Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UrcF3JiakTqK9ti8TkyBUHmbdfQ.roa
File: UrcF3JiakTqK9ti8TkyBUHmbdfQ.roa (raw, json)
Hash identifier: tVpVgu+B69eUTlKxBUvpx6XI3wp/+0a9tt/5So+llD0=
Subject key identifier: 52:B7:05:DC:98:9A:91:3A:8A:F6:D8:BC:4E:4C:81:50:79:9B:75:F4
Certificate issuer: /CN=8c7f251ac1190c9dedc8e5be085d54387f401a37
Certificate serial: 0D87C6B7
Authority key identifier: 8C:7F:25:1A:C1:19:0C:9D:ED:C8:E5:BE:08:5D:54:38:7F:40:1A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UrcF3JiakTqK9ti8TkyBUHmbdfQ.roa
Signing time: Sat 01 Jan 2022 14:00:03 +0000
ROA not before: Sat 01 Jan 2022 14:00:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60171
IP address blocks: 185.10.165.0/24 maxlen: 24
185.10.166.0/24 maxlen: 24
185.10.164.0/22 maxlen: 24
185.10.167.0/24 maxlen: 24
185.35.140.0/22 maxlen: 22
2a00:dd60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227002039 (0xd87c6b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c7f251ac1190c9dedc8e5be085d54387f401a37
Validity
Not Before: Jan 1 14:00:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52b705dc989a913a8af6d8bc4e4c8150799b75f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:c1:18:ae:e5:77:9d:6f:91:22:54:40:41:
f0:26:cb:af:5a:34:58:d9:7b:48:e8:9d:8b:f9:09:
47:54:56:62:8b:b0:2e:71:33:89:19:04:c9:96:7a:
f8:1d:ec:d9:05:7f:f5:36:18:04:a5:0a:e9:1a:fe:
5a:e7:af:93:56:29:23:65:8c:56:50:1a:f1:89:41:
9f:20:1c:14:26:35:8d:f6:1f:2f:69:7f:94:0c:3f:
05:9f:f2:ab:38:54:19:9b:5c:30:83:53:be:d3:97:
1a:2e:c5:03:ee:ef:87:cc:79:5a:25:f3:0e:b5:24:
91:aa:29:ff:39:4c:85:98:3a:1e:70:da:5c:64:c1:
1f:4b:b4:45:da:87:cc:00:a9:0c:57:48:14:47:75:
36:f9:e8:90:f5:f6:d2:74:cf:bd:62:a4:bc:3c:08:
ae:78:1f:6d:1f:80:b2:20:b8:05:f2:ee:f2:8d:29:
65:29:29:34:d5:f4:c4:aa:c6:be:da:69:60:0a:d3:
7d:4c:09:77:89:15:8f:c4:3b:42:3a:4d:b5:d3:14:
62:44:de:40:0a:2a:7e:a9:d2:d5:38:e9:a5:88:50:
eb:fa:f3:39:66:de:d5:94:81:79:a5:c9:6e:c9:8b:
05:fd:21:c8:ca:73:d7:94:f4:ff:c2:d3:18:f3:d2:
ce:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B7:05:DC:98:9A:91:3A:8A:F6:D8:BC:4E:4C:81:50:79:9B:75:F4
X509v3 Authority Key Identifier:
keyid:8C:7F:25:1A:C1:19:0C:9D:ED:C8:E5:BE:08:5D:54:38:7F:40:1A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/UrcF3JiakTqK9ti8TkyBUHmbdfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b2e350-af90-4f9b-8fbf-500c7c45f419/1/jH8lGsEZDJ3tyOW-CF1UOH9AGjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.164.0/22
185.35.140.0/22
IPv6:
2a00:dd60::/32
Signature Algorithm: sha256WithRSAEncryption
4e:76:c1:26:8b:4c:50:1e:08:3e:6f:a0:6e:1d:08:f0:08:58:
d0:af:91:b9:c2:53:76:d4:84:63:4e:25:4a:61:c6:c0:a8:8a:
21:d9:b6:52:9d:15:63:4c:08:cc:06:8f:df:88:02:c8:c3:33:
03:e4:3b:76:91:57:3a:8e:50:0d:57:87:7e:fd:75:38:c5:93:
42:0a:f4:6c:2b:75:22:66:e5:7b:a3:36:a4:3c:3a:08:5c:c6:
4d:c6:e2:61:ec:35:09:70:ce:87:fd:91:93:d9:f2:92:7d:a9:
32:e2:4c:2c:48:2f:9a:80:61:37:b0:1a:68:85:04:70:43:1d:
39:b7:ff:e0:68:92:ba:4c:ac:05:e1:d4:1d:7d:1f:d0:a3:ff:
64:f8:be:2c:a6:6a:2e:42:7c:b9:cb:af:95:55:c6:47:fe:b5:
e5:c9:70:6c:0a:d0:cc:aa:63:29:81:55:89:c0:61:a8:69:4a:
f6:cd:bd:d1:c1:7e:55:59:e5:99:41:08:75:b3:e6:71:bc:d5:
8d:8b:62:21:e1:03:83:f4:0e:00:da:e5:62:4f:89:47:d4:26:
73:1c:a6:8e:0f:d9:d0:77:89:48:09:ef:43:63:0d:73:91:53:
13:4e:39:8c:3c:59:89:f8:19:ed:b0:d5:c8:39:41:59:57:79:
7b:3c:c8:f2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDYfGtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YzdmMjUxYWMxMTkwYzlkZWRjOGU1YmUwODVkNTQzODdmNDAxYTM3MB4XDTIyMDEw
MTE0MDAwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTJiNzA1ZGM5ODlh
OTEzYThhZjZkOGJjNGU0YzgxNTA3OTliNzVmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4VwRiu5Xedb5EiVEBB8CbLr1o0WNl7SOidi/kJR1RWYouw
LnEziRkEyZZ6+B3s2QV/9TYYBKUK6Rr+Wuevk1YpI2WMVlAa8YlBnyAcFCY1jfYf
L2l/lAw/BZ/yqzhUGZtcMINTvtOXGi7FA+7vh8x5WiXzDrUkkaop/zlMhZg6HnDa
XGTBH0u0RdqHzACpDFdIFEd1NvnokPX20nTPvWKkvDwIrngfbR+AsiC4BfLu8o0p
ZSkpNNX0xKrGvtppYArTfUwJd4kVj8Q7QjpNtdMUYkTeQAoqfqnS1TjppYhQ6/rz
OWbe1ZSBeaXJbsmLBf0hyMpz15T0/8LTGPPSzvsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRStwXcmJqROor22LxOTIFQeZt19DAfBgNVHSMEGDAWgBSMfyUawRkMne3I
5b4IXVQ4f0AaNzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pIOGxHc0VaREozdHlPVy1DRjFVT0g5QUdqYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvYjJlMzUwLWFmOTAtNGY5Yi04ZmJmLTUwMGM3YzQ1ZjQxOS8x
L1VyY0YzSmlha1RxSzl0aThUa3lCVUhtYmRmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
YjJlMzUwLWFmOTAtNGY5Yi04ZmJmLTUwMGM3YzQ1ZjQxOS8xL2pIOGxHc0VaREoz
dHlPVy1DRjFVT0g5QUdqYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkKpAMEArkjjDANBAIAAjAHAwUA
KgDdYDANBgkqhkiG9w0BAQsFAAOCAQEATnbBJotMUB4IPm+gbh0I8AhY0K+RucJT
dtSEY04lSmHGwKiKIdm2Up0VY0wIzAaP34gCyMMzA+Q7dpFXOo5QDVeHfv11OMWT
Qgr0bCt1Imble6M2pDw6CFzGTcbiYew1CXDOh/2Rk9nykn2pMuJMLEgvmoBhN7Aa
aIUEcEMdObf/4GiSukysBeHUHX0f0KP/ZPi+LKZqLkJ8ucuvlVXGR/615clwbArQ
zKpjKYFVicBhqGlK9s290cF+VVnlmUEIdbPmcbzVjYtiIeEDg/QOANrlYk+JR9Qm
cxymjg/Z0HeJSAnvQ2MNc5FTE045jDxZifgZ7bDVyDlBWVd5ezzI8g==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:12:57 2025 by rpki-client