Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/kXXZrpEvXOaJ2h21CkiPE-x51as.roa
File: kXXZrpEvXOaJ2h21CkiPE-x51as.roa (raw, json)
Hash identifier: 0IAHjjFQN8YUkUgVe7pyFWvt9t5re+0s4cNq6cS0IPA=
Subject key identifier: 91:75:D9:AE:91:2F:5C:E6:89:DA:1D:B5:0A:48:8F:13:EC:79:D5:AB
Certificate issuer: /CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Certificate serial: 0188FBE58C7719C67D50106CED17E4A2AEB6
Authority key identifier: 50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/kXXZrpEvXOaJ2h21CkiPE-x51as.roa
Signing time: Tue 27 Jun 2023 08:08:24 +0000
ROA not before: Tue 27 Jun 2023 08:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34370
IP address blocks: 185.164.78.0/24 maxlen: 24
185.164.76.0/24 maxlen: 24
185.164.77.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:e5:8c:77:19:c6:7d:50:10:6c:ed:17:e4:a2:ae:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Validity
Not Before: Jun 27 08:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9175d9ae912f5ce689da1db50a488f13ec79d5ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:cd:ce:fb:c6:63:04:b2:29:59:39:05:a1:59:
80:ef:e3:16:98:db:90:c9:d1:dd:e5:8c:66:79:b6:
8f:7c:90:11:cf:0b:d3:e8:a2:ad:2c:b8:18:95:91:
fe:47:8b:58:2f:55:2f:b5:f7:c2:4f:fe:60:43:a2:
eb:4b:77:58:39:4c:0a:d5:5d:3a:bc:86:9c:c2:e1:
5d:c1:d0:30:a1:ea:4e:06:f1:d2:70:ad:1e:19:51:
3b:3d:45:be:e9:59:0c:45:7e:12:8f:d6:14:eb:df:
b4:ec:cf:7f:df:9c:19:61:99:17:ca:4a:42:bc:f0:
48:eb:61:8f:f2:aa:1c:f8:3c:91:b1:11:d7:57:8c:
e0:23:5e:b5:23:c9:47:ef:f2:fe:8c:52:c4:f7:1f:
84:50:d2:29:26:39:3d:16:da:b5:0b:59:02:bc:d5:
33:6d:c9:a2:89:cf:2d:74:d9:93:e6:8a:c0:b1:36:
53:98:c8:4d:b8:1b:7d:92:28:b6:f8:44:54:8a:a5:
3b:7b:e9:95:f5:9f:05:bd:30:40:17:6a:6a:59:84:
d7:59:98:c1:8b:ad:4a:e5:2c:f3:d2:f1:1e:8f:bd:
18:0c:f0:09:a7:02:f1:ed:82:51:8f:ea:09:70:8d:
cc:11:3e:04:31:e3:cd:c1:7d:8e:ab:5f:e9:f8:b0:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:75:D9:AE:91:2F:5C:E6:89:DA:1D:B5:0A:48:8F:13:EC:79:D5:AB
X509v3 Authority Key Identifier:
keyid:50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/kXXZrpEvXOaJ2h21CkiPE-x51as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UJvGPmjJCTK0_CiZf8O_eN47N0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.76.0-185.164.78.255
Signature Algorithm: sha256WithRSAEncryption
27:a4:c1:ed:6d:98:22:f9:ec:3f:cb:9d:1c:c4:26:78:6b:1e:
59:52:a7:e2:06:8c:92:59:30:6e:8a:7c:94:0d:ea:16:99:70:
e6:94:e9:49:08:00:02:a6:80:01:f6:00:c0:ad:fa:74:a7:17:
26:38:00:cc:48:d2:f2:64:6a:9f:4d:d1:a3:39:03:36:37:bb:
5b:ea:eb:3a:b2:02:26:5a:ae:b0:4e:e9:7e:ef:80:8c:e5:eb:
d9:4c:77:b6:31:70:b2:67:dc:17:97:1b:40:09:e7:37:d8:02:
7e:27:15:4f:f4:5a:e2:03:b6:53:c2:1a:77:8d:37:c2:b6:18:
f6:02:8e:3d:4e:54:4a:78:b0:fa:ef:53:2b:c6:98:71:eb:9d:
98:cd:2c:67:fe:42:1f:57:fb:97:a8:7a:a3:83:4e:68:5f:74:
12:3c:e7:b0:a2:43:57:ba:64:55:e0:00:05:da:b0:a3:00:3f:
1c:5d:5f:84:a0:62:82:50:10:eb:61:2f:e3:da:e9:51:43:8c:
71:4b:09:69:57:80:0b:2b:7b:27:bb:22:2d:ad:ac:d5:29:81:
2a:6e:2a:ea:bb:75:db:0e:65:2f:34:cf:f2:84:b3:26:bb:83:
ad:d0:33:3f:40:af:fe:61:b8:1b:87:62:e6:34:0f:1b:78:a9:
cc:c7:07:24
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYj75Yx3GcZ9UBBs7Rfkoq62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWJjNjNlNjhjOTA5MzJiNGZjMjg5OTdmYzNiZjc4ZGUz
YjM3NDMwHhcNMjMwNjI3MDgwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc1ZDlhZTkxMmY1Y2U2ODlkYTFkYjUwYTQ4OGYxM2VjNzlkNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc3O+8ZjBLIpWTkFoVmA7+MWmNuQ
ydHd5YxmebaPfJARzwvT6KKtLLgYlZH+R4tYL1UvtffCT/5gQ6LrS3dYOUwK1V06
vIacwuFdwdAwoepOBvHScK0eGVE7PUW+6VkMRX4Sj9YU69+07M9/35wZYZkXykpC
vPBI62GP8qoc+DyRsRHXV4zgI161I8lH7/L+jFLE9x+EUNIpJjk9Ftq1C1kCvNUz
bcmiic8tdNmT5orAsTZTmMhNuBt9kii2+ERUiqU7e+mV9Z8FvTBAF2pqWYTXWZjB
i61K5Szz0vEej70YDPAJpwLx7YJRj+oJcI3MET4EMePNwX2Oq1/p+LBVOwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJF12a6RL1zmidodtQpIjxPsedWrMB8GA1UdIwQY
MBaAFFCbxj5oyQkytPwomX/Dv3jeOzdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDkt
MTZlZDNjZDBjNzJhLzEva1hYWnJwRXZYT2FKMmgyMUNraVBFLXg1MWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDktMTZlZDNjZDBjNzJh
LzEvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5pEwD
BAC5pE4wDQYJKoZIhvcNAQELBQADggEBACekwe1tmCL57D/LnRzEJnhrHllSp+IG
jJJZMG6KfJQN6haZcOaU6UkIAAKmgAH2AMCt+nSnFyY4AMxI0vJkap9N0aM5AzY3
u1vq6zqyAiZarrBO6X7vgIzl69lMd7YxcLJn3BeXG0AJ5zfYAn4nFU/0WuIDtlPC
GneNN8K2GPYCjj1OVEp4sPrvUyvGmHHrnZjNLGf+Qh9X+5eoeqODTmhfdBI857Ci
Q1e6ZFXgAAXasKMAPxxdX4SgYoJQEOthL+Pa6VFDjHFLCWlXgAsreye7Ii2trNUp
gSpuKuq7ddsOZS80z/KEsya7g63QMz9Ar/5huBuHYuY0Dxt4qczHByQ=
-----END CERTIFICATE-----
Generated at Wed May 14 00:42:01 2025 by rpki-client