Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/rBi4rfTdept2OgmCpW8TPeKegCI.roa
File: rBi4rfTdept2OgmCpW8TPeKegCI.roa (raw, json)
Hash identifier: zKUOk/FUG93hv3Sv03L/3VxiCH7IAKn8ECnbvPVNChI=
Subject key identifier: AC:18:B8:AD:F4:DD:7A:9B:76:3A:09:82:A5:6F:13:3D:E2:9E:80:22
Certificate issuer: /CN=776a584d279f007066a38b5eb0f18e7bedb614eb
Certificate serial: 06D29FE5
Authority key identifier: 77:6A:58:4D:27:9F:00:70:66:A3:8B:5E:B0:F1:8E:7B:ED:B6:14:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2pYTSefAHBmo4tesPGOe-22FOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/rBi4rfTdept2OgmCpW8TPeKegCI.roa
Signing time: Sat 01 Jan 2022 06:01:11 +0000
ROA not before: Sat 01 Jan 2022 06:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206194
IP address blocks: 185.188.191.0/24 maxlen: 24
185.188.188.0/23 maxlen: 23
185.188.190.0/24 maxlen: 24
2a0f:e980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114466789 (0x6d29fe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776a584d279f007066a38b5eb0f18e7bedb614eb
Validity
Not Before: Jan 1 06:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac18b8adf4dd7a9b763a0982a56f133de29e8022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:92:de:11:85:eb:da:81:ae:77:98:ad:5f:3e:
8b:24:8d:12:84:47:16:c1:c7:89:b9:a7:84:43:ca:
4c:34:ff:2b:7e:7c:32:d1:70:07:c8:9c:18:b0:0d:
05:1f:88:1e:dd:ae:ca:e5:79:de:c9:e2:87:66:00:
d4:4e:45:ed:71:20:2d:59:b5:26:a2:25:47:3e:62:
eb:68:0b:a7:7e:41:d8:00:ed:ec:83:e5:81:2f:ed:
3a:ba:a3:19:da:bc:80:47:44:58:fd:48:de:5d:67:
38:29:87:45:a7:31:fe:c6:7a:2c:37:a7:97:92:78:
95:78:f2:a8:46:b2:6f:a8:c5:d4:43:ca:53:5a:eb:
66:34:1f:db:3f:b9:29:d6:97:9d:f4:ad:2d:4b:c0:
16:38:f4:29:49:c3:93:92:9e:e0:b1:f4:3e:ab:46:
b2:79:31:a2:91:1d:76:60:fb:9a:14:63:94:4b:f0:
b0:36:be:ed:2e:be:97:64:f3:55:90:db:b4:ac:f6:
c4:13:86:24:6a:73:6f:7b:4f:54:87:5f:1c:39:38:
16:60:6a:96:ef:6a:04:1b:06:4a:ca:cf:ae:48:6a:
c1:00:c5:69:47:08:2a:52:d2:c6:c2:1a:1e:0b:d3:
02:c5:83:08:56:78:85:6b:9b:53:93:35:f1:e9:30:
eb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:18:B8:AD:F4:DD:7A:9B:76:3A:09:82:A5:6F:13:3D:E2:9E:80:22
X509v3 Authority Key Identifier:
keyid:77:6A:58:4D:27:9F:00:70:66:A3:8B:5E:B0:F1:8E:7B:ED:B6:14:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2pYTSefAHBmo4tesPGOe-22FOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/rBi4rfTdept2OgmCpW8TPeKegCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/7e8848-1065-4386-8156-387c6c4d8f02/1/d2pYTSefAHBmo4tesPGOe-22FOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.188.0/22
IPv6:
2a0f:e980::/29
Signature Algorithm: sha256WithRSAEncryption
1a:87:d0:2b:b4:fc:72:3c:02:8e:f4:68:97:b1:1d:84:fc:a6:
6f:87:94:7e:3d:4d:36:05:36:e0:16:f7:f5:d7:42:9c:de:93:
47:db:73:6e:5f:43:80:fa:0a:29:26:bd:4d:a0:11:6b:05:e6:
20:ee:00:8b:d7:b1:45:89:c0:80:0b:ef:61:ce:49:b0:ac:71:
5c:a0:6b:93:5b:3c:7a:49:3c:2a:a2:7d:9e:f7:17:a5:c8:5c:
6c:4c:0c:67:1c:94:50:c8:2b:a6:2c:da:0f:d6:a9:c7:9e:78:
0a:29:3f:7e:c6:df:a5:a5:d6:8e:cc:e4:45:22:35:1a:3c:9c:
d2:f2:63:4d:7f:6a:66:3e:c9:41:f7:a4:05:35:aa:d4:17:e3:
c6:3f:d0:86:7f:e8:d6:18:55:d7:e7:e6:d2:09:be:04:37:f2:
07:1e:e6:35:bb:9d:7a:5c:e3:09:5c:52:56:69:56:67:20:dc:
0b:cd:40:81:01:a7:dd:81:c1:fc:e0:cd:d4:59:51:6c:c7:51:
f9:ff:37:13:07:9c:f7:47:96:74:84:33:fb:74:de:67:44:b7:
28:4d:86:6f:31:2e:05:ee:9f:13:56:cd:4c:08:ff:66:88:9a:
a2:d0:f2:66:84:de:17:e9:52:0a:6f:54:8b:a6:f6:e1:b0:99:
cf:63:96:d5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBtKf5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzZhNTg0ZDI3OWYwMDcwNjZhMzhiNWViMGYxOGU3YmVkYjYxNGViMB4XDTIyMDEw
MTA2MDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMxOGI4YWRmNGRk
N2E5Yjc2M2EwOTgyYTU2ZjEzM2RlMjllODAyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWS3hGF69qBrneYrV8+iySNEoRHFsHHibmnhEPKTDT/K358
MtFwB8icGLANBR+IHt2uyuV53snih2YA1E5F7XEgLVm1JqIlRz5i62gLp35B2ADt
7IPlgS/tOrqjGdq8gEdEWP1I3l1nOCmHRacx/sZ6LDenl5J4lXjyqEayb6jF1EPK
U1rrZjQf2z+5KdaXnfStLUvAFjj0KUnDk5Ke4LH0PqtGsnkxopEddmD7mhRjlEvw
sDa+7S6+l2TzVZDbtKz2xBOGJGpzb3tPVIdfHDk4FmBqlu9qBBsGSsrPrkhqwQDF
aUcIKlLSxsIaHgvTAsWDCFZ4hWubU5M18ekw6w8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSsGLit9N16m3Y6CYKlbxM94p6AIjAfBgNVHSMEGDAWgBR3alhNJ58AcGaj
i16w8Y577bYU6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2QycFlUU2VmQUhCbW80dGVzUEdPZS0yMkZPcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzcvN2U4ODQ4LTEwNjUtNDM4Ni04MTU2LTM4N2M2YzRkOGYwMi8x
L3JCaTRyZlRkZXB0Mk9nbUNwVzhUUGVLZWdDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzcv
N2U4ODQ4LTEwNjUtNDM4Ni04MTU2LTM4N2M2YzRkOGYwMi8xL2QycFlUU2VmQUhC
bW80dGVzUEdPZS0yMkZPcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm8vDANBAIAAjAHAwUDKg/pgDAN
BgkqhkiG9w0BAQsFAAOCAQEAGofQK7T8cjwCjvRol7EdhPymb4eUfj1NNgU24Bb3
9ddCnN6TR9tzbl9DgPoKKSa9TaARawXmIO4Ai9exRYnAgAvvYc5JsKxxXKBrk1s8
ekk8KqJ9nvcXpchcbEwMZxyUUMgrpizaD9apx554Cik/fsbfpaXWjszkRSI1Gjyc
0vJjTX9qZj7JQfekBTWq1Bfjxj/Qhn/o1hhV1+fm0gm+BDfyBx7mNbudelzjCVxS
VmlWZyDcC81AgQGn3YHB/ODN1FlRbMdR+f83Ewec90eWdIQz+3TeZ0S3KE2GbzEu
Be6fE1bNTAj/ZoiaotDyZoTeF+lSCm9Ui6b24bCZz2OW1Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:40 2025 by rpki-client