Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/szlKuxnQPn2jFrxr1hSRIOCqXi0.roa
File: szlKuxnQPn2jFrxr1hSRIOCqXi0.roa (raw, json)
Hash identifier: q+K+PMK7NtHgQ66LkRPQLqRA+04PZrBoyMEC7wCULM8=
Subject key identifier: B3:39:4A:BB:19:D0:3E:7D:A3:16:BC:6B:D6:14:91:20:E0:AA:5E:2D
Certificate issuer: /CN=af2bf82fda28e08f6229460ba2e24141464331e5
Certificate serial: 05EC5D0A
Authority key identifier: AF:2B:F8:2F:DA:28:E0:8F:62:29:46:0B:A2:E2:41:41:46:43:31:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryv4L9oo4I9iKUYLouJBQUZDMeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/szlKuxnQPn2jFrxr1hSRIOCqXi0.roa
Signing time: Sat 01 Jan 2022 10:01:29 +0000
ROA not before: Sat 01 Jan 2022 10:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204943
IP address blocks: 185.235.48.0/22 maxlen: 22
2a0d:4b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99376394 (0x5ec5d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2bf82fda28e08f6229460ba2e24141464331e5
Validity
Not Before: Jan 1 10:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3394abb19d03e7da316bc6bd6149120e0aa5e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:4d:ff:79:c4:14:37:aa:ef:8f:57:9b:fd:
70:7b:c6:24:e9:96:35:4b:af:bc:b9:51:22:17:14:
b3:6e:be:58:a3:8a:aa:8a:15:8f:56:70:32:d6:07:
aa:1d:6b:39:7a:ae:bd:29:7a:ee:c7:14:d5:ab:db:
79:4a:8d:77:7c:14:4b:c6:1a:24:d4:b4:52:e7:a6:
cf:3f:1e:33:0f:57:75:c7:7b:5c:ec:1e:08:23:58:
20:5a:de:d7:11:22:cc:a6:7e:9d:08:60:d0:78:79:
13:be:86:01:66:b5:ca:ea:5e:c8:5f:41:9e:80:a0:
5e:3d:28:64:3b:bf:83:4a:73:67:6f:d0:30:65:00:
e4:5c:0e:2a:35:42:e3:01:6a:63:8a:09:7b:37:d5:
57:9d:36:10:5d:49:72:52:5d:42:25:b7:ea:b2:58:
4b:a8:97:0a:45:47:59:a6:ae:e7:d6:44:88:06:6d:
ce:48:34:c7:35:d8:35:9e:61:58:e1:13:8a:e4:ce:
d4:bf:6e:7d:d6:5b:7e:6c:47:99:db:3c:30:29:5b:
ae:3b:68:03:02:f2:dc:b7:36:b2:0a:26:40:c3:db:
3b:17:90:1c:a9:c7:0e:47:8a:0f:10:c2:39:2d:cc:
b4:83:bf:f4:9e:35:b0:e8:35:09:77:44:78:22:5a:
0b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:4A:BB:19:D0:3E:7D:A3:16:BC:6B:D6:14:91:20:E0:AA:5E:2D
X509v3 Authority Key Identifier:
keyid:AF:2B:F8:2F:DA:28:E0:8F:62:29:46:0B:A2:E2:41:41:46:43:31:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryv4L9oo4I9iKUYLouJBQUZDMeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/szlKuxnQPn2jFrxr1hSRIOCqXi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/3b91a2-d2a7-4e69-9c86-bdf3917a9267/1/ryv4L9oo4I9iKUYLouJBQUZDMeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.48.0/22
IPv6:
2a0d:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
64:73:73:ea:62:61:10:ce:1d:ce:02:7b:39:bf:a5:4c:36:54:
30:e2:23:49:7f:35:bd:f5:da:dc:43:1e:3d:9f:2f:e6:34:47:
bc:37:8c:b7:93:0a:cd:f7:65:af:4e:7d:8f:25:cb:67:a0:35:
fd:9f:ad:b0:e7:d2:e5:fc:a8:2d:71:fe:8a:38:06:39:87:af:
7a:a1:90:b4:17:3f:45:77:6e:eb:c3:99:0b:e5:ec:01:7d:39:
3b:33:3f:20:d2:b0:88:75:f0:31:23:08:5c:51:b5:18:89:77:
17:c1:b5:f3:2f:25:9e:54:a3:c2:7c:be:65:61:c4:df:db:b8:
4b:db:bf:8e:5b:a1:73:d3:8a:fc:0f:6e:80:77:b3:8a:90:e8:
e8:24:ec:e2:5c:c7:84:48:9b:10:d9:d0:86:a1:b9:d1:59:c9:
ab:d3:fc:7f:21:ad:04:9d:50:21:bb:98:2d:68:c4:13:d0:c0:
8e:78:a4:f6:ac:6d:c5:52:04:d8:2a:26:47:c8:c9:3b:67:98:
b9:1b:21:72:21:16:75:f0:bc:88:7b:e7:16:1a:71:3d:20:9d:
c3:0f:98:49:8e:ff:f0:cc:9b:d7:b6:7d:e2:69:11:cc:8d:1a:
7f:ad:76:69:f5:26:6e:20:2a:39:d5:01:42:ad:b8:85:f9:40:
bc:a7:04:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBexdCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjJiZjgyZmRhMjhlMDhmNjIyOTQ2MGJhMmUyNDE0MTQ2NDMzMWU1MB4XDTIyMDEw
MTEwMDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjMzOTRhYmIxOWQw
M2U3ZGEzMTZiYzZiZDYxNDkxMjBlMGFhNWUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKgTf95xBQ3qu+PV5v9cHvGJOmWNUuvvLlRIhcUs26+WKOK
qooVj1ZwMtYHqh1rOXquvSl67scU1avbeUqNd3wUS8YaJNS0Uuemzz8eMw9Xdcd7
XOweCCNYIFre1xEizKZ+nQhg0Hh5E76GAWa1yupeyF9BnoCgXj0oZDu/g0pzZ2/Q
MGUA5FwOKjVC4wFqY4oJezfVV502EF1JclJdQiW36rJYS6iXCkVHWaau59ZEiAZt
zkg0xzXYNZ5hWOETiuTO1L9ufdZbfmxHmds8MClbrjtoAwLy3Lc2sgomQMPbOxeQ
HKnHDkeKDxDCOS3MtIO/9J41sOg1CXdEeCJaC4MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSzOUq7GdA+faMWvGvWFJEg4KpeLTAfBgNVHSMEGDAWgBSvK/gv2ijgj2Ip
Rgui4kFBRkMx5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J5djRMOW9vNEk5aUtVWUxvdUpCUVVaRE1lVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvM2I5MWEyLWQyYTctNGU2OS05Yzg2LWJkZjM5MTdhOTI2Ny8x
L3N6bEt1eG5RUG4yakZyeHIxaFNSSU9DcVhpMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
M2I5MWEyLWQyYTctNGU2OS05Yzg2LWJkZjM5MTdhOTI2Ny8xL3J5djRMOW9vNEk5
aUtVWUxvdUpCUVVaRE1lVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnrMDANBAIAAjAHAwUDKg1LADAN
BgkqhkiG9w0BAQsFAAOCAQEAZHNz6mJhEM4dzgJ7Ob+lTDZUMOIjSX81vfXa3EMe
PZ8v5jRHvDeMt5MKzfdlr059jyXLZ6A1/Z+tsOfS5fyoLXH+ijgGOYeveqGQtBc/
RXdu68OZC+XsAX05OzM/INKwiHXwMSMIXFG1GIl3F8G18y8lnlSjwny+ZWHE39u4
S9u/jluhc9OK/A9ugHezipDo6CTs4lzHhEibENnQhqG50VnJq9P8fyGtBJ1QIbuY
LWjEE9DAjnik9qxtxVIE2ComR8jJO2eYuRshciEWdfC8iHvnFhpxPSCdww+YSY7/
8Myb17Z94mkRzI0af612afUmbiAqOdUBQq24hflAvKcElA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:15:18 2025 by rpki-client