Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/c0OWz4Dvg5bNnqyrOjAMQ_jIhXA.roa
File: c0OWz4Dvg5bNnqyrOjAMQ_jIhXA.roa (raw, json)
Hash identifier: oQEtBcqdaoUsdIHadcdPKbwR7myDAMGsWF65hPU75T8=
Subject key identifier: 73:43:96:CF:80:EF:83:96:CD:9E:AC:AB:3A:30:0C:43:F8:C8:85:70
Certificate issuer: /CN=8a48ac3ef7279c0f6bc3908f27edb091b5a65ac5
Certificate serial: 01856F5DCC7F8B3E91F7A322AA173A041858
Authority key identifier: 8A:48:AC:3E:F7:27:9C:0F:6B:C3:90:8F:27:ED:B0:91:B5:A6:5A:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ikisPvcnnA9rw5CPJ-2wkbWmWsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/c0OWz4Dvg5bNnqyrOjAMQ_jIhXA.roa
Signing time: Sun 01 Jan 2023 22:04:56 +0000
ROA not before: Sun 01 Jan 2023 22:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 185.76.124.0/22 maxlen: 24
185.126.56.0/22 maxlen: 24
185.210.120.0/22 maxlen: 24
2a0b:56c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:cc:7f:8b:3e:91:f7:a3:22:aa:17:3a:04:18:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a48ac3ef7279c0f6bc3908f27edb091b5a65ac5
Validity
Not Before: Jan 1 22:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=734396cf80ef8396cd9eacab3a300c43f8c88570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1a:1a:f2:9f:21:36:a7:3d:1e:2c:19:d2:53:
0f:5d:e5:d6:35:b8:25:3a:ce:67:dd:35:5d:9f:d6:
7e:2b:60:a3:1f:3d:f8:61:2a:09:24:ce:3a:2b:c4:
22:66:a9:2f:a6:13:53:2f:ac:a7:5c:e6:fd:63:8d:
90:25:cf:20:1b:29:9e:c2:d1:59:e7:23:45:13:d1:
08:3c:df:c3:1a:42:ca:f9:01:28:e7:b3:f1:1f:34:
31:73:6a:9b:9f:8d:ba:27:80:d0:82:8a:6d:0a:7c:
32:7d:21:9e:a9:e9:bc:20:6e:0f:71:01:7e:95:88:
91:2b:ac:73:82:b8:88:71:d8:1a:87:7b:b3:3f:8a:
14:78:02:b0:41:b2:24:6d:aa:03:80:54:5c:06:61:
1b:59:5a:e9:80:99:42:88:cb:27:1e:38:6e:d5:bf:
97:77:6b:50:f2:54:d4:39:b7:8d:b0:05:bb:14:3c:
f2:27:f3:35:6d:3b:ab:8c:b3:64:df:90:37:ae:0a:
1c:15:c4:49:4f:fe:2a:07:f8:f8:7c:3c:39:f6:a8:
2e:f0:19:32:3a:42:aa:35:91:d6:31:ad:f8:2b:5c:
52:f2:5b:66:5a:24:75:c2:0e:c3:99:d8:ac:44:7a:
42:25:43:5c:66:fc:f5:4d:78:ba:cf:65:22:63:f7:
dd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:43:96:CF:80:EF:83:96:CD:9E:AC:AB:3A:30:0C:43:F8:C8:85:70
X509v3 Authority Key Identifier:
keyid:8A:48:AC:3E:F7:27:9C:0F:6B:C3:90:8F:27:ED:B0:91:B5:A6:5A:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ikisPvcnnA9rw5CPJ-2wkbWmWsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/c0OWz4Dvg5bNnqyrOjAMQ_jIhXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/eb4fc7-b414-4798-b756-1a0e5048632a/1/ikisPvcnnA9rw5CPJ-2wkbWmWsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.124.0/22
185.126.56.0/22
185.210.120.0/22
IPv6:
2a0b:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:9f:0e:93:c7:8a:c6:76:f5:11:25:e0:53:d7:bf:c0:2d:91:
bc:52:d2:29:2c:78:ce:01:a7:9f:cd:68:85:f2:5d:a1:b0:e6:
fc:18:2f:54:84:93:91:28:46:e4:58:d4:2e:dc:46:86:6f:5f:
41:b3:c4:ba:68:86:b1:40:c7:f2:85:1f:91:81:68:b4:13:7c:
f5:07:d7:75:a8:c3:e0:7b:95:1f:77:ae:c5:ec:ff:bd:a2:69:
2b:54:b0:93:b5:d5:0d:a7:01:fa:7c:52:eb:df:5d:38:a1:3b:
97:4a:bd:dc:f4:42:f0:7f:39:1a:4c:6b:33:53:e9:39:f1:1c:
cc:67:83:d7:c5:db:3e:67:0a:f9:ba:24:d3:94:9d:a5:43:b9:
7f:70:55:81:26:f3:96:b0:7e:79:c0:dd:9c:22:67:df:ed:80:
ba:b6:5e:da:e9:b7:aa:d1:44:78:7f:79:3f:56:f9:2c:ec:5e:
63:48:6c:56:8d:37:96:8b:e6:a8:52:3e:db:97:d8:4f:6b:06:
53:45:ee:7c:b9:f1:7b:76:05:3c:ab:71:01:5d:d2:fc:cc:16:
f3:f5:4d:ab:6a:d7:e3:38:f9:ae:b0:be:0a:d6:e6:84:f1:81:
99:9d:f2:d4:0a:0a:31:90:f6:a8:50:0a:55:23:a5:74:f3:38:
af:e3:76:2c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvXcx/iz6R96Miqhc6BBhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNDhhYzNlZjcyNzljMGY2YmMzOTA4ZjI3ZWRiMDkxYjVh
NjVhYzUwHhcNMjMwMTAxMjIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQzOTZjZjgwZWY4Mzk2Y2Q5ZWFjYWIzYTMwMGM0M2Y4Yzg4NTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhoa8p8hNqc9HiwZ0lMPXeXWNbgl
Os5n3TVdn9Z+K2CjHz34YSoJJM46K8QiZqkvphNTL6ynXOb9Y42QJc8gGymewtFZ
5yNFE9EIPN/DGkLK+QEo57PxHzQxc2qbn426J4DQgoptCnwyfSGeqem8IG4PcQF+
lYiRK6xzgriIcdgah3uzP4oUeAKwQbIkbaoDgFRcBmEbWVrpgJlCiMsnHjhu1b+X
d2tQ8lTUObeNsAW7FDzyJ/M1bTurjLNk35A3rgocFcRJT/4qB/j4fDw59qgu8Bky
OkKqNZHWMa34K1xS8ltmWiR1wg7DmdisRHpCJUNcZvz1TXi6z2UiY/fd0QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHNDls+A74OWzZ6sqzowDEP4yIVwMB8GA1UdIwQY
MBaAFIpIrD73J5wPa8OQjyftsJG1plrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWtpc1B2Y25uQTlydzVDUEotMndrYldtV3NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9lYjRmYzctYjQxNC00Nzk4LWI3NTYt
MWEwZTUwNDg2MzJhLzEvYzBPV3o0RHZnNWJObnF5ck9qQU1RX2pJaFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9lYjRmYzctYjQxNC00Nzk4LWI3NTYtMWEwZTUwNDg2MzJh
LzEvaWtpc1B2Y25uQTlydzVDUEotMndrYldtV3NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUx8AwQC
uX44AwQCudJ4MA0EAgACMAcDBQMqC1bAMA0GCSqGSIb3DQEBCwUAA4IBAQAbnw6T
x4rGdvURJeBT17/ALZG8UtIpLHjOAaefzWiF8l2hsOb8GC9UhJORKEbkWNQu3EaG
b19Bs8S6aIaxQMfyhR+RgWi0E3z1B9d1qMPge5Ufd67F7P+9omkrVLCTtdUNpwH6
fFLr3104oTuXSr3c9ELwfzkaTGszU+k58RzMZ4PXxds+Zwr5uiTTlJ2lQ7l/cFWB
JvOWsH55wN2cImff7YC6tl7a6beq0UR4f3k/Vvks7F5jSGxWjTeWi+aoUj7bl9hP
awZTRe58ufF7dgU8q3EBXdL8zBbz9U2ratfjOPmusL4K1uaE8YGZnfLUCgoxkPao
UApVI6V08ziv43Ys
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:14 2025 by rpki-client