Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/XSPTJsWMbLNvh4hO-LqPbY5oTog.roa
File: XSPTJsWMbLNvh4hO-LqPbY5oTog.roa (raw, json)
Hash identifier: 6o4O2TBMdHo5pY4dBKJU0cdjzOMe4RbVRJeQEv214VQ=
Subject key identifier: 5D:23:D3:26:C5:8C:6C:B3:6F:87:88:4E:F8:BA:8F:6D:8E:68:4E:88
Certificate issuer: /CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Certificate serial: 018573CCF2D3737D4FD711895DD42CF2CAEA
Authority key identifier: 83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/XSPTJsWMbLNvh4hO-LqPbY5oTog.roa
Signing time: Mon 02 Jan 2023 18:44:49 +0000
ROA not before: Mon 02 Jan 2023 18:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207520
IP address blocks: 185.211.40.0/24 maxlen: 24
188.116.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:f2:d3:73:7d:4f:d7:11:89:5d:d4:2c:f2:ca:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83876bfbb5ae8cfe116bb5f5f2864a116213aa4f
Validity
Not Before: Jan 2 18:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d23d326c58c6cb36f87884ef8ba8f6d8e684e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:85:99:78:62:3e:80:7b:b3:67:5b:8a:78:
d9:09:b3:3a:b6:93:e3:31:0c:71:c0:f3:8a:31:6a:
be:c9:1a:af:c3:11:95:78:c9:ed:f6:da:b5:9a:0d:
6f:38:5b:d2:2d:28:00:4b:be:0f:bb:76:74:cf:4c:
7a:a4:c0:47:ed:aa:96:7e:4b:fa:b7:ac:f5:a8:19:
73:45:ad:7d:83:45:c2:55:c2:fd:7f:2e:7f:8b:0d:
55:f5:39:12:4b:3d:d1:5a:a3:34:63:28:7f:32:3f:
1b:1e:87:97:84:61:ff:ee:81:e5:b5:ca:e6:4f:48:
fa:9e:0f:c7:76:d1:19:40:6e:bc:50:09:67:f0:99:
cf:a8:bb:8c:fd:4f:4f:9e:c7:b4:02:3a:70:5c:3d:
f5:63:19:41:e0:64:19:04:c6:fb:08:5d:5e:aa:e6:
c1:af:8f:35:0a:ae:6e:b0:62:17:8e:45:43:26:20:
d7:d7:13:08:db:8d:f2:20:0d:ed:52:9e:02:3f:a3:
dd:b3:e5:89:a9:10:4f:ef:d7:02:85:7a:6c:95:45:
c1:79:02:f7:b1:91:13:24:bb:a4:8d:aa:7e:2a:6c:
ca:d8:4f:39:ba:48:fa:26:02:b3:a9:de:c9:b8:12:
fa:eb:4d:b6:07:e5:a3:35:89:d8:57:20:13:0e:1d:
25:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:23:D3:26:C5:8C:6C:B3:6F:87:88:4E:F8:BA:8F:6D:8E:68:4E:88
X509v3 Authority Key Identifier:
keyid:83:87:6B:FB:B5:AE:8C:FE:11:6B:B5:F5:F2:86:4A:11:62:13:AA:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4dr-7WujP4Ra7X18oZKEWITqk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/XSPTJsWMbLNvh4hO-LqPbY5oTog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/42bd5d-4c3e-43f4-a857-7e709af057d5/1/g4dr-7WujP4Ra7X18oZKEWITqk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.40.0/24
188.116.41.0/24
Signature Algorithm: sha256WithRSAEncryption
03:4a:2e:8c:d2:d7:9d:74:c5:56:ae:10:df:5d:d3:de:fd:f6:
8f:db:d6:6f:f4:54:5e:5f:85:0c:b2:9e:f7:9a:d7:fc:7a:2b:
00:6c:5d:27:c1:20:ce:0e:c2:35:80:22:45:d0:5d:e4:6f:e9:
c9:63:88:b5:bd:f2:02:66:74:8c:da:e4:14:eb:b2:b6:40:b3:
dd:64:0d:2e:20:cc:af:af:96:39:84:73:69:eb:be:5a:ac:a4:
e8:54:5f:29:bd:ea:1c:3f:d5:c4:33:01:d0:9b:b2:c2:bd:36:
a4:29:89:89:32:28:a7:e6:1f:79:2f:48:61:3b:14:a4:40:12:
8e:f4:b1:b2:f1:52:1e:b1:cc:79:e5:22:fe:8b:09:05:db:87:
e7:3f:ad:24:e2:2f:48:5f:ba:fa:8d:9c:71:40:ed:6b:28:3d:
78:30:22:a5:a7:b6:4c:9b:80:70:5b:aa:2d:a7:da:4a:bc:48:
32:73:ad:cd:fc:af:cc:cc:2f:98:67:9a:9b:74:e6:f2:d8:b0:
85:c2:2e:41:f8:15:22:82:e1:27:ea:9b:e2:33:15:33:70:5c:
ec:2c:29:6c:3e:4b:85:e2:47:63:5e:2e:d4:dd:70:2d:b7:55:
ea:8a:72:da:71:dc:34:33:d6:b6:f0:78:48:ae:cd:ac:43:2f:
63:42:21:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzzPLTc31P1xGJXdQs8srqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODc2YmZiYjVhZThjZmUxMTZiYjVmNWYyODY0YTExNjIx
M2FhNGYwHhcNMjMwMTAyMTg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDIzZDMyNmM1OGM2Y2IzNmY4Nzg4NGVmOGJhOGY2ZDhlNjg0ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnruFmXhiPoB7s2dbinjZCbM6tpPj
MQxxwPOKMWq+yRqvwxGVeMnt9tq1mg1vOFvSLSgAS74Pu3Z0z0x6pMBH7aqWfkv6
t6z1qBlzRa19g0XCVcL9fy5/iw1V9TkSSz3RWqM0Yyh/Mj8bHoeXhGH/7oHltcrm
T0j6ng/HdtEZQG68UAln8JnPqLuM/U9Pnse0AjpwXD31YxlB4GQZBMb7CF1equbB
r481Cq5usGIXjkVDJiDX1xMI243yIA3tUp4CP6Pds+WJqRBP79cChXpslUXBeQL3
sZETJLukjap+KmzK2E85ukj6JgKzqd7JuBL66022B+WjNYnYVyATDh0lDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF0j0ybFjGyzb4eITvi6j22OaE6IMB8GA1UdIwQY
MBaAFIOHa/u1roz+EWu19fKGShFiE6pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTct
N2U3MDlhZjA1N2Q1LzEvWFNQVEpzV01iTE52aDRoTy1McVBiWTVvVG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80MmJkNWQtNGMzZS00M2Y0LWE4NTctN2U3MDlhZjA1N2Q1
LzEvZzRkci03V3VqUDRSYTdYMThvWktFV0lUcWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudMoAwQA
vHQpMA0GCSqGSIb3DQEBCwUAA4IBAQADSi6M0teddMVWrhDfXdPe/faP29Zv9FRe
X4UMsp73mtf8eisAbF0nwSDODsI1gCJF0F3kb+nJY4i1vfICZnSM2uQU67K2QLPd
ZA0uIMyvr5Y5hHNp675arKToVF8pveocP9XEMwHQm7LCvTakKYmJMiin5h95L0hh
OxSkQBKO9LGy8VIescx55SL+iwkF24fnP60k4i9IX7r6jZxxQO1rKD14MCKlp7ZM
m4BwW6otp9pKvEgyc63N/K/MzC+YZ5qbdOby2LCFwi5B+BUiguEn6pviMxUzcFzs
LClsPkuF4kdjXi7U3XAtt1XqinLacdw0M9a28HhIrs2sQy9jQiGQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:32 2025 by rpki-client