Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/u6plRyXlZeLjW7J73o3BkTXT77U.roa
File: u6plRyXlZeLjW7J73o3BkTXT77U.roa (raw, json)
Hash identifier: MSVBU+ryvosJx1uNW7RM3IFszFAKXtr43BQ2UZEmCh0=
Subject key identifier: BB:AA:65:47:25:E5:65:E2:E3:5B:B2:7B:DE:8D:C1:91:35:D3:EF:B5
Certificate issuer: /CN=33410875ca78cc5e3d192e054a96df0302c7f97a
Certificate serial: 0182AAB7E66DE4A375FE043ED94A014FE915
Authority key identifier: 33:41:08:75:CA:78:CC:5E:3D:19:2E:05:4A:96:DF:03:02:C7:F9:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M0EIdcp4zF49GS4FSpbfAwLH-Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/u6plRyXlZeLjW7J73o3BkTXT77U.roa
Signing time: Wed 17 Aug 2022 07:32:34 +0000
ROA not before: Wed 17 Aug 2022 07:32:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196968
IP address blocks: 162.208.52.0/22 maxlen: 22
185.69.180.0/22 maxlen: 22
178.21.0.0/21 maxlen: 21
217.61.232.0/22 maxlen: 22
199.247.56.0/21 maxlen: 21
176.10.48.0/21 maxlen: 21
2a00:6e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:aa:b7:e6:6d:e4:a3:75:fe:04:3e:d9:4a:01:4f:e9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33410875ca78cc5e3d192e054a96df0302c7f97a
Validity
Not Before: Aug 17 07:32:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbaa654725e565e2e35bb27bde8dc19135d3efb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9b:fe:c6:8b:20:73:ed:f7:0a:6d:16:77:af:
b4:8d:51:f1:eb:5e:98:3a:ef:2b:26:40:a8:37:c2:
a3:e6:3f:b2:46:72:71:4c:9f:90:02:e3:d7:9f:be:
78:7d:46:cf:68:6b:7c:f1:3d:4f:4c:30:fb:26:e0:
4d:03:c3:67:5f:26:09:27:5e:e2:fd:83:89:9d:fb:
95:e7:76:02:2b:1e:bb:19:e0:bf:37:d4:44:36:14:
04:0f:73:5b:eb:38:ea:e0:af:f8:84:2f:f2:f0:37:
90:85:db:5e:22:a8:40:d9:62:b9:96:05:d0:68:f2:
2f:ab:fc:ca:e9:7c:9d:a2:e3:b8:ea:31:14:b0:3f:
88:b6:a0:e6:23:a3:f6:85:d5:b4:9c:b9:9a:46:ef:
d1:78:b3:4a:b0:c2:f9:7d:7a:55:c1:42:bd:fd:8e:
93:df:22:d9:a6:73:fc:14:4a:f6:7b:1f:f8:53:93:
d1:b1:01:e4:4b:e6:60:69:b0:99:50:88:95:19:b5:
d7:2b:32:66:f2:08:1d:0e:63:d6:bc:77:fd:91:74:
76:3a:41:46:e5:a7:c8:93:b4:4a:53:5c:67:ff:71:
39:29:99:e9:46:59:f1:79:89:66:db:78:7d:ca:5e:
94:ce:4c:14:c6:10:00:f9:24:92:01:8f:83:5d:1f:
bc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AA:65:47:25:E5:65:E2:E3:5B:B2:7B:DE:8D:C1:91:35:D3:EF:B5
X509v3 Authority Key Identifier:
keyid:33:41:08:75:CA:78:CC:5E:3D:19:2E:05:4A:96:DF:03:02:C7:F9:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M0EIdcp4zF49GS4FSpbfAwLH-Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/u6plRyXlZeLjW7J73o3BkTXT77U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8c07ae-de72-476a-8029-f0816e38adde/1/M0EIdcp4zF49GS4FSpbfAwLH-Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
162.208.52.0/22
176.10.48.0/21
178.21.0.0/21
185.69.180.0/22
199.247.56.0/21
217.61.232.0/22
IPv6:
2a00:6e00::/32
Signature Algorithm: sha256WithRSAEncryption
48:14:5d:96:71:9e:34:4e:d7:db:b0:be:1b:33:59:bd:88:23:
44:9a:34:29:f3:69:d5:ee:3d:b7:a0:ac:92:5a:c1:c7:05:1e:
a4:32:9e:25:0c:c1:f3:01:7b:1c:e2:c5:78:fc:4c:97:1c:84:
5a:cc:03:d8:60:65:eb:e8:25:af:c9:ea:68:20:7a:ea:90:1e:
a3:e7:0d:22:d2:58:aa:a6:69:2c:d7:37:ca:74:47:5a:13:81:
7e:c2:32:70:34:b4:b1:a2:20:40:41:fd:0a:f4:32:f6:ea:ea:
cd:27:40:05:e8:c5:a4:d3:49:eb:9c:18:77:3c:f6:43:a0:66:
48:d1:fb:3f:df:9f:85:8b:67:ab:b6:d2:f4:38:e2:d6:13:72:
66:b9:9c:77:1d:4b:14:eb:32:98:34:51:1b:e6:98:9b:71:c7:
20:ba:ca:ff:da:39:d2:87:3f:2e:52:3e:11:5c:dc:0b:c0:57:
84:b2:09:02:5e:58:ff:ee:ef:a8:48:95:c0:92:21:27:9d:c4:
50:84:0c:05:3d:02:52:90:0a:50:18:e7:2d:87:27:19:27:5c:
7f:b7:1c:ac:94:04:4b:9a:7d:e7:1d:c8:2d:5c:2b:24:05:29:
87:d0:d9:d4:a9:43:c0:57:82:49:32:8e:85:bd:37:35:cc:ca:
99:bf:7a:3e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYKqt+Zt5KN1/gQ+2UoBT+kVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNDEwODc1Y2E3OGNjNWUzZDE5MmUwNTRhOTZkZjAzMDJj
N2Y5N2EwHhcNMjIwODE3MDczMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmFhNjU0NzI1ZTU2NWUyZTM1YmIyN2JkZThkYzE5MTM1ZDNlZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5v+xosgc+33Cm0Wd6+0jVHx616Y
Ou8rJkCoN8Kj5j+yRnJxTJ+QAuPXn754fUbPaGt88T1PTDD7JuBNA8NnXyYJJ17i
/YOJnfuV53YCKx67GeC/N9RENhQED3Nb6zjq4K/4hC/y8DeQhdteIqhA2WK5lgXQ
aPIvq/zK6XydouO46jEUsD+ItqDmI6P2hdW0nLmaRu/ReLNKsML5fXpVwUK9/Y6T
3yLZpnP8FEr2ex/4U5PRsQHkS+ZgabCZUIiVGbXXKzJm8ggdDmPWvHf9kXR2OkFG
5afIk7RKU1xn/3E5KZnpRlnxeYlm23h9yl6UzkwUxhAA+SSSAY+DXR+8OQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLuqZUcl5WXi41uye96NwZE10++1MB8GA1UdIwQY
MBaAFDNBCHXKeMxePRkuBUqW3wMCx/l6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTBFSWRjcDR6RjQ5R1M0RlNwYmZBd0xILVhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84YzA3YWUtZGU3Mi00NzZhLTgwMjkt
ZjA4MTZlMzhhZGRlLzEvdTZwbFJ5WGxaZUxqVzdKNzNvM0JrVFhUNzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84YzA3YWUtZGU3Mi00NzZhLTgwMjktZjA4MTZlMzhhZGRl
LzEvTTBFSWRjcDR6RjQ5R1M0RlNwYmZBd0xILVhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCotA0AwQD
sAowAwQDshUAAwQCuUW0AwQDx/c4AwQC2T3oMA0EAgACMAcDBQAqAG4AMA0GCSqG
SIb3DQEBCwUAA4IBAQBIFF2WcZ40TtfbsL4bM1m9iCNEmjQp82nV7j23oKySWsHH
BR6kMp4lDMHzAXsc4sV4/EyXHIRazAPYYGXr6CWvyepoIHrqkB6j5w0i0liqpmks
1zfKdEdaE4F+wjJwNLSxoiBAQf0K9DL26urNJ0AF6MWk00nrnBh3PPZDoGZI0fs/
35+Fi2erttL0OOLWE3JmuZx3HUsU6zKYNFEb5pibcccgusr/2jnShz8uUj4RXNwL
wFeEsgkCXlj/7u+oSJXAkiEnncRQhAwFPQJSkApQGOcthycZJ1x/txyslARLmn3n
HcgtXCskBSmH0NnUqUPAV4JJMo6FvTc1zMqZv3o+
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:09:39 2025 by rpki-client