Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/xmdIeGYz9bLgtNlJqullTDXKB0o.roa
File: xmdIeGYz9bLgtNlJqullTDXKB0o.roa (raw, json)
Hash identifier: tRQDq0BXf8xyhl8ApPSBqjS1aGLed98wYY9cb8Vab0w=
Subject key identifier: C6:67:48:78:66:33:F5:B2:E0:B4:D9:49:AA:E9:65:4C:35:CA:07:4A
Certificate issuer: /CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Certificate serial: 071AD159
Authority key identifier: 98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/xmdIeGYz9bLgtNlJqullTDXKB0o.roa
Signing time: Sat 01 Jan 2022 04:02:20 +0000
ROA not before: Sat 01 Jan 2022 04:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51172
IP address blocks: 185.150.40.0/24 maxlen: 24
195.8.218.0/23 maxlen: 23
2a07:ab40::/48 maxlen: 48
2001:67c:218::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119198041 (0x71ad159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Validity
Not Before: Jan 1 04:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c66748786633f5b2e0b4d949aae9654c35ca074a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:a3:37:a6:6a:b1:65:f1:7b:51:89:b5:9b:
7f:d3:f4:0d:6e:f8:c3:ef:a2:ef:c7:fb:65:26:f6:
19:0a:9e:3e:4a:1f:e5:ba:65:d8:6e:d4:d6:d0:7d:
fa:db:b3:ba:7b:02:b3:48:4c:6b:06:64:d0:29:c1:
c7:eb:81:d9:7d:78:61:2e:91:b5:8d:a2:41:b5:b1:
c9:b0:18:1a:6c:5e:89:89:da:71:86:6f:21:3d:0d:
50:95:3c:de:11:36:87:b7:eb:28:4f:fa:ff:07:e0:
f4:63:5e:a3:21:76:c6:67:3c:84:fd:ff:44:c2:d0:
85:67:46:0b:b8:d4:24:4b:79:5a:95:a1:c2:e7:a2:
f7:b0:75:0b:10:bb:48:6b:a4:1c:67:3f:78:45:d4:
11:0a:66:9a:ad:91:52:ba:eb:3b:cc:37:58:7a:bc:
65:79:83:9a:e5:18:25:86:2d:ec:ef:7a:b2:ff:2a:
85:9e:37:02:05:94:cd:17:d4:7e:09:97:bf:75:ab:
26:c9:8b:05:b7:cb:16:70:ed:71:bb:ba:df:6f:5e:
25:48:99:c0:c4:3e:8f:7c:f9:83:6a:28:d5:07:f5:
25:de:0d:2a:1e:aa:c1:c6:ca:89:3e:6e:b3:71:ee:
9a:76:1e:99:fa:08:62:c5:5e:c5:f1:57:47:09:94:
ef:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:67:48:78:66:33:F5:B2:E0:B4:D9:49:AA:E9:65:4C:35:CA:07:4A
X509v3 Authority Key Identifier:
keyid:98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/xmdIeGYz9bLgtNlJqullTDXKB0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.40.0/24
195.8.218.0/23
IPv6:
2001:67c:218::/48
2a07:ab40::/48
Signature Algorithm: sha256WithRSAEncryption
6e:bd:9e:19:0b:4a:04:aa:ad:06:63:db:14:2f:33:88:6b:bb:
c0:53:3a:9c:24:aa:52:8e:5c:c7:22:a2:a9:5b:a4:e0:b1:2b:
0a:cc:5a:6b:26:81:a2:e8:45:f1:c2:89:75:3d:8e:84:58:c7:
6c:67:4c:0a:51:04:6f:94:27:f8:61:b2:3b:3f:4d:66:53:58:
fa:18:4e:58:76:41:84:98:aa:55:f2:a3:f8:cf:1a:2b:4d:12:
f4:fc:14:11:5d:b6:7c:82:b3:bb:6c:ef:9d:07:59:60:33:5e:
b5:9d:eb:58:9b:ae:b3:22:bf:0f:16:5c:10:52:f0:e2:bb:46:
c5:b7:78:aa:21:5a:03:f5:5d:ac:8c:44:68:66:10:2d:c8:df:
b4:c2:2c:1b:c1:a7:49:43:66:f9:fa:1b:fc:9a:fb:f8:45:f9:
ec:60:a6:ba:6d:88:2b:ea:b1:2b:47:03:45:29:7b:67:6f:da:
47:ec:fa:9c:0a:49:6c:71:13:36:ae:74:97:4b:c5:6c:9f:85:
12:19:32:5e:86:b7:b3:64:de:b9:c4:4d:56:cd:be:2a:25:b9:
7f:1a:77:8b:af:2e:ba:e3:b2:6e:38:b8:54:c4:e8:95:18:43:
40:9a:c9:15:5d:f1:a7:c7:49:7e:6e:41:8e:38:4d:ab:54:ce:
71:6b:bf:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBxrRWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODAzYzQwZjc3YmM4OGZhZjIwOWYzMWQzNjFlYmJhYjVjYWVhYzRhMB4XDTIyMDEw
MTA0MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY2NzQ4Nzg2NjMz
ZjViMmUwYjRkOTQ5YWFlOTY1NGMzNWNhMDc0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjJozemarFl8XtRibWbf9P0DW74w++i78f7ZSb2GQqePkof
5bpl2G7U1tB9+tuzunsCs0hMawZk0CnBx+uB2X14YS6RtY2iQbWxybAYGmxeiYna
cYZvIT0NUJU83hE2h7frKE/6/wfg9GNeoyF2xmc8hP3/RMLQhWdGC7jUJEt5WpWh
wuei97B1CxC7SGukHGc/eEXUEQpmmq2RUrrrO8w3WHq8ZXmDmuUYJYYt7O96sv8q
hZ43AgWUzRfUfgmXv3WrJsmLBbfLFnDtcbu6329eJUiZwMQ+j3z5g2oo1Qf1Jd4N
Kh6qwcbKiT5us3HumnYemfoIYsVexfFXRwmU77cCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTGZ0h4ZjP1suC02Umq6WVMNcoHSjAfBgNVHSMEGDAWgBSYA8QPd7yI+vIJ
8x02HrurXK6sSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21BUEVEM2U4aVByeUNmTWROaDY3cTF5dXJFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvYmFkNGEwLTNlOWItNDc2NC04YTI0LWYzYTI2ZjA1NWY0ZS8x
L3htZEllR1l6OWJMZ3RObEpxdWxsVERYS0Iwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
YmFkNGEwLTNlOWItNDc2NC04YTI0LWYzYTI2ZjA1NWY0ZS8xL21BUEVEM2U4aVBy
eUNmTWROaDY3cTF5dXJFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALmWKAMEAcMI2jAYBAIAAjASAwcA
IAEGfAIYAwcAKgerQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBuvZ4ZC0oEqq0GY9sU
LzOIa7vAUzqcJKpSjlzHIqKpW6TgsSsKzFprJoGi6EXxwol1PY6EWMdsZ0wKUQRv
lCf4YbI7P01mU1j6GE5YdkGEmKpV8qP4zxorTRL0/BQRXbZ8grO7bO+dB1lgM161
netYm66zIr8PFlwQUvDiu0bFt3iqIVoD9V2sjERoZhAtyN+0wiwbwadJQ2b5+hv8
mvv4RfnsYKa6bYgr6rErRwNFKXtnb9pH7PqcCklscRM2rnSXS8Vsn4USGTJehrez
ZN65xE1Wzb4qJbl/GneLry6647JuOLhUxOiVGENAmskVXfGnx0l+bkGOOE2rVM5x
a78N
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:44:48 2025 by rpki-client