Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/8XtViBuq6V6FnyTdk0JmPPf2C9w.roa
File: 8XtViBuq6V6FnyTdk0JmPPf2C9w.roa (raw, json)
Hash identifier: Vsd1pZKJ8D4rZ+0wCt8bT6JWficLg+PyUYXPQRaM2hw=
Subject key identifier: F1:7B:55:88:1B:AA:E9:5E:85:9F:24:DD:93:42:66:3C:F7:F6:0B:DC
Certificate issuer: /CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Certificate serial: 094A9A73
Authority key identifier: 25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/8XtViBuq6V6FnyTdk0JmPPf2C9w.roa
Signing time: Sat 01 Jan 2022 05:00:51 +0000
ROA not before: Sat 01 Jan 2022 05:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202837
IP address blocks: 185.198.4.0/24 maxlen: 24
185.198.7.0/24 maxlen: 24
185.198.6.0/24 maxlen: 24
185.198.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155884147 (0x94a9a73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2559e9be1fbd1e6909a0be9a90b380f824fab1a5
Validity
Not Before: Jan 1 05:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f17b55881baae95e859f24dd9342663cf7f60bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:64:53:b8:3f:c1:90:9f:0a:32:95:32:ec:71:
73:4b:7a:d7:7f:11:e2:ad:6e:a4:c8:79:b7:f9:03:
a6:d0:aa:b2:93:55:63:13:0d:bb:20:2c:ad:b6:04:
38:d1:2c:a9:c9:9c:e4:24:87:04:5e:96:9a:ad:b8:
6d:25:dd:85:58:79:13:1d:a6:08:5b:60:36:5b:51:
09:c1:0a:fe:2f:6b:6e:a2:fb:0c:be:92:19:8e:3a:
d1:9c:20:9e:98:4e:0c:ef:26:4f:a7:c4:f7:13:49:
3f:30:98:0d:d7:76:8e:ca:db:f2:a1:20:2b:96:27:
70:5e:45:4d:1d:01:da:ae:1b:d3:cc:80:9e:18:e8:
7f:66:a4:66:31:36:dd:fb:81:76:e7:52:e5:59:98:
08:30:f5:40:67:19:08:06:e8:0d:68:54:8f:b7:f6:
98:2e:fa:e1:de:2e:e2:44:0f:03:51:de:b3:c1:17:
bf:bb:1a:3b:29:40:0b:48:6f:28:4d:71:29:3e:e6:
5d:43:2d:52:5f:af:61:1e:3c:c7:87:9f:14:32:ec:
eb:a0:16:15:ff:21:0b:52:56:a5:a3:1c:b1:16:10:
66:44:9c:2f:67:97:ef:42:d6:4f:71:3e:ac:89:98:
7d:4d:73:72:ad:7c:4f:32:ef:ca:a0:6b:df:15:21:
e0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7B:55:88:1B:AA:E9:5E:85:9F:24:DD:93:42:66:3C:F7:F6:0B:DC
X509v3 Authority Key Identifier:
keyid:25:59:E9:BE:1F:BD:1E:69:09:A0:BE:9A:90:B3:80:F8:24:FA:B1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVnpvh-9HmkJoL6akLOA-CT6saU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/8XtViBuq6V6FnyTdk0JmPPf2C9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/5edd6f-2c65-447d-bcad-4aaada65d71c/1/JVnpvh-9HmkJoL6akLOA-CT6saU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.4.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:61:13:15:11:e8:fb:c5:d3:40:39:e4:4b:85:b0:9e:52:70:
d0:4f:25:8b:e8:73:16:f0:60:a6:a1:03:19:d3:d6:82:c6:97:
e4:68:09:83:10:ce:2b:7a:10:50:29:a6:23:8a:4c:21:3f:69:
2c:7e:ce:4e:2a:e2:63:56:9f:85:61:78:7b:f1:b2:08:2d:a5:
b6:4b:40:98:58:2a:f8:da:fb:64:48:24:60:62:e4:80:68:09:
fd:83:36:20:87:ec:84:4e:c2:12:22:72:32:fe:90:6a:e0:d4:
ad:71:68:70:6a:18:6e:3b:cd:57:77:95:bc:f1:e0:4c:cc:3d:
2e:5e:a9:e3:75:05:2f:dd:a5:93:bd:83:cf:ee:5a:76:04:6c:
b0:f4:60:a3:48:c5:cb:bf:8b:f4:b6:ff:f2:7c:a4:cc:04:ec:
a2:60:c4:0e:10:2b:58:a5:0e:08:76:65:01:17:ea:c7:a0:29:
df:78:63:5c:d7:15:17:e0:56:33:23:a9:29:f0:8d:eb:b4:91:
e4:ad:88:b8:20:72:5b:ce:95:7c:e8:af:96:e0:f0:cf:c0:bb:
17:62:c1:14:58:fc:05:6d:bb:68:fe:0d:c8:a5:13:ae:0c:98:
1f:b6:c6:53:98:b3:5e:27:f5:63:8a:d1:2d:38:07:8e:87:d6:
cb:75:f7:45
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUqaczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTU5ZTliZTFmYmQxZTY5MDlhMGJlOWE5MGIzODBmODI0ZmFiMWE1MB4XDTIyMDEw
MTA1MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE3YjU1ODgxYmFh
ZTk1ZTg1OWYyNGRkOTM0MjY2M2NmN2Y2MGJkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9kU7g/wZCfCjKVMuxxc0t6138R4q1upMh5t/kDptCqspNV
YxMNuyAsrbYEONEsqcmc5CSHBF6Wmq24bSXdhVh5Ex2mCFtgNltRCcEK/i9rbqL7
DL6SGY460ZwgnphODO8mT6fE9xNJPzCYDdd2jsrb8qEgK5YncF5FTR0B2q4b08yA
nhjof2akZjE23fuBdudS5VmYCDD1QGcZCAboDWhUj7f2mC764d4u4kQPA1Hes8EX
v7saOylAC0hvKE1xKT7mXUMtUl+vYR48x4efFDLs66AWFf8hC1JWpaMcsRYQZkSc
L2eX70LWT3E+rImYfU1zcq18TzLvyqBr3xUh4LECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTxe1WIG6rpXoWfJN2TQmY89/YL3DAfBgNVHSMEGDAWgBQlWem+H70eaQmg
vpqQs4D4JPqxpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pWbnB2aC05SG1rSm9MNmFrTE9BLUNUNnNhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNWVkZDZmLTJjNjUtNDQ3ZC1iY2FkLTRhYWFkYTY1ZDcxYy8x
LzhYdFZpQnVxNlY2Rm55VGRrMEptUFBmMkM5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NWVkZDZmLTJjNjUtNDQ3ZC1iY2FkLTRhYWFkYTY1ZDcxYy8xL0pWbnB2aC05SG1r
Sm9MNmFrTE9BLUNUNnNhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnGBDANBgkqhkiG9w0BAQsFAAOC
AQEAP2ETFRHo+8XTQDnkS4WwnlJw0E8li+hzFvBgpqEDGdPWgsaX5GgJgxDOK3oQ
UCmmI4pMIT9pLH7OTiriY1afhWF4e/GyCC2ltktAmFgq+Nr7ZEgkYGLkgGgJ/YM2
IIfshE7CEiJyMv6QauDUrXFocGoYbjvNV3eVvPHgTMw9Ll6p43UFL92lk72Dz+5a
dgRssPRgo0jFy7+L9Lb/8nykzATsomDEDhArWKUOCHZlARfqx6Ap33hjXNcVF+BW
MyOpKfCN67SR5K2IuCByW86VfOivluDwz8C7F2LBFFj8BW27aP4NyKUTrgyYH7bG
U5izXif1Y4rRLTgHjofWy3X3RQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:49 2025 by rpki-client