Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/X3pGIgIfFjjXfsf1L6_AjS1WIFM.roa
File: X3pGIgIfFjjXfsf1L6_AjS1WIFM.roa (raw, json)
Hash identifier: w8q8/k78KwXkgaxSQfY2lpuGPCSyK26kudw6JzBs73M=
Subject key identifier: 5F:7A:46:22:02:1F:16:38:D7:7E:C7:F5:2F:AF:C0:8D:2D:56:20:53
Certificate issuer: /CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Certificate serial: 018792C11AF4A1E3A823747E026DBF6663D1
Authority key identifier: F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/X3pGIgIfFjjXfsf1L6_AjS1WIFM.roa
Signing time: Tue 18 Apr 2023 05:05:41 +0000
ROA not before: Tue 18 Apr 2023 05:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202330
IP address blocks: 185.255.21.0/24 maxlen: 24
185.255.20.0/22 maxlen: 22
185.255.22.0/24 maxlen: 24
185.255.23.0/24 maxlen: 24
185.255.20.0/24 maxlen: 24
185.25.105.0/24 maxlen: 24
2a13:d680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:92:c1:1a:f4:a1:e3:a8:23:74:7e:02:6d:bf:66:63:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Validity
Not Before: Apr 18 05:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f7a4622021f1638d77ec7f52fafc08d2d562053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b4:42:ee:eb:0a:95:31:8c:4e:5f:20:72:4d:
f0:fd:e3:af:43:3e:96:1d:37:0a:f1:92:de:1b:58:
d5:e8:87:b9:e0:2b:91:c9:af:23:79:ba:23:83:a4:
47:80:ea:da:63:6d:c6:a9:6f:d1:72:82:76:ba:82:
78:9b:33:4f:6f:23:24:71:80:cd:ce:5b:37:a8:10:
6b:04:e9:8a:e3:b9:62:2e:01:8c:73:d0:49:99:a1:
0a:da:63:62:e8:06:09:73:c0:a3:6d:ee:e6:54:ec:
d5:3a:30:88:46:4e:e6:08:c1:7d:2e:b8:44:e1:b7:
e2:70:8f:96:0d:41:e3:97:72:93:ac:a6:58:6b:83:
32:7f:5d:74:bf:9b:38:ae:58:b6:3a:be:b7:a0:bb:
79:c9:34:c0:c7:d3:da:12:a3:4d:e0:26:bd:fd:53:
d4:51:78:38:2d:cd:4d:f9:a5:d7:2f:91:de:80:49:
51:a3:0a:b2:9b:f0:51:82:db:9f:29:bf:e7:f8:d6:
cf:77:ee:fb:16:39:cb:50:28:4a:a7:ae:43:5e:b4:
90:8f:75:23:f2:b3:ba:8b:fb:a4:03:ff:c2:21:1d:
ca:70:45:c3:c4:3e:ba:8e:4f:af:6a:73:8c:c9:80:
5d:f8:6c:68:07:f5:88:de:51:0c:0d:9d:0b:f1:14:
68:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7A:46:22:02:1F:16:38:D7:7E:C7:F5:2F:AF:C0:8D:2D:56:20:53
X509v3 Authority Key Identifier:
keyid:F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/X3pGIgIfFjjXfsf1L6_AjS1WIFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/8WBdCa0sbEN7bC-Gg___viF0_mw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.105.0/24
185.255.20.0/22
IPv6:
2a13:d680::/29
Signature Algorithm: sha256WithRSAEncryption
80:d7:24:22:42:61:24:4d:23:d9:d2:3f:0c:9c:04:47:17:f5:
b9:85:2d:07:4c:58:7f:0a:0d:3b:aa:a3:6e:ea:bc:2e:a7:29:
f9:6f:f8:ee:f9:67:d0:f6:46:9c:b4:77:00:b3:5c:0d:66:4e:
9e:cb:4c:c6:e3:c5:24:bc:8d:8b:22:ff:08:2e:20:b9:10:72:
12:ab:ec:7f:97:1a:04:82:cf:94:5f:d6:e9:c4:22:ff:3d:27:
7f:e3:91:1b:12:54:d1:71:d5:21:7a:73:db:a9:91:ba:b0:37:
8c:7d:f2:7c:68:20:51:9d:b5:8c:68:2c:04:4a:0e:f8:ba:1f:
08:35:28:5b:9f:35:c7:d2:a7:91:39:31:51:ee:e3:04:cd:b7:
d0:5b:40:d7:ce:8c:b8:29:76:00:e7:fc:58:c9:9c:40:8e:3b:
11:8b:89:3c:c1:48:52:7e:65:e9:59:a1:e9:d2:2d:bc:63:83:
b7:26:91:3a:40:8b:6b:0a:87:38:25:36:6c:16:83:cc:ce:3c:
3e:d6:1d:38:aa:10:f8:28:73:b6:17:f6:ea:9c:3f:36:ac:bf:
73:e5:e4:74:0c:64:d3:7e:34:04:4a:ff:74:b8:91:4d:90:89:
3d:aa:c8:ca:e4:4b:20:0a:74:74:ff:1f:f9:f6:19:46:8b:b0:
56:59:a2:65
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYeSwRr0oeOoI3R+Am2/ZmPRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjA1ZDA5YWQyYzZjNDM3YjZjMmY4NjgzZmZmZmJlMjE3
NGZlNmMwHhcNMjMwNDE4MDUwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdhNDYyMjAyMWYxNjM4ZDc3ZWM3ZjUyZmFmYzA4ZDJkNTYyMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rRC7usKlTGMTl8gck3w/eOvQz6W
HTcK8ZLeG1jV6Ie54CuRya8jebojg6RHgOraY23GqW/RcoJ2uoJ4mzNPbyMkcYDN
zls3qBBrBOmK47liLgGMc9BJmaEK2mNi6AYJc8Cjbe7mVOzVOjCIRk7mCMF9LrhE
4bficI+WDUHjl3KTrKZYa4Myf110v5s4rli2Or63oLt5yTTAx9PaEqNN4Ca9/VPU
UXg4Lc1N+aXXL5HegElRowqym/BRgtufKb/n+NbPd+77FjnLUChKp65DXrSQj3Uj
8rO6i/ukA//CIR3KcEXDxD66jk+vanOMyYBd+GxoB/WI3lEMDZ0L8RRocQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFF96RiICHxY4137H9S+vwI0tViBTMB8GA1UdIwQY
MBaAFPFgXQmtLGxDe2wvhoP//74hdP5sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdCZENhMHNiRU43YkMtR2dfX192aUYwX213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNmIwNDAtZjU3Yi00YWUyLWFiNDIt
MjI4NzMzMjQ1Y2QxLzEvWDNwR0lnSWZGampYZnNmMUw2X0FqUzFXSUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNmIwNDAtZjU3Yi00YWUyLWFiNDItMjI4NzMzMjQ1Y2Qx
LzEvOFdCZENhMHNiRU43YkMtR2dfX192aUYwX213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuRlpAwQC
uf8UMA0EAgACMAcDBQMqE9aAMA0GCSqGSIb3DQEBCwUAA4IBAQCA1yQiQmEkTSPZ
0j8MnARHF/W5hS0HTFh/Cg07qqNu6rwupyn5b/ju+WfQ9kactHcAs1wNZk6ey0zG
48UkvI2LIv8ILiC5EHISq+x/lxoEgs+UX9bpxCL/PSd/45EbElTRcdUhenPbqZG6
sDeMffJ8aCBRnbWMaCwESg74uh8INShbnzXH0qeROTFR7uMEzbfQW0DXzoy4KXYA
5/xYyZxAjjsRi4k8wUhSfmXpWaHp0i28Y4O3JpE6QItrCoc4JTZsFoPMzjw+1h04
qhD4KHO2F/bqnD82rL9z5eR0DGTTfjQESv90uJFNkIk9qsjK5EsgCnR0/x/59hlG
i7BWWaJl
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:30 2025 by rpki-client