Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/RBgAkfHroaa4ZzpiYMJqJaD1ry4.roa
File: RBgAkfHroaa4ZzpiYMJqJaD1ry4.roa (raw, json)
Hash identifier: hp0u7Xh32iBmnm27B6iHXR2l2ZgktZsoMYtNKQ0GWbs=
Subject key identifier: 44:18:00:91:F1:EB:A1:A6:B8:67:3A:62:60:C2:6A:25:A0:F5:AF:2E
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01856B40C85D7D00FCBFC9AD9A3A37A478AB
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/RBgAkfHroaa4ZzpiYMJqJaD1ry4.roa
Signing time: Sun 01 Jan 2023 02:54:45 +0000
ROA not before: Sun 01 Jan 2023 02:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205888
IP address blocks: 188.85.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:c8:5d:7d:00:fc:bf:c9:ad:9a:3a:37:a4:78:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 1 02:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44180091f1eba1a6b8673a6260c26a25a0f5af2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:44:99:d9:22:f8:3f:23:03:9c:42:50:e9:00:
5c:1c:61:05:02:31:47:a1:e6:84:e3:60:c9:1b:9f:
0f:f9:0b:77:42:c2:9f:06:78:f2:8c:76:e9:67:c0:
56:f3:ea:79:17:70:e0:4d:92:14:68:e8:05:71:01:
02:49:11:c7:d0:f5:d0:ab:89:fd:8d:f5:c7:76:67:
97:96:b4:ac:6b:14:a1:58:3a:d0:28:e5:58:af:89:
bb:5c:3b:4d:62:d5:14:39:36:0e:69:c2:5c:06:c7:
d7:ff:bf:11:af:00:33:e7:a1:36:b6:1e:8f:90:31:
c7:ea:ae:43:cc:ab:ae:24:05:86:1f:47:a5:64:fa:
d4:f8:89:2b:f3:a9:a2:71:2a:b5:3e:ad:c2:fc:06:
af:47:90:f2:ba:b6:3d:b5:e8:f3:9b:18:aa:13:5a:
58:c8:3f:5f:bf:94:b5:15:ea:25:1d:1d:1c:eb:25:
7c:d7:34:1e:d8:82:70:a0:65:06:a4:28:27:ce:82:
24:3b:5c:f3:e5:a1:aa:55:c9:45:bd:de:04:17:54:
b1:50:40:7f:77:14:5a:42:57:a3:76:b7:89:b9:78:
8f:5f:3f:13:72:05:50:6a:69:6c:ef:33:17:2a:33:
fc:a2:2b:e8:e4:07:8a:1a:d8:58:6b:21:59:71:a0:
ff:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:18:00:91:F1:EB:A1:A6:B8:67:3A:62:60:C2:6A:25:A0:F5:AF:2E
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/RBgAkfHroaa4ZzpiYMJqJaD1ry4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.85.140.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:e2:29:90:09:59:23:4d:c7:9e:fa:95:9f:5c:51:46:78:bc:
2c:04:ca:96:53:f1:73:b1:63:d3:ea:84:63:36:87:69:9e:a3:
86:29:b4:a4:9b:c1:09:c1:57:56:65:28:93:fa:ce:63:b5:66:
7d:10:e2:5f:7a:d5:82:d1:6c:1d:1d:b4:84:fd:55:30:c2:f6:
00:67:1a:c8:15:e4:54:e0:e7:04:c5:09:bc:c5:ea:44:65:c5:
51:16:8c:d3:c5:7e:14:53:73:87:03:cf:70:30:c7:0d:c7:c6:
14:c6:4f:e7:12:42:47:ba:13:e4:40:84:d3:2c:70:f5:ae:24:
68:29:58:eb:6a:39:4f:c1:2d:2e:d0:43:49:81:70:dc:3f:64:
d2:b1:91:f9:e9:e5:0b:06:06:e0:2f:c4:69:00:0b:2e:fa:d0:
74:0f:ee:40:6c:63:01:b5:28:43:77:28:ba:0d:77:ea:44:15:
b9:8a:9f:09:84:e9:80:d2:47:ba:c8:b9:61:bc:b1:74:3a:10:
db:f0:8d:59:5a:3f:66:57:7b:9e:a1:14:bb:4f:00:2b:01:c4:
55:43:e0:d0:dc:9d:c3:f2:86:8d:ee:d2:c6:53:fa:67:45:b6:
4f:fa:e3:a8:24:5a:e2:c5:4b:72:bd:a0:4f:f3:2d:d3:1f:ff:
3e:09:6a:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrQMhdfQD8v8mtmjo3pHirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjMwMTAxMDI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDE4MDA5MWYxZWJhMWE2Yjg2NzNhNjI2MGMyNmEyNWEwZjVhZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgESZ2SL4PyMDnEJQ6QBcHGEFAjFH
oeaE42DJG58P+Qt3QsKfBnjyjHbpZ8BW8+p5F3DgTZIUaOgFcQECSRHH0PXQq4n9
jfXHdmeXlrSsaxShWDrQKOVYr4m7XDtNYtUUOTYOacJcBsfX/78RrwAz56E2th6P
kDHH6q5DzKuuJAWGH0elZPrU+Ikr86micSq1Pq3C/AavR5DyurY9tejzmxiqE1pY
yD9fv5S1FeolHR0c6yV81zQe2IJwoGUGpCgnzoIkO1zz5aGqVclFvd4EF1SxUEB/
dxRaQlejdreJuXiPXz8TcgVQamls7zMXKjP8oivo5AeKGthYayFZcaD/IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQYAJHx66GmuGc6YmDCaiWg9a8uMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvUkJnQWtmSHJvYWE0WnpwaVlNSnFKYUQxcnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvFWMMA0G
CSqGSIb3DQEBCwUAA4IBAQCj4imQCVkjTcee+pWfXFFGeLwsBMqWU/FzsWPT6oRj
NodpnqOGKbSkm8EJwVdWZSiT+s5jtWZ9EOJfetWC0WwdHbSE/VUwwvYAZxrIFeRU
4OcExQm8xepEZcVRFozTxX4UU3OHA89wMMcNx8YUxk/nEkJHuhPkQITTLHD1riRo
KVjrajlPwS0u0ENJgXDcP2TSsZH56eULBgbgL8RpAAsu+tB0D+5AbGMBtShDdyi6
DXfqRBW5ip8JhOmA0ke6yLlhvLF0OhDb8I1ZWj9mV3ueoRS7TwArAcRVQ+DQ3J3D
8oaN7tLGU/pnRbZP+uOoJFrixUtyvaBP8y3TH/8+CWoJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:39 2025 by rpki-client