Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/8b532f-6782-4044-9efb-6725d98196c6/1/F3ROpq7yr9pMrElsgUqwOyacLFg.roa
File: F3ROpq7yr9pMrElsgUqwOyacLFg.roa (raw, json)
Hash identifier: 6BXw9K1aBDNQ02v5xS4YPju8RWNsQzcDRejOv4jCxv4=
Subject key identifier: 17:74:4E:A6:AE:F2:AF:DA:4C:AC:49:6C:81:4A:B0:3B:26:9C:2C:58
Certificate issuer: /CN=d6ce49255f406a725593c62e1c408779586d56ef
Certificate serial: 01831A29B0C3A78109603BE9CD985C7F6CCD
Authority key identifier: D6:CE:49:25:5F:40:6A:72:55:93:C6:2E:1C:40:87:79:58:6D:56:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1s5JJV9AanJVk8YuHECHeVhtVu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/8b532f-6782-4044-9efb-6725d98196c6/1/F3ROpq7yr9pMrElsgUqwOyacLFg.roa
Signing time: Wed 07 Sep 2022 22:54:43 +0000
ROA not before: Wed 07 Sep 2022 22:54:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43372
IP address blocks: 185.186.152.0/23 maxlen: 23
185.186.154.0/23 maxlen: 23
45.158.4.0/23 maxlen: 23
45.158.6.0/23 maxlen: 23
185.236.96.0/23 maxlen: 23
185.236.98.0/23 maxlen: 23
2a0b:7e80::/29 maxlen: 29
2a0b:7e80:0:100::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1a:29:b0:c3:a7:81:09:60:3b:e9:cd:98:5c:7f:6c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6ce49255f406a725593c62e1c408779586d56ef
Validity
Not Before: Sep 7 22:54:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17744ea6aef2afda4cac496c814ab03b269c2c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cc:7e:64:16:62:dd:48:3c:0c:95:7f:19:dc:
09:57:fd:f4:1b:ca:18:34:98:f9:87:f7:82:58:44:
7d:02:65:46:5c:e4:53:99:04:2a:41:88:1c:8a:e1:
de:5e:ee:6b:ef:fc:72:0a:3b:33:ad:89:23:07:62:
42:8e:95:59:5c:00:a4:10:d6:b5:dc:7b:2b:26:57:
fc:4a:8e:70:f8:6d:77:1b:3a:34:21:1c:71:07:b3:
af:35:3c:8d:26:40:8f:8c:bd:9d:11:b4:a6:69:ce:
b9:68:26:93:db:3a:9c:fd:7c:1a:14:33:29:fb:a4:
94:4e:b7:5d:a3:36:d1:38:a4:b7:19:43:53:7d:53:
52:d7:c7:1a:31:19:ab:c8:fd:f0:33:e5:64:35:f2:
8d:b3:3d:8e:aa:5c:7e:ec:6c:6e:e4:4f:8a:f4:f4:
59:65:72:fb:ce:f7:b2:74:ff:a8:89:a7:de:c5:8f:
1b:c4:98:8e:a3:8c:61:c4:46:4a:09:51:25:67:c9:
f3:02:37:0a:1e:8f:82:44:19:e8:db:3d:d1:8b:c1:
49:db:54:92:32:1c:69:44:2e:1e:cf:0d:a5:0f:40:
84:5c:dd:01:86:84:c3:b7:40:52:5e:bf:b3:ca:28:
9f:b7:f6:85:0a:f7:b0:12:1d:ca:6a:dc:68:a9:ca:
f2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:74:4E:A6:AE:F2:AF:DA:4C:AC:49:6C:81:4A:B0:3B:26:9C:2C:58
X509v3 Authority Key Identifier:
keyid:D6:CE:49:25:5F:40:6A:72:55:93:C6:2E:1C:40:87:79:58:6D:56:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1s5JJV9AanJVk8YuHECHeVhtVu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8b532f-6782-4044-9efb-6725d98196c6/1/F3ROpq7yr9pMrElsgUqwOyacLFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/8b532f-6782-4044-9efb-6725d98196c6/1/1s5JJV9AanJVk8YuHECHeVhtVu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.4.0/22
185.186.152.0/22
185.236.96.0/22
IPv6:
2a0b:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:30:24:08:25:0f:62:20:26:e0:ec:fa:74:07:2b:de:1e:a8:
26:2a:11:73:1c:02:f5:1d:38:77:fb:6c:75:20:18:0b:7c:fa:
90:f9:c9:d4:ca:2d:14:77:3a:c8:21:0d:b1:90:a7:8f:bb:79:
57:97:88:8a:7e:82:4e:85:47:09:85:41:d4:75:69:53:ff:03:
26:a9:bb:b5:70:d1:d8:b8:a7:5d:10:ee:c3:22:9f:65:22:3e:
1f:6e:38:8f:00:42:14:57:1c:06:4c:e0:e1:46:11:f7:69:63:
f7:a3:26:be:e2:53:83:53:f2:79:46:80:fe:2b:b7:09:ca:fc:
a6:d3:da:d3:3f:82:90:78:88:57:7d:8b:f2:e6:cf:21:ca:2c:
39:21:9a:a5:c3:cf:d8:67:4f:cb:69:8a:6d:b6:90:e9:31:86:
3b:19:b8:19:b5:9d:d9:3e:72:06:35:5e:6f:82:74:10:fd:7e:
49:53:54:2e:b0:31:dd:b9:d5:3d:fd:e2:8a:d6:7b:8e:10:c8:
0f:e6:87:eb:a3:c4:a8:31:1f:74:56:01:51:c7:39:43:59:92:
7e:3c:ba:23:ac:36:45:85:7e:b8:dd:8a:4d:03:a6:8c:5b:76:
de:82:7a:db:37:a5:a3:98:9f:69:a6:c0:4d:86:89:0a:7b:47:
8c:ce:5e:0d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYMaKbDDp4EJYDvpzZhcf2zNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2Y2U0OTI1NWY0MDZhNzI1NTkzYzYyZTFjNDA4Nzc5NTg2
ZDU2ZWYwHhcNMjIwOTA3MjI1NDQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc0NGVhNmFlZjJhZmRhNGNhYzQ5NmM4MTRhYjAzYjI2OWMyYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8x+ZBZi3Ug8DJV/GdwJV/30G8oY
NJj5h/eCWER9AmVGXORTmQQqQYgciuHeXu5r7/xyCjszrYkjB2JCjpVZXACkENa1
3HsrJlf8So5w+G13Gzo0IRxxB7OvNTyNJkCPjL2dEbSmac65aCaT2zqc/XwaFDMp
+6SUTrddozbROKS3GUNTfVNS18caMRmryP3wM+VkNfKNsz2Oqlx+7Gxu5E+K9PRZ
ZXL7zveydP+oiafexY8bxJiOo4xhxEZKCVElZ8nzAjcKHo+CRBno2z3Ri8FJ21SS
MhxpRC4ezw2lD0CEXN0BhoTDt0BSXr+zyiift/aFCvewEh3KatxoqcrycQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBd0Tqau8q/aTKxJbIFKsDsmnCxYMB8GA1UdIwQY
MBaAFNbOSSVfQGpyVZPGLhxAh3lYbVbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXM1SkpWOUFhbkpWazhZdUhFQ0hlVmh0VnU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84YjUzMmYtNjc4Mi00MDQ0LTllZmIt
NjcyNWQ5ODE5NmM2LzEvRjNST3BxN3lyOXBNckVsc2dVcXdPeWFjTEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84YjUzMmYtNjc4Mi00MDQ0LTllZmItNjcyNWQ5ODE5NmM2
LzEvMXM1SkpWOUFhbkpWazhZdUhFQ0hlVmh0VnU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZ4EAwQC
ubqYAwQCuexgMA0EAgACMAcDBQMqC36AMA0GCSqGSIb3DQEBCwUAA4IBAQBaMCQI
JQ9iICbg7Pp0ByveHqgmKhFzHAL1HTh3+2x1IBgLfPqQ+cnUyi0UdzrIIQ2xkKeP
u3lXl4iKfoJOhUcJhUHUdWlT/wMmqbu1cNHYuKddEO7DIp9lIj4fbjiPAEIUVxwG
TODhRhH3aWP3oya+4lODU/J5RoD+K7cJyvym09rTP4KQeIhXfYvy5s8hyiw5IZql
w8/YZ0/LaYpttpDpMYY7GbgZtZ3ZPnIGNV5vgnQQ/X5JU1QusDHdudU9/eKK1nuO
EMgP5ofro8SoMR90VgFRxzlDWZJ+PLojrDZFhX643YpNA6aMW3begnrbN6WjmJ9p
psBNhokKe0eMzl4N
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:39:17 2025 by rpki-client