Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/x3MsUum6xZxhzT4cPBNRQWi916M.roa
File: x3MsUum6xZxhzT4cPBNRQWi916M.roa (raw, json)
Hash identifier: YFPzHiZACSMqg+UOV+1+J9aWt9fwYCVHiCNZNd9HNYU=
Subject key identifier: C7:73:2C:52:E9:BA:C5:9C:61:CD:3E:1C:3C:13:51:41:68:BD:D7:A3
Certificate issuer: /CN=68038d4cacbd41919952eb3709c16533838900e3
Certificate serial: 018570FBE187B0F4D49C5F6964E175286414
Authority key identifier: 68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/x3MsUum6xZxhzT4cPBNRQWi916M.roa
Signing time: Mon 02 Jan 2023 05:37:13 +0000
ROA not before: Mon 02 Jan 2023 05:37:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211476
IP address blocks: 185.182.71.0/24 maxlen: 24
2a0f:3680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:e1:87:b0:f4:d4:9c:5f:69:64:e1:75:28:64:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68038d4cacbd41919952eb3709c16533838900e3
Validity
Not Before: Jan 2 05:37:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7732c52e9bac59c61cd3e1c3c13514168bdd7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9e:3d:8c:06:f0:64:b4:0c:a3:86:8e:c1:4d:
7a:73:37:0b:c0:6d:6c:07:5a:7b:00:32:be:92:78:
09:9d:18:ef:95:2f:a3:fd:b2:1a:79:de:43:06:38:
1b:4b:31:0c:2b:ee:a0:42:bc:90:5a:7b:4e:0c:a9:
a6:6b:b1:df:46:7a:03:49:f6:c7:73:81:b8:a3:40:
38:9d:06:5e:5d:70:c5:cc:36:97:57:89:4e:95:9d:
8d:83:a5:ba:5b:aa:c1:d6:6c:09:dd:f5:89:9b:76:
0f:e6:05:12:c7:c7:fa:18:9e:e6:6d:d6:94:50:10:
2f:b2:7c:fe:70:fc:e2:27:87:cf:16:13:1c:16:49:
01:1e:ee:cc:76:ea:10:89:ab:a8:f7:92:5c:3f:00:
c7:a5:55:9f:60:5f:f9:94:41:a3:37:bc:77:98:9a:
e1:8f:0f:cc:6d:83:77:5d:64:61:19:c7:99:ad:74:
35:cb:ea:8a:f8:de:e4:7c:c7:d0:55:46:5d:82:36:
10:90:c0:ec:51:03:f3:de:fc:12:ca:3e:f8:87:36:
39:31:c0:5b:98:9a:df:2c:77:cd:89:ed:d8:14:b3:
41:78:ad:15:80:4f:fa:6a:b2:e1:f3:6d:90:d0:59:
b1:b7:6f:b9:2e:1a:60:c5:5e:a0:83:4d:e5:68:61:
f2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:73:2C:52:E9:BA:C5:9C:61:CD:3E:1C:3C:13:51:41:68:BD:D7:A3
X509v3 Authority Key Identifier:
keyid:68:03:8D:4C:AC:BD:41:91:99:52:EB:37:09:C1:65:33:83:89:00:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAONTKy9QZGZUus3CcFlM4OJAOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/x3MsUum6xZxhzT4cPBNRQWi916M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/207167-d551-41ba-86a8-2f50ea27213c/1/aAONTKy9QZGZUus3CcFlM4OJAOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.71.0/24
IPv6:
2a0f:3680::/32
Signature Algorithm: sha256WithRSAEncryption
8a:15:8c:f7:4f:e2:6e:1f:e7:c5:34:f5:0c:fb:34:73:17:96:
e3:93:03:92:c5:02:b3:e6:97:9e:39:33:bc:84:58:5a:a9:54:
dd:35:a3:08:83:7e:ad:b6:eb:74:e5:d7:9e:42:fc:d2:9a:36:
c7:4f:67:7a:d4:2d:2b:37:8a:0c:1e:19:8a:2f:ea:96:f0:44:
23:82:d4:6c:ad:4e:6e:4e:b6:53:e1:44:3e:50:c3:ce:33:e0:
f1:86:64:47:82:f6:73:54:57:3c:ce:37:87:7e:d5:18:f0:d9:
6b:07:a7:f5:81:ee:9e:90:7e:d8:f6:ff:46:42:c8:d9:f9:0b:
5f:83:eb:9c:ec:3c:90:a0:81:19:01:f4:3f:38:cb:a9:06:2a:
5c:5b:6c:3d:41:51:4a:96:73:6d:af:90:51:ab:67:21:03:a5:
6f:47:b5:cb:86:76:83:2e:e0:eb:58:17:c6:51:0a:d3:02:08:
4e:b4:0b:27:2d:a9:5d:f1:ff:7c:73:f0:e4:b4:5e:50:9e:09:
51:c4:5b:bd:d5:4f:19:d1:86:6b:13:7d:0b:91:00:a3:6f:59:
11:db:fc:51:5b:89:29:25:a3:2d:b5:59:ab:92:43:b3:87:6b:
61:46:66:30:75:e6:32:81:6d:ec:4c:0f:94:53:9c:18:44:a1:
fb:92:d1:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw++GHsPTUnF9pZOF1KGQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDM4ZDRjYWNiZDQxOTE5OTUyZWIzNzA5YzE2NTMzODM4
OTAwZTMwHhcNMjMwMTAyMDUzNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzczMmM1MmU5YmFjNTljNjFjZDNlMWMzYzEzNTE0MTY4YmRkN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy549jAbwZLQMo4aOwU16czcLwG1s
B1p7ADK+kngJnRjvlS+j/bIaed5DBjgbSzEMK+6gQryQWntODKmma7HfRnoDSfbH
c4G4o0A4nQZeXXDFzDaXV4lOlZ2Ng6W6W6rB1mwJ3fWJm3YP5gUSx8f6GJ7mbdaU
UBAvsnz+cPziJ4fPFhMcFkkBHu7MduoQiauo95JcPwDHpVWfYF/5lEGjN7x3mJrh
jw/MbYN3XWRhGceZrXQ1y+qK+N7kfMfQVUZdgjYQkMDsUQPz3vwSyj74hzY5McBb
mJrfLHfNie3YFLNBeK0VgE/6arLh822Q0Fmxt2+5LhpgxV6gg03laGHy9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMdzLFLpusWcYc0+HDwTUUFovdejMB8GA1UdIwQY
MBaAFGgDjUysvUGRmVLrNwnBZTODiQDjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgt
MmY1MGVhMjcyMTNjLzEveDNNc1V1bTZ4WnhoelQ0Y1BCTlJRV2k5MTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMDcxNjctZDU1MS00MWJhLTg2YTgtMmY1MGVhMjcyMTNj
LzEvYUFPTlRLeTlRWkdaVXVzM0NjRmxNNE9KQU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubZHMA0E
AgACMAcDBQAqDzaAMA0GCSqGSIb3DQEBCwUAA4IBAQCKFYz3T+JuH+fFNPUM+zRz
F5bjkwOSxQKz5peeOTO8hFhaqVTdNaMIg36ttut05deeQvzSmjbHT2d61C0rN4oM
HhmKL+qW8EQjgtRsrU5uTrZT4UQ+UMPOM+DxhmRHgvZzVFc8zjeHftUY8NlrB6f1
ge6ekH7Y9v9GQsjZ+Qtfg+uc7DyQoIEZAfQ/OMupBipcW2w9QVFKlnNtr5BRq2ch
A6VvR7XLhnaDLuDrWBfGUQrTAghOtAsnLald8f98c/DktF5QnglRxFu91U8Z0YZr
E30LkQCjb1kR2/xRW4kpJaMttVmrkkOzh2thRmYwdeYygW3sTA+UU5wYRKH7ktG7
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:23:07 2025 by rpki-client