Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mKwwWh6IOly-kR9dbCuBB5oacJI.roa
File: mKwwWh6IOly-kR9dbCuBB5oacJI.roa (raw, json)
Hash identifier: ev47LjagLyu8g61T68ckO0nP9UtbLgZ/EagO39k34Ew=
Subject key identifier: 98:AC:30:5A:1E:88:3A:5C:BE:91:1F:5D:6C:2B:81:07:9A:1A:70:92
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181EE0761A1AD8D239623A6723E6384BB3B
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mKwwWh6IOly-kR9dbCuBB5oacJI.roa
Signing time: Mon 11 Jul 2022 16:11:09 +0000
ROA not before: Mon 11 Jul 2022 16:11:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 185.66.178.0/24 maxlen: 24
2a05:900:10::/56 maxlen: 56
2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:07:61:a1:ad:8d:23:96:23:a6:72:3e:63:84:bb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 11 16:11:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98ac305a1e883a5cbe911f5d6c2b81079a1a7092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:f4:04:e1:d5:e1:62:4f:37:f9:8a:80:09:
0c:01:b8:c0:55:85:69:25:1c:b9:57:70:23:51:4b:
ad:42:4a:0f:c4:d6:1f:8c:1f:e3:c5:17:f8:82:05:
7e:18:b3:74:43:2c:5a:3f:76:40:4e:2d:07:13:31:
31:fb:c0:12:63:72:94:19:b5:6b:c1:c3:9a:a7:c8:
ab:eb:ca:10:70:0d:0b:c8:c1:cd:b2:73:dc:88:16:
4a:c1:a2:82:31:33:89:14:bd:f1:0f:5a:c7:2e:17:
78:5b:15:74:6b:a8:06:0f:fc:de:39:62:8f:d8:08:
a7:cf:ef:96:39:c7:14:ec:fe:b5:b7:33:17:42:0b:
78:29:51:fd:2c:3c:36:37:50:22:de:8f:04:1a:10:
a2:1d:7b:e3:de:b4:80:6f:78:ba:04:a3:bb:4d:13:
25:63:72:87:87:eb:69:5b:d1:be:2d:8d:db:fb:a3:
be:c8:f5:cc:a9:ec:04:b1:36:b3:6b:0a:51:7f:f4:
9c:de:f8:6d:eb:06:59:e7:d9:9b:4b:47:32:1a:29:
3c:9c:91:dd:4f:57:fe:9a:de:95:6c:4a:11:44:c9:
d5:e5:23:7e:bb:71:ef:63:33:01:e2:cb:3b:24:71:
86:4b:b4:0c:6e:03:94:e8:bc:5c:94:fb:7b:03:bd:
26:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AC:30:5A:1E:88:3A:5C:BE:91:1F:5D:6C:2B:81:07:9A:1A:70:92
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mKwwWh6IOly-kR9dbCuBB5oacJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.178.0/24
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
5d:b2:48:74:1b:f7:33:9e:c1:89:f0:91:3a:9c:e4:18:2b:12:
be:19:df:99:d1:e3:c2:80:31:cf:9e:c0:38:66:3c:27:27:6d:
f4:7e:f0:8e:65:19:01:4b:4a:d9:9e:2f:c6:ea:e0:3f:71:2a:
26:06:23:df:47:9b:6f:16:0b:66:cc:43:d3:b1:fa:3d:e0:60:
04:ba:a0:f8:78:e0:71:5e:fd:24:4c:18:53:30:78:dd:65:00:
d1:20:cf:08:a0:0c:40:b3:ff:eb:b1:e0:30:f5:d8:7e:e2:08:
33:38:88:b2:f4:bb:2d:45:e9:6b:41:49:a1:d8:d8:b9:45:96:
1e:64:94:35:79:56:60:c4:49:42:da:54:f8:dd:8e:2c:e5:84:
e8:39:2f:da:72:4c:78:d2:eb:a0:32:21:5a:ff:68:9e:f0:83:
75:f3:de:ec:de:42:4e:31:4d:d2:67:a2:f4:cd:1d:c8:1b:3c:
71:55:94:ff:e7:21:d2:70:f8:c0:df:1d:9f:47:79:87:a9:f7:
86:b0:88:a7:86:be:74:23:d5:27:79:6b:f6:0e:35:80:c4:28:
aa:18:cf:6b:e9:b6:57:fe:1f:e0:18:2c:ae:50:58:04:27:ca:
e7:8f:64:ed:39:91:ed:d5:14:3a:d6:28:f6:17:84:99:ef:0f:
e9:85:4c:9f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHuB2GhrY0jliOmcj5jhLs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzExMTYxMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFjMzA1YTFlODgzYTVjYmU5MTFmNWQ2YzJiODEwNzlhMWE3MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsP0BOHV4WJPN/mKgAkMAbjAVYVp
JRy5V3AjUUutQkoPxNYfjB/jxRf4ggV+GLN0QyxaP3ZATi0HEzEx+8ASY3KUGbVr
wcOap8ir68oQcA0LyMHNsnPciBZKwaKCMTOJFL3xD1rHLhd4WxV0a6gGD/zeOWKP
2Ainz++WOccU7P61tzMXQgt4KVH9LDw2N1Ai3o8EGhCiHXvj3rSAb3i6BKO7TRMl
Y3KHh+tpW9G+LY3b+6O+yPXMqewEsTazawpRf/Sc3vht6wZZ59mbS0cyGik8nJHd
T1f+mt6VbEoRRMnV5SN+u3HvYzMB4ss7JHGGS7QMbgOU6LxclPt7A70mbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJisMFoeiDpcvpEfXWwrgQeaGnCSMB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvbUt3d1doNklPbHkta1I5ZGJDdUJCNW9hY0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUKyMA0E
AgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQBdskh0G/cznsGJ8JE6nOQY
KxK+Gd+Z0ePCgDHPnsA4ZjwnJ230fvCOZRkBS0rZni/G6uA/cSomBiPfR5tvFgtm
zEPTsfo94GAEuqD4eOBxXv0kTBhTMHjdZQDRIM8IoAxAs//rseAw9dh+4ggzOIiy
9LstRelrQUmh2Ni5RZYeZJQ1eVZgxElC2lT43Y4s5YToOS/ackx40uugMiFa/2ie
8IN1897s3kJOMU3SZ6L0zR3IGzxxVZT/5yHScPjA3x2fR3mHqfeGsIinhr50I9Un
eWv2DjWAxCiqGM9r6bZX/h/gGCyuUFgEJ8rnj2TtOZHt1RQ61ij2F4SZ7w/phUyf
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:12:26 2025 by rpki-client