Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/sXKz00D_MerxV5f21sUOYs33Wpc.roa
File: sXKz00D_MerxV5f21sUOYs33Wpc.roa (raw, json)
Hash identifier: 47+SnVXSOCcpQyIbXb8vkFRd4Xzupbc525zOltEaGik=
Subject key identifier: B1:72:B3:D3:40:FF:31:EA:F1:57:97:F6:D6:C5:0E:62:CD:F7:5A:97
Certificate issuer: /CN=614256ed38fb1e96944926db4c66c4d088acfbd6
Certificate serial: 01856BE5AEED64458D6435214D177AFB6AF9
Authority key identifier: 61:42:56:ED:38:FB:1E:96:94:49:26:DB:4C:66:C4:D0:88:AC:FB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/sXKz00D_MerxV5f21sUOYs33Wpc.roa
Signing time: Sun 01 Jan 2023 05:54:52 +0000
ROA not before: Sun 01 Jan 2023 05:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207017
IP address blocks: 185.168.196.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:ae:ed:64:45:8d:64:35:21:4d:17:7a:fb:6a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=614256ed38fb1e96944926db4c66c4d088acfbd6
Validity
Not Before: Jan 1 05:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b172b3d340ff31eaf15797f6d6c50e62cdf75a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6c:1f:85:28:27:de:53:3d:65:47:0d:3d:3b:
18:f4:03:29:e4:1d:23:ee:39:d8:52:61:bb:c9:0b:
a2:3a:72:47:2b:87:45:16:90:d9:6a:a1:b7:80:00:
8a:ec:65:b9:df:94:36:e2:8f:ac:e7:86:33:7b:8a:
ff:77:aa:55:d3:35:fa:68:c4:38:c5:62:34:f4:53:
bb:7b:70:24:af:26:16:36:d8:a1:dc:c0:23:c7:e3:
08:f4:7f:c3:15:1c:41:3b:7f:6c:65:f7:43:16:12:
8b:7c:13:b7:6f:2b:ff:02:ed:52:fa:91:e4:05:17:
e8:8f:38:06:c4:1c:e2:b9:e6:b2:a2:aa:9b:28:0c:
d8:19:1a:36:4e:b3:00:ac:71:81:a2:72:7c:69:1f:
41:d5:58:06:30:73:23:c4:8c:11:06:7c:53:a8:84:
1c:e7:d3:b1:00:5d:60:88:f7:5c:98:06:ff:27:3b:
62:f2:73:10:61:2d:27:06:bc:21:f5:8b:2a:a4:62:
42:9d:ca:54:0f:ee:fd:6e:79:4d:dd:12:30:69:e6:
6a:1c:a8:78:fd:2a:e5:b8:62:d0:6a:71:80:a3:b0:
c3:c6:93:d7:4f:ce:17:c9:61:8b:49:8a:77:2a:ea:
ae:04:28:4a:61:0f:5b:a2:95:dc:64:e4:9f:18:93:
38:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:72:B3:D3:40:FF:31:EA:F1:57:97:F6:D6:C5:0E:62:CD:F7:5A:97
X509v3 Authority Key Identifier:
keyid:61:42:56:ED:38:FB:1E:96:94:49:26:DB:4C:66:C4:D0:88:AC:FB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/sXKz00D_MerxV5f21sUOYs33Wpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/fca369-6b85-4e03-ab71-68ba6c54ef9a/1/YUJW7Tj7HpaUSSbbTGbE0Iis-9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
05:34:62:95:6c:3f:82:0e:1e:dd:25:fa:6d:d3:08:a7:7b:f2:
3e:8c:35:05:2d:5f:44:9e:29:0f:e7:af:e0:65:01:fb:59:a8:
c9:9b:43:73:83:4e:0a:6a:68:17:08:cc:7e:84:42:81:c0:5d:
50:36:20:2c:b2:6a:21:e4:f9:06:4a:5b:ac:34:1e:96:a7:85:
d0:aa:d8:e4:1d:dc:cf:b3:47:48:cf:71:52:8b:fa:0d:3b:1f:
48:50:27:e2:82:37:a6:76:a0:4e:c1:cc:e6:d8:44:b3:03:ae:
04:a0:9b:ce:14:e2:14:00:87:95:53:d5:d6:f7:b6:9d:3a:86:
33:8b:7d:3c:3c:53:4e:52:9a:58:fe:4e:01:26:55:18:4b:dc:
0b:33:a8:4f:ac:a6:f3:8f:df:2c:b2:49:67:4f:0b:84:94:da:
df:c3:ee:90:8b:27:e6:85:3c:e5:cd:e7:e2:4c:58:0e:86:e3:
ce:6a:0d:1c:ce:59:ae:24:ed:17:b0:91:a7:44:a4:9a:57:77:
c3:38:8a:02:43:77:00:7b:d1:d2:92:8f:c1:43:5f:7c:1c:cf:
96:7d:1a:b3:b5:1b:dd:0a:ac:e4:2c:80:1a:ed:23:04:a4:dc:
18:37:55:97:32:43:6f:38:bc:af:40:6b:ae:b4:a7:8f:52:2a:
bc:96:a8:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr5a7tZEWNZDUhTRd6+2r5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNDI1NmVkMzhmYjFlOTY5NDQ5MjZkYjRjNjZjNGQwODhh
Y2ZiZDYwHhcNMjMwMTAxMDU1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTcyYjNkMzQwZmYzMWVhZjE1Nzk3ZjZkNmM1MGU2MmNkZjc1YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmwfhSgn3lM9ZUcNPTsY9AMp5B0j
7jnYUmG7yQuiOnJHK4dFFpDZaqG3gACK7GW535Q24o+s54Yze4r/d6pV0zX6aMQ4
xWI09FO7e3AkryYWNtih3MAjx+MI9H/DFRxBO39sZfdDFhKLfBO3byv/Au1S+pHk
BRfojzgGxBziueayoqqbKAzYGRo2TrMArHGBonJ8aR9B1VgGMHMjxIwRBnxTqIQc
59OxAF1giPdcmAb/Jzti8nMQYS0nBrwh9YsqpGJCncpUD+79bnlN3RIwaeZqHKh4
/SrluGLQanGAo7DDxpPXT84XyWGLSYp3KuquBChKYQ9bopXcZOSfGJM4hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFys9NA/zHq8VeX9tbFDmLN91qXMB8GA1UdIwQY
MBaAFGFCVu04+x6WlEkm20xmxNCIrPvWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVVKVzdUajdIcGFVU1NiYlRHYkUwSWlzLTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9mY2EzNjktNmI4NS00ZTAzLWFiNzEt
NjhiYTZjNTRlZjlhLzEvc1hLejAwRF9NZXJ4VjVmMjFzVU9ZczMzV3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9mY2EzNjktNmI4NS00ZTAzLWFiNzEtNjhiYTZjNTRlZjlh
LzEvWVVKVzdUajdIcGFVU1NiYlRHYkUwSWlzLTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuajEMA0G
CSqGSIb3DQEBCwUAA4IBAQAFNGKVbD+CDh7dJfpt0wine/I+jDUFLV9EnikP56/g
ZQH7WajJm0Nzg04KamgXCMx+hEKBwF1QNiAssmoh5PkGSlusNB6Wp4XQqtjkHdzP
s0dIz3FSi/oNOx9IUCfigjemdqBOwczm2ESzA64EoJvOFOIUAIeVU9XW97adOoYz
i308PFNOUppY/k4BJlUYS9wLM6hPrKbzj98ssklnTwuElNrfw+6QiyfmhTzlzefi
TFgOhuPOag0czlmuJO0XsJGnRKSaV3fDOIoCQ3cAe9HSko/BQ198HM+WfRqztRvd
CqzkLIAa7SMEpNwYN1WXMkNvOLyvQGuutKePUiq8lqga
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:44:44 2025 by rpki-client