Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/RAPLoSWM2RRl1XmnPeA1847jiYo.roa
File: RAPLoSWM2RRl1XmnPeA1847jiYo.roa (raw, json)
Hash identifier: SFs+6OblKh4YIxNsUcNDJi/9MdBTdzMDA2GEG9lVU9M=
Subject key identifier: 44:03:CB:A1:25:8C:D9:14:65:D5:79:A7:3D:E0:35:F3:8E:E3:89:8A
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 01853F8A3AE45EA8B142B822CAA8671BDB90
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/RAPLoSWM2RRl1XmnPeA1847jiYo.roa
Signing time: Fri 23 Dec 2022 15:11:41 +0000
ROA not before: Fri 23 Dec 2022 15:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12902
IP address blocks: 185.240.112.0/22 maxlen: 24
217.77.128.0/19 maxlen: 19
217.77.144.0/24 maxlen: 24
79.98.168.0/21 maxlen: 21
79.98.170.0/24 maxlen: 24
2001:9c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:8a:3a:e4:5e:a8:b1:42:b8:22:ca:a8:67:1b:db:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Dec 23 15:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4403cba1258cd91465d579a73de035f38ee3898a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e8:eb:79:37:10:0a:12:92:67:ad:ff:f4:c5:
38:48:ea:4e:87:03:33:94:c2:0a:c3:86:2b:71:1c:
3b:a1:a0:a3:5e:96:69:01:f8:d5:ed:be:a7:a8:c9:
67:d7:ae:d1:75:0c:34:c2:a8:e8:83:da:90:c0:94:
4d:e2:32:df:54:dd:95:fb:3a:35:d8:43:13:64:7c:
22:bc:2f:b0:0c:1c:f9:28:23:0b:17:3d:50:31:6d:
2b:dd:dd:a5:ae:6f:2f:53:91:90:03:46:26:fa:55:
65:c4:1c:ae:80:07:ff:cf:ab:99:c9:5c:a3:29:15:
b1:03:19:eb:14:fa:12:8a:a3:17:61:66:87:c6:f9:
ac:88:10:d6:79:e7:62:4b:cf:2c:75:25:3c:34:78:
44:55:03:9e:99:04:85:f4:04:4b:61:57:34:d3:ed:
0a:10:81:8e:12:5f:74:24:40:a9:5d:8c:a6:fa:ae:
3a:42:53:9a:4a:dd:fb:55:8a:c6:cc:da:6f:8a:70:
7a:6d:43:68:7b:72:45:64:84:6d:64:12:fc:45:92:
eb:93:fa:26:0d:9f:a3:e0:ec:03:b2:13:af:da:12:
37:61:e2:ff:33:27:1d:54:59:27:03:b4:64:84:76:
99:d9:b0:ff:e1:a6:ba:55:8b:94:35:62:4f:75:00:
64:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:03:CB:A1:25:8C:D9:14:65:D5:79:A7:3D:E0:35:F3:8E:E3:89:8A
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/RAPLoSWM2RRl1XmnPeA1847jiYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.168.0/21
185.240.112.0/22
217.77.128.0/19
IPv6:
2001:9c0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:62:b5:1c:87:12:09:54:d7:6e:19:f6:c1:6d:db:14:bb:c4:
21:08:b9:81:0c:43:c1:c6:2c:2c:da:ff:28:6c:e6:b4:2f:8d:
cb:95:cd:66:8b:16:88:e6:0c:a7:41:36:56:3d:2f:eb:93:5e:
fe:b2:e2:7e:0e:a6:fa:fa:6e:02:f4:62:75:51:f5:d6:f0:0a:
13:fa:ff:5c:02:65:aa:b9:4f:82:c7:8a:2a:0c:6b:b0:e7:48:
84:f4:02:2d:45:c6:ed:4e:21:a0:ed:f2:03:fc:88:68:1e:72:
00:43:b6:6f:10:f4:95:5a:f1:33:e9:a4:82:c6:30:59:5a:d6:
d1:d0:a9:87:a7:92:1c:32:94:ad:22:94:ae:41:5a:91:ef:09:
20:b6:db:d9:69:42:ee:b4:0f:69:24:a5:e6:19:12:61:c0:0b:
78:40:61:be:c0:6e:2e:49:f2:a4:56:05:81:05:cc:14:5a:c0:
d0:ea:ae:d7:84:6c:b6:ed:42:13:3f:e9:36:d9:69:95:ad:68:
4b:02:a3:b1:6d:89:95:a4:2a:5c:73:82:f1:37:2e:d9:60:22:
f0:aa:56:73:d8:7a:ec:c9:a2:81:58:e3:06:47:b6:eb:e2:60:
ba:a2:79:b4:b0:7d:6d:48:94:ee:16:64:46:0c:33:0a:3a:e2:
bc:29:60:fd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYU/ijrkXqixQrgiyqhnG9uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjIxMjIzMTUxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAzY2JhMTI1OGNkOTE0NjVkNTc5YTczZGUwMzVmMzhlZTM4OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqejreTcQChKSZ63/9MU4SOpOhwMz
lMIKw4YrcRw7oaCjXpZpAfjV7b6nqMln167RdQw0wqjog9qQwJRN4jLfVN2V+zo1
2EMTZHwivC+wDBz5KCMLFz1QMW0r3d2lrm8vU5GQA0Ym+lVlxByugAf/z6uZyVyj
KRWxAxnrFPoSiqMXYWaHxvmsiBDWeediS88sdSU8NHhEVQOemQSF9ARLYVc00+0K
EIGOEl90JECpXYym+q46QlOaSt37VYrGzNpvinB6bUNoe3JFZIRtZBL8RZLrk/om
DZ+j4OwDshOv2hI3YeL/MycdVFknA7RkhHaZ2bD/4aa6VYuUNWJPdQBkhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEQDy6EljNkUZdV5pz3gNfOO44mKMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvUkFQTG9TV00yUlJsMVhtblBlQTE4NDdqaVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT2KoAwQC
ufBwAwQF2U2AMA0EAgACMAcDBQAgAQnAMA0GCSqGSIb3DQEBCwUAA4IBAQBvYrUc
hxIJVNduGfbBbdsUu8QhCLmBDEPBxiws2v8obOa0L43Llc1mixaI5gynQTZWPS/r
k17+suJ+Dqb6+m4C9GJ1UfXW8AoT+v9cAmWquU+Cx4oqDGuw50iE9AItRcbtTiGg
7fID/IhoHnIAQ7ZvEPSVWvEz6aSCxjBZWtbR0KmHp5IcMpStIpSuQVqR7wkgttvZ
aULutA9pJKXmGRJhwAt4QGG+wG4uSfKkVgWBBcwUWsDQ6q7XhGy27UITP+k22WmV
rWhLAqOxbYmVpCpcc4LxNy7ZYCLwqlZz2HrsyaKBWOMGR7br4mC6onm0sH1tSJTu
FmRGDDMKOuK8KWD9
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:48 2025 by rpki-client