Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/e3AbeCVh7biOUJ0SACTQGFCXRn8.roa
File: e3AbeCVh7biOUJ0SACTQGFCXRn8.roa (raw, json)
Hash identifier: hfV+AyCWtFPm5cm6z4amlUyvlalMTYBaOxfEYScLQTM=
Subject key identifier: 7B:70:1B:78:25:61:ED:B8:8E:50:9D:12:00:24:D0:18:50:97:46:7F
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 116716D5
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/e3AbeCVh7biOUJ0SACTQGFCXRn8.roa
Signing time: Sat 01 Jan 2022 08:59:25 +0000
ROA not before: Sat 01 Jan 2022 08:59:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29484
IP address blocks: 185.73.20.0/22 maxlen: 22
134.147.0.0/16 maxlen: 16
2a05:3e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291968725 (0x116716d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: Jan 1 08:59:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7b701b782561edb88e509d120024d0185097467f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:11:1a:42:0a:34:7e:a3:47:5b:a9:e5:97:70:
76:16:ae:d7:89:b1:42:0a:34:20:62:8d:47:6f:39:
32:e8:73:f6:c7:06:31:32:c4:93:1e:5c:c7:7d:81:
d2:0a:23:a4:3f:36:ea:2c:f1:42:4f:00:46:c0:41:
6e:65:c9:c6:35:5d:b9:82:4a:ee:b6:7a:96:6f:7b:
e9:95:f2:bf:f8:6e:b9:0c:aa:83:9e:bb:66:b6:dc:
3c:5c:06:f8:06:11:0c:f0:f9:d2:1b:d7:8c:d4:67:
85:fc:62:ce:88:dc:fc:4a:40:b8:29:02:c1:77:c8:
08:9f:70:24:df:ff:ff:b0:00:52:6b:90:6f:da:ef:
a2:66:85:51:e9:c6:71:0d:02:e9:c1:e7:ce:d2:54:
2d:de:09:f0:76:44:8f:09:83:da:89:66:04:9a:d0:
36:98:f5:f8:09:15:ca:01:06:ab:0c:34:e5:b7:13:
a1:f4:6f:92:04:b3:c9:f0:40:0e:6f:60:80:b3:b3:
07:7c:98:08:77:a7:5f:4f:23:b3:6a:87:07:4f:be:
02:79:7c:59:a3:58:0c:1e:54:59:c1:25:be:96:b7:
c9:09:e3:f4:d0:dc:00:1e:b6:9f:c0:91:08:03:ad:
fe:17:78:1d:a6:f2:73:bd:fb:ce:29:f8:e4:86:cf:
58:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:70:1B:78:25:61:ED:B8:8E:50:9D:12:00:24:D0:18:50:97:46:7F
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/e3AbeCVh7biOUJ0SACTQGFCXRn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
08:83:c1:2f:c9:c2:96:dc:52:c7:e2:dd:b2:d3:3e:3f:dc:e9:
c3:4c:fb:a2:58:91:11:e4:84:49:79:6a:df:ba:74:83:39:20:
35:95:58:d7:a7:81:8d:a2:79:5e:80:6c:74:1f:d3:c8:ca:51:
e1:df:f2:bb:34:ef:1a:68:82:11:9e:33:75:b3:66:bb:0e:d5:
cf:89:47:62:fd:3a:13:9f:88:60:b0:bd:cf:24:15:60:16:8d:
6b:a1:c6:aa:32:67:58:ef:ab:9c:ce:2c:a0:ba:81:c8:f1:c8:
db:16:f8:3e:ed:7a:3e:2f:34:3d:aa:39:1f:fd:ca:b5:89:51:
24:a8:c5:64:b5:11:8f:50:48:f2:f8:8c:84:bb:4a:49:0d:23:
56:89:f4:73:31:7c:44:88:27:37:d7:4e:dc:b2:ab:db:46:52:
9a:e2:ad:3a:95:84:f9:88:36:6f:5b:bc:c5:99:dd:4b:0a:d8:
b7:4d:e7:5d:b1:dd:09:74:39:54:dd:0b:2e:f2:40:be:8f:2d:
62:92:72:74:15:d1:39:d6:48:6d:8b:e5:68:e6:a5:91:41:fd:
39:15:ad:31:b3:8a:d4:fa:e2:68:c5:fa:ad:db:4c:2e:36:c5:
a5:54:ab:7c:28:5d:9d:fc:bb:a8:6e:ef:b8:2c:e6:75:fe:59:
ef:30:bd:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEWcW1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBkZGFhNzQ5NGQ2OWJhMWNhY2I0NTdlZjkxYjZkY2QyMmU4ZGQ5MB4XDTIyMDEw
MTA4NTkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2I3MDFiNzgyNTYx
ZWRiODhlNTA5ZDEyMDAyNGQwMTg1MDk3NDY3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQRGkIKNH6jR1up5Zdwdhau14mxQgo0IGKNR285Muhz9scG
MTLEkx5cx32B0gojpD826izxQk8ARsBBbmXJxjVduYJK7rZ6lm976ZXyv/huuQyq
g567ZrbcPFwG+AYRDPD50hvXjNRnhfxizojc/EpAuCkCwXfICJ9wJN///7AAUmuQ
b9rvomaFUenGcQ0C6cHnztJULd4J8HZEjwmD2olmBJrQNpj1+AkVygEGqww05bcT
ofRvkgSzyfBADm9ggLOzB3yYCHenX08js2qHB0++Anl8WaNYDB5UWcElvpa3yQnj
9NDcAB62n8CRCAOt/hd4Habyc737zin45IbPWIMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR7cBt4JWHtuI5QnRIAJNAYUJdGfzAfBgNVHSMEGDAWgBSjDdqnSU1puhys
tFfvkbbc0i6N2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293M2FwMGxOYWJvY3JMUlg3NUcyM05JdWpkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8x
L2UzQWJlQ1ZoN2JpT1VKMFNBQ1RRR0ZDWFJuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzYxMTJjLWYxN2UtNGRjMS1iYTUyLTY1NDRhMmI5OTgxNy8xL293M2FwMGxOYWJv
Y3JMUlg3NUcyM05JdWpkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwEQQCAAEwCwMDAIaTAwQCuUkUMA0EAgACMAcDBQMq
BT4AMA0GCSqGSIb3DQEBCwUAA4IBAQAIg8EvycKW3FLH4t2y0z4/3OnDTPuiWJER
5IRJeWrfunSDOSA1lVjXp4GNonlegGx0H9PIylHh3/K7NO8aaIIRnjN1s2a7DtXP
iUdi/ToTn4hgsL3PJBVgFo1rocaqMmdY76ucziyguoHI8cjbFvg+7Xo+LzQ9qjkf
/cq1iVEkqMVktRGPUEjy+IyEu0pJDSNWifRzMXxEiCc3107csqvbRlKa4q06lYT5
iDZvW7zFmd1LCti3Teddsd0JdDlU3Qsu8kC+jy1iknJ0FdE51khti+Vo5qWRQf05
Fa0xs4rU+uJoxfqt20wuNsWlVKt8KF2d/Luobu+4LOZ1/lnvML0M
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:59:11 2025 by rpki-client