Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/r1XL83d012EHNp3sVsespNXk_gQ.roa
File: r1XL83d012EHNp3sVsespNXk_gQ.roa (raw, json)
Hash identifier: iARzuq2wos5Vpyber5ki0IA6omqv78/Mzpa70+WDkQE=
Subject key identifier: AF:55:CB:F3:77:74:D7:61:07:36:9D:EC:56:C7:AC:A4:D5:E4:FE:04
Certificate issuer: /CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Certificate serial: 01856C9CD1DBAB2E90C77648F81AD074E511
Authority key identifier: F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/r1XL83d012EHNp3sVsespNXk_gQ.roa
Signing time: Sun 01 Jan 2023 09:14:54 +0000
ROA not before: Sun 01 Jan 2023 09:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213063
IP address blocks: 185.159.144.0/22 maxlen: 24
185.226.165.0/24 maxlen: 24
2a0d:e200::/29 maxlen: 29
2a0f:d540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d1:db:ab:2e:90:c7:76:48:f8:1a:d0:74:e5:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3c86ea2995e934b65041911cb9eb65872c2289f
Validity
Not Before: Jan 1 09:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af55cbf37774d76107369dec56c7aca4d5e4fe04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:20:ce:b7:42:50:77:ef:07:42:c1:97:92:
f7:2e:27:0c:59:60:02:71:73:85:62:a9:2a:70:d7:
ad:f9:5b:a0:27:21:12:b8:08:48:21:9d:64:46:bf:
dc:b6:1f:7c:79:af:76:c2:78:e7:bb:8e:17:48:97:
00:fc:d6:e2:47:cb:65:fa:68:0a:6d:64:2b:e1:51:
ec:86:cb:d3:7f:60:d4:47:2a:9d:cd:f1:5f:87:13:
85:c6:bc:55:7a:f3:ce:15:47:11:ad:38:a8:bf:f0:
8e:fb:39:b5:93:2f:0b:19:b6:7a:36:a7:61:64:c4:
3d:ca:b2:20:9d:85:a9:53:74:66:b3:1a:7e:cf:99:
ae:26:be:f7:1d:f4:03:c1:dc:2c:82:ad:32:16:c5:
16:c9:9b:c4:d3:fc:3c:b2:1c:c2:49:8e:91:ae:1a:
0e:83:7d:cc:0c:8b:02:83:06:bc:98:04:94:3b:96:
55:ac:e6:1c:71:01:ef:38:e8:11:1e:f4:ba:d6:53:
02:e4:b5:9b:6c:cf:29:64:4e:94:dc:23:53:61:ee:
33:2a:4d:c1:80:25:2d:d4:5d:97:5e:0f:b0:ef:06:
c4:69:01:9c:41:00:26:17:9d:7a:15:d9:dd:b1:29:
86:29:69:f6:65:9a:84:37:89:1f:77:93:ba:63:c7:
97:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:55:CB:F3:77:74:D7:61:07:36:9D:EC:56:C7:AC:A4:D5:E4:FE:04
X509v3 Authority Key Identifier:
keyid:F3:C8:6E:A2:99:5E:93:4B:65:04:19:11:CB:9E:B6:58:72:C2:28:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88huoplek0tlBBkRy562WHLCKJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/r1XL83d012EHNp3sVsespNXk_gQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e554aa-e4ed-4948-b6fc-c635d8eed447/1/88huoplek0tlBBkRy562WHLCKJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.144.0/22
185.226.165.0/24
IPv6:
2a0d:e200::/29
2a0f:d540::/29
Signature Algorithm: sha256WithRSAEncryption
0a:8c:31:8b:e3:8c:cf:22:47:df:75:1d:d0:40:5b:1f:5d:47:
ea:d7:23:84:1f:71:60:a0:2c:04:d6:27:90:91:82:e2:e6:41:
8c:d1:1c:70:eb:8a:13:7c:37:86:2d:95:2a:78:09:ce:76:1a:
56:b6:93:bb:71:4e:a2:af:36:b3:4d:72:11:dd:01:dd:fa:03:
c7:f3:d7:da:e2:6f:21:df:3a:41:ed:5b:d9:0f:5e:fe:af:97:
62:41:09:0f:e2:69:8b:17:83:2e:2d:f9:03:27:2f:9d:81:dc:
53:ac:b2:19:75:8a:11:8d:2d:97:2a:7e:67:e9:1c:70:cc:2b:
09:88:91:61:55:a1:04:65:7c:6d:d8:d9:22:6c:e3:e1:d3:09:
de:15:63:52:b4:8c:2e:9a:92:8c:6e:97:04:05:6b:2b:f1:35:
c9:fa:bc:a1:19:7c:ca:ce:3a:fc:c8:de:88:e3:31:73:eb:ee:
c4:96:60:a9:ad:5f:e0:6d:4b:e9:5c:12:0d:4e:c2:d9:e4:b7:
fb:e4:4a:49:a8:f7:ef:1b:54:53:af:57:24:c4:01:e7:6c:90:
ba:4a:6b:bc:f2:af:60:28:c8:8d:b5:6f:d7:08:a8:25:21:49:
bc:76:a5:c1:18:a4:44:71:bf:37:55:82:43:2f:79:e3:7f:3c:
85:cd:a9:64
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVsnNHbqy6Qx3ZI+BrQdOURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYzg2ZWEyOTk1ZTkzNGI2NTA0MTkxMWNiOWViNjU4NzJj
MjI4OWYwHhcNMjMwMTAxMDkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjU1Y2JmMzc3NzRkNzYxMDczNjlkZWM1NmM3YWNhNGQ1ZTRmZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEogzrdCUHfvB0LBl5L3LicMWWAC
cXOFYqkqcNet+VugJyESuAhIIZ1kRr/cth98ea92wnjnu44XSJcA/NbiR8tl+mgK
bWQr4VHshsvTf2DURyqdzfFfhxOFxrxVevPOFUcRrTiov/CO+zm1ky8LGbZ6Nqdh
ZMQ9yrIgnYWpU3Rmsxp+z5muJr73HfQDwdwsgq0yFsUWyZvE0/w8shzCSY6RrhoO
g33MDIsCgwa8mASUO5ZVrOYccQHvOOgRHvS61lMC5LWbbM8pZE6U3CNTYe4zKk3B
gCUt1F2XXg+w7wbEaQGcQQAmF516FdndsSmGKWn2ZZqEN4kfd5O6Y8eXgQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFK9Vy/N3dNdhBzad7FbHrKTV5P4EMB8GA1UdIwQY
MBaAFPPIbqKZXpNLZQQZEcuetlhywiifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMt
YzYzNWQ4ZWVkNDQ3LzEvcjFYTDgzZDAxMkVITnAzc1ZzZXNwTlhrX2dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNTU0YWEtZTRlZC00OTQ4LWI2ZmMtYzYzNWQ4ZWVkNDQ3
LzEvODhodW9wbGVrMHRsQkJrUnk1NjJXSExDS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuZ+QAwQA
ueKlMBQEAgACMA4DBQMqDeIAAwUDKg/VQDANBgkqhkiG9w0BAQsFAAOCAQEACowx
i+OMzyJH33Ud0EBbH11H6tcjhB9xYKAsBNYnkJGC4uZBjNEccOuKE3w3hi2VKngJ
znYaVraTu3FOoq82s01yEd0B3foDx/PX2uJvId86Qe1b2Q9e/q+XYkEJD+JpixeD
Li35AycvnYHcU6yyGXWKEY0tlyp+Z+kccMwrCYiRYVWhBGV8bdjZImzj4dMJ3hVj
UrSMLpqSjG6XBAVrK/E1yfq8oRl8ys46/MjeiOMxc+vuxJZgqa1f4G1L6VwSDU7C
2eS3++RKSaj37xtUU69XJMQB52yQukprvPKvYCjIjbVv1wioJSFJvHalwRikRHG/
N1WCQy954388hc2pZA==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:02 2025 by rpki-client