Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/XWeF7EMCAcePzbu2tObCgLe0UeM.roa
File: XWeF7EMCAcePzbu2tObCgLe0UeM.roa (raw, json)
Hash identifier: GfZrDZkisRGdh4biVJud6qedM0IiIROlTaVXEUwbvTw=
Subject key identifier: 5D:67:85:EC:43:02:01:C7:8F:CD:BB:B6:B4:E6:C2:80:B7:B4:51:E3
Certificate issuer: /CN=64a9856db1ab3b24f09e9cb92743768668301411
Certificate serial: 0185715569A1849A71FA43A223E15BF3EFAB
Authority key identifier: 64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/XWeF7EMCAcePzbu2tObCgLe0UeM.roa
Signing time: Mon 02 Jan 2023 07:15:01 +0000
ROA not before: Mon 02 Jan 2023 07:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212583
IP address blocks: 195.85.2.0/23 maxlen: 23
185.196.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:69:a1:84:9a:71:fa:43:a2:23:e1:5b:f3:ef:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a9856db1ab3b24f09e9cb92743768668301411
Validity
Not Before: Jan 2 07:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d6785ec430201c78fcdbbb6b4e6c280b7b451e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:46:94:ea:55:41:c5:4b:dc:b7:8f:b0:eb:4f:
7e:dc:8d:d6:79:b2:46:45:20:1a:c1:1c:3d:29:65:
85:13:8e:56:0e:c1:49:85:6d:5f:54:40:58:c1:d9:
89:84:ed:37:bc:e3:3a:18:ad:75:6f:4b:c9:e2:dc:
d9:4d:e1:52:98:6e:67:fd:2b:93:f8:97:7f:4a:85:
83:91:85:30:cf:78:1b:82:c7:fb:c9:e1:8c:99:51:
5f:70:70:39:17:2d:e4:c0:71:b6:fa:f2:a6:54:62:
98:ba:fa:75:3f:cd:f5:7b:4d:9b:17:7b:a0:75:94:
1f:18:a6:99:be:e7:54:40:4f:62:25:b4:c1:bc:21:
9b:5e:bc:6a:0f:fd:59:cf:8b:22:cf:75:09:f1:fa:
5d:cf:a6:d0:e2:bb:76:5c:cf:2d:41:97:be:13:5d:
3e:f4:0a:cd:1c:f4:fa:29:18:ef:0f:a1:ec:82:dd:
41:8a:48:ad:24:34:49:b5:30:2d:e6:6d:ce:50:41:
f3:46:19:ae:63:82:eb:45:fc:47:d0:ff:e7:2a:5d:
0d:63:fe:9b:47:32:ea:77:9c:87:b2:4e:ee:1c:b7:
2e:3c:e7:4e:75:8b:ee:f9:04:94:c8:62:b8:2c:ce:
54:d9:20:e4:a7:da:58:b0:5a:5a:65:7e:3e:70:b7:
46:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:67:85:EC:43:02:01:C7:8F:CD:BB:B6:B4:E6:C2:80:B7:B4:51:E3
X509v3 Authority Key Identifier:
keyid:64:A9:85:6D:B1:AB:3B:24:F0:9E:9C:B9:27:43:76:86:68:30:14:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/XWeF7EMCAcePzbu2tObCgLe0UeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cf7d5c-04a5-48a7-b8c6-37a442e65f18/1/ZKmFbbGrOyTwnpy5J0N2hmgwFBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.60.0/24
195.85.2.0/23
Signature Algorithm: sha256WithRSAEncryption
51:66:0e:a9:b3:6f:9c:ce:e8:b9:2d:33:aa:28:aa:82:04:e6:
2f:16:e0:4a:7f:88:2e:7c:13:48:db:d3:2b:4f:a9:62:49:75:
96:d2:6b:f1:18:06:c0:3d:9e:02:dd:fb:14:d3:ec:e5:29:df:
85:87:6f:54:23:0b:9b:61:cf:06:72:61:75:af:a7:b1:ba:0a:
38:10:ee:2a:a6:21:70:19:e4:ad:45:c2:0c:12:f6:42:84:db:
87:3d:e7:b0:a9:db:c1:db:dd:d6:b8:76:30:40:5f:42:f8:09:
cb:ab:db:0d:c1:18:8c:b5:3d:a7:57:4a:86:96:90:d9:c0:79:
38:13:5a:cc:ce:75:07:4a:ef:68:9a:b5:f2:df:fd:4d:85:a7:
8e:89:f8:51:2e:8c:26:5a:c1:6c:ad:66:51:e9:45:3a:d2:f7:
59:81:1d:9b:88:7e:f1:2d:08:6d:00:06:46:10:a1:49:94:28:
c3:4c:1b:f9:d8:ad:7d:ac:6a:67:9f:a1:81:53:a2:c7:95:52:
da:cd:7f:e9:e0:9b:80:9a:10:06:dc:d5:66:cb:e9:81:df:16:
45:3d:ee:7f:05:e3:7e:66:49:3e:b2:36:56:2b:4e:52:80:59:
73:de:ba:71:4a:61:29:11:d6:15:21:38:4f:a7:79:6e:af:a8:
a6:f7:62:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxVWmhhJpx+kOiI+Fb8++rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTk4NTZkYjFhYjNiMjRmMDllOWNiOTI3NDM3Njg2Njgz
MDE0MTEwHhcNMjMwMTAyMDcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDY3ODVlYzQzMDIwMWM3OGZjZGJiYjZiNGU2YzI4MGI3YjQ1MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkaU6lVBxUvct4+w609+3I3WebJG
RSAawRw9KWWFE45WDsFJhW1fVEBYwdmJhO03vOM6GK11b0vJ4tzZTeFSmG5n/SuT
+Jd/SoWDkYUwz3gbgsf7yeGMmVFfcHA5Fy3kwHG2+vKmVGKYuvp1P831e02bF3ug
dZQfGKaZvudUQE9iJbTBvCGbXrxqD/1Zz4siz3UJ8fpdz6bQ4rt2XM8tQZe+E10+
9ArNHPT6KRjvD6Hsgt1BikitJDRJtTAt5m3OUEHzRhmuY4LrRfxH0P/nKl0NY/6b
RzLqd5yHsk7uHLcuPOdOdYvu+QSUyGK4LM5U2SDkp9pYsFpaZX4+cLdGzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1nhexDAgHHj827trTmwoC3tFHjMB8GA1UdIwQY
MBaAFGSphW2xqzsk8J6cuSdDdoZoMBQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYt
MzdhNDQyZTY1ZjE4LzEvWFdlRjdFTUNBY2VQemJ1MnRPYkNnTGUwVWVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZjdkNWMtMDRhNS00OGE3LWI4YzYtMzdhNDQyZTY1ZjE4
LzEvWkttRmJiR3JPeVR3bnB5NUowTjJobWd3RkJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucQ8AwQB
w1UCMA0GCSqGSIb3DQEBCwUAA4IBAQBRZg6ps2+czui5LTOqKKqCBOYvFuBKf4gu
fBNI29MrT6liSXWW0mvxGAbAPZ4C3fsU0+zlKd+Fh29UIwubYc8GcmF1r6exugo4
EO4qpiFwGeStRcIMEvZChNuHPeewqdvB293WuHYwQF9C+AnLq9sNwRiMtT2nV0qG
lpDZwHk4E1rMznUHSu9omrXy3/1NhaeOifhRLowmWsFsrWZR6UU60vdZgR2biH7x
LQhtAAZGEKFJlCjDTBv52K19rGpnn6GBU6LHlVLazX/p4JuAmhAG3NVmy+mB3xZF
Pe5/BeN+Zkk+sjZWK05SgFlz3rpxSmEpEdYVIThPp3lur6im92Jc
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:48:34 2025 by rpki-client