Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b2dd00-a621-49a9-bbab-37f9bf7861b6/1/2vg2VxKXrjFiXMnxPaif4ZmxRMQ.roa
File: 2vg2VxKXrjFiXMnxPaif4ZmxRMQ.roa (raw, json)
Hash identifier: iW1UqWqsZ85N2OzBntwEaJHtY4atbzzEtOx7b9AxwMc=
Subject key identifier: DA:F8:36:57:12:97:AE:31:62:5C:C9:F1:3D:A8:9F:E1:99:B1:44:C4
Certificate issuer: /CN=65c920a27e3e53a367f9ea96db7baf7bd65a83ea
Certificate serial: 02A62BAA
Authority key identifier: 65:C9:20:A2:7E:3E:53:A3:67:F9:EA:96:DB:7B:AF:7B:D6:5A:83:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zckgon4-U6Nn-eqW23uve9Zag-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/b2dd00-a621-49a9-bbab-37f9bf7861b6/1/2vg2VxKXrjFiXMnxPaif4ZmxRMQ.roa
Signing time: Sat 01 Jan 2022 00:57:43 +0000
ROA not before: Sat 01 Jan 2022 00:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 185.252.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44444586 (0x2a62baa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65c920a27e3e53a367f9ea96db7baf7bd65a83ea
Validity
Not Before: Jan 1 00:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daf836571297ae31625cc9f13da89fe199b144c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:af:b7:27:dd:bc:c6:f7:40:db:b7:de:68:37:
e3:e6:a2:47:fe:36:7c:9b:5e:28:ad:e0:60:5a:f6:
ac:f3:e1:0a:2a:ce:fc:97:2e:7f:36:6b:ce:d1:31:
df:1f:e2:5d:43:ad:40:28:21:c1:62:0d:1e:66:46:
32:cd:11:93:b9:55:bf:11:56:6e:d3:1c:6a:f0:ec:
1e:ac:6f:2a:c9:4f:08:4d:62:6c:28:95:2e:a9:58:
c0:1e:a0:50:06:b5:63:60:77:78:b9:12:6e:4f:90:
94:03:3c:cf:de:8a:be:29:be:6d:88:a9:5d:d0:1f:
14:c2:90:9c:bc:60:c0:94:90:da:07:7f:9e:89:75:
e4:f5:5d:8c:82:2d:01:d1:2d:d3:8c:70:90:35:a0:
94:f5:74:d5:31:c5:20:f1:b2:7d:2e:52:ca:28:ac:
ba:0d:b2:18:82:66:fa:63:a1:9e:1e:91:fd:b6:9e:
8f:f7:ca:13:96:b4:81:b7:a4:b6:b8:f5:ee:8c:82:
e7:e8:fa:38:a4:09:75:66:cf:39:4a:a2:ed:81:3f:
3c:d8:9b:8d:c6:82:9f:8b:29:44:b4:b0:ef:71:5f:
fc:5b:a3:23:bc:30:53:7e:ca:56:ef:12:f8:9d:a9:
3c:44:7f:92:5b:cf:c1:2f:1e:b1:d5:07:29:68:b9:
46:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F8:36:57:12:97:AE:31:62:5C:C9:F1:3D:A8:9F:E1:99:B1:44:C4
X509v3 Authority Key Identifier:
keyid:65:C9:20:A2:7E:3E:53:A3:67:F9:EA:96:DB:7B:AF:7B:D6:5A:83:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zckgon4-U6Nn-eqW23uve9Zag-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b2dd00-a621-49a9-bbab-37f9bf7861b6/1/2vg2VxKXrjFiXMnxPaif4ZmxRMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b2dd00-a621-49a9-bbab-37f9bf7861b6/1/Zckgon4-U6Nn-eqW23uve9Zag-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.194.0/24
Signature Algorithm: sha256WithRSAEncryption
63:23:af:96:5b:77:e4:df:e2:aa:48:df:53:01:33:88:8f:77:
85:8d:0d:0c:e7:dd:29:7f:75:1f:70:9b:83:64:69:15:d7:e1:
86:1f:ce:17:32:19:a1:aa:60:8c:92:e6:9f:a7:3b:b4:f4:e1:
3e:d4:33:e4:ca:f3:f4:92:54:f8:22:df:17:fe:2b:06:d3:14:
a4:8b:79:eb:ec:7e:59:02:40:a6:ba:6c:9e:cf:7c:a7:83:d3:
93:24:74:06:0b:5a:29:13:07:cd:c4:d9:9a:2e:b5:d4:f4:70:
80:db:2a:9c:2e:97:37:7c:12:31:e6:3d:4d:59:b9:92:51:71:
4e:0f:d8:93:85:aa:9b:3e:35:9d:b3:b3:35:03:89:3c:85:07:
98:9b:60:59:84:3c:9c:52:ee:33:e1:66:65:16:d1:ed:47:e9:
30:24:1d:c5:35:c4:59:f0:53:e0:9d:1c:21:b6:61:25:48:6d:
d0:fc:70:67:f4:c4:6e:eb:fc:a9:de:fd:5c:32:41:d8:9c:2c:
c3:7d:06:35:ac:e4:87:7b:eb:47:0d:ec:53:bc:c5:7d:f6:85:
ec:98:57:8d:3f:71:00:98:f3:0c:26:6b:64:6d:4f:cd:0a:ad:
3a:7a:07:81:7b:e7:d1:57:b0:25:1b:63:84:39:79:66:0c:45:
27:2b:bd:10
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqYrqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NWM5MjBhMjdlM2U1M2EzNjdmOWVhOTZkYjdiYWY3YmQ2NWE4M2VhMB4XDTIyMDEw
MTAwNTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFmODM2NTcxMjk3
YWUzMTYyNWNjOWYxM2RhODlmZTE5OWIxNDRjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPCvtyfdvMb3QNu33mg34+aiR/42fJteKK3gYFr2rPPhCirO
/JcufzZrztEx3x/iXUOtQCghwWINHmZGMs0Rk7lVvxFWbtMcavDsHqxvKslPCE1i
bCiVLqlYwB6gUAa1Y2B3eLkSbk+QlAM8z96Kvim+bYipXdAfFMKQnLxgwJSQ2gd/
nol15PVdjIItAdEt04xwkDWglPV01THFIPGyfS5Syiisug2yGIJm+mOhnh6R/bae
j/fKE5a0gbektrj17oyC5+j6OKQJdWbPOUqi7YE/PNibjcaCn4spRLSw73Ff/Fuj
I7wwU37KVu8S+J2pPER/klvPwS8esdUHKWi5RtsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTa+DZXEpeuMWJcyfE9qJ/hmbFExDAfBgNVHSMEGDAWgBRlySCifj5To2f5
6pbbe6971lqD6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pja2dvbjQtVTZObi1lcVcyM3V2ZTlaYWctby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYjJkZDAwLWE2MjEtNDlhOS1iYmFiLTM3ZjliZjc4NjFiNi8x
LzJ2ZzJWeEtYcmpGaVhNbnhQYWlmNFpteFJNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YjJkZDAwLWE2MjEtNDlhOS1iYmFiLTM3ZjliZjc4NjFiNi8xL1pja2dvbjQtVTZO
bi1lcVcyM3V2ZTlaYWctby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn8wjANBgkqhkiG9w0BAQsFAAOC
AQEAYyOvllt35N/iqkjfUwEziI93hY0NDOfdKX91H3Cbg2RpFdfhhh/OFzIZoapg
jJLmn6c7tPThPtQz5Mrz9JJU+CLfF/4rBtMUpIt56+x+WQJAprpsns98p4PTkyR0
BgtaKRMHzcTZmi611PRwgNsqnC6XN3wSMeY9TVm5klFxTg/Yk4Wqmz41nbOzNQOJ
PIUHmJtgWYQ8nFLuM+FmZRbR7UfpMCQdxTXEWfBT4J0cIbZhJUht0PxwZ/TEbuv8
qd79XDJB2Jwsw30GNazkh3vrRw3sU7zFffaF7JhXjT9xAJjzDCZrZG1PzQqtOnoH
gXvn0VewJRtjhDl5ZgxFJyu9EA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:37:50 2025 by rpki-client