Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa
File: cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa (raw, json)
Hash identifier: 3eC5W/JPkqvvOQV3SoZbnvIof6FBuHqynwq7jcZQXLY=
Subject key identifier: 71:62:79:B4:9F:D6:81:55:C7:57:67:6B:41:B2:5B:11:B1:7C:7E:E3
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 129B2661
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa
Signing time: Sun 15 May 2022 06:25:41 +0000
ROA not before: Sun 15 May 2022 06:25:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29484
IP address blocks: 185.73.22.0/24 maxlen: 24
185.73.23.0/24 maxlen: 24
185.73.22.0/25 maxlen: 25
185.73.20.0/23 maxlen: 23
185.73.20.0/22 maxlen: 22
134.147.0.0/16 maxlen: 16
2a05:3e04::/32 maxlen: 32
2a05:3e06::/31 maxlen: 31
2a05:3e05::/32 maxlen: 32
2a05:3e00::/30 maxlen: 30
2a05:3e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312157793 (0x129b2661)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: May 15 06:25:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=716279b49fd68155c757676b41b25b11b17c7ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:b7:d7:06:b6:b6:3e:d8:68:aa:6a:eb:98:
84:c3:d4:a3:66:3f:f8:ab:5c:85:09:e2:c0:2d:1a:
a2:bb:14:92:7c:7c:60:e6:f5:dd:4b:3c:2e:7c:ac:
32:8b:fd:79:62:9e:b7:ef:e5:08:a3:c2:61:0e:ba:
6d:60:af:2d:5c:40:4a:cc:63:2b:d0:a6:77:41:e2:
f1:02:46:3f:e4:0e:9d:e3:4d:c4:da:c4:56:d1:f9:
ee:f2:39:be:2e:40:ec:e5:e5:92:b9:4e:e7:c7:7d:
57:62:9f:5c:59:2f:3b:73:3c:55:3a:25:b6:35:2c:
97:e9:fd:e2:e6:8c:1a:66:15:25:aa:f6:c1:8e:72:
c7:9c:dc:3f:fd:7d:bd:4d:e0:39:d5:9d:fd:e3:57:
60:48:1d:47:9b:d6:a4:60:cd:20:04:af:3c:85:5e:
2e:6f:e6:2b:d4:4a:db:c3:d8:bf:bd:7a:6a:b2:bc:
7f:45:e4:80:11:23:17:5c:cb:fd:32:af:07:5e:12:
85:fa:82:9e:b6:27:74:ef:39:f6:be:8d:85:56:54:
b8:0c:e9:39:cb:d4:50:9c:cc:bb:51:d4:a3:ef:19:
2f:65:de:cd:58:3b:b1:5d:07:a0:03:8b:9a:d1:f7:
2f:29:66:10:90:1e:4d:28:87:35:0b:83:02:79:d3:
16:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:62:79:B4:9F:D6:81:55:C7:57:67:6B:41:B2:5B:11:B1:7C:7E:E3
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/cWJ5tJ_WgVXHV2drQbJbEbF8fuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:16:4b:80:ac:18:7d:fd:47:fd:7e:4a:fc:15:56:a2:ea:34:
ff:09:57:6d:27:e1:8a:1d:2d:73:90:97:65:37:b8:43:81:13:
20:bc:1c:5e:f8:5f:d6:7c:06:8c:29:e7:a9:92:73:a2:68:ad:
21:c4:5c:97:34:bc:fe:c3:ee:92:03:9c:d8:b5:7e:7b:28:99:
4f:d2:3c:92:68:c2:bb:00:d4:1b:5a:82:f5:61:16:21:e3:28:
aa:cd:5e:8b:2c:e9:84:03:b0:4f:ca:ef:19:b0:5d:10:f5:3c:
85:8f:90:fc:0d:5a:65:5b:f9:0c:0e:72:c1:df:ae:a5:98:ed:
3b:0b:7a:30:65:77:70:f4:2c:49:e3:b0:03:0a:c2:39:3c:85:
8d:0e:1f:0c:60:46:db:d4:f5:42:a6:b1:f3:72:9b:e2:32:6c:
07:a0:16:01:b8:e3:4f:fb:6b:98:d8:58:f1:a3:74:e6:26:bd:
8f:a7:c7:f5:ef:1f:e6:0f:05:9f:8d:04:60:ab:16:78:8d:65:
c9:48:f2:09:a0:92:b1:e4:39:0b:98:36:e4:44:f3:65:66:e1:
a7:17:f7:a2:31:09:22:1e:e1:87:7d:ed:16:be:e7:15:7d:52:
4e:bf:40:7b:19:5f:b1:18:ca:3f:1f:31:8d:39:ea:f7:93:b4:
dc:a5:27:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEpsmYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBkZGFhNzQ5NGQ2OWJhMWNhY2I0NTdlZjkxYjZkY2QyMmU4ZGQ5MB4XDTIyMDUx
NTA2MjU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE2Mjc5YjQ5ZmQ2
ODE1NWM3NTc2NzZiNDFiMjViMTFiMTdjN2VlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp3t9cGtrY+2GiqauuYhMPUo2Y/+KtchQniwC0aorsUknx8
YOb13Us8LnysMov9eWKet+/lCKPCYQ66bWCvLVxASsxjK9Cmd0Hi8QJGP+QOneNN
xNrEVtH57vI5vi5A7OXlkrlO58d9V2KfXFkvO3M8VToltjUsl+n94uaMGmYVJar2
wY5yx5zcP/19vU3gOdWd/eNXYEgdR5vWpGDNIASvPIVeLm/mK9RK28PYv716arK8
f0XkgBEjF1zL/TKvB14ShfqCnrYndO859r6NhVZUuAzpOcvUUJzMu1HUo+8ZL2Xe
zVg7sV0HoAOLmtH3LylmEJAeTSiHNQuDAnnTFicCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBRxYnm0n9aBVcdXZ2tBslsRsXx+4zAfBgNVHSMEGDAWgBSjDdqnSU1puhys
tFfvkbbc0i6N2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293M2FwMGxOYWJvY3JMUlg3NUcyM05JdWpkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8x
L2NXSjV0Sl9XZ1ZYSFYyZHJRYkpiRWJGOGZ1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8xL293M2FwMGxOYWJv
Y3JMUlg3NUcyM05JdWpkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAIaTAwQCuUkUMA0EAgACMAcDBQMq
BT4AMA0GCSqGSIb3DQEBCwUAA4IBAQAbFkuArBh9/Uf9fkr8FVai6jT/CVdtJ+GK
HS1zkJdlN7hDgRMgvBxe+F/WfAaMKeepknOiaK0hxFyXNLz+w+6SA5zYtX57KJlP
0jySaMK7ANQbWoL1YRYh4yiqzV6LLOmEA7BPyu8ZsF0Q9TyFj5D8DVplW/kMDnLB
366lmO07C3owZXdw9CxJ47ADCsI5PIWNDh8MYEbb1PVCprHzcpviMmwHoBYBuONP
+2uY2Fjxo3TmJr2Pp8f17x/mDwWfjQRgqxZ4jWXJSPIJoJKx5DkLmDbkRPNlZuGn
F/eiMQkiHuGHfe0WvucVfVJOv0B7GV+xGMo/HzGNOer3k7TcpSec
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:23:00 2025 by rpki-client