Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/4XFcd8XQEh4l5SfzZMysnT8zaYo.roa
File: 4XFcd8XQEh4l5SfzZMysnT8zaYo.roa (raw, json)
Hash identifier: kpkSy8yDARaOvaOuRrIalFCyeIFf9fpMGMdOQY7jjDU=
Subject key identifier: E1:71:5C:77:C5:D0:12:1E:25:E5:27:F3:64:CC:AC:9D:3F:33:69:8A
Certificate issuer: /CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Certificate serial: 17C3AD77
Authority key identifier: 40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/4XFcd8XQEh4l5SfzZMysnT8zaYo.roa
Signing time: Sat 01 Jan 2022 12:59:48 +0000
ROA not before: Sat 01 Jan 2022 12:59:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60723
IP address blocks: 185.23.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 398699895 (0x17c3ad77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b9cac935311e78034b4073830a81a3cf7b45d9
Validity
Not Before: Jan 1 12:59:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1715c77c5d0121e25e527f364ccac9d3f33698a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:37:cd:53:f6:f8:22:7f:df:2f:5f:63:8d:f2:
97:f2:ba:8f:a1:f8:7d:4c:34:4b:9e:2f:2d:db:ba:
af:f9:5b:33:c2:49:6d:e6:28:be:02:23:5b:40:e4:
fc:a0:95:c7:a2:c2:91:2f:cf:71:e2:19:83:95:42:
80:ca:54:23:3f:a6:98:f2:70:2d:75:4e:d0:30:de:
73:fb:97:23:4b:2a:c8:ca:9c:20:8d:ea:1e:4d:f2:
e6:b9:0e:94:2c:f3:db:7b:97:bb:01:9a:94:4b:3a:
6d:28:9d:e9:ae:a6:9f:93:00:1f:52:ba:bd:cb:a4:
52:e0:6c:e4:24:2c:9d:5c:c6:f5:59:6b:12:ff:fd:
a6:b9:c5:4c:97:15:b4:17:8e:7a:39:8f:23:5b:60:
9a:85:c6:08:25:36:cc:af:f8:dc:d1:60:c8:4b:f8:
7a:20:5f:9b:37:a2:45:3f:4e:13:97:ac:b4:df:87:
40:3d:e5:03:ad:8c:4c:70:5f:01:bf:c3:a3:d1:71:
d9:6d:ee:4c:18:00:b0:3e:16:19:c1:bb:23:09:51:
0a:21:62:b6:1f:da:47:b1:31:84:0d:bc:7e:61:a1:
53:56:12:9c:e7:21:ec:1e:3b:3d:65:8c:14:e3:b5:
41:24:a7:16:a5:27:a2:08:aa:93:7b:80:6b:3d:7b:
ea:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:71:5C:77:C5:D0:12:1E:25:E5:27:F3:64:CC:AC:9D:3F:33:69:8A
X509v3 Authority Key Identifier:
keyid:40:B9:CA:C9:35:31:1E:78:03:4B:40:73:83:0A:81:A3:CF:7B:45:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLnKyTUxHngDS0BzgwqBo897Rdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/4XFcd8XQEh4l5SfzZMysnT8zaYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/285ab6-0109-44e1-bb2b-7534fe0f1b83/1/QLnKyTUxHngDS0BzgwqBo897Rdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:73:a4:3e:0c:a5:16:69:7a:55:bf:5d:f6:6f:be:7c:40:a6:
33:e9:0f:d7:cd:88:9f:7a:06:c2:df:0e:3d:a8:84:76:66:71:
10:ef:e3:83:a8:a6:ff:92:06:9a:58:59:0d:a9:13:57:0d:ad:
45:18:e0:ff:6b:9f:7f:3e:2d:8f:92:5e:38:31:d9:a5:00:f9:
16:15:8a:d2:41:af:88:a9:66:5b:c1:2b:31:09:05:eb:85:bf:
f8:8a:ba:21:f0:a9:9c:5e:64:8b:ab:64:b4:58:2f:b2:fc:d5:
22:f3:50:0e:fb:27:4f:25:1e:9c:14:0c:a8:79:c9:56:15:af:
61:7d:d6:e9:ba:82:92:ce:ce:5e:91:9d:78:f6:50:2e:35:ff:
0e:a6:32:19:34:23:a6:3a:19:04:00:ee:57:4a:c7:8c:8a:cd:
f3:b6:44:33:03:75:41:c0:04:35:54:11:e3:ea:93:14:3c:99:
fe:ed:3f:41:9b:21:49:8f:ac:05:57:de:7f:5d:de:ee:d1:4d:
b4:e4:80:61:44:31:8a:ac:92:bd:bf:6b:0a:82:df:42:6e:c0:
8c:12:13:e7:56:bd:51:dd:fd:6a:5a:6e:02:11:5d:2b:9d:70:
f9:7f:3e:6d:78:33:fe:c3:bc:73:18:97:d9:57:3b:b3:8a:42:
b2:fc:d0:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF8OtdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MGI5Y2FjOTM1MzExZTc4MDM0YjQwNzM4MzBhODFhM2NmN2I0NWQ5MB4XDTIyMDEw
MTEyNTk0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE3MTVjNzdjNWQw
MTIxZTI1ZTUyN2YzNjRjY2FjOWQzZjMzNjk4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK43zVP2+CJ/3y9fY43yl/K6j6H4fUw0S54vLdu6r/lbM8JJ
beYovgIjW0Dk/KCVx6LCkS/PceIZg5VCgMpUIz+mmPJwLXVO0DDec/uXI0sqyMqc
II3qHk3y5rkOlCzz23uXuwGalEs6bSid6a6mn5MAH1K6vcukUuBs5CQsnVzG9Vlr
Ev/9prnFTJcVtBeOejmPI1tgmoXGCCU2zK/43NFgyEv4eiBfmzeiRT9OE5estN+H
QD3lA62MTHBfAb/Do9Fx2W3uTBgAsD4WGcG7IwlRCiFith/aR7ExhA28fmGhU1YS
nOch7B47PWWMFOO1QSSnFqUnogiqk3uAaz176kMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThcVx3xdASHiXlJ/NkzKydPzNpijAfBgNVHSMEGDAWgBRAucrJNTEeeANL
QHODCoGjz3tF2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FMbkt5VFV4SG5nRFMwQnpnd3FCbzg5N1Jkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvMjg1YWI2LTAxMDktNDRlMS1iYjJiLTc1MzRmZTBmMWI4My8x
LzRYRmNkOFhRRWg0bDVTZnpaTXlzblQ4emFZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
Mjg1YWI2LTAxMDktNDRlMS1iYjJiLTc1MzRmZTBmMWI4My8xL1FMbkt5VFV4SG5n
RFMwQnpnd3FCbzg5N1Jkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkXqDANBgkqhkiG9w0BAQsFAAOC
AQEAT3OkPgylFml6Vb9d9m++fECmM+kP182In3oGwt8OPaiEdmZxEO/jg6im/5IG
mlhZDakTVw2tRRjg/2uffz4tj5JeODHZpQD5FhWK0kGviKlmW8ErMQkF64W/+Iq6
IfCpnF5ki6tktFgvsvzVIvNQDvsnTyUenBQMqHnJVhWvYX3W6bqCks7OXpGdePZQ
LjX/DqYyGTQjpjoZBADuV0rHjIrN87ZEMwN1QcAENVQR4+qTFDyZ/u0/QZshSY+s
BVfef13e7tFNtOSAYUQxiqySvb9rCoLfQm7AjBIT51a9Ud39alpuAhFdK51w+X8+
bXgz/sO8cxiX2Vc7s4pCsvzQmg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:32:13 2025 by rpki-client