Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/_Xn1obs9wFc2LaaGFiEsfXgrT4A.roa
File: _Xn1obs9wFc2LaaGFiEsfXgrT4A.roa (raw, json)
Hash identifier: X4gMU8AMLmpNIncAGyK1asyZcUEv6F37XpBG0ziaVVo=
Subject key identifier: FD:79:F5:A1:BB:3D:C0:57:36:2D:A6:86:16:21:2C:7D:78:2B:4F:80
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 0186792388BA40C497528AEBF48E45701C74
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/_Xn1obs9wFc2LaaGFiEsfXgrT4A.roa
Signing time: Wed 22 Feb 2023 12:40:17 +0000
ROA not before: Wed 22 Feb 2023 12:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
185.235.141.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:23:88:ba:40:c4:97:52:8a:eb:f4:8e:45:70:1c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Feb 22 12:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd79f5a1bb3dc057362da68616212c7d782b4f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:0d:7f:4b:14:26:ec:3a:20:41:82:5c:91:
29:9d:53:f4:f0:6c:89:de:21:29:7a:d9:87:2f:92:
fd:16:6f:7a:d9:9a:df:b1:b3:ea:61:fe:02:f2:c8:
fd:4e:66:f8:c6:81:23:37:a6:fe:8f:41:6a:1b:ab:
84:d0:7c:49:fc:9b:3c:aa:17:78:86:61:6b:18:fb:
0f:28:62:94:7b:ad:ce:90:81:76:c9:dc:36:3a:28:
f9:af:f0:63:bd:e7:8a:47:e8:27:1d:b0:4b:29:b9:
c5:1c:57:cb:81:c5:1a:e5:16:5e:68:4e:f4:d5:14:
90:80:2d:9d:8f:78:4f:40:3a:d7:81:bd:56:a9:e9:
9e:0a:d0:cc:b9:ce:c3:a7:04:69:dd:9d:ed:66:3e:
18:66:d2:1e:57:b6:4c:c6:60:aa:28:65:ff:ab:de:
33:47:f8:33:b7:e5:53:a4:2c:cb:7b:42:ce:08:da:
2a:d1:5e:c5:ba:67:52:67:f3:a7:99:1c:60:4f:86:
19:2f:16:15:6f:fa:ea:34:53:4d:24:d3:4f:43:d1:
40:08:2f:fb:74:41:d2:39:f8:8a:7f:84:e9:1b:77:
df:c1:1f:bc:7f:5c:10:d9:d3:d4:7e:c3:51:74:2a:
15:9e:70:dd:db:df:07:4d:a4:bb:6c:60:8f:4a:db:
26:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:79:F5:A1:BB:3D:C0:57:36:2D:A6:86:16:21:2C:7D:78:2B:4F:80
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/_Xn1obs9wFc2LaaGFiEsfXgrT4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/22
185.235.141.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
5d:cc:9c:d0:86:a1:5f:f0:f9:4f:60:6c:77:6d:a9:8d:96:11:
7c:19:9a:27:b7:5f:b4:d1:95:78:10:26:c9:17:b5:50:ca:f7:
e9:e9:58:1d:31:61:3d:a2:f4:bb:0b:18:f0:d1:30:d4:e8:e1:
df:d7:35:c8:bc:9c:d4:1e:dc:ac:bb:06:ce:c1:b5:cd:2b:62:
97:08:2a:5d:16:9c:cf:b7:82:58:b8:75:8b:c7:38:52:e6:79:
a2:95:57:c3:bd:d7:39:3d:28:cc:0b:a5:db:a7:29:9e:c9:31:
c7:1b:30:46:0b:45:6a:4b:7b:10:7e:52:68:ea:2d:d9:16:13:
2b:ca:aa:23:32:9d:c7:ff:74:9b:e9:e3:60:b4:83:d3:0d:06:
c8:f2:ac:32:2f:72:b2:02:96:90:da:7d:ed:f0:fa:b8:d8:3d:
9f:ae:26:83:78:a9:32:f4:07:65:c6:92:21:07:2f:bf:91:6c:
f6:78:6e:82:cb:b8:95:6e:74:f6:e3:d4:74:db:13:57:31:f5:
9f:7e:44:5a:fb:20:59:67:21:b5:2d:11:b0:80:4b:58:31:9d:
ca:dc:48:9c:62:24:c5:72:73:8f:97:16:c8:e0:7f:0c:b5:60:
fc:4b:65:92:23:1a:7f:db:dd:31:8a:4b:3f:97:af:17:1a:c2:
a8:ed:0d:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZ5I4i6QMSXUorr9I5FcBx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMwMjIyMTI0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc5ZjVhMWJiM2RjMDU3MzYyZGE2ODYxNjIxMmM3ZDc4MmI0ZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CQNf0sUJuw6IEGCXJEpnVP08GyJ
3iEpetmHL5L9Fm962ZrfsbPqYf4C8sj9Tmb4xoEjN6b+j0FqG6uE0HxJ/Js8qhd4
hmFrGPsPKGKUe63OkIF2ydw2Oij5r/BjveeKR+gnHbBLKbnFHFfLgcUa5RZeaE70
1RSQgC2dj3hPQDrXgb1WqemeCtDMuc7DpwRp3Z3tZj4YZtIeV7ZMxmCqKGX/q94z
R/gzt+VTpCzLe0LOCNoq0V7FumdSZ/OnmRxgT4YZLxYVb/rqNFNNJNNPQ9FACC/7
dEHSOfiKf4TpG3ffwR+8f1wQ2dPUfsNRdCoVnnDd298HTaS7bGCPStsmSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP159aG7PcBXNi2mhhYhLH14K0+AMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvX1huMW9iczl3RmMyTGFhR0ZpRXNmWGdyVDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXyUAwQA
ueuNMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQBdzJzQhqFf8PlP
YGx3bamNlhF8GZont1+00ZV4ECbJF7VQyvfp6VgdMWE9ovS7Cxjw0TDU6OHf1zXI
vJzUHtysuwbOwbXNK2KXCCpdFpzPt4JYuHWLxzhS5nmilVfDvdc5PSjMC6Xbpyme
yTHHGzBGC0VqS3sQflJo6i3ZFhMryqojMp3H/3Sb6eNgtIPTDQbI8qwyL3KyApaQ
2n3t8Pq42D2friaDeKky9AdlxpIhBy+/kWz2eG6Cy7iVbnT249R02xNXMfWffkRa
+yBZZyG1LRGwgEtYMZ3K3EicYiTFcnOPlxbI4H8MtWD8S2WSIxp/290xiks/l68X
GsKo7Q3k
-----END CERTIFICATE-----
Generated at Mon May 12 19:08:24 2025 by rpki-client