Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/MzIxyYjbdI4_oHHP63g1AzpamSs.roa
File: MzIxyYjbdI4_oHHP63g1AzpamSs.roa (raw, json)
Hash identifier: pGEcwU8VzeTRluXBhU4dxsZ8fO/LAvliniBemWToFck=
Subject key identifier: 33:32:31:C9:88:DB:74:8E:3F:A0:71:CF:EB:78:35:03:3A:5A:99:2B
Certificate issuer: /CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
Certificate serial: 02B55D
Authority key identifier: 4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/MzIxyYjbdI4_oHHP63g1AzpamSs.roa
Signing time: Wed 25 May 2022 13:59:13 +0000
ROA not before: Wed 25 May 2022 13:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205052
IP address blocks: 185.231.198.0/23 maxlen: 23
185.231.196.0/23 maxlen: 23
2a0c:7900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177501 (0x2b55d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be896a4195385d4b94b7295988ccfbfa8ac99c5
Validity
Not Before: May 25 13:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=333231c988db748e3fa071cfeb7835033a5a992b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:99:f1:d3:b6:46:68:c0:20:00:f7:4b:7e:
a1:88:27:45:8c:23:1a:5d:c0:77:8e:63:5b:08:4f:
e8:9e:7c:11:ec:bd:ab:55:c4:c7:b7:7b:11:67:10:
60:07:f8:b8:97:de:0f:e4:9c:8e:84:28:ed:a4:07:
48:d5:fd:7d:d9:40:0e:92:2e:43:dd:b1:36:3e:37:
17:c8:f0:f6:2e:2d:84:f3:87:07:19:59:be:43:ac:
88:06:c8:cb:e2:9a:3b:61:59:c7:83:bb:f9:06:bf:
3b:de:0e:b6:05:7a:e3:e1:bb:36:02:6d:32:93:94:
89:12:4b:dc:a2:b3:76:6e:6b:ad:40:13:f4:2b:75:
06:e3:95:67:b5:09:4f:60:fc:cc:7d:29:83:f1:8a:
e2:f5:fe:b2:c5:93:1f:91:18:4d:96:c2:e3:48:fb:
8f:37:4b:67:c8:e3:3a:25:ab:f6:3f:09:3a:de:02:
41:ef:28:71:b3:c4:f3:ec:44:87:c9:8a:99:c7:26:
24:49:b1:0a:75:1f:b5:ca:58:23:b8:09:95:a0:c4:
86:f3:94:8d:b7:dd:8e:49:47:27:fa:27:99:43:f3:
73:e7:72:f1:c8:e2:bb:00:d2:80:34:a6:8d:15:b9:
70:11:8a:ed:b6:86:55:b8:ab:08:b3:31:16:19:0a:
28:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:32:31:C9:88:DB:74:8E:3F:A0:71:CF:EB:78:35:03:3A:5A:99:2B
X509v3 Authority Key Identifier:
keyid:4B:E8:96:A4:19:53:85:D4:B9:4B:72:95:98:8C:CF:BF:A8:AC:99:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-iWpBlThdS5S3KVmIzPv6ismcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/MzIxyYjbdI4_oHHP63g1AzpamSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/7a13ee-b731-4ff9-bef0-4b1581f09d3b/1/S-iWpBlThdS5S3KVmIzPv6ismcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.196.0/22
IPv6:
2a0c:7900::/29
Signature Algorithm: sha256WithRSAEncryption
3c:ff:d7:c4:6d:d1:bd:37:4b:44:4e:0a:36:69:2e:48:0d:a5:
0c:39:4e:b0:a7:cc:7e:15:88:f0:e7:3c:2e:2e:f4:40:db:87:
b7:45:55:61:d5:46:13:d5:59:6c:24:57:dd:b7:13:22:89:99:
2d:37:96:57:e2:ce:f2:9b:ac:a8:ac:91:48:7a:41:06:d3:9e:
ce:bc:0e:62:ac:fa:39:22:1c:9f:d6:54:fe:8b:bf:a8:04:bc:
aa:6a:f9:ed:de:a3:36:d8:d5:c6:53:54:79:c0:e2:a4:4d:ab:
13:4a:ab:54:c3:2d:99:bc:39:f9:d3:0e:37:bf:1d:d2:08:8c:
7d:69:e3:6f:98:e2:d3:e1:5b:7a:50:18:9f:3e:97:da:9a:6e:
8d:2a:32:d5:b1:64:2d:b4:11:69:21:4c:40:e1:eb:d4:c7:d0:
d7:8d:b8:f2:7a:c5:7a:9d:be:23:38:e9:2b:7e:12:1e:43:15:
88:f3:99:11:5e:59:b5:cf:95:83:fc:e3:3c:30:7b:1f:fd:fe:
c0:4e:01:2c:b6:db:ab:d3:33:97:3c:35:fc:00:38:b9:6b:c6:
46:91:73:06:6d:ad:a6:c8:43:c0:7c:39:56:0d:e4:e8:c4:8a:
94:65:c0:d3:d6:29:46:b4:e6:c8:73:8c:92:5e:8e:7c:95:2e:
89:07:c7:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDArVdMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRi
ZTg5NmE0MTk1Mzg1ZDRiOTRiNzI5NTk4OGNjZmJmYThhYzk5YzUwHhcNMjIwNTI1
MTM1OTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzMzMyMzFjOTg4ZGI3
NDhlM2ZhMDcxY2ZlYjc4MzUwMzNhNWE5OTJiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuniZ8dO2RmjAIAD3S36hiCdFjCMaXcB3jmNbCE/onnwR7L2r
VcTHt3sRZxBgB/i4l94P5JyOhCjtpAdI1f192UAOki5D3bE2PjcXyPD2Li2E84cH
GVm+Q6yIBsjL4po7YVnHg7v5Br873g62BXrj4bs2Am0yk5SJEkvcorN2bmutQBP0
K3UG45VntQlPYPzMfSmD8Yri9f6yxZMfkRhNlsLjSPuPN0tnyOM6Jav2Pwk63gJB
7yhxs8Tz7ESHyYqZxyYkSbEKdR+1ylgjuAmVoMSG85SNt92OSUcn+ieZQ/Nz53Lx
yOK7ANKANKaNFblwEYrttoZVuKsIszEWGQooCwIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFDMyMcmI23SOP6Bxz+t4NQM6WpkrMB8GA1UdIwQYMBaAFEvolqQZU4XUuUty
lZiMz7+orJnFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Uy1pV3BCbFRoZFM1UzNLVm1JelB2NmlzbWNVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wMS83YTEzZWUtYjczMS00ZmY5LWJlZjAtNGIxNTgxZjA5ZDNiLzEv
TXpJeHlZamJkSTRfb0hIUDYzZzFBenBhbVNzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83
YTEzZWUtYjczMS00ZmY5LWJlZjAtNGIxNTgxZjA5ZDNiLzEvUy1pV3BCbFRoZFM1
UzNLVm1JelB2NmlzbWNVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuefEMA0EAgACMAcDBQMqDHkAMA0G
CSqGSIb3DQEBCwUAA4IBAQA8/9fEbdG9N0tETgo2aS5IDaUMOU6wp8x+FYjw5zwu
LvRA24e3RVVh1UYT1VlsJFfdtxMiiZktN5ZX4s7ym6yorJFIekEG057OvA5irPo5
Ihyf1lT+i7+oBLyqavnt3qM22NXGU1R5wOKkTasTSqtUwy2ZvDn50w43vx3SCIx9
aeNvmOLT4Vt6UBifPpfamm6NKjLVsWQttBFpIUxA4evUx9DXjbjyesV6nb4jOOkr
fhIeQxWI85kRXlm1z5WD/OM8MHsf/f7ATgEsttur0zOXPDX8ADi5a8ZGkXMGba2m
yEPAfDlWDeToxIqUZcDT1ilGtObIc4ySXo58lS6JB8d+
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:34:23 2025 by rpki-client