3E:E2:9D:94:BE:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/PoXLlJsmkiMJjiHzbt0Mf3oMSWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5b2d16-087f-488c-9ebb-e8a322846641/1/Nw6hsFy9TlwJJnh8eVM-4p2UvpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.16.0/22
Signature Algorithm: sha256WithRSAEncryption
91:0c:ec:ef:5d:ca:cb:7a:13:05:e8:17:e8:5d:2b:92:ee:b1:
32:d9:6e:8c:9d:de:9b:e7:b8:01:cf:82:ec:83:09:20:ca:e4:
88:78:91:38:83:8c:90:ec:56:43:e9:91:9c:ec:d1:0f:56:a2:
ac:e2:49:72:7c:9b:15:b2:46:ea:c7:57:1d:19:14:65:29:a8:
f1:51:7d:6a:39:1a:d4:df:72:24:35:60:79:2a:3c:77:47:09:
22:6b:e9:67:da:44:04:e5:f7:ce:74:ef:f8:92:15:d2:d4:12:
6e:bd:6e:7e:25:f8:db:fd:b8:b4:4f:d4:3c:f1:9e:9f:eb:52:
d1:b9:c8:29:93:23:36:88:47:f9:6f:6b:02:67:83:16:30:05:
10:a4:f3:db:78:ba:a2:cc:e7:01:1a:58:71:b4:cf:3e:b1:df:
fb:c0:fe:6e:af:a9:59:01:d5:19:e6:c8:73:b0:2b:f1:55:8c:
70:52:26:85:08:0b:d9:50:b8:49:82:a3:11:ea:55:9f:b1:bc:
f4:c0:cb:fe:ac:f0:a1:81:23:e1:0e:61:2f:79:25:ee:7d:39:
03:37:88:92:c2:9f:1f:9b:5d:32:39:99:af:c5:3b:05:96:0c:
55:ef:8f:0a:7f:e9:98:47:1b:49:bb:25:40:07:bc:9b:a4:15:
98:e1:d2:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3eK2lTbVKeOj7G+ZraLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGVhMWIwNWNiZDRlNWMwOTI2Nzg3Yzc5NTMzZWUyOWQ5
NGJlOTYwHhcNMjMwMTAxMjE0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTg1Y2I5NDliMjY5MjIzMDk4ZTIxZjM2ZWRkMGM3ZjdhMGM0OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPLlQBBnKcjnSZ9W03nI3qRAUn+W
IDK6L5qQUJ6V1PpFMojtjEtLKGzCxR5jBcTA3q8y4nAoEXzhsM5UXYzB1DQH+kpZ
z3WeVUAyW0TDQ2BYSG7dTg2Ei7xT+m2HxO19KyNnEOxxIzewta82fKaiVm2zGROr
q8ISFEv1tow0IVBO9tGmp4wZ50vvjJW1006fr76IBCTFhN82nDtWPg7YQUQA4/9D
RWocU32++ZOCtZf/emJNwuopAjdMqsHRUYIrj7H9RPoQ4ecKlE5vCXlauTQthm/c
M5LUDs4PChhEv5zwhW/roote9btx/SjG9KcDJYY3fSwJ0IwkfG4hDXfWAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD6Fy5SbJpIjCY4h827dDH96DEllMB8GA1UdIwQY
MBaAFDcOobBcvU5cCSZ4fHlTPuKdlL6WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc2aHNGeTlUbHdKSm5oOGVWTS00cDJVdnBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81YjJkMTYtMDg3Zi00ODhjLTllYmIt
ZThhMzIyODQ2NjQxLzEvUG9YTGxKc21raU1KamlIemJ0ME1mM29NU1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81YjJkMTYtMDg3Zi00ODhjLTllYmItZThhMzIyODQ2NjQx
LzEvTnc2aHNGeTlUbHdKSm5oOGVWTS00cDJVdnBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ4QMA0G
CSqGSIb3DQEBCwUAA4IBAQCRDOzvXcrLehMF6BfoXSuS7rEy2W6Mnd6b57gBz4Ls
gwkgyuSIeJE4g4yQ7FZD6ZGc7NEPVqKs4klyfJsVskbqx1cdGRRlKajxUX1qORrU
33IkNWB5Kjx3Rwkia+ln2kQE5ffOdO/4khXS1BJuvW5+Jfjb/bi0T9Q88Z6f61LR
ucgpkyM2iEf5b2sCZ4MWMAUQpPPbeLqizOcBGlhxtM8+sd/7wP5ur6lZAdUZ5shz
sCvxVYxwUiaFCAvZULhJgqMR6lWfsbz0wMv+rPChgSPhDmEveSXufTkDN4iSwp8f
m10yOZmvxTsFlgxV748Kf+mYRxtJuyVAB7ybpBWY4dLX
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:23:22 2025 by rpki-client