Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/xU97o_VjXPxfpeclT_J2rZtnq8k.roa
File: xU97o_VjXPxfpeclT_J2rZtnq8k.roa (raw, json)
Hash identifier: y00AT59PD/KfBAKskKvpVP5o6M1tUFGkrkmg+HB4hGU=
Subject key identifier: C5:4F:7B:A3:F5:63:5C:FC:5F:A5:E7:25:4F:F2:76:AD:9B:67:AB:C9
Certificate issuer: /CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Certificate serial: 0185732845701EA90BD1759BAFD13F864ACA
Authority key identifier: EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/xU97o_VjXPxfpeclT_J2rZtnq8k.roa
Signing time: Mon 02 Jan 2023 15:44:57 +0000
ROA not before: Mon 02 Jan 2023 15:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42929
IP address blocks: 185.142.136.0/22 maxlen: 22
195.8.62.0/24 maxlen: 24
45.156.244.0/22 maxlen: 22
2.56.80.0/22 maxlen: 22
193.36.182.0/24 maxlen: 24
193.104.36.0/24 maxlen: 24
193.33.222.0/23 maxlen: 23
2a07:2d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:45:70:1e:a9:0b:d1:75:9b:af:d1:3f:86:4a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Validity
Not Before: Jan 2 15:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c54f7ba3f5635cfc5fa5e7254ff276ad9b67abc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d4:7e:db:64:1d:08:06:cc:82:39:77:ed:02:
58:74:20:5d:00:63:7f:1b:e7:45:a8:42:4c:c6:5b:
c8:d0:cd:67:18:7f:44:5b:56:eb:ff:47:8e:e9:86:
aa:a2:d9:ff:d3:b4:b0:b2:ba:1f:0f:19:15:0b:e5:
45:6e:aa:ea:eb:ad:4a:6b:32:63:58:9b:35:36:05:
93:7e:33:bc:03:1c:8f:3d:a0:44:93:86:24:79:5e:
93:0f:76:7a:e8:0d:51:38:52:ad:1c:be:4e:00:6a:
ad:d3:12:d9:c9:af:33:48:e5:9d:9b:23:aa:20:da:
4a:43:85:6b:49:1a:c7:7e:71:44:13:46:4f:04:b7:
a5:79:69:c5:d0:69:e7:27:af:30:da:f6:9b:56:6a:
46:a2:8a:97:5f:90:64:4e:9c:eb:73:9c:78:5b:55:
a5:ff:1e:e5:ab:f1:ae:7c:94:d9:75:1b:8e:74:35:
b0:b3:d8:eb:6c:06:b9:01:07:19:46:17:98:ff:00:
3c:c2:83:46:95:17:9d:02:ab:b9:b1:cb:e8:d9:34:
c8:b0:b6:df:a1:81:90:fe:88:30:28:43:12:a4:f0:
08:62:7c:07:5e:3e:97:c8:3e:e4:37:d3:c9:cf:7b:
04:1c:ff:da:6a:df:40:7e:e6:04:37:53:19:87:fe:
c2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4F:7B:A3:F5:63:5C:FC:5F:A5:E7:25:4F:F2:76:AD:9B:67:AB:C9
X509v3 Authority Key Identifier:
keyid:EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/xU97o_VjXPxfpeclT_J2rZtnq8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/758eOCZUELPCqSLTFpxPKZUUGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.80.0/22
45.156.244.0/22
185.142.136.0/22
193.33.222.0/23
193.36.182.0/24
193.104.36.0/24
195.8.62.0/24
IPv6:
2a07:2d80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:d9:1e:c1:62:db:74:69:ac:1e:b5:d2:b3:46:3c:98:6a:42:
0f:67:23:c0:22:9b:89:49:f1:a4:de:a9:6a:12:0e:a8:ff:b5:
24:c8:2a:43:2c:30:ce:1d:30:a6:07:83:29:ba:e2:65:f7:f5:
7b:10:48:8b:85:89:be:ed:1a:49:aa:ed:36:f6:1d:04:26:81:
0c:53:d8:22:69:81:8d:bf:2c:44:d9:59:da:5e:f9:f6:68:c3:
fd:4a:76:42:a2:67:4e:5f:41:a5:ba:5d:80:a9:bd:f1:9e:20:
1b:f5:1c:14:3d:ba:9b:bb:27:d5:40:a1:0e:bf:ca:2a:82:c7:
16:f6:29:22:60:28:eb:27:ea:0a:ac:4c:84:67:b1:51:71:cd:
0a:69:58:7f:3a:d5:e4:2e:c9:37:5b:ce:01:4b:82:0f:8f:d4:
31:a2:b3:0a:d3:e3:c3:0d:73:79:89:1b:4c:8c:22:0f:5e:fc:
8a:01:8b:4d:9e:b3:56:d2:72:f9:9e:37:0c:6d:72:87:ed:de:
84:20:c3:79:32:0b:13:24:8c:03:0f:9e:f5:8d:36:94:38:e7:
06:4d:cf:fe:5b:d9:56:24:ff:be:46:06:b4:99:fb:32:0e:56:
9a:1b:7c:6d:27:21:ef:14:0c:ef:bf:e5:05:95:f6:f3:c5:71:
a7:77:03:af
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVzKEVwHqkL0XWbr9E/hkrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWYxZTM4MjY1NDEwYjNjMmE5MjJkMzE2OWM0ZjI5OTUx
NDFhMmQwHhcNMjMwMTAyMTU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRmN2JhM2Y1NjM1Y2ZjNWZhNWU3MjU0ZmYyNzZhZDliNjdhYmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNR+22QdCAbMgjl37QJYdCBdAGN/
G+dFqEJMxlvI0M1nGH9EW1br/0eO6Yaqotn/07SwsrofDxkVC+VFbqrq661KazJj
WJs1NgWTfjO8AxyPPaBEk4YkeV6TD3Z66A1ROFKtHL5OAGqt0xLZya8zSOWdmyOq
INpKQ4VrSRrHfnFEE0ZPBLeleWnF0GnnJ68w2vabVmpGooqXX5BkTpzrc5x4W1Wl
/x7lq/GufJTZdRuOdDWws9jrbAa5AQcZRheY/wA8woNGlRedAqu5scvo2TTIsLbf
oYGQ/ogwKEMSpPAIYnwHXj6XyD7kN9PJz3sEHP/aat9AfuYEN1MZh/7C7QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMVPe6P1Y1z8X6XnJU/ydq2bZ6vJMB8GA1UdIwQY
MBaAFO+fHjgmVBCzwqki0xacTymVFBotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzU4ZU9DWlVFTFBDcVNMVEZweFBLWlVVR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kNmZiMWMtOTVjMy00YmZmLTg1NTYt
ODA1N2RhNzU0NDUyLzEveFU5N29fVmpYUHhmcGVjbFRfSjJyWnRucThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kNmZiMWMtOTVjMy00YmZmLTg1NTYtODA1N2RhNzU0NDUy
LzEvNzU4ZU9DWlVFTFBDcVNMVEZweFBLWlVVR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCAjhQAwQC
LZz0AwQCuY6IAwQBwSHeAwQAwSS2AwQAwWgkAwQAwwg+MA0EAgACMAcDBQMqBy2A
MA0GCSqGSIb3DQEBCwUAA4IBAQAt2R7BYtt0aawetdKzRjyYakIPZyPAIpuJSfGk
3qlqEg6o/7UkyCpDLDDOHTCmB4MpuuJl9/V7EEiLhYm+7RpJqu029h0EJoEMU9gi
aYGNvyxE2VnaXvn2aMP9SnZComdOX0Glul2Aqb3xniAb9RwUPbqbuyfVQKEOv8oq
gscW9ikiYCjrJ+oKrEyEZ7FRcc0KaVh/OtXkLsk3W84BS4IPj9QxorMK0+PDDXN5
iRtMjCIPXvyKAYtNnrNW0nL5njcMbXKH7d6EIMN5MgsTJIwDD571jTaUOOcGTc/+
W9lWJP++Rga0mfsyDlaaG3xtJyHvFAzvv+UFlfbzxXGndwOv
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:17:10 2025 by rpki-client