Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/yUSjAV6bC0jCqgI7zwG6oNSnBnA.roa
File: yUSjAV6bC0jCqgI7zwG6oNSnBnA.roa (raw, json)
Hash identifier: l+Gm5EWiPFOgKfZatnRDNEabompHQ/kJ02VLFeyRGWc=
Subject key identifier: C9:44:A3:01:5E:9B:0B:48:C2:AA:02:3B:CF:01:BA:A0:D4:A7:06:70
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01828D2F9444FFBF775191E5C79054FD2DF0
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/yUSjAV6bC0jCqgI7zwG6oNSnBnA.roa
Signing time: Thu 11 Aug 2022 13:54:41 +0000
ROA not before: Thu 11 Aug 2022 13:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205215
IP address blocks: 185.218.208.0/22 maxlen: 22
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:2f:94:44:ff:bf:77:51:91:e5:c7:90:54:fd:2d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Aug 11 13:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c944a3015e9b0b48c2aa023bcf01baa0d4a70670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:80:cb:f9:8a:70:63:a3:b9:c6:18:b4:7c:a0:
24:fa:fa:c4:26:05:11:19:1f:3c:10:58:c8:e8:97:
c2:e6:4d:89:f1:3e:86:65:3b:60:bb:9e:6d:85:f1:
40:b0:77:f0:fe:a8:87:dd:d7:ea:0a:a8:96:27:70:
65:65:4b:1a:07:eb:d5:2f:b1:52:bd:10:5b:20:0c:
bd:c6:18:7a:44:aa:71:7a:7f:ed:70:94:cf:a6:e5:
5b:81:93:96:1f:a5:ba:6a:2b:64:fb:95:52:bc:11:
45:c9:4c:7d:0b:42:96:26:c4:de:21:ec:2c:08:91:
60:73:6d:92:84:c2:c5:f0:9b:2c:ae:ee:2b:5c:dc:
f0:a8:5c:18:42:e4:f9:7c:ad:60:76:c8:6b:fc:3f:
19:44:f3:b8:e0:ef:1a:92:39:4e:eb:3b:6a:29:4d:
2d:fa:9c:33:ed:83:2c:53:8d:4e:08:15:19:6c:dc:
c3:6a:fa:1e:1f:fa:e6:cb:8f:26:3d:49:e2:8e:7b:
fd:d7:56:eb:4b:ee:29:16:e6:cd:7e:cf:8d:51:2b:
b6:e9:20:c5:2b:ba:e6:84:cd:42:be:07:40:97:8d:
47:17:ad:6b:50:9d:6f:7c:87:57:1e:57:65:88:8b:
da:2e:09:39:ac:01:5a:26:b9:da:11:a3:aa:39:71:
cd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:44:A3:01:5E:9B:0B:48:C2:AA:02:3B:CF:01:BA:A0:D4:A7:06:70
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/yUSjAV6bC0jCqgI7zwG6oNSnBnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.208.0/22
IPv6:
2a0b:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:ad:d3:e8:f4:3e:9d:f1:b1:b8:10:8c:ab:73:fb:76:9e:87:
c5:01:91:81:db:d3:b5:ca:6a:82:f6:72:14:2d:80:fd:60:29:
bc:50:82:b6:a6:dd:e7:86:64:5e:2a:d6:e4:5f:70:db:18:79:
ae:53:69:f9:2b:44:ae:e5:dd:02:b3:15:17:ed:39:f8:a2:ab:
c4:94:ec:13:f8:68:9c:f4:9a:3e:9b:9b:36:fa:f3:aa:f1:e3:
24:35:87:05:2e:bc:5d:6c:4d:04:45:7a:83:04:5c:b6:d8:15:
3e:3e:8e:71:f6:00:1a:d7:21:08:fb:29:14:b8:9f:0b:ec:c5:
a4:23:df:9a:d0:2c:a9:a6:71:21:23:e3:d8:f7:35:09:f6:02:
71:9b:23:cb:1b:f2:79:15:5d:01:b6:d8:68:b5:60:0f:a4:67:
91:be:68:0d:f6:a6:53:72:c8:f1:d8:4c:f3:64:be:3c:0f:87:
d8:db:90:31:60:9d:33:b4:b7:ac:db:0e:09:07:df:37:bf:1b:
92:8a:30:6c:98:91:45:90:fd:86:ae:9e:d5:1f:db:e8:51:5e:
b2:79:79:9b:bc:04:68:01:a3:92:5b:19:19:4b:f5:ac:3f:07:
46:af:8a:d5:ba:26:02:d0:67:56:59:ce:d2:55:ec:08:82:91:
1b:b1:3d:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYKNL5RE/793UZHlx5BU/S3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIwODExMTM1NDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQ0YTMwMTVlOWIwYjQ4YzJhYTAyM2JjZjAxYmFhMGQ0YTcwNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYDL+YpwY6O5xhi0fKAk+vrEJgUR
GR88EFjI6JfC5k2J8T6GZTtgu55thfFAsHfw/qiH3dfqCqiWJ3BlZUsaB+vVL7FS
vRBbIAy9xhh6RKpxen/tcJTPpuVbgZOWH6W6aitk+5VSvBFFyUx9C0KWJsTeIews
CJFgc22ShMLF8Jssru4rXNzwqFwYQuT5fK1gdshr/D8ZRPO44O8akjlO6ztqKU0t
+pwz7YMsU41OCBUZbNzDavoeH/rmy48mPUnijnv911brS+4pFubNfs+NUSu26SDF
K7rmhM1CvgdAl41HF61rUJ1vfIdXHldliIvaLgk5rAFaJrnaEaOqOXHNPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlEowFemwtIwqoCO88BuqDUpwZwMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEveVVTakFWNmJDMGpDcWdJN3p3RzZvTlNuQm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudrQMA0E
AgACMAcDBQMqC+PAMA0GCSqGSIb3DQEBCwUAA4IBAQCqrdPo9D6d8bG4EIyrc/t2
nofFAZGB29O1ymqC9nIULYD9YCm8UIK2pt3nhmReKtbkX3DbGHmuU2n5K0Su5d0C
sxUX7Tn4oqvElOwT+Gic9Jo+m5s2+vOq8eMkNYcFLrxdbE0ERXqDBFy22BU+Po5x
9gAa1yEI+ykUuJ8L7MWkI9+a0CyppnEhI+PY9zUJ9gJxmyPLG/J5FV0BtthotWAP
pGeRvmgN9qZTcsjx2EzzZL48D4fY25AxYJ0ztLes2w4JB983vxuSijBsmJFFkP2G
rp7VH9voUV6yeXmbvARoAaOSWxkZS/WsPwdGr4rVuiYC0GdWWc7SVewIgpEbsT2m
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:38:26 2025 by rpki-client