Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/s26SdAkz2AqmaUEIUhtWyTozvJ4.roa
File: s26SdAkz2AqmaUEIUhtWyTozvJ4.roa (raw, json)
Hash identifier: IIhwSkW+iTwfHnVleamhcEZnhe1Kp7Qk/ZHRSwcpqe4=
Subject key identifier: B3:6E:92:74:09:33:D8:0A:A6:69:41:08:52:1B:56:C9:3A:33:BC:9E
Certificate issuer: /CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Certificate serial: 016AD85C
Authority key identifier: B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/s26SdAkz2AqmaUEIUhtWyTozvJ4.roa
Signing time: Sat 01 Jan 2022 16:06:31 +0000
ROA not before: Sat 01 Jan 2022 16:06:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35205
IP address blocks: 185.48.208.0/22 maxlen: 22
80.84.192.0/19 maxlen: 19
80.84.192.0/22 maxlen: 22
80.84.192.0/20 maxlen: 20
80.84.208.0/21 maxlen: 21
80.84.208.0/20 maxlen: 20
2a04:a080::/30 maxlen: 30
2a04:a080::/29 maxlen: 29
2a04:a084::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23779420 (0x16ad85c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Validity
Not Before: Jan 1 16:06:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b36e92740933d80aa6694108521b56c93a33bc9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f7:a5:b3:28:52:5e:c0:16:ba:60:42:09:52:
b7:b1:cf:26:f6:22:51:bf:ea:f4:c2:37:06:94:ad:
e9:16:91:f7:26:e8:bd:57:fa:ec:3f:e1:d3:3a:1d:
a0:bd:65:79:d8:97:31:92:ef:5c:c9:ba:4a:34:fc:
7b:54:99:2e:e2:d6:15:4a:5f:c6:39:ea:72:53:dd:
d1:23:e5:07:60:11:d5:a4:ea:4a:4c:a8:01:01:4e:
81:56:1a:0b:3a:63:08:56:28:67:d0:f4:a4:c6:60:
5c:f5:5a:67:3d:75:c0:6d:6f:87:e4:bb:3b:12:b6:
3e:a3:69:62:af:6b:a6:a1:2a:0c:09:85:50:65:c6:
99:cc:23:ac:1d:fb:1b:cf:e2:bc:73:b1:ff:08:4d:
ed:6f:06:06:a6:b0:74:8a:fc:8c:91:f4:55:b1:17:
70:6e:5b:4f:0c:5c:a6:91:f8:7b:24:60:0e:7f:f2:
ec:00:41:21:e5:e2:8b:f8:0c:1a:44:66:b7:27:38:
03:a0:15:e6:f2:27:ad:81:cd:25:e8:54:fe:0c:9f:
b7:7c:b4:4a:d7:7f:92:d9:99:12:30:ca:42:f4:be:
58:fa:43:01:0f:41:31:8c:59:7d:9c:43:0b:59:a5:
0a:b9:20:94:e2:ee:ce:9e:bb:c0:bf:92:58:e9:ee:
ec:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6E:92:74:09:33:D8:0A:A6:69:41:08:52:1B:56:C9:3A:33:BC:9E
X509v3 Authority Key Identifier:
keyid:B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/s26SdAkz2AqmaUEIUhtWyTozvJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.192.0/19
185.48.208.0/22
IPv6:
2a04:a080::/29
Signature Algorithm: sha256WithRSAEncryption
a2:e0:94:cb:6c:49:97:37:b6:b1:d8:18:9e:69:55:2c:56:c3:
ab:c4:8f:db:fb:8c:56:03:ba:45:ab:af:e8:13:e8:af:19:54:
98:87:58:68:ee:4e:7b:51:75:94:7a:bd:1c:92:f9:72:f6:f5:
78:5a:30:27:d9:9c:38:20:88:f0:f8:4c:32:b0:3b:35:9b:9e:
8c:10:eb:1a:11:83:aa:b1:a3:61:df:36:98:11:8e:c3:94:ad:
2f:0e:0e:9f:87:a7:3d:bf:38:73:05:1e:42:b9:0c:83:01:f5:
f3:12:53:e4:a5:93:1d:71:22:0b:84:04:24:2a:26:48:6d:c0:
d7:33:84:c3:7e:3e:a6:1a:2f:48:01:73:4a:01:a8:26:8f:c7:
f8:6a:77:ad:27:dc:01:a4:a4:f2:29:bb:8f:9b:c4:b4:22:09:
9e:5e:95:04:dc:e3:0a:3c:65:63:80:8e:30:a7:c4:97:39:88:
77:a9:61:88:e8:50:92:33:b9:1a:95:74:cd:76:1f:af:c7:6b:
84:18:32:fd:bb:b7:f2:34:52:8b:9a:95:f6:b8:28:a0:73:6d:
cf:52:ca:10:6a:69:87:ca:24:b9:00:76:4a:76:c8:e4:98:36:
d2:76:7b:4c:47:dc:87:03:40:f7:9d:17:12:bc:d1:c2:c1:13:
4c:21:f7:ca
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAWrYXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmVjMWJhNjg1NGJiZjViYzNlZDU1NGZmN2ZlZjNiYTVmZTRjYjUxMB4XDTIyMDEw
MTE2MDYzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM2ZTkyNzQwOTMz
ZDgwYWE2Njk0MTA4NTIxYjU2YzkzYTMzYmM5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJj3pbMoUl7AFrpgQglSt7HPJvYiUb/q9MI3BpSt6RaR9ybo
vVf67D/h0zodoL1lediXMZLvXMm6SjT8e1SZLuLWFUpfxjnqclPd0SPlB2AR1aTq
SkyoAQFOgVYaCzpjCFYoZ9D0pMZgXPVaZz11wG1vh+S7OxK2PqNpYq9rpqEqDAmF
UGXGmcwjrB37G8/ivHOx/whN7W8GBqawdIr8jJH0VbEXcG5bTwxcppH4eyRgDn/y
7ABBIeXii/gMGkRmtyc4A6AV5vInrYHNJehU/gyft3y0Std/ktmZEjDKQvS+WPpD
AQ9BMYxZfZxDC1mlCrkglOLuzp67wL+SWOnu7P0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSzbpJ0CTPYCqZpQQhSG1bJOjO8njAfBgNVHSMEGDAWgBSy7BumhUu/W8Pt
VU/3/vO6X+TLUTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N1d2Jwb1ZMdjF2RDdWVlA5Xzd6dWxfa3kxRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvNTI3OWVmLWExYzktNGRhMi1hMWM1LTFkOGQ5MzNkNmMwMC8x
L3MyNlNkQWt6MkFxbWFVRUlVaHRXeVRvenZKNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
NTI3OWVmLWExYzktNGRhMi1hMWM1LTFkOGQ5MzNkNmMwMC8xL3N1d2Jwb1ZMdjF2
RDdWVlA5Xzd6dWxfa3kxRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVBUwAMEArkw0DANBAIAAjAHAwUD
KgSggDANBgkqhkiG9w0BAQsFAAOCAQEAouCUy2xJlze2sdgYnmlVLFbDq8SP2/uM
VgO6Rauv6BPorxlUmIdYaO5Oe1F1lHq9HJL5cvb1eFowJ9mcOCCI8PhMMrA7NZue
jBDrGhGDqrGjYd82mBGOw5StLw4On4enPb84cwUeQrkMgwH18xJT5KWTHXEiC4QE
JComSG3A1zOEw34+phovSAFzSgGoJo/H+Gp3rSfcAaSk8im7j5vEtCIJnl6VBNzj
CjxlY4COMKfElzmId6lhiOhQkjO5GpV0zXYfr8drhBgy/bu38jRSi5qV9rgooHNt
z1LKEGpph8okuQB2SnbI5Jg20nZ7TEfchwNA950XErzRwsETTCH3yg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:08 2025 by rpki-client