Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/noi8u2EWEGo36B22tAy52E_7-gk.roa
File: noi8u2EWEGo36B22tAy52E_7-gk.roa (raw, json)
Hash identifier: 7sr/bJTaHlFITnUsUPsNVN1SrWc4zZ5sUWiShxqupnk=
Subject key identifier: 9E:88:BC:BB:61:16:10:6A:37:E8:1D:B6:B4:0C:B9:D8:4F:FB:FA:09
Certificate issuer: /CN=5e7fd9586f9ccb0fb4487b208cdf4675e5bbf330
Certificate serial: 018570C2CF83DC76151237CE7A16217446A0
Authority key identifier: 5E:7F:D9:58:6F:9C:CB:0F:B4:48:7B:20:8C:DF:46:75:E5:BB:F3:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/noi8u2EWEGo36B22tAy52E_7-gk.roa
Signing time: Mon 02 Jan 2023 04:34:53 +0000
ROA not before: Mon 02 Jan 2023 04:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9208
IP address blocks: 185.205.232.0/22 maxlen: 24
212.166.0.0/18 maxlen: 24
2a01:5a00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:cf:83:dc:76:15:12:37:ce:7a:16:21:74:46:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7fd9586f9ccb0fb4487b208cdf4675e5bbf330
Validity
Not Before: Jan 2 04:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e88bcbb6116106a37e81db6b40cb9d84ffbfa09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7e:3d:22:68:23:97:36:9c:c8:b6:49:59:85:
55:df:82:17:61:7a:5e:18:47:1c:64:db:2c:4a:4d:
96:99:e7:d6:f8:55:a7:da:8c:5a:f0:f5:ee:80:40:
c7:ce:04:63:20:a2:ae:6a:1c:d2:dc:0c:77:eb:1b:
92:34:e9:7e:53:69:2c:ff:2e:38:6b:fb:c6:e6:e9:
ed:1e:39:38:6f:4a:73:34:11:f1:b6:08:cc:8a:2f:
ff:0e:e7:81:87:10:8c:f1:c9:ff:47:66:bd:23:67:
34:1c:e2:b7:7f:6e:2b:af:40:88:9b:81:21:13:21:
76:ae:c7:04:06:f4:e5:b4:bf:60:dc:79:11:0f:2f:
7d:8a:39:92:1a:05:68:31:3b:c4:87:fa:96:5d:bb:
98:30:a9:54:b9:1f:82:d3:c9:35:15:96:b0:59:88:
c5:07:12:61:8d:7c:f0:57:1c:ba:27:21:47:6c:06:
e9:5b:17:21:b0:30:37:8f:7c:22:10:a8:b8:16:4b:
da:b9:d1:8f:9d:6e:c2:5c:ae:1e:e4:3d:d3:b6:d9:
59:c7:19:05:86:b4:dd:c7:5c:29:ed:d7:7d:aa:3a:
25:96:65:42:08:5a:02:ad:cf:b3:d7:4d:33:39:00:
c7:78:e1:ad:6b:a7:e4:22:c8:9d:c8:f6:dd:78:c0:
aa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:88:BC:BB:61:16:10:6A:37:E8:1D:B6:B4:0C:B9:D8:4F:FB:FA:09
X509v3 Authority Key Identifier:
keyid:5E:7F:D9:58:6F:9C:CB:0F:B4:48:7B:20:8C:DF:46:75:E5:BB:F3:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/noi8u2EWEGo36B22tAy52E_7-gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/15e53d-70b0-4268-9124-4b01d63e795c/1/Xn_ZWG-cyw-0SHsgjN9GdeW78zA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.232.0/22
212.166.0.0/18
IPv6:
2a01:5a00::/32
Signature Algorithm: sha256WithRSAEncryption
99:a9:fd:8b:b1:17:30:65:26:0b:8a:f1:45:09:66:63:88:1a:
17:25:b9:55:13:ed:16:00:07:65:f4:23:cb:6a:54:a5:89:43:
47:4e:97:3d:c1:0a:4a:03:02:d9:73:71:9a:29:64:36:bd:9a:
e8:4f:a4:10:3c:54:9b:df:a3:23:7c:a5:08:2a:f3:bb:4b:c1:
90:09:41:e8:b6:e3:67:1c:4b:68:4e:20:2f:1b:6a:a1:f6:28:
54:d6:5b:49:50:7e:df:47:50:14:72:7e:1f:99:60:c6:c8:cb:
57:eb:81:1b:c9:f6:91:3a:9d:b2:53:14:b5:0e:70:35:8d:5f:
26:88:e2:c0:1d:f0:30:62:fa:42:dd:f1:52:06:f9:ec:d8:9c:
3e:e6:00:b9:06:29:7d:82:f0:73:09:7f:83:4f:9a:4b:09:d2:
bb:cd:81:38:6c:18:58:0b:3d:ac:13:83:7e:62:b3:80:04:98:
3b:cd:61:89:6b:57:15:48:97:ed:0d:46:7a:d3:a4:cf:74:6d:
28:35:e8:be:ed:dc:e0:d3:d5:5f:3c:23:b1:07:dd:4e:94:88:
c4:30:44:91:96:91:fe:f4:dd:a4:74:ae:a4:24:ce:a6:2e:0c:
c5:c2:5c:19:e0:0a:d3:b5:c8:3d:3e:23:a7:a7:52:d4:48:f1:
ce:9b:71:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwws+D3HYVEjfOehYhdEagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlN2ZkOTU4NmY5Y2NiMGZiNDQ4N2IyMDhjZGY0Njc1ZTVi
YmYzMzAwHhcNMjMwMTAyMDQzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTg4YmNiYjYxMTYxMDZhMzdlODFkYjZiNDBjYjlkODRmZmJmYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH49ImgjlzacyLZJWYVV34IXYXpe
GEccZNssSk2WmefW+FWn2oxa8PXugEDHzgRjIKKuahzS3Ax36xuSNOl+U2ks/y44
a/vG5untHjk4b0pzNBHxtgjMii//DueBhxCM8cn/R2a9I2c0HOK3f24rr0CIm4Eh
EyF2rscEBvTltL9g3HkRDy99ijmSGgVoMTvEh/qWXbuYMKlUuR+C08k1FZawWYjF
BxJhjXzwVxy6JyFHbAbpWxchsDA3j3wiEKi4FkvaudGPnW7CXK4e5D3TttlZxxkF
hrTdx1wp7dd9qjollmVCCFoCrc+z100zOQDHeOGta6fkIsidyPbdeMCqlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ6IvLthFhBqN+gdtrQMudhP+/oJMB8GA1UdIwQY
MBaAFF5/2VhvnMsPtEh7IIzfRnXlu/MwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5fWldHLWN5dy0wU0hzZ2pOOUdkZVc3OHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8xNWU1M2QtNzBiMC00MjY4LTkxMjQt
NGIwMWQ2M2U3OTVjLzEvbm9pOHUyRVdFR28zNkIyMnRBeTUyRV83LWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8xNWU1M2QtNzBiMC00MjY4LTkxMjQtNGIwMWQ2M2U3OTVj
LzEvWG5fWldHLWN5dy0wU0hzZ2pOOUdkZVc3OHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuc3oAwQG
1KYAMA0EAgACMAcDBQAqAVoAMA0GCSqGSIb3DQEBCwUAA4IBAQCZqf2LsRcwZSYL
ivFFCWZjiBoXJblVE+0WAAdl9CPLalSliUNHTpc9wQpKAwLZc3GaKWQ2vZroT6QQ
PFSb36MjfKUIKvO7S8GQCUHotuNnHEtoTiAvG2qh9ihU1ltJUH7fR1AUcn4fmWDG
yMtX64EbyfaROp2yUxS1DnA1jV8miOLAHfAwYvpC3fFSBvns2Jw+5gC5Bil9gvBz
CX+DT5pLCdK7zYE4bBhYCz2sE4N+YrOABJg7zWGJa1cVSJftDUZ606TPdG0oNei+
7dzg09VfPCOxB91OlIjEMESRlpH+9N2kdK6kJM6mLgzFwlwZ4ArTtcg9PiOnp1LU
SPHOm3Hz
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:15:02 2025 by rpki-client