Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/7pL_5yjGqi01hz0vPEau0-u6H2w.roa
File: 7pL_5yjGqi01hz0vPEau0-u6H2w.roa (raw, json)
Hash identifier: wb2I2j9yYEh+317OOKXoKjXPwjdE+OiDdUlv+jLKb4s=
Subject key identifier: EE:92:FF:E7:28:C6:AA:2D:35:87:3D:2F:3C:46:AE:D3:EB:BA:1F:6C
Certificate issuer: /CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Certificate serial: 0185719E87E015FA9935F43C592216E574BD
Authority key identifier: 78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/7pL_5yjGqi01hz0vPEau0-u6H2w.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59794
IP address blocks: 185.211.90.0/23 maxlen: 23
185.211.88.0/22 maxlen: 22
185.211.90.0/24 maxlen: 24
185.211.91.0/24 maxlen: 24
185.211.88.0/24 maxlen: 24
185.211.88.0/23 maxlen: 23
185.211.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:87:e0:15:fa:99:35:f4:3c:59:22:16:e5:74:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7813663c64a5da8dcaf5b3acfd3eeaf835b41a53
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee92ffe728c6aa2d35873d2f3c46aed3ebba1f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9c:cd:38:45:70:02:30:82:ca:17:7f:2f:ed:
19:f9:72:2e:fc:a4:36:32:5c:d0:a7:c5:d9:c9:eb:
c1:7a:74:b0:22:e4:31:9b:c0:bc:2a:f4:4a:10:43:
4e:e8:15:fd:61:48:f0:56:27:ca:16:46:7e:c5:c0:
3d:7f:0f:a3:9a:c8:4b:56:bf:ee:f4:51:14:7c:e9:
e1:ac:ea:35:d5:eb:f2:17:e4:8d:30:2c:21:5a:01:
8a:28:c9:9a:0f:73:45:05:11:d3:bf:ad:bc:9e:8b:
15:45:68:b4:10:7b:1f:01:6d:fa:ce:c2:a7:be:03:
66:24:0f:fa:c8:8b:f0:82:90:3f:78:f3:89:37:b5:
c5:81:8c:c1:9a:56:68:ad:56:40:f0:ce:1c:a8:97:
74:67:df:a4:04:eb:3e:c1:fd:c8:c0:fb:12:f3:e6:
66:2d:16:d5:d7:78:4a:e0:d8:6c:3f:f8:80:85:b5:
ae:fc:bb:94:fe:1d:95:bd:8b:d5:75:c7:a9:37:f9:
1f:76:e4:26:3c:1f:5e:9e:d1:e7:d7:d9:1a:e5:18:
e6:d1:89:05:ea:de:9f:9e:d8:95:86:47:e9:8f:93:
12:d6:3f:07:10:f1:ca:a8:5f:e9:2a:f1:a0:8d:52:
67:a1:a1:72:fc:67:b1:75:2c:ea:ac:67:a1:5f:58:
37:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:92:FF:E7:28:C6:AA:2D:35:87:3D:2F:3C:46:AE:D3:EB:BA:1F:6C
X509v3 Authority Key Identifier:
keyid:78:13:66:3C:64:A5:DA:8D:CA:F5:B3:AC:FD:3E:EA:F8:35:B4:1A:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eBNmPGSl2o3K9bOs_T7q-DW0GlM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/7pL_5yjGqi01hz0vPEau0-u6H2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6451ef-32d2-4f51-b3bd-9d1cda23ec4f/1/eBNmPGSl2o3K9bOs_T7q-DW0GlM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.88.0/22
Signature Algorithm: sha256WithRSAEncryption
03:8d:e1:07:c4:17:b7:5c:51:d5:82:ae:e8:e7:ec:93:9f:10:
a6:df:67:63:55:43:8c:fb:97:c0:10:03:5f:a5:ff:a3:f0:9a:
c5:6e:e0:dd:25:93:c8:da:da:4c:81:0a:7e:b7:c9:f3:a1:70:
78:a7:ec:10:91:13:01:9a:8a:0d:62:f6:06:23:ce:1c:e0:3b:
28:68:34:26:ba:24:76:de:24:ff:13:50:12:83:07:95:a6:db:
fa:75:88:72:90:74:02:e4:58:81:ca:de:a0:09:13:ac:fa:16:
41:89:08:4c:a8:7c:e3:da:c1:c9:f7:ce:b3:54:cf:14:fb:90:
a1:31:d1:33:ec:c8:8c:f7:31:a7:b7:74:1a:b2:b4:c6:74:84:
00:e5:07:5c:9b:b1:cf:a3:ae:97:d6:79:26:28:86:62:cb:68:
42:ff:1c:e7:47:ee:9c:54:f3:93:35:61:ff:45:a0:fb:80:90:
91:16:1d:19:f1:46:0b:7b:3e:21:b8:d0:3c:e1:a3:cd:44:7e:
b0:82:22:e9:6b:0e:89:38:94:75:f3:31:48:65:8b:5e:d3:ff:
68:97:d2:d2:b9:ff:e5:99:7a:0a:e5:64:1c:95:cf:f0:91:21:
8f:5c:47:0b:d3:dc:57:c1:28:22:31:4a:ee:78:7a:31:93:e7:
56:80:69:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnofgFfqZNfQ8WSIW5XS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MTM2NjNjNjRhNWRhOGRjYWY1YjNhY2ZkM2VlYWY4MzVi
NDFhNTMwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkyZmZlNzI4YzZhYTJkMzU4NzNkMmYzYzQ2YWVkM2ViYmExZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJzNOEVwAjCCyhd/L+0Z+XIu/KQ2
MlzQp8XZyevBenSwIuQxm8C8KvRKEENO6BX9YUjwVifKFkZ+xcA9fw+jmshLVr/u
9FEUfOnhrOo11evyF+SNMCwhWgGKKMmaD3NFBRHTv628nosVRWi0EHsfAW36zsKn
vgNmJA/6yIvwgpA/ePOJN7XFgYzBmlZorVZA8M4cqJd0Z9+kBOs+wf3IwPsS8+Zm
LRbV13hK4NhsP/iAhbWu/LuU/h2VvYvVdcepN/kfduQmPB9entHn19ka5Rjm0YkF
6t6fntiVhkfpj5MS1j8HEPHKqF/pKvGgjVJnoaFy/GexdSzqrGehX1g3xwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6S/+coxqotNYc9LzxGrtPruh9sMB8GA1UdIwQY
MBaAFHgTZjxkpdqNyvWzrP0+6vg1tBpTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQt
OWQxY2RhMjNlYzRmLzEvN3BMXzV5akdxaTAxaHowdlBFYXUwLXU2SDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82NDUxZWYtMzJkMi00ZjUxLWIzYmQtOWQxY2RhMjNlYzRm
LzEvZUJObVBHU2wybzNLOWJPc19UN3EtRFcwR2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudNYMA0G
CSqGSIb3DQEBCwUAA4IBAQADjeEHxBe3XFHVgq7o5+yTnxCm32djVUOM+5fAEANf
pf+j8JrFbuDdJZPI2tpMgQp+t8nzoXB4p+wQkRMBmooNYvYGI84c4DsoaDQmuiR2
3iT/E1ASgweVptv6dYhykHQC5FiByt6gCROs+hZBiQhMqHzj2sHJ986zVM8U+5Ch
MdEz7MiM9zGnt3QasrTGdIQA5Qdcm7HPo66X1nkmKIZiy2hC/xznR+6cVPOTNWH/
RaD7gJCRFh0Z8UYLez4huNA84aPNRH6wgiLpaw6JOJR18zFIZYte0/9ol9LSuf/l
mXoK5WQclc/wkSGPXEcL09xXwSgiMUrueHoxk+dWgGl9
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:30:26 2025 by rpki-client