Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/_iSqCHfnUjUq5fA0_kwAk4aoGxU.roa
File: _iSqCHfnUjUq5fA0_kwAk4aoGxU.roa (raw, json)
Hash identifier: qdEClMPlbOMsjakV37XzkAgzge3yoV1N8zd5af7/dzI=
Subject key identifier: FE:24:AA:08:77:E7:52:35:2A:E5:F0:34:FE:4C:00:93:86:A8:1B:15
Certificate issuer: /CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Certificate serial: 01835B9DC6F82BB7A9C1D859341C45C756F2
Authority key identifier: 38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/_iSqCHfnUjUq5fA0_kwAk4aoGxU.roa
Signing time: Tue 20 Sep 2022 15:56:50 +0000
ROA not before: Tue 20 Sep 2022 15:56:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56911
IP address blocks: 185.225.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5b:9d:c6:f8:2b:b7:a9:c1:d8:59:34:1c:45:c7:56:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3815ed0fa620c801aaa9a6f14f6596d7ec9750a1
Validity
Not Before: Sep 20 15:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe24aa0877e752352ae5f034fe4c009386a81b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:e7:85:72:de:48:8f:c1:b3:54:04:73:14:
7b:bd:a0:02:88:35:0b:04:26:2f:9f:6a:de:5d:23:
89:73:5f:9c:d5:29:31:62:ae:54:f2:52:c6:62:e7:
62:2e:1c:a9:a3:c9:9e:78:dd:ef:7f:f0:90:e4:2c:
cd:83:e9:94:bc:e7:4c:ac:04:3d:f7:84:59:13:2c:
08:39:c8:e9:02:24:54:0a:97:64:ca:6e:e5:7a:2d:
39:5c:6b:55:64:d7:90:e4:2c:bd:0a:f1:4e:05:1e:
c2:c5:f3:ef:8e:1b:8c:4c:4a:e4:6e:67:8e:69:a6:
fa:92:cd:fe:60:ed:ed:c3:00:9e:25:79:fa:9c:ad:
7d:5c:1e:eb:9d:82:fd:8d:5d:68:44:1c:3a:ec:ed:
72:1a:18:37:57:d7:58:24:42:a4:19:0b:41:c2:75:
aa:b9:b0:37:16:2b:99:11:ad:17:13:3e:aa:2c:f3:
d5:92:a8:c9:dd:eb:d4:1e:a4:0b:48:a8:d2:29:19:
6e:12:c3:ec:d5:db:0b:c7:4a:77:c2:df:06:f4:06:
ba:3c:02:e0:97:72:21:e4:0e:1d:16:a5:8d:c7:70:
1b:a1:bf:68:5c:70:7c:35:77:54:d6:6a:5e:07:22:
14:81:ec:08:88:18:b2:40:cf:c5:30:4f:3b:88:ac:
1b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:24:AA:08:77:E7:52:35:2A:E5:F0:34:FE:4C:00:93:86:A8:1B:15
X509v3 Authority Key Identifier:
keyid:38:15:ED:0F:A6:20:C8:01:AA:A9:A6:F1:4F:65:96:D7:EC:97:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OBXtD6YgyAGqqabxT2WW1-yXUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/_iSqCHfnUjUq5fA0_kwAk4aoGxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/32da40-0cbf-4244-b1a4-f35a445635ca/1/OBXtD6YgyAGqqabxT2WW1-yXUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.60.0/22
Signature Algorithm: sha256WithRSAEncryption
50:9c:01:05:80:a2:9b:ac:79:4f:b1:64:9d:8f:e9:1f:93:d2:
1c:74:45:7d:bf:e4:c5:35:30:5a:22:0d:9d:c6:fe:08:c8:87:
b7:37:a1:78:70:11:f4:0a:e3:a4:af:b3:1a:a5:98:d1:c6:f7:
6c:06:b4:2d:c6:52:e5:b7:cf:2b:36:c1:8d:46:de:c4:65:70:
22:71:60:11:46:93:e7:34:42:1b:10:6b:3b:4c:e6:9e:2a:06:
90:60:e1:61:fc:53:e2:54:37:11:75:9e:f7:48:c2:5b:0b:b4:
2b:1a:22:c2:b3:89:64:13:a2:ee:3f:8a:06:13:e7:7a:94:08:
f1:a8:e3:c4:c6:16:bf:7c:24:d9:36:27:58:dd:a2:f8:c9:60:
95:1c:c1:12:0d:18:cf:24:bb:6f:f7:14:c3:7c:38:25:56:fb:
5f:03:c3:af:16:15:30:db:fe:2d:8f:04:f2:1a:fc:99:f8:0c:
64:21:73:af:ca:4e:22:52:ec:2f:ad:c7:ab:b0:ca:cc:45:38:
1b:95:22:fc:34:72:fd:92:eb:f7:70:76:a7:73:83:05:d5:a5:
97:34:bd:f3:ac:fc:6e:7f:a8:cd:88:81:7c:fc:ee:1e:4b:9d:
b3:01:50:e5:3d:16:ad:c5:e8:5b:ed:79:10:88:88:50:eb:a9:
00:ba:a2:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNbncb4K7epwdhZNBxFx1byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MTVlZDBmYTYyMGM4MDFhYWE5YTZmMTRmNjU5NmQ3ZWM5
NzUwYTEwHhcNMjIwOTIwMTU1NjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTI0YWEwODc3ZTc1MjM1MmFlNWYwMzRmZTRjMDA5Mzg2YTgxYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJDnhXLeSI/Bs1QEcxR7vaACiDUL
BCYvn2reXSOJc1+c1SkxYq5U8lLGYudiLhypo8meeN3vf/CQ5CzNg+mUvOdMrAQ9
94RZEywIOcjpAiRUCpdkym7lei05XGtVZNeQ5Cy9CvFOBR7CxfPvjhuMTErkbmeO
aab6ks3+YO3twwCeJXn6nK19XB7rnYL9jV1oRBw67O1yGhg3V9dYJEKkGQtBwnWq
ubA3FiuZEa0XEz6qLPPVkqjJ3evUHqQLSKjSKRluEsPs1dsLx0p3wt8G9Aa6PALg
l3Ih5A4dFqWNx3Abob9oXHB8NXdU1mpeByIUgewIiBiyQM/FME87iKwb4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4kqgh351I1KuXwNP5MAJOGqBsVMB8GA1UdIwQY
MBaAFDgV7Q+mIMgBqqmm8U9lltfsl1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQt
ZjM1YTQ0NTYzNWNhLzEvX2lTcUNIZm5ValVxNWZBMF9rd0FrNGFvR3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zMmRhNDAtMGNiZi00MjQ0LWIxYTQtZjM1YTQ0NTYzNWNh
LzEvT0JYdEQ2WWd5QUdxcWFieFQyV1cxLXlYVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueE8MA0G
CSqGSIb3DQEBCwUAA4IBAQBQnAEFgKKbrHlPsWSdj+kfk9IcdEV9v+TFNTBaIg2d
xv4IyIe3N6F4cBH0CuOkr7MapZjRxvdsBrQtxlLlt88rNsGNRt7EZXAicWARRpPn
NEIbEGs7TOaeKgaQYOFh/FPiVDcRdZ73SMJbC7QrGiLCs4lkE6LuP4oGE+d6lAjx
qOPExha/fCTZNidY3aL4yWCVHMESDRjPJLtv9xTDfDglVvtfA8OvFhUw2/4tjwTy
GvyZ+AxkIXOvyk4iUuwvrcersMrMRTgblSL8NHL9kuv3cHanc4MF1aWXNL3zrPxu
f6jNiIF8/O4eS52zAVDlPRatxehb7XkQiIhQ66kAuqJi
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:14:11 2025 by rpki-client