Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/0d0300-74ee-4677-ad62-c24b7db20de7/1/8inU5Gi038bPloPSPZDGLf57KwA.roa
File: 8inU5Gi038bPloPSPZDGLf57KwA.roa (raw, json)
Hash identifier: kNqk+G/1hLxy906w47y/OzBImJb990WIyxCsFpYxIKQ=
Subject key identifier: F2:29:D4:E4:68:B4:DF:C6:CF:96:83:D2:3D:90:C6:2D:FE:7B:2B:00
Certificate issuer: /CN=d016cc56a995507b4fa87c6490442f06b6186687
Certificate serial: 097DD368
Authority key identifier: D0:16:CC:56:A9:95:50:7B:4F:A8:7C:64:90:44:2F:06:B6:18:66:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BbMVqmVUHtPqHxkkEQvBrYYZoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/0d0300-74ee-4677-ad62-c24b7db20de7/1/8inU5Gi038bPloPSPZDGLf57KwA.roa
Signing time: Sat 01 Jan 2022 14:04:27 +0000
ROA not before: Sat 01 Jan 2022 14:04:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203538
IP address blocks: 185.131.104.0/22 maxlen: 24
2a03:a060::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159241064 (0x97dd368)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d016cc56a995507b4fa87c6490442f06b6186687
Validity
Not Before: Jan 1 14:04:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f229d4e468b4dfc6cf9683d23d90c62dfe7b2b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8a:9c:b9:7e:6a:b5:b3:d7:3a:13:26:6b:6f:
de:52:71:b7:ac:c9:e7:a0:9b:4e:11:91:d2:28:83:
70:cb:18:12:89:f4:6e:1a:7b:81:69:f7:75:83:7f:
d0:2b:d7:b0:78:6a:d9:7f:ec:9f:fc:bc:50:3e:5e:
1d:a8:6b:0b:ea:83:b7:0e:fd:94:d7:82:f6:49:9e:
b6:27:03:b7:3c:e3:c6:06:3b:03:ea:b5:e7:1a:de:
26:ae:fb:6f:91:f7:f4:d9:2c:e9:89:34:c0:05:48:
79:a7:33:cc:39:1a:ee:0d:a3:b6:8e:5a:99:4c:6f:
35:95:f3:fe:7b:0f:92:81:58:c7:20:94:b7:52:e8:
82:e0:cb:2d:38:b6:91:8a:34:df:8f:aa:e6:e3:d5:
31:94:e0:58:fb:3f:b5:d1:c0:b8:1b:a0:01:8b:7b:
a5:e3:e3:0b:2a:cd:b2:f5:dc:5f:41:c5:9f:ab:b3:
1a:0a:c1:8a:ee:46:35:2f:a2:56:5a:25:9f:99:b6:
b0:10:46:b1:7e:89:22:a6:76:b7:25:66:89:9f:77:
d3:82:0d:c6:17:5e:f5:27:94:c7:07:e0:eb:c2:63:
3e:d7:43:2c:89:ca:ba:51:2b:d4:92:46:94:3e:4f:
ec:88:b0:79:de:fd:9d:4b:22:97:14:6e:0a:ca:cd:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:29:D4:E4:68:B4:DF:C6:CF:96:83:D2:3D:90:C6:2D:FE:7B:2B:00
X509v3 Authority Key Identifier:
keyid:D0:16:CC:56:A9:95:50:7B:4F:A8:7C:64:90:44:2F:06:B6:18:66:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BbMVqmVUHtPqHxkkEQvBrYYZoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/0d0300-74ee-4677-ad62-c24b7db20de7/1/8inU5Gi038bPloPSPZDGLf57KwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/0d0300-74ee-4677-ad62-c24b7db20de7/1/0BbMVqmVUHtPqHxkkEQvBrYYZoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.104.0/22
IPv6:
2a03:a060::/32
Signature Algorithm: sha256WithRSAEncryption
bd:c5:b7:da:db:a8:10:02:35:81:5e:a2:c1:f7:9b:89:17:bf:
3e:7e:d4:0c:36:21:13:2c:84:aa:0b:9f:49:e3:33:df:c9:d7:
ea:2c:ed:c2:80:e8:01:44:11:9b:9a:6f:0d:c4:b1:70:5e:db:
8a:01:60:62:d1:a7:1d:35:97:21:e7:a9:19:bc:03:4a:9f:f4:
7d:cf:e9:fb:02:a2:e7:b8:da:9a:95:23:8c:df:65:4e:f2:91:
4d:da:16:c5:cb:85:74:93:d3:1b:89:4b:bf:ff:b1:69:04:e7:
ec:bf:c7:ee:38:16:81:db:f9:af:53:18:1c:2f:b6:23:e1:c4:
8f:f7:51:a2:d2:b1:3a:d9:6c:0a:a9:cc:51:39:64:1e:41:dd:
d1:9c:e7:5a:87:de:20:2c:67:12:b6:68:16:6d:f4:13:2f:e1:
f1:55:3d:e5:58:eb:4c:90:c8:31:f3:d9:9e:2a:66:7f:3b:e2:
54:d7:96:a0:73:de:89:e2:9c:52:f8:fb:40:39:24:89:90:56:
38:9b:18:c6:a7:74:4c:5b:b7:85:57:54:57:4a:ec:5e:66:a4:
73:63:a5:83:76:f6:82:77:4d:73:b1:02:06:bf:39:6f:97:98:
d1:08:12:b4:61:f5:50:c9:a2:f4:28:5f:cc:88:88:d2:df:9f:
92:a9:9a:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECX3TaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDE2Y2M1NmE5OTU1MDdiNGZhODdjNjQ5MDQ0MmYwNmI2MTg2Njg3MB4XDTIyMDEw
MTE0MDQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIyOWQ0ZTQ2OGI0
ZGZjNmNmOTY4M2QyM2Q5MGM2MmRmZTdiMmIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqKnLl+arWz1zoTJmtv3lJxt6zJ56CbThGR0iiDcMsYEon0
bhp7gWn3dYN/0CvXsHhq2X/sn/y8UD5eHahrC+qDtw79lNeC9kmeticDtzzjxgY7
A+q15xreJq77b5H39Nks6Yk0wAVIeaczzDka7g2jto5amUxvNZXz/nsPkoFYxyCU
t1LoguDLLTi2kYo034+q5uPVMZTgWPs/tdHAuBugAYt7pePjCyrNsvXcX0HFn6uz
GgrBiu5GNS+iVloln5m2sBBGsX6JIqZ2tyVmiZ9304INxhde9SeUxwfg68JjPtdD
LInKulEr1JJGlD5P7Iiwed79nUsilxRuCsrN7YMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTyKdTkaLTfxs+Wg9I9kMYt/nsrADAfBgNVHSMEGDAWgBTQFsxWqZVQe0+o
fGSQRC8GthhmhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBCYk1WcW1WVUh0UHFIeGtrRVF2QnJZWVpvYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvMGQwMzAwLTc0ZWUtNDY3Ny1hZDYyLWMyNGI3ZGIyMGRlNy8x
LzhpblU1R2kwMzhiUGxvUFNQWkRHTGY1N0t3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
MGQwMzAwLTc0ZWUtNDY3Ny1hZDYyLWMyNGI3ZGIyMGRlNy8xLzBCYk1WcW1WVUh0
UHFIeGtrRVF2QnJZWVpvYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmDaDANBAIAAjAHAwUAKgOgYDAN
BgkqhkiG9w0BAQsFAAOCAQEAvcW32tuoEAI1gV6iwfebiRe/Pn7UDDYhEyyEqguf
SeMz38nX6iztwoDoAUQRm5pvDcSxcF7bigFgYtGnHTWXIeepGbwDSp/0fc/p+wKi
57jampUjjN9lTvKRTdoWxcuFdJPTG4lLv/+xaQTn7L/H7jgWgdv5r1MYHC+2I+HE
j/dRotKxOtlsCqnMUTlkHkHd0ZznWofeICxnErZoFm30Ey/h8VU95VjrTJDIMfPZ
nipmfzviVNeWoHPeieKcUvj7QDkkiZBWOJsYxqd0TFu3hVdUV0rsXmakc2Olg3b2
gndNc7ECBr85b5eY0QgStGH1UMmi9ChfzIiI0t+fkqmamA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:11 2025 by rpki-client