Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4652e8-5d20-42f6-a739-d54921604ecd/1/fXmbkjjp1Pq8oPOAptyRFf6UaC8.roa
File: fXmbkjjp1Pq8oPOAptyRFf6UaC8.roa (raw, json)
Hash identifier: JD5Yx2LxKIZSUerHgYMe+YH7jQe75FrPC6g4Kz7p/D0=
Subject key identifier: 7D:79:9B:92:38:E9:D4:FA:BC:A0:F3:80:A6:DC:91:15:FE:94:68:2F
Certificate issuer: /CN=b744309908269e538b2b4fa963370c9ec2077a78
Certificate serial: 01A73A19
Authority key identifier: B7:44:30:99:08:26:9E:53:8B:2B:4F:A9:63:37:0C:9E:C2:07:7A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t0QwmQgmnlOLK0-pYzcMnsIHeng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4652e8-5d20-42f6-a739-d54921604ecd/1/fXmbkjjp1Pq8oPOAptyRFf6UaC8.roa
Signing time: Sat 01 Jan 2022 11:53:56 +0000
ROA not before: Sat 01 Jan 2022 11:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57777
IP address blocks: 185.173.128.0/24 maxlen: 24
2a10:fc40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27736601 (0x1a73a19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b744309908269e538b2b4fa963370c9ec2077a78
Validity
Not Before: Jan 1 11:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d799b9238e9d4fabca0f380a6dc9115fe94682f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d2:fa:05:df:a6:bb:a8:c7:e6:08:ec:8f:4f:
12:69:e2:9e:38:28:23:b4:15:07:cb:29:3e:b9:4f:
ef:f2:b3:74:f8:54:a5:cb:ae:35:da:64:d0:d8:6d:
33:52:8a:b4:fb:08:47:fb:c3:37:75:e9:45:aa:e0:
e2:ea:a1:26:23:ce:09:3d:d6:06:18:85:4e:bb:f0:
5a:78:8d:b0:e8:5c:70:dd:b6:82:07:78:6e:90:79:
66:ae:0f:7e:05:c5:ab:dc:bf:43:7b:07:ac:d2:e6:
80:e8:87:f0:1d:8b:a2:54:12:a9:cc:35:3c:64:99:
41:8b:65:cc:24:e6:10:1b:f6:c9:2f:f3:9b:a3:b1:
99:0b:8e:30:f0:64:bb:77:44:9f:36:f6:8c:b4:10:
22:21:15:3a:8b:78:c0:0e:f7:fe:16:90:18:2a:e8:
b9:ba:9d:49:4b:fd:7b:c1:de:11:f4:c3:f1:ee:0b:
7c:16:e3:03:44:16:42:b1:93:d0:a9:78:8b:89:df:
6d:db:c6:a7:3f:96:5d:70:33:11:3e:f9:de:c9:e7:
d0:e7:98:c0:18:d6:21:8b:c9:dd:83:ee:a3:23:ea:
4c:98:f7:20:b1:d0:36:c2:37:f0:ab:e5:85:af:2f:
39:97:72:ed:2c:1c:75:3e:5c:11:ac:f5:5e:ec:70:
a3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:79:9B:92:38:E9:D4:FA:BC:A0:F3:80:A6:DC:91:15:FE:94:68:2F
X509v3 Authority Key Identifier:
keyid:B7:44:30:99:08:26:9E:53:8B:2B:4F:A9:63:37:0C:9E:C2:07:7A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t0QwmQgmnlOLK0-pYzcMnsIHeng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4652e8-5d20-42f6-a739-d54921604ecd/1/fXmbkjjp1Pq8oPOAptyRFf6UaC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4652e8-5d20-42f6-a739-d54921604ecd/1/t0QwmQgmnlOLK0-pYzcMnsIHeng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.128.0/24
IPv6:
2a10:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
a1:71:c1:20:4b:16:0d:3f:74:84:30:16:d5:8a:82:28:55:b4:
a4:a0:b7:64:87:77:15:56:29:5e:0f:cb:af:a7:57:34:fc:80:
6d:8b:b1:50:46:2f:9a:99:cc:6b:da:15:90:99:c9:b3:99:f4:
d1:c4:94:b8:da:d7:b8:57:e7:4e:89:bd:c8:45:d2:e5:a6:b9:
2e:ac:51:07:7a:4c:36:07:90:38:12:a5:2e:c5:06:0c:4c:fe:
5e:de:1e:48:5b:59:02:00:d8:4c:02:71:80:47:d2:1d:40:4a:
ce:3a:90:8a:6b:f5:8f:fa:9a:50:2b:d0:56:92:b5:b2:72:35:
f0:fb:15:54:fc:87:36:66:ea:5e:e1:83:76:f7:b0:f0:b9:7a:
c7:2d:e5:7e:da:f6:95:ad:3b:39:b5:42:31:a0:64:b4:fe:bd:
86:af:e7:44:ac:dd:21:61:36:27:87:1f:66:20:2b:77:8e:9a:
60:39:0d:e5:3a:4e:e1:bb:47:a8:b9:03:9c:08:7a:82:be:1e:
62:44:5d:de:c2:09:cf:78:79:14:84:8b:9d:8a:12:57:fa:fe:
4b:61:77:a5:c8:1b:d3:7d:dd:20:20:dd:9f:42:ec:be:58:9a:
03:04:ee:0b:2f:47:67:d2:35:e2:d6:98:b2:b8:44:71:cf:16:
7b:7d:c8:20
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAac6GTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzQ0MzA5OTA4MjY5ZTUzOGIyYjRmYTk2MzM3MGM5ZWMyMDc3YTc4MB4XDTIyMDEw
MTExNTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q3OTliOTIzOGU5
ZDRmYWJjYTBmMzgwYTZkYzkxMTVmZTk0NjgyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDS+gXfpruox+YI7I9PEmninjgoI7QVB8spPrlP7/KzdPhU
pcuuNdpk0NhtM1KKtPsIR/vDN3XpRarg4uqhJiPOCT3WBhiFTrvwWniNsOhccN22
ggd4bpB5Zq4PfgXFq9y/Q3sHrNLmgOiH8B2LolQSqcw1PGSZQYtlzCTmEBv2yS/z
m6OxmQuOMPBku3dEnzb2jLQQIiEVOot4wA73/haQGCroubqdSUv9e8HeEfTD8e4L
fBbjA0QWQrGT0Kl4i4nfbdvGpz+WXXAzET753snn0OeYwBjWIYvJ3YPuoyPqTJj3
ILHQNsI38Kvlha8vOZdy7SwcdT5cEaz1XuxwoxUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBR9eZuSOOnU+ryg84Cm3JEV/pRoLzAfBgNVHSMEGDAWgBS3RDCZCCaeU4sr
T6ljNwyewgd6eDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3QwUXdtUWdtbmxPTEswLXBZemNNbnNJSGVuZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNDY1MmU4LTVkMjAtNDJmNi1hNzM5LWQ1NDkyMTYwNGVjZC8x
L2ZYbWJrampwMVBxOG9QT0FwdHlSRmY2VWFDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NDY1MmU4LTVkMjAtNDJmNi1hNzM5LWQ1NDkyMTYwNGVjZC8xL3QwUXdtUWdtbmxP
TEswLXBZemNNbnNJSGVuZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALmtgDANBAIAAjAHAwUDKhD8QDAN
BgkqhkiG9w0BAQsFAAOCAQEAoXHBIEsWDT90hDAW1YqCKFW0pKC3ZId3FVYpXg/L
r6dXNPyAbYuxUEYvmpnMa9oVkJnJs5n00cSUuNrXuFfnTom9yEXS5aa5LqxRB3pM
NgeQOBKlLsUGDEz+Xt4eSFtZAgDYTAJxgEfSHUBKzjqQimv1j/qaUCvQVpK1snI1
8PsVVPyHNmbqXuGDdvew8Ll6xy3lftr2la07ObVCMaBktP69hq/nRKzdIWE2J4cf
ZiArd46aYDkN5TpO4btHqLkDnAh6gr4eYkRd3sIJz3h5FISLnYoSV/r+S2F3pcgb
033dICDdn0LsvliaAwTuCy9HZ9I14taYsrhEcc8We33IIA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:39:26 2025 by rpki-client