Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/PxPxr7_6U6r8t7v1N3x9xMeoZ64.roa
File: PxPxr7_6U6r8t7v1N3x9xMeoZ64.roa (raw, json)
Hash identifier: O7AdAHoix8XbOp4ISxuap+dLo08n4McyKpAjccNjSXE=
Subject key identifier: 3F:13:F1:AF:BF:FA:53:AA:FC:B7:BB:F5:37:7C:7D:C4:C7:A8:67:AE
Certificate issuer: /CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Certificate serial: 018570B088C1884CE19A22B09455FEBED23F
Authority key identifier: 1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/PxPxr7_6U6r8t7v1N3x9xMeoZ64.roa
Signing time: Mon 02 Jan 2023 04:14:55 +0000
ROA not before: Mon 02 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16186
IP address blocks: 185.116.4.0/22 maxlen: 22
2001:820::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:88:c1:88:4c:e1:9a:22:b0:94:55:fe:be:d2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c99cebe0cf09903903d19c1ca0ae62421764859
Validity
Not Before: Jan 2 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f13f1afbffa53aafcb7bbf5377c7dc4c7a867ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:84:34:a8:e9:32:6f:85:0b:7a:ee:57:89:30:
05:bb:a1:f0:1e:2f:6a:06:b4:4c:2b:10:c7:15:8b:
ac:51:49:49:af:74:a2:ce:75:b3:bb:8b:9e:b6:cf:
9e:80:89:3d:1c:6f:33:c5:46:85:99:fa:45:28:94:
b2:ae:5c:e5:2c:f8:c5:f8:06:d6:cf:5c:d7:2d:e8:
4a:19:39:4d:3b:6e:db:7c:24:59:ac:20:f0:0c:20:
88:4b:14:bb:c6:2d:e6:5f:c5:6d:15:96:37:f0:a5:
a4:4d:a0:bc:e8:18:dd:7f:18:dd:0b:0c:75:b4:88:
89:e0:91:7f:87:50:b3:ad:9b:fa:59:b2:d0:be:4e:
02:a7:1f:76:2e:a7:28:bc:e6:bc:66:37:98:b0:df:
92:86:a1:51:00:de:8e:32:ec:4b:6f:dc:e1:39:25:
92:46:db:e3:73:6d:89:34:98:2b:b7:12:76:61:18:
07:e6:f4:20:07:e1:33:6c:24:8a:a4:42:53:49:f8:
18:e1:3f:5e:c5:4f:54:63:06:b0:93:be:de:81:2a:
4b:9e:28:7a:6f:79:84:de:5b:fd:48:17:ed:ae:28:
c7:aa:ca:4d:ea:e9:07:74:d5:e9:9d:3e:ee:b9:cd:
4c:61:cc:75:29:ac:dd:1a:e4:e9:4a:14:d4:6f:43:
cf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:13:F1:AF:BF:FA:53:AA:FC:B7:BB:F5:37:7C:7D:C4:C7:A8:67:AE
X509v3 Authority Key Identifier:
keyid:1C:99:CE:BE:0C:F0:99:03:90:3D:19:C1:CA:0A:E6:24:21:76:48:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJnOvgzwmQOQPRnBygrmJCF2SFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/PxPxr7_6U6r8t7v1N3x9xMeoZ64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/3fea1a-57bc-493a-9a3e-8c25b5fb276f/1/HJnOvgzwmQOQPRnBygrmJCF2SFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.4.0/22
IPv6:
2001:820::/32
Signature Algorithm: sha256WithRSAEncryption
8c:45:f7:6d:e5:7f:df:ec:fc:0b:ee:1d:40:0b:4a:31:3c:25:
5c:d4:b6:0f:37:cf:95:c7:0a:d0:6d:ec:f3:13:ef:53:67:5e:
de:65:d2:66:a2:77:48:4c:c6:95:db:66:9c:e3:d0:27:46:44:
ee:c6:c9:f8:90:fc:b0:34:d5:97:05:81:6b:6c:d7:2a:42:00:
b3:74:4c:80:9d:b5:a4:6b:10:a0:be:f1:41:fd:b3:f3:2c:85:
e7:4f:09:a1:a1:ce:b0:1c:f3:82:45:8c:52:3f:9b:f0:93:92:
5b:63:83:2e:b1:e9:d6:0c:35:9f:4d:71:04:c8:0b:97:37:0c:
1d:95:77:c0:e1:a2:f9:a7:28:52:04:dd:ff:5b:8a:dc:6d:8b:
d2:51:f7:02:a8:a0:b4:36:bc:21:44:52:a1:81:e7:b1:38:21:
04:c5:34:7f:49:47:6c:81:45:c6:fe:f1:91:08:f8:73:79:22:
e0:3f:8f:51:ca:7d:e7:a1:db:ae:dd:9e:ed:dc:6f:5c:e2:06:
29:95:2f:c8:c1:16:6a:64:18:32:38:8d:63:af:71:9b:ff:c9:
1b:83:47:a9:57:33:f5:1e:ab:93:c3:0b:d0:d4:04:55:3f:7f:
ec:63:a0:37:d6:51:6b:3e:3d:31:f0:d2:27:9c:34:70:5e:77:
be:16:ac:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsIjBiEzhmiKwlFX+vtI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTljZWJlMGNmMDk5MDM5MDNkMTljMWNhMGFlNjI0MjE3
NjQ4NTkwHhcNMjMwMTAyMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjEzZjFhZmJmZmE1M2FhZmNiN2JiZjUzNzdjN2RjNGM3YTg2N2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYQ0qOkyb4ULeu5XiTAFu6HwHi9q
BrRMKxDHFYusUUlJr3SiznWzu4uets+egIk9HG8zxUaFmfpFKJSyrlzlLPjF+AbW
z1zXLehKGTlNO27bfCRZrCDwDCCISxS7xi3mX8VtFZY38KWkTaC86BjdfxjdCwx1
tIiJ4JF/h1CzrZv6WbLQvk4Cpx92LqcovOa8ZjeYsN+ShqFRAN6OMuxLb9zhOSWS
Rtvjc22JNJgrtxJ2YRgH5vQgB+EzbCSKpEJTSfgY4T9exU9UYwawk77egSpLnih6
b3mE3lv9SBftrijHqspN6ukHdNXpnT7uuc1MYcx1KazdGuTpShTUb0PPwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD8T8a+/+lOq/Le79Td8fcTHqGeuMB8GA1UdIwQY
MBaAFByZzr4M8JkDkD0ZwcoK5iQhdkhZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpuT3ZnendtUU9RUFJuQnlncm1KQ0YyU0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8zZmVhMWEtNTdiYy00OTNhLTlhM2Ut
OGMyNWI1ZmIyNzZmLzEvUHhQeHI3XzZVNnI4dDd2MU4zeDl4TWVvWjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8zZmVhMWEtNTdiYy00OTNhLTlhM2UtOGMyNWI1ZmIyNzZm
LzEvSEpuT3ZnendtUU9RUFJuQnlncm1KQ0YyU0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXQEMA0E
AgACMAcDBQAgAQggMA0GCSqGSIb3DQEBCwUAA4IBAQCMRfdt5X/f7PwL7h1AC0ox
PCVc1LYPN8+VxwrQbezzE+9TZ17eZdJmondITMaV22ac49AnRkTuxsn4kPywNNWX
BYFrbNcqQgCzdEyAnbWkaxCgvvFB/bPzLIXnTwmhoc6wHPOCRYxSP5vwk5JbY4Mu
senWDDWfTXEEyAuXNwwdlXfA4aL5pyhSBN3/W4rcbYvSUfcCqKC0NrwhRFKhgeex
OCEExTR/SUdsgUXG/vGRCPhzeSLgP49Ryn3noduu3Z7t3G9c4gYplS/IwRZqZBgy
OI1jr3Gb/8kbg0epVzP1HquTwwvQ1ARVP3/sY6A31lFrPj0x8NInnDRwXne+Fqx+
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:45 2025 by rpki-client