Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/I61qQ1DmSsHZq27gzBklLQwAXqU.roa
File: I61qQ1DmSsHZq27gzBklLQwAXqU.roa (raw, json)
Hash identifier: XWvlGKJKsfxO56Gsb3/bcJ72CiTxyDVk2mynLL4x2Y4=
Subject key identifier: 23:AD:6A:43:50:E6:4A:C1:D9:AB:6E:E0:CC:19:25:2D:0C:00:5E:A5
Certificate issuer: /CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Certificate serial: 2271B9
Authority key identifier: A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/I61qQ1DmSsHZq27gzBklLQwAXqU.roa
Signing time: Sat 01 Jan 2022 00:55:13 +0000
ROA not before: Sat 01 Jan 2022 00:55:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200107
IP address blocks: 185.85.15.0/24 maxlen: 24
185.85.14.0/24 maxlen: 24
185.85.12.0/24 maxlen: 24
185.54.222.0/24 maxlen: 24
185.54.220.0/24 maxlen: 24
93.159.226.0/24 maxlen: 24
93.159.230.0/23 maxlen: 23
93.159.228.0/23 maxlen: 23
77.74.178.0/23 maxlen: 23
77.74.176.0/24 maxlen: 24
77.74.176.0/23 maxlen: 24
82.202.185.0/24 maxlen: 24
82.202.184.0/24 maxlen: 24
77.74.183.0/24 maxlen: 24
77.74.180.0/24 maxlen: 24
77.74.181.0/24 maxlen: 24
2a03:2480:802f::/48 maxlen: 48
2a03:2480:802a::/48 maxlen: 48
2a03:2480:8025::/48 maxlen: 48
2a03:2480:8020::/48 maxlen: 48
2a03:2480:80::/48 maxlen: 48
2a03:2480:8023::/48 maxlen: 48
2a03:2480:8027::/48 maxlen: 48
2a03:2480:8022::/48 maxlen: 48
2a03:2480:8000::/44 maxlen: 44
2a03:2480:8031::/48 maxlen: 48
2a03:2480:802c::/48 maxlen: 48
2a03:2480:70::/48 maxlen: 48
2a03:2480:8030::/48 maxlen: 48
2a03:2480:8033::/48 maxlen: 48
2a03:2480:802e::/48 maxlen: 48
2a03:2480:8029::/48 maxlen: 48
2a03:2480:69::/48 maxlen: 48
2a03:2480:8024::/48 maxlen: 48
2a03:2480:8032::/48 maxlen: 48
2a03:2480:802d::/48 maxlen: 48
2a03:2480:8010::/44 maxlen: 44
2a03:2480:8028::/48 maxlen: 48
2a03:2480:68::/48 maxlen: 48
2a03:2480:802b::/48 maxlen: 48
2a03:2480:8026::/48 maxlen: 48
2a03:2480:8021::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2257337 (0x2271b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Validity
Not Before: Jan 1 00:55:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23ad6a4350e64ac1d9ab6ee0cc19252d0c005ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:41:b1:9b:00:9d:2b:22:e3:35:63:b1:9b:
30:04:cb:ba:ca:54:8d:18:46:fc:3d:4b:81:0a:10:
94:41:bf:5c:aa:91:21:c8:d6:e4:b7:7b:58:ff:48:
53:1e:8d:2b:76:44:a1:55:99:55:ea:3f:f0:bb:62:
80:44:3a:23:6a:1d:72:1d:e6:4d:57:5c:0c:a3:1a:
f2:26:a3:00:98:02:3f:ac:6a:43:c5:fd:5d:30:d1:
45:fe:f8:48:c3:db:c7:9b:77:cd:dd:c2:5c:1a:e5:
5f:9e:52:4c:6c:a6:1a:ec:05:de:3a:45:80:9d:b1:
b1:3d:08:5e:2f:bf:b3:e3:02:b2:e4:83:66:ad:14:
35:e1:78:27:84:0c:bd:bc:51:05:bb:1a:04:d4:2a:
33:69:29:45:50:19:be:5f:f1:e9:11:eb:e0:8e:5a:
8a:aa:45:1e:b1:c1:07:f3:b6:0c:ec:4a:ef:5b:89:
a6:ea:4f:b7:0a:89:30:ba:d1:db:97:f3:b2:f9:43:
18:81:b2:51:e2:15:0a:c1:03:0b:f8:81:44:25:c9:
08:33:e1:b0:a1:9d:be:6b:c0:62:8c:32:d1:cd:12:
a5:23:71:a7:b6:61:4d:3e:ed:01:c8:4a:03:97:79:
b2:47:03:9e:c5:8b:57:6a:4d:bd:4b:a2:32:a3:b4:
3d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AD:6A:43:50:E6:4A:C1:D9:AB:6E:E0:CC:19:25:2D:0C:00:5E:A5
X509v3 Authority Key Identifier:
keyid:A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/I61qQ1DmSsHZq27gzBklLQwAXqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.176.0-77.74.181.255
77.74.183.0/24
82.202.184.0/23
93.159.226.0/24
93.159.228.0/22
185.54.220.0/24
185.54.222.0/24
185.85.12.0/24
185.85.14.0/23
IPv6:
2a03:2480:68::/47
2a03:2480:70::/48
2a03:2480:80::/48
2a03:2480:8000::-2a03:2480:8033:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
22:5b:b5:7e:22:99:15:89:f6:4e:8a:58:06:31:bf:4e:ac:34:
df:3d:99:b9:3c:96:44:21:28:9c:17:80:79:fb:89:b7:bc:c4:
67:83:0b:77:d8:9f:43:56:81:88:b8:09:ef:d9:a0:f5:fd:00:
09:f5:38:41:f2:a1:71:77:94:11:67:c8:bb:27:51:71:80:20:
07:78:a3:46:7e:9a:7e:5f:fd:53:34:65:54:f1:ad:26:ed:db:
c8:2c:31:dc:fc:f0:40:dd:52:c5:c4:1e:7e:77:3c:2f:7e:ad:
33:9a:5c:71:1b:5f:24:30:e3:0e:39:3f:e8:8a:32:1a:bc:1c:
e8:3b:10:87:d3:50:4d:28:7f:a0:63:07:a0:86:56:0c:ed:05:
8f:90:f2:90:f3:9f:6a:3e:9a:e7:33:3c:ee:84:18:1b:4d:cb:
de:3d:70:38:68:74:32:7e:53:98:ed:32:4e:28:7e:3c:26:b5:
28:17:74:a9:8c:c2:89:45:38:66:56:ca:0c:de:03:2c:28:9d:
5d:5d:af:14:82:9e:47:70:00:03:f0:6d:f1:d3:3b:7b:37:5d:
3d:78:4c:c3:82:c1:19:69:f7:05:d7:37:65:39:38:6e:40:d7:
69:8e:b1:fc:e4:f4:26:94:3f:38:d8:e2:e6:60:bf:be:54:bf:
f7:a7:92:57
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIDInG5MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE3
ZDg1YWRlMmIwZDRlYzFjYTA5MmE4ZTI3MDNjMTkyMDBjNzJmMzIwHhcNMjIwMTAx
MDA1NTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyM2FkNmE0MzUwZTY0
YWMxZDlhYjZlZTBjYzE5MjUyZDBjMDA1ZWE1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAteVBsZsAnSsi4zVjsZswBMu6ylSNGEb8PUuBChCUQb9cqpEh
yNbkt3tY/0hTHo0rdkShVZlV6j/wu2KARDojah1yHeZNV1wMoxryJqMAmAI/rGpD
xf1dMNFF/vhIw9vHm3fN3cJcGuVfnlJMbKYa7AXeOkWAnbGxPQheL7+z4wKy5INm
rRQ14XgnhAy9vFEFuxoE1CozaSlFUBm+X/HpEevgjlqKqkUescEH87YM7ErvW4mm
6k+3CokwutHbl/Oy+UMYgbJR4hUKwQML+IFEJckIM+GwoZ2+a8BijDLRzRKlI3Gn
tmFNPu0ByEoDl3myRwOexYtXak29S6Iyo7Q9ZQIDAQABo4ICeDCCAnQwHQYDVR0O
BBYEFCOtakNQ5krB2atu4MwZJS0MAF6lMB8GA1UdIwQYMBaAFKfYWt4rDU7Bygkq
jicDwZIAxy8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYtMDRiMGJmNjBiOWI3LzEv
STYxcVExRG1Tc0hacTI3Z3pCa2xMUXdBWHFVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80
MDMxNDItZGNmYy00ZmI1LWFlMWYtMDRiMGJmNjBiOWI3LzEvcDloYTNpc05Uc0hL
Q1NxT0p3UEJrZ0RITHpJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGN
BggrBgEFBQcBBwEB/wR+MHwwRAQCAAEwPjAMAwQETUqwAwQBTUq0AwQATUq3AwQB
Usq4AwQAXZ/iAwQCXZ/kAwQAuTbcAwQAuTbeAwQAuVUMAwQBuVUOMDQEAgACMC4D
BwEqAySAAGgDBwAqAySAAHADBwAqAySAAIAwEQMGByoDJICAAwcCKgMkgIAwMA0G
CSqGSIb3DQEBCwUAA4IBAQAiW7V+IpkVifZOilgGMb9OrDTfPZm5PJZEISicF4B5
+4m3vMRngwt32J9DVoGIuAnv2aD1/QAJ9ThB8qFxd5QRZ8i7J1FxgCAHeKNGfpp+
X/1TNGVU8a0m7dvILDHc/PBA3VLFxB5+dzwvfq0zmlxxG18kMOMOOT/oijIavBzo
OxCH01BNKH+gYweghlYM7QWPkPKQ859qPprnMzzuhBgbTcvePXA4aHQyflOY7TJO
KH48JrUoF3SpjMKJRThmVsoM3gMsKJ1dXa8Ugp5HcAAD8G3x0zt7N109eEzDgsEZ
afcF1zdlOThuQNdpjrH85PQmlD842OLmYL++VL/3p5JX
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:57:50 2025 by rpki-client