Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/HR5XvTU7PptMzxr_KVXj4TCv41c.roa
File: HR5XvTU7PptMzxr_KVXj4TCv41c.roa (raw, json)
Hash identifier: bxui7frMkI5/l0aSnbwPbElt3Du0W0L1CajvYdVKUEY=
Subject key identifier: 1D:1E:57:BD:35:3B:3E:9B:4C:CF:1A:FF:29:55:E3:E1:30:AF:E3:57
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 01856F9DF963B852A3B167DAEF0E1DCD05A2
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/HR5XvTU7PptMzxr_KVXj4TCv41c.roa
Signing time: Sun 01 Jan 2023 23:15:01 +0000
ROA not before: Sun 01 Jan 2023 23:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201178
IP address blocks: 185.81.236.0/24 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:f9:63:b8:52:a3:b1:67:da:ef:0e:1d:cd:05:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jan 1 23:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d1e57bd353b3e9b4ccf1aff2955e3e130afe357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:55:40:be:e6:5a:79:82:52:73:fb:ef:98:62:
8e:47:d1:4c:d8:e2:c1:d5:15:c8:3d:a5:14:d8:21:
91:cb:e2:e2:a2:c8:b6:74:a5:ab:59:19:cc:4b:96:
05:fa:53:ab:f6:9c:c0:44:d2:58:bd:df:ce:c8:06:
8b:a5:ea:4d:99:3d:61:23:a0:bf:12:91:4e:93:a2:
a1:aa:7b:b7:69:1f:1d:7e:c7:d1:e7:d2:09:af:79:
97:f6:88:f6:6b:1b:54:8a:c9:52:3f:d7:70:4c:be:
54:88:71:38:f5:b3:67:9e:d5:50:c5:d8:2c:81:b6:
30:62:91:aa:01:3f:4d:1d:bf:5e:18:2a:f3:c3:42:
ea:b5:57:25:fb:e7:37:41:ba:5d:25:29:83:72:a0:
66:37:9d:83:79:73:4e:dd:83:8a:05:61:f2:75:3d:
23:5f:df:d2:d5:1c:e7:68:36:f7:41:1f:a1:ea:a0:
ca:9b:e2:9e:ea:80:bf:23:58:e6:f1:58:b8:47:46:
e2:c8:19:fa:19:0c:07:9f:69:68:d1:9f:e2:1c:f1:
51:14:7d:b1:a0:b9:17:01:cd:68:c8:6f:1f:b2:8b:
09:d5:a1:02:8d:35:d6:e5:6a:e3:44:3d:a1:c1:fc:
f1:52:44:bb:e2:a2:43:1a:c1:d8:98:69:08:13:27:
f7:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1E:57:BD:35:3B:3E:9B:4C:CF:1A:FF:29:55:E3:E1:30:AF:E3:57
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/HR5XvTU7PptMzxr_KVXj4TCv41c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.236.0/22
185.153.248.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
4c:ee:e6:58:48:24:71:5c:53:de:95:c2:70:24:38:87:39:26:
54:fd:23:99:38:60:cd:3b:39:d6:20:65:13:b3:fc:54:83:e9:
e3:3d:6b:40:94:e1:83:3c:3b:3a:6c:3c:7d:02:11:4a:41:a7:
a8:02:af:7a:8a:68:0d:77:1a:07:dd:c2:df:59:70:31:2b:4c:
09:61:8c:9d:e3:51:33:fc:18:6b:fb:d1:fa:31:53:cf:8a:59:
6c:bd:e9:7c:53:43:25:4f:c2:50:09:e9:28:e3:ad:83:2d:5b:
6b:04:84:b5:0d:d0:f4:b6:b9:05:cd:aa:53:c5:89:3a:83:e3:
82:81:0b:76:94:6d:dc:f2:72:da:c1:4b:26:45:12:9b:b6:88:
01:e1:4a:8c:ef:5b:12:91:83:72:18:ee:68:31:32:9f:8e:61:
de:e3:8a:07:a3:50:62:af:d7:ca:b4:f2:78:2e:63:a0:f8:85:
63:86:b0:7e:c5:4d:97:cf:f4:b3:ce:61:6f:ec:c2:11:cd:86:
c1:34:94:fc:ec:57:67:8a:a5:f0:8f:fe:25:fa:57:be:f4:b6:
66:c5:dc:cb:ba:46:a8:1d:7f:62:6d:a8:96:88:a5:cc:ef:d8:
f1:50:f9:2a:5a:de:93:2a:8c:c9:00:0d:c8:f0:c0:24:78:01:
34:d3:f3:86
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvnfljuFKjsWfa7w4dzQWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjMwMTAxMjMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDFlNTdiZDM1M2IzZTliNGNjZjFhZmYyOTU1ZTNlMTMwYWZlMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVVAvuZaeYJSc/vvmGKOR9FM2OLB
1RXIPaUU2CGRy+Liosi2dKWrWRnMS5YF+lOr9pzARNJYvd/OyAaLpepNmT1hI6C/
EpFOk6Khqnu3aR8dfsfR59IJr3mX9oj2axtUislSP9dwTL5UiHE49bNnntVQxdgs
gbYwYpGqAT9NHb9eGCrzw0LqtVcl++c3QbpdJSmDcqBmN52DeXNO3YOKBWHydT0j
X9/S1RznaDb3QR+h6qDKm+Ke6oC/I1jm8Vi4R0biyBn6GQwHn2lo0Z/iHPFRFH2x
oLkXAc1oyG8fsosJ1aECjTXW5WrjRD2hwfzxUkS74qJDGsHYmGkIEyf32QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB0eV701Oz6bTM8a/ylV4+Ewr+NXMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvSFI1WHZUVTdQcHRNenhyX0tWWGo0VEN2NDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVHsAwQC
uZn4MA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEBCwUAA4IBAQBM7uZYSCRxXFPe
lcJwJDiHOSZU/SOZOGDNOznWIGUTs/xUg+njPWtAlOGDPDs6bDx9AhFKQaeoAq96
imgNdxoH3cLfWXAxK0wJYYyd41Ez/Bhr+9H6MVPPillsvel8U0MlT8JQCeko462D
LVtrBIS1DdD0trkFzapTxYk6g+OCgQt2lG3c8nLawUsmRRKbtogB4UqM71sSkYNy
GO5oMTKfjmHe44oHo1Bir9fKtPJ4LmOg+IVjhrB+xU2Xz/SzzmFv7MIRzYbBNJT8
7FdniqXwj/4l+le+9LZmxdzLukaoHX9ibaiWiKXM79jxUPkqWt6TKozJAA3I8MAk
eAE00/OG
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:12 2025 by rpki-client