Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/a0kd6g4fwfhiC1xbA53TvTJPppQ.roa
File: a0kd6g4fwfhiC1xbA53TvTJPppQ.roa (raw, json)
Hash identifier: BnkaK3UZmC7UQZQ5RJfhE63El/fLMXzEo06ZvmgrqOE=
Subject key identifier: 6B:49:1D:EA:0E:1F:C1:F8:62:0B:5C:5B:03:9D:D3:BD:32:4F:A6:94
Certificate issuer: /CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Certificate serial: 038FEF0E
Authority key identifier: B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/a0kd6g4fwfhiC1xbA53TvTJPppQ.roa
Signing time: Sat 01 Jan 2022 12:59:10 +0000
ROA not before: Sat 01 Jan 2022 12:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206862
IP address blocks: 194.53.118.0/23 maxlen: 23
194.53.122.0/23 maxlen: 23
185.173.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59764494 (0x38fef0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Validity
Not Before: Jan 1 12:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b491dea0e1fc1f8620b5c5b039dd3bd324fa694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:dd:d0:fb:3d:fd:40:ef:00:8d:60:f6:57:
88:7f:e2:67:5b:d7:1e:12:31:ed:c5:4c:02:41:d7:
f1:5e:db:42:a0:9f:2e:ec:f2:de:56:40:26:ba:3c:
3b:d8:51:ad:54:c3:72:a5:3b:98:b4:2f:7d:cd:74:
3c:c3:a3:d3:e2:88:7c:c2:95:02:f9:ab:a6:fb:8f:
0f:f3:25:f5:e7:ae:fe:dd:29:6a:3a:6b:ed:69:f4:
d1:b2:4f:50:08:a7:71:ff:5d:9a:85:4c:bf:3f:68:
7a:3a:29:0f:81:50:74:34:1a:e1:9b:f1:66:9b:3e:
84:90:e1:71:2c:4c:06:77:ba:04:d4:59:bb:3c:8d:
56:c0:3d:b7:43:e6:2b:81:74:59:cc:64:30:8d:17:
e2:79:11:2a:b1:d6:7e:3d:01:61:cd:09:8d:3e:e7:
6e:71:58:db:e2:7b:53:c6:bb:8d:2f:47:8d:35:47:
b1:81:b9:02:90:3d:17:c0:0c:f3:6c:19:27:e6:b2:
ea:57:30:e4:93:03:81:cc:bb:ac:72:64:0e:8d:ad:
c0:86:e3:bb:e2:4e:bc:79:52:c7:25:13:0a:47:e7:
eb:e1:05:2e:71:fb:0e:26:bb:4a:5f:69:4a:0c:7c:
26:77:29:81:ab:54:38:65:7c:b5:11:34:45:eb:08:
7b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:49:1D:EA:0E:1F:C1:F8:62:0B:5C:5B:03:9D:D3:BD:32:4F:A6:94
X509v3 Authority Key Identifier:
keyid:B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/a0kd6g4fwfhiC1xbA53TvTJPppQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.168.0/22
194.53.118.0/23
194.53.122.0/23
Signature Algorithm: sha256WithRSAEncryption
20:0e:8b:e2:80:b4:72:47:ac:c9:2b:3e:a1:07:f7:6c:23:df:
b2:92:75:36:27:0e:8e:64:ad:ef:a7:31:41:30:66:dd:8f:54:
3c:8d:89:6f:bf:6c:10:85:1b:30:ec:d1:dd:40:60:5b:b1:33:
24:47:b2:46:18:21:53:2b:af:1f:bd:8b:98:0c:e1:61:48:53:
db:c3:34:cf:2c:43:0c:2f:b5:21:cd:8e:b0:8f:d7:e8:58:0e:
ed:45:17:8d:20:52:0b:4e:71:c3:4c:7b:20:bd:67:70:c4:34:
f5:04:78:fc:4c:7f:2e:2f:7f:c2:83:94:60:ab:cd:f9:ff:81:
dd:40:89:47:fb:98:3d:85:08:3d:cc:ad:a4:64:2f:4b:e3:1b:
0d:58:d3:4d:ea:c2:7d:51:40:75:2f:9a:e8:63:25:62:fb:da:
df:05:33:e5:b4:6b:e3:e7:10:26:c2:23:ed:0b:dd:22:c4:9f:
81:50:ed:87:75:ca:3d:6a:76:c3:bf:15:b1:42:fd:bf:9c:6c:
57:23:83:a4:5b:cd:52:ef:35:fb:94:c7:e9:42:cc:64:78:dd:
44:af:61:61:5a:6c:0d:03:36:d6:ca:f8:d0:91:d6:21:b6:cd:
b8:21:00:c1:83:b0:5b:6e:d3:09:a5:07:39:06:63:77:51:af:
8a:08:8c:70
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA4/vDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NTc4YTQ2MWE4NTlkZGM5ODZjMDhhODhlOTUxMmQ1YzNkMjIxMGU2MB4XDTIyMDEw
MTEyNTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI0OTFkZWEwZTFm
YzFmODYyMGI1YzViMDM5ZGQzYmQzMjRmYTY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/F3dD7Pf1A7wCNYPZXiH/iZ1vXHhIx7cVMAkHX8V7bQqCf
Luzy3lZAJro8O9hRrVTDcqU7mLQvfc10PMOj0+KIfMKVAvmrpvuPD/Ml9eeu/t0p
ajpr7Wn00bJPUAincf9dmoVMvz9oejopD4FQdDQa4ZvxZps+hJDhcSxMBne6BNRZ
uzyNVsA9t0PmK4F0WcxkMI0X4nkRKrHWfj0BYc0JjT7nbnFY2+J7U8a7jS9HjTVH
sYG5ApA9F8AM82wZJ+ay6lcw5JMDgcy7rHJkDo2twIbju+JOvHlSxyUTCkfn6+EF
LnH7Dia7Sl9pSgx8JncpgatUOGV8tRE0ResIe9UCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRrSR3qDh/B+GILXFsDndO9Mk+mlDAfBgNVHSMEGDAWgBS1eKRhqFndyYbA
iojpUS1cPSIQ5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RYaWtZYWhaM2NtR3dJcUk2VkV0WEQwaUVPWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMGNlZTM0LTVhY2MtNDJkNS1hNWJmLWZjMWMwY2NiYzBiNy8x
L2Ewa2Q2ZzRmd2ZoaUMxeGJBNTNUdlRKUHBwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MGNlZTM0LTVhY2MtNDJkNS1hNWJmLWZjMWMwY2NiYzBiNy8xL3RYaWtZYWhaM2Nt
R3dJcUk2VkV0WEQwaUVPWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArmtqAMEAcI1dgMEAcI1ejANBgkq
hkiG9w0BAQsFAAOCAQEAIA6L4oC0ckesySs+oQf3bCPfspJ1NicOjmSt76cxQTBm
3Y9UPI2Jb79sEIUbMOzR3UBgW7EzJEeyRhghUyuvH72LmAzhYUhT28M0zyxDDC+1
Ic2OsI/X6FgO7UUXjSBSC05xw0x7IL1ncMQ09QR4/Ex/Li9/woOUYKvN+f+B3UCJ
R/uYPYUIPcytpGQvS+MbDVjTTerCfVFAdS+a6GMlYvva3wUz5bRr4+cQJsIj7Qvd
IsSfgVDth3XKPWp2w78VsUL9v5xsVyODpFvNUu81+5TH6ULMZHjdRK9hYVpsDQM2
1sr40JHWIbbNuCEAwYOwW27TCaUHOQZjd1GvigiMcA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:00 2025 by rpki-client