Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x6GwmuXafBdujq9xHLm7h4ITLpo.roa
File: x6GwmuXafBdujq9xHLm7h4ITLpo.roa (raw, json)
Hash identifier: +Tn/CjxS9QV33MAgabcMMwxWRt/q6Q3lScf0EGXlBDY=
Subject key identifier: C7:A1:B0:9A:E5:DA:7C:17:6E:8E:AF:71:1C:B9:BB:87:82:13:2E:9A
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01890FED515DB8D414F184D580442DD291EE
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x6GwmuXafBdujq9xHLm7h4ITLpo.roa
Signing time: Sat 01 Jul 2023 05:29:18 +0000
ROA not before: Sat 01 Jul 2023 05:29:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210392
IP address blocks: 178.239.151.0/24 maxlen: 24
178.239.152.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.26.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0f:ed:51:5d:b8:d4:14:f1:84:d5:80:44:2d:d2:91:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jul 1 05:29:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7a1b09ae5da7c176e8eaf711cb9bb8782132e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:19:98:4f:d4:b7:c3:86:ea:7e:82:49:a2:2c:
bd:47:73:46:26:81:15:56:9f:18:b0:92:ce:9a:21:
e1:45:0c:5d:99:e1:8a:56:d0:34:cb:5c:01:14:06:
c6:45:d1:bc:d4:3d:71:dc:6e:8a:ce:58:c7:2a:49:
af:04:07:22:e6:87:5a:0d:9a:be:6c:b7:2d:88:8e:
8c:98:c7:86:9b:fa:20:c9:55:53:2d:64:b2:dd:f1:
bd:36:53:92:cd:35:67:92:33:02:8f:d7:8c:ad:fa:
ff:2f:36:a7:07:5a:24:7d:bf:1f:59:9e:6d:0b:84:
b9:23:82:4a:41:8d:c4:26:e6:46:6f:bc:b7:4d:5f:
4d:0c:dd:c8:e9:00:36:b1:97:2f:f1:a4:14:e0:c9:
3a:3c:d0:a7:f9:d8:90:e2:63:cb:08:dc:b5:a4:0d:
15:7d:6e:33:8d:04:81:39:2f:1f:4b:1e:f7:8b:26:
a1:2b:d4:75:6f:2f:e1:56:5d:0c:0f:bd:9a:b7:c7:
19:83:87:61:5d:7b:1f:aa:1b:0c:d1:08:f2:73:fc:
e3:8d:13:e7:45:3a:d3:00:10:c9:ff:df:d1:6a:ed:
56:9a:cb:c9:6a:e3:51:9e:61:f2:03:f3:03:f3:29:
93:8c:da:35:b6:c6:5b:3a:9c:ae:ee:85:a1:82:71:
0d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A1:B0:9A:E5:DA:7C:17:6E:8E:AF:71:1C:B9:BB:87:82:13:2E:9A
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/x6GwmuXafBdujq9xHLm7h4ITLpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.151.0-178.239.152.255
185.26.32.0/23
Signature Algorithm: sha256WithRSAEncryption
39:57:68:8c:6c:1f:42:53:7d:d2:bd:cb:7b:53:3a:e9:4c:be:
45:0f:ad:17:f2:fe:90:ef:7e:71:e8:2e:8a:52:77:60:62:ab:
9e:e1:b6:57:32:19:8a:db:4f:77:c5:b8:22:9a:38:20:71:8a:
5b:4c:18:99:94:06:bb:7a:cd:52:b5:fc:82:f7:9e:8b:14:93:
a4:50:a2:35:23:4b:da:2e:a3:e1:1f:85:48:2f:e9:b9:b9:90:
15:69:e5:78:93:82:fa:63:8e:d5:d0:56:ec:e7:43:ea:74:b4:
21:d0:d8:9f:72:6c:2f:9b:fb:47:2d:d5:d8:df:91:3c:7b:df:
a1:ac:98:2d:bf:f8:36:ea:f8:e3:9a:2c:6e:e2:3e:c1:9c:33:
6b:45:3a:ea:63:fb:e8:bd:0e:58:d5:03:04:ce:37:93:97:40:
fe:78:3e:43:2c:a6:2a:72:c1:71:af:96:35:f9:0f:e4:19:db:
48:25:cd:92:a5:f6:a4:9e:1d:57:2e:44:4b:d0:85:be:ca:32:
2e:74:1e:3d:72:eb:6d:c0:7b:22:65:41:3b:3c:8f:54:49:fc:
96:d5:b1:db:4e:6a:44:fc:5f:bc:2d:de:f7:30:89:0a:40:a2:
7b:ab:f8:db:94:26:72:0b:ad:51:05:8d:aa:e1:5e:f1:db:04:
b3:85:18:eb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkP7VFduNQU8YTVgEQt0pHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNzAxMDUyOTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ExYjA5YWU1ZGE3YzE3NmU4ZWFmNzExY2I5YmI4NzgyMTMyZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohmYT9S3w4bqfoJJoiy9R3NGJoEV
Vp8YsJLOmiHhRQxdmeGKVtA0y1wBFAbGRdG81D1x3G6KzljHKkmvBAci5odaDZq+
bLctiI6MmMeGm/ogyVVTLWSy3fG9NlOSzTVnkjMCj9eMrfr/LzanB1okfb8fWZ5t
C4S5I4JKQY3EJuZGb7y3TV9NDN3I6QA2sZcv8aQU4Mk6PNCn+diQ4mPLCNy1pA0V
fW4zjQSBOS8fSx73iyahK9R1by/hVl0MD72at8cZg4dhXXsfqhsM0Qjyc/zjjRPn
RTrTABDJ/9/Rau1WmsvJauNRnmHyA/MD8ymTjNo1tsZbOpyu7oWhgnENhwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMehsJrl2nwXbo6vcRy5u4eCEy6aMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEveDZHd211WGFmQmR1anE5eEhMbTdoNElUTHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACy75cD
BACy75gDBAG5GiAwDQYJKoZIhvcNAQELBQADggEBADlXaIxsH0JTfdK9y3tTOulM
vkUPrRfy/pDvfnHoLopSd2Biq57htlcyGYrbT3fFuCKaOCBxiltMGJmUBrt6zVK1
/IL3nosUk6RQojUjS9ouo+EfhUgv6bm5kBVp5XiTgvpjjtXQVuznQ+p0tCHQ2J9y
bC+b+0ct1djfkTx736GsmC2/+Dbq+OOaLG7iPsGcM2tFOupj++i9DljVAwTON5OX
QP54PkMspipywXGvljX5D+QZ20glzZKl9qSeHVcuREvQhb7KMi50Hj1y623AeyJl
QTs8j1RJ/JbVsdtOakT8X7wt3vcwiQpAonur+NuUJnILrVEFjarhXvHbBLOFGOs=
-----END CERTIFICATE-----
Generated at Wed May 14 23:24:19 2025 by rpki-client