Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/X9iC3cEd_iXRfWn2tm_PAWOOz8g.roa
File: X9iC3cEd_iXRfWn2tm_PAWOOz8g.roa (raw, json)
Hash identifier: LCs3epB7cePEXOnS4cTnJVCIx/rgaNHLdZUQNfNu4Ts=
Subject key identifier: 5F:D8:82:DD:C1:1D:FE:25:D1:7D:69:F6:B6:6F:CF:01:63:8E:CF:C8
Certificate issuer: /CN=6431e960cd061039b3b27fd25d4160771c498bab
Certificate serial: 03068945
Authority key identifier: 64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/X9iC3cEd_iXRfWn2tm_PAWOOz8g.roa
Signing time: Sat 01 Jan 2022 04:57:03 +0000
ROA not before: Sat 01 Jan 2022 04:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205229
IP address blocks: 185.224.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50760005 (0x3068945)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6431e960cd061039b3b27fd25d4160771c498bab
Validity
Not Before: Jan 1 04:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fd882ddc11dfe25d17d69f6b66fcf01638ecfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:d1:be:b7:07:63:e8:49:aa:ae:d6:ee:90:
0e:92:3f:56:38:6d:92:e4:5a:16:59:25:c4:48:64:
37:8e:51:c3:3e:f7:9c:11:4f:36:a1:2a:d5:65:23:
72:d1:24:76:24:4f:58:05:c1:89:b3:69:f4:92:53:
be:01:98:0c:81:6e:e8:52:7f:af:66:42:fe:01:86:
be:62:1a:80:8e:04:e6:91:0c:f6:c5:33:aa:42:ea:
57:95:5f:36:64:16:64:3d:4c:87:4e:eb:0f:8e:c9:
d8:c6:6e:10:d2:c1:13:27:3c:2d:56:e3:64:1b:b1:
1c:d2:8b:7c:cf:4b:0a:e3:76:89:1e:de:fe:5a:33:
3f:4f:05:57:16:a9:d7:46:e2:e0:4c:e0:88:6f:ba:
90:e8:c8:90:30:0c:27:89:35:78:70:47:81:11:09:
fd:ac:2e:7c:a9:fa:da:56:89:6b:4f:41:29:c5:ba:
10:44:27:90:f0:8b:2f:5f:e3:c5:3c:32:79:b1:89:
64:79:cf:e1:7c:47:63:67:6b:19:af:e7:3c:e6:1c:
eb:e5:e7:83:dd:82:07:68:50:11:82:a3:1c:1b:3b:
97:34:66:09:d2:c0:0f:e2:85:9f:59:46:2a:86:5c:
7a:47:68:aa:82:a2:24:83:b6:9c:1a:0e:24:21:c3:
6f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D8:82:DD:C1:1D:FE:25:D1:7D:69:F6:B6:6F:CF:01:63:8E:CF:C8
X509v3 Authority Key Identifier:
keyid:64:31:E9:60:CD:06:10:39:B3:B2:7F:D2:5D:41:60:77:1C:49:8B:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/X9iC3cEd_iXRfWn2tm_PAWOOz8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4fd931-9f22-49f3-be57-e9daf79eb75e/1/ZDHpYM0GEDmzsn_SXUFgdxxJi6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.176.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:3d:69:93:f5:2b:4c:fb:bf:13:dc:6d:18:8c:14:94:43:e3:
b0:a8:e7:16:19:69:f8:1c:19:c4:3c:57:af:b7:04:cb:4d:27:
57:93:5c:2d:12:e0:05:10:35:50:3e:96:1b:b0:1e:a8:d9:89:
96:64:16:4e:cf:8e:ae:1d:c9:f2:03:83:20:b7:c2:4a:9b:ac:
c8:19:26:f4:a2:bf:26:94:99:dd:03:68:f8:49:eb:08:3d:fb:
eb:4d:c2:57:4c:83:2b:7a:0a:20:f0:41:bc:dd:7d:ba:a1:e9:
ca:47:06:c6:69:61:e4:68:43:ee:13:75:3c:0f:15:6c:fd:36:
dc:eb:f7:3e:2a:ed:e7:03:e1:2f:ce:d1:95:cb:c0:a3:2f:dd:
fe:7b:da:76:3a:ca:f7:82:14:42:89:93:b0:6a:e5:99:97:d5:
13:d4:c7:08:c2:86:b4:c7:41:5a:89:d6:a6:b9:8a:d9:c7:40:
cf:11:e8:ff:11:53:5e:09:69:02:f3:1b:fb:bd:22:88:6b:2d:
b7:53:a9:09:df:3e:aa:d2:b9:b2:f3:77:a0:95:49:9c:ca:3e:
14:6b:6d:2f:ab:49:a4:0e:20:d3:fa:7a:ca:f0:01:fa:b2:d8:
81:ac:01:6a:56:e6:67:e4:8d:8f:a0:78:2c:e7:2d:ac:6d:f2:
ff:1c:6a:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwaJRTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NDMxZTk2MGNkMDYxMDM5YjNiMjdmZDI1ZDQxNjA3NzFjNDk4YmFiMB4XDTIyMDEw
MTA0NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkODgyZGRjMTFk
ZmUyNWQxN2Q2OWY2YjY2ZmNmMDE2MzhlY2ZjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJo30b63B2PoSaqu1u6QDpI/VjhtkuRaFlklxEhkN45Rwz73
nBFPNqEq1WUjctEkdiRPWAXBibNp9JJTvgGYDIFu6FJ/r2ZC/gGGvmIagI4E5pEM
9sUzqkLqV5VfNmQWZD1Mh07rD47J2MZuENLBEyc8LVbjZBuxHNKLfM9LCuN2iR7e
/lozP08FVxap10bi4EzgiG+6kOjIkDAMJ4k1eHBHgREJ/awufKn62laJa09BKcW6
EEQnkPCLL1/jxTwyebGJZHnP4XxHY2drGa/nPOYc6+Xng92CB2hQEYKjHBs7lzRm
CdLAD+KFn1lGKoZcekdoqoKiJIO2nBoOJCHDbx0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRf2ILdwR3+JdF9afa2b88BY47PyDAfBgNVHSMEGDAWgBRkMelgzQYQObOy
f9JdQWB3HEmLqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pESHBZTTBHRURtenNuX1NYVUZnZHh4Smk2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNGZkOTMxLTlmMjItNDlmMy1iZTU3LWU5ZGFmNzllYjc1ZS8x
L1g5aUMzY0VkX2lYUmZXbjJ0bV9QQVdPT3o4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NGZkOTMxLTlmMjItNDlmMy1iZTU3LWU5ZGFmNzllYjc1ZS8xL1pESHBZTTBHRURt
enNuX1NYVUZnZHh4Smk2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArngsDANBgkqhkiG9w0BAQsFAAOC
AQEATT1pk/UrTPu/E9xtGIwUlEPjsKjnFhlp+BwZxDxXr7cEy00nV5NcLRLgBRA1
UD6WG7AeqNmJlmQWTs+Orh3J8gODILfCSpusyBkm9KK/JpSZ3QNo+EnrCD37603C
V0yDK3oKIPBBvN19uqHpykcGxmlh5GhD7hN1PA8VbP023Ov3Pirt5wPhL87RlcvA
oy/d/nvadjrK94IUQomTsGrlmZfVE9THCMKGtMdBWonWprmK2cdAzxHo/xFTXglp
AvMb+70iiGstt1OpCd8+qtK5svN3oJVJnMo+FGttL6tJpA4g0/p6yvAB+rLYgawB
albmZ+SNj6B4LOctrG3y/xxqBg==
-----END CERTIFICATE-----
Generated at Sun May 11 08:09:33 2025 by rpki-client