Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/tXC1E3-0d63nF8Ja0I13xr4nDvA.roa
File: tXC1E3-0d63nF8Ja0I13xr4nDvA.roa (raw, json)
Hash identifier: 1NfcrfRG4vNRZ+iwOtagQJlyZiYMkNfC40blqh65Zzg=
Subject key identifier: B5:70:B5:13:7F:B4:77:AD:E7:17:C2:5A:D0:8D:77:C6:BE:27:0E:F0
Certificate issuer: /CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Certificate serial: 0A46A856
Authority key identifier: DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/tXC1E3-0d63nF8Ja0I13xr4nDvA.roa
Signing time: Sat 01 Jan 2022 02:51:16 +0000
ROA not before: Sat 01 Jan 2022 02:51:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50823
IP address blocks: 185.83.64.0/22 maxlen: 22
178.170.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172402774 (0xa46a856)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df7dd65966737ce8f65e40ef2fea1cffafb162b0
Validity
Not Before: Jan 1 02:51:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b570b5137fb477ade717c25ad08d77c6be270ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:db:bf:f4:6c:6a:e2:08:3c:a8:92:7b:8f:
36:00:93:45:a6:1c:8f:8d:cf:68:e1:bd:54:ad:4e:
16:40:83:a4:64:fa:18:c5:61:3d:db:09:8e:b8:36:
fd:07:d9:d4:6c:de:2f:3f:b1:d4:71:cd:b3:c0:ed:
2f:ac:87:4a:19:e7:18:8a:fd:eb:99:b7:2d:84:a8:
1c:ed:b8:94:e5:b2:90:12:a9:79:0c:30:a3:2c:e5:
aa:6a:a3:55:d2:8b:04:66:84:63:67:06:4f:21:d9:
0c:80:6d:76:b4:1a:43:ed:05:b3:c8:53:db:31:ef:
9f:af:8b:fa:c7:34:04:5c:d3:d8:08:31:cf:e8:17:
9a:a4:50:d8:ce:bc:da:21:ea:6b:73:80:8b:37:d1:
d7:22:ec:4f:23:61:a8:5d:48:64:09:b3:14:1a:4b:
e2:9b:eb:8a:e9:50:14:b4:fb:bc:fe:86:a8:ac:91:
c6:c2:2c:a4:29:6e:cb:27:ad:1a:52:3f:f9:12:be:
8c:7c:96:32:b2:98:0f:c1:e4:30:f0:e1:85:6d:6c:
2e:55:47:ab:26:56:43:a1:5b:94:a3:d5:f6:9e:d2:
a3:53:09:ed:31:cb:37:e1:58:7e:5c:68:13:4e:b3:
79:cb:2e:d7:d4:6e:dc:93:60:54:67:7c:80:78:b6:
f9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:70:B5:13:7F:B4:77:AD:E7:17:C2:5A:D0:8D:77:C6:BE:27:0E:F0
X509v3 Authority Key Identifier:
keyid:DF:7D:D6:59:66:73:7C:E8:F6:5E:40:EF:2F:EA:1C:FF:AF:B1:62:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/333WWWZzfOj2XkDvL-oc_6-xYrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/tXC1E3-0d63nF8Ja0I13xr4nDvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/e283bb-d4d3-4b3a-b2b3-8ac8965708bc/1/333WWWZzfOj2XkDvL-oc_6-xYrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.128.0/22
185.83.64.0/22
Signature Algorithm: sha256WithRSAEncryption
12:f0:14:40:1e:57:a6:bd:98:b0:13:5e:c0:92:8f:a2:f5:f4:
a0:52:ca:50:d5:85:8f:36:ac:66:f0:8e:6a:22:aa:62:60:4c:
58:59:dd:c3:05:5e:39:05:c1:bb:ac:c0:b3:d2:48:4e:e2:a1:
9f:81:5e:7c:9a:5e:09:aa:d1:0d:53:02:8d:e3:31:75:c2:06:
3b:56:04:a1:a6:00:cb:43:2b:50:03:17:0c:a9:2a:3d:60:83:
25:11:dd:9c:59:93:bc:a7:07:3c:fe:d1:75:58:5b:38:23:92:
9a:ba:95:59:a7:37:b8:77:32:75:55:ea:58:f0:75:3b:14:57:
66:d8:13:8e:6a:58:e2:04:c2:3f:47:4c:92:23:f8:8f:7b:75:
b3:73:33:70:04:bd:b9:b0:69:e6:2f:10:3d:0f:91:2c:64:28:
45:3f:5e:11:71:38:ee:cf:f1:17:27:fb:f4:ca:8d:97:9e:51:
fc:c3:e0:d1:0a:ec:60:23:ff:36:9a:f8:76:78:ec:d8:b7:d5:
7b:dd:3c:d9:5c:1b:d3:0e:15:1f:5c:4c:51:41:40:dd:63:ff:
3f:d2:9e:73:d3:1d:0f:bf:bb:1d:6a:c5:86:12:d2:e5:35:2b:
c8:f1:f7:f4:b5:97:52:54:83:0b:71:7b:0f:d5:8e:2f:91:58:
a6:ba:bd:0d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECkaoVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjdkZDY1OTY2NzM3Y2U4ZjY1ZTQwZWYyZmVhMWNmZmFmYjE2MmIwMB4XDTIyMDEw
MTAyNTExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU3MGI1MTM3ZmI0
NzdhZGU3MTdjMjVhZDA4ZDc3YzZiZTI3MGVmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0E27/0bGriCDyoknuPNgCTRaYcj43PaOG9VK1OFkCDpGT6
GMVhPdsJjrg2/QfZ1GzeLz+x1HHNs8DtL6yHShnnGIr965m3LYSoHO24lOWykBKp
eQwwoyzlqmqjVdKLBGaEY2cGTyHZDIBtdrQaQ+0Fs8hT2zHvn6+L+sc0BFzT2Agx
z+gXmqRQ2M682iHqa3OAizfR1yLsTyNhqF1IZAmzFBpL4pvriulQFLT7vP6GqKyR
xsIspCluyyetGlI/+RK+jHyWMrKYD8HkMPDhhW1sLlVHqyZWQ6FblKPV9p7So1MJ
7THLN+FYflxoE06zecsu19Ru3JNgVGd8gHi2+UUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS1cLUTf7R3recXwlrQjXfGvicO8DAfBgNVHSMEGDAWgBTffdZZZnN86PZe
QO8v6hz/r7FisDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMzM1dXV1p6Zk9qMlhrRHZMLW9jXzYteFlyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvZTI4M2JiLWQ0ZDMtNGIzYS1iMmIzLThhYzg5NjU3MDhiYy8x
L3RYQzFFMy0wZDYzbkY4SmEwSTEzeHI0bkR2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
ZTI4M2JiLWQ0ZDMtNGIzYS1iMmIzLThhYzg5NjU3MDhiYy8xLzMzM1dXV1p6Zk9q
MlhrRHZMLW9jXzYteFlyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArKqgAMEArlTQDANBgkqhkiG9w0B
AQsFAAOCAQEAEvAUQB5Xpr2YsBNewJKPovX0oFLKUNWFjzasZvCOaiKqYmBMWFnd
wwVeOQXBu6zAs9JITuKhn4FefJpeCarRDVMCjeMxdcIGO1YEoaYAy0MrUAMXDKkq
PWCDJRHdnFmTvKcHPP7RdVhbOCOSmrqVWac3uHcydVXqWPB1OxRXZtgTjmpY4gTC
P0dMkiP4j3t1s3MzcAS9ubBp5i8QPQ+RLGQoRT9eEXE47s/xFyf79MqNl55R/MPg
0QrsYCP/Npr4dnjs2LfVe9082Vwb0w4VH1xMUUFA3WP/P9Kec9MdD7+7HWrFhhLS
5TUryPH39LWXUlSDC3F7D9WOL5FYprq9DQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:54 2025 by rpki-client