Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5-W8LZmd4bW5wzAv7OAD2jnhwUY.roa
File: 5-W8LZmd4bW5wzAv7OAD2jnhwUY.roa (raw, json)
Hash identifier: uD3mSP2s1fozbGFHP0xJNFKstdLZ8pb1bEIN9C1/I0Q=
Subject key identifier: E7:E5:BC:2D:99:9D:E1:B5:B9:C3:30:2F:EC:E0:03:DA:39:E1:C1:46
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B97F7B26B56E48456DE23B2BE2451F
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5-W8LZmd4bW5wzAv7OAD2jnhwUY.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200848
IP address blocks: 185.94.4.0/22 maxlen: 22
213.109.172.0/22 maxlen: 22
2a09:fc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7f:7b:26:b5:6e:48:45:6d:e2:3b:2b:e2:45:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7e5bc2d999de1b5b9c3302fece003da39e1c146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dc:45:3d:99:87:46:b5:24:73:6d:96:fa:38:
26:c7:3b:31:60:73:09:89:ca:d6:3e:ea:e3:a9:48:
04:89:e2:28:21:a2:fd:1f:c9:57:a1:d5:04:e1:a6:
a1:fa:9d:47:1d:db:76:50:ea:66:e9:b7:97:30:98:
70:e5:7c:00:28:70:fb:1a:b2:df:76:19:cb:ae:0b:
c8:28:1e:77:47:dd:a0:ba:0f:52:58:0f:c0:9b:37:
2e:4a:52:30:39:82:45:3c:3d:be:f1:0d:7c:b1:e6:
e0:a7:71:9b:fe:ae:2f:36:88:8c:da:06:be:98:ff:
e1:ca:fc:bc:79:23:47:c5:41:82:5d:af:0a:6d:a4:
f3:dd:af:8e:ed:0c:5c:9b:b4:b1:de:a0:10:36:03:
1d:12:6a:46:98:51:29:31:e3:0b:f0:0e:82:d2:b8:
8a:b7:7e:4f:dd:c0:80:11:42:9f:c7:d7:54:e3:26:
58:2c:f2:f2:43:7a:23:02:1c:39:ab:82:9a:1d:6c:
0f:35:e8:e7:ae:a4:29:6e:ad:77:b3:ed:11:30:aa:
5c:2d:49:52:15:83:0c:a6:c1:a4:94:c0:a3:e6:a0:
db:4b:8b:93:7c:62:2e:ad:49:7a:ba:9b:ca:01:a0:
87:b8:75:87:6c:c1:a3:b8:32:c8:fc:34:5e:45:58:
7b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E5:BC:2D:99:9D:E1:B5:B9:C3:30:2F:EC:E0:03:DA:39:E1:C1:46
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/5-W8LZmd4bW5wzAv7OAD2jnhwUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.4.0/22
213.109.172.0/22
IPv6:
2a09:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:94:4b:76:86:f5:dc:97:93:d9:32:8b:5f:df:1d:f9:cb:fe:
29:be:0d:a4:65:f6:a9:08:84:f5:5f:ea:6c:99:a5:ec:60:66:
c8:23:04:c0:9d:81:c2:9f:dc:e8:77:73:7d:d0:ff:dd:b9:08:
23:0f:e1:ae:fc:85:ec:15:f7:ee:b9:34:f2:d9:8f:5f:52:6e:
63:d0:ac:be:20:9b:e0:b9:72:4f:dd:80:81:fc:04:13:4d:77:
67:e2:21:96:71:8f:0c:47:ee:89:7a:d2:4b:7e:c4:f7:37:72:
53:7d:5d:32:3d:7e:08:5e:33:4b:f0:62:33:fa:2f:7b:78:cf:
58:2f:c2:f0:84:68:06:0c:39:e0:fd:3e:fe:ab:b2:3d:6b:12:
68:98:79:e7:2d:1d:fd:6e:23:61:e9:cb:d5:57:d9:49:f0:cd:
a0:9d:59:cc:77:77:a5:fb:25:80:66:11:c6:7f:f4:9e:95:b2:
5a:33:10:a7:30:94:fb:dc:c6:21:00:95:85:e3:9b:66:7a:bf:
0d:d3:f4:13:7c:d1:62:a2:e3:82:e1:28:cb:54:bb:2a:ca:dc:
d4:8b:c4:7d:c6:99:f7:ca:8a:98:dd:94:07:e2:e0:7f:de:2d:
64:ee:92:a6:54:83:6c:3f:20:59:2e:f9:67:63:54:5c:3e:65:
ad:fd:f1:a6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwuX97JrVuSEVt4jsr4kUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U1YmMyZDk5OWRlMWI1YjljMzMwMmZlY2UwMDNkYTM5ZTFjMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotxFPZmHRrUkc22W+jgmxzsxYHMJ
icrWPurjqUgEieIoIaL9H8lXodUE4aah+p1HHdt2UOpm6beXMJhw5XwAKHD7GrLf
dhnLrgvIKB53R92gug9SWA/AmzcuSlIwOYJFPD2+8Q18sebgp3Gb/q4vNoiM2ga+
mP/hyvy8eSNHxUGCXa8KbaTz3a+O7Qxcm7Sx3qAQNgMdEmpGmFEpMeML8A6C0riK
t35P3cCAEUKfx9dU4yZYLPLyQ3ojAhw5q4KaHWwPNejnrqQpbq13s+0RMKpcLUlS
FYMMpsGklMCj5qDbS4uTfGIurUl6upvKAaCHuHWHbMGjuDLI/DReRVh7KQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOflvC2ZneG1ucMwL+zgA9o54cFGMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvNS1XOExabWQ0Ylc1d3pBdjdPQUQyam5od1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV4EAwQC
1W2sMA0EAgACMAcDBQMqCfwAMA0GCSqGSIb3DQEBCwUAA4IBAQAblEt2hvXcl5PZ
Motf3x35y/4pvg2kZfapCIT1X+psmaXsYGbIIwTAnYHCn9zod3N90P/duQgjD+Gu
/IXsFffuuTTy2Y9fUm5j0Ky+IJvguXJP3YCB/AQTTXdn4iGWcY8MR+6JetJLfsT3
N3JTfV0yPX4IXjNL8GIz+i97eM9YL8LwhGgGDDng/T7+q7I9axJomHnnLR39biNh
6cvVV9lJ8M2gnVnMd3el+yWAZhHGf/SelbJaMxCnMJT73MYhAJWF45tmer8N0/QT
fNFiouOC4SjLVLsqytzUi8R9xpn3yoqY3ZQH4uB/3i1k7pKmVINsPyBZLvlnY1Rc
PmWt/fGm
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:39:58 2025 by rpki-client