Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/3Vxyc8f9KkAiUJ0aEKW20ZK80dA.roa
File: 3Vxyc8f9KkAiUJ0aEKW20ZK80dA.roa (raw, json)
Hash identifier: kOwMJwjqnG/iFxkeG63quIkgZkDAMDGLBAuG/RuE9Is=
Subject key identifier: DD:5C:72:73:C7:FD:2A:40:22:50:9D:1A:10:A5:B6:D1:92:BC:D1:D0
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 09F2DBF8
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/3Vxyc8f9KkAiUJ0aEKW20ZK80dA.roa
Signing time: Sat 01 Jan 2022 05:02:10 +0000
ROA not before: Sat 01 Jan 2022 05:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199139
IP address blocks: 5.172.216.0/21 maxlen: 21
185.64.192.0/22 maxlen: 22
185.122.152.0/22 maxlen: 22
2a02:f600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166910968 (0x9f2dbf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 05:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd5c7273c7fd2a4022509d1a10a5b6d192bcd1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:74:ce:a7:4b:c6:01:63:7b:21:ae:6d:fc:26:
19:a4:d9:b1:6c:b5:c6:c2:69:20:88:75:38:43:11:
00:90:d6:32:5c:3f:a1:88:41:8d:38:18:4c:80:3f:
2b:da:dd:4e:0d:a5:78:46:8d:b0:da:66:76:87:a2:
92:e6:0e:0a:92:df:2f:88:9c:67:d8:7e:0f:b4:ef:
57:7b:c8:e2:ff:14:bd:2b:f3:18:7d:25:7d:cc:7d:
5a:5d:6f:ce:61:29:4e:fb:41:9a:63:bd:b1:64:31:
c0:32:76:73:97:c5:b5:ad:2f:06:6b:59:9f:3f:af:
05:05:34:0e:4e:60:03:5d:5c:63:c8:81:f1:5c:0b:
37:b7:7a:70:f2:7a:81:48:a0:c9:4c:21:ab:f8:f2:
2e:7f:fa:8e:d7:bc:e6:3a:56:72:46:a4:02:a4:d3:
27:f8:9b:8f:fe:e6:e8:c6:c3:14:63:e0:c8:dc:e3:
6f:e9:c6:f1:5a:b5:fa:47:89:52:da:ed:e9:66:3e:
b6:7b:c8:07:28:e1:41:b3:40:36:94:25:4f:ac:b5:
00:aa:01:52:97:46:7a:c1:5e:df:44:94:33:47:7c:
f4:4e:fc:a5:7c:a2:f2:f5:a9:ec:8b:4d:e2:a6:01:
fe:0a:e4:68:4f:b6:08:b0:29:da:63:c2:d5:ec:c7:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:5C:72:73:C7:FD:2A:40:22:50:9D:1A:10:A5:B6:D1:92:BC:D1:D0
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/3Vxyc8f9KkAiUJ0aEKW20ZK80dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.216.0/21
185.64.192.0/22
185.122.152.0/22
IPv6:
2a02:f600::/29
Signature Algorithm: sha256WithRSAEncryption
5a:02:89:1a:dd:d9:4a:a2:d1:a5:24:04:46:11:68:b1:80:0a:
b6:5a:53:b3:49:27:9b:e6:4c:a7:64:7d:40:bd:e4:1a:8f:ca:
f6:5a:1e:00:a2:5c:41:00:6b:0a:05:03:1a:a7:91:14:49:8e:
13:90:13:e0:f3:6e:63:cf:47:ce:7d:5e:19:9f:27:79:ab:a1:
eb:52:2b:14:a5:46:ac:a5:9b:72:b8:24:f3:75:15:1e:3f:5a:
13:fa:84:18:9e:5a:40:53:dd:c6:b2:d8:92:82:9b:f4:0a:90:
64:3d:a7:45:23:5a:87:d1:33:8d:b0:5b:09:b8:f7:21:62:d5:
10:8e:93:c9:d6:24:9f:b6:07:e0:b0:31:65:bb:d0:a3:e0:e1:
c7:f3:88:a5:f4:13:fd:43:28:e8:fe:ff:92:16:67:39:86:17:
45:67:29:6f:ca:b6:e5:71:77:e2:c0:6f:d8:22:fd:14:2b:5e:
58:31:a3:a9:2f:91:6e:3c:96:51:58:46:6a:8d:40:d4:fd:0f:
49:e9:60:e7:79:d5:6f:97:24:98:19:f1:59:67:4e:32:16:30:
d7:04:5b:f3:28:b9:23:15:a9:88:d5:ad:31:66:a4:31:98:c1:
94:85:5f:c8:39:80:a1:bb:01:2d:5d:4a:68:9e:b2:18:2c:26:
e7:a1:7a:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECfLb+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjNhYjViYTk4YmVmNWQwZDliZDBjZWEwMzFhMWZlMTM3NzdhNDg2MB4XDTIyMDEw
MTA1MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGQ1YzcyNzNjN2Zk
MmE0MDIyNTA5ZDFhMTBhNWI2ZDE5MmJjZDFkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR0zqdLxgFjeyGubfwmGaTZsWy1xsJpIIh1OEMRAJDWMlw/
oYhBjTgYTIA/K9rdTg2leEaNsNpmdoeikuYOCpLfL4icZ9h+D7TvV3vI4v8UvSvz
GH0lfcx9Wl1vzmEpTvtBmmO9sWQxwDJ2c5fFta0vBmtZnz+vBQU0Dk5gA11cY8iB
8VwLN7d6cPJ6gUigyUwhq/jyLn/6jte85jpWckakAqTTJ/ibj/7m6MbDFGPgyNzj
b+nG8Vq1+keJUtrt6WY+tnvIByjhQbNANpQlT6y1AKoBUpdGesFe30SUM0d89E78
pXyi8vWp7ItN4qYB/grkaE+2CLAp2mPC1ezHBrkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTdXHJzx/0qQCJQnRoQpbbRkrzR0DAfBgNVHSMEGDAWgBQyOrW6mL710Nm9
DOoDGh/hN3ekhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01qcTF1cGktOWREWnZRenFBeG9mNFRkM3BJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8x
LzNWeHljOGY5S2tBaVVKMGFFS1cyMFpLODBkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8xL01qcTF1cGktOWRE
WnZRenFBeG9mNFRkM3BJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwWs2AMEArlAwAMEArl6mDANBAIA
AjAHAwUDKgL2ADANBgkqhkiG9w0BAQsFAAOCAQEAWgKJGt3ZSqLRpSQERhFosYAK
tlpTs0knm+ZMp2R9QL3kGo/K9loeAKJcQQBrCgUDGqeRFEmOE5AT4PNuY89Hzn1e
GZ8neauh61IrFKVGrKWbcrgk83UVHj9aE/qEGJ5aQFPdxrLYkoKb9AqQZD2nRSNa
h9EzjbBbCbj3IWLVEI6TydYkn7YH4LAxZbvQo+Dhx/OIpfQT/UMo6P7/khZnOYYX
RWcpb8q25XF34sBv2CL9FCteWDGjqS+RbjyWUVhGao1A1P0PSelg53nVb5ckmBnx
WWdOMhYw1wRb8yi5IxWpiNWtMWakMZjBlIVfyDmAobsBLV1KaJ6yGCwm56F6kA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:42:56 2025 by rpki-client