Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/RzYL3YJ6LkCLyYrp9SbdT6HHsB0.roa
File: RzYL3YJ6LkCLyYrp9SbdT6HHsB0.roa (raw, json)
Hash identifier: breiUEisn1UNH5wl8dn+zwUTCJcEXudbQblcrsjmQgY=
Subject key identifier: 47:36:0B:DD:82:7A:2E:40:8B:C9:8A:E9:F5:26:DD:4F:A1:C7:B0:1D
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018679C67F0FE385EA52E0FB8C20E9B0A733
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/RzYL3YJ6LkCLyYrp9SbdT6HHsB0.roa
Signing time: Wed 22 Feb 2023 15:38:17 +0000
ROA not before: Wed 22 Feb 2023 15:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212477
IP address blocks: 85.203.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:79:c6:7f:0f:e3:85:ea:52:e0:fb:8c:20:e9:b0:a7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Feb 22 15:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47360bdd827a2e408bc98ae9f526dd4fa1c7b01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cd:bc:6e:7c:8a:0f:5a:ff:f5:ad:f4:2e:6c:
7b:0d:0f:33:cd:05:30:5d:5c:7f:aa:62:4e:c0:92:
c9:6b:cb:62:cd:d7:9d:5e:04:83:7c:54:d6:80:60:
76:5f:f3:2c:54:e9:26:13:c0:5e:9c:ab:f2:40:5d:
a3:4d:89:63:18:bc:35:cc:22:7b:30:33:d0:e7:8e:
ad:7e:4f:b1:0a:71:41:21:8a:d6:9f:3b:0b:1d:8b:
5c:ae:a8:b9:65:f2:d9:11:00:21:00:ce:e5:12:8a:
49:1d:47:32:09:78:c1:95:a4:8d:79:84:6a:65:7d:
07:98:90:77:9c:28:c9:bc:a3:2e:5e:bd:91:84:e6:
a0:5d:10:e3:df:11:5b:5c:8b:50:7b:7f:48:3f:e6:
11:58:30:ec:88:c7:40:fa:e5:d7:7b:4d:15:a4:ac:
3f:5d:3d:c0:89:ca:1d:66:ba:d4:56:d3:0f:85:85:
99:81:9b:b9:11:fe:91:91:5e:95:e3:db:0d:a9:3e:
53:1c:6c:37:a7:6a:f0:4c:49:87:41:d0:94:74:5d:
21:c3:9e:c2:1c:15:fc:ae:5d:19:50:11:51:bb:e8:
b2:3d:f5:e7:72:04:ce:45:c1:d6:41:60:85:a1:df:
e5:33:7a:90:4b:ef:40:f4:bb:d6:75:51:6b:31:cf:
48:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:36:0B:DD:82:7A:2E:40:8B:C9:8A:E9:F5:26:DD:4F:A1:C7:B0:1D
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/RzYL3YJ6LkCLyYrp9SbdT6HHsB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.40.0/22
Signature Algorithm: sha256WithRSAEncryption
78:42:b8:8d:57:3b:57:5c:26:8c:27:bc:f7:5c:7c:48:c7:65:
7e:d3:77:42:29:5c:ee:fa:3d:53:c7:b3:f0:6a:9c:69:c1:30:
b4:92:6b:f7:24:9a:54:4b:ef:2e:96:51:98:e7:0b:30:6d:f7:
55:14:7e:5e:0f:3f:21:8c:94:e6:09:2c:4e:23:b6:80:38:a6:
5d:da:67:a9:d1:06:87:e1:ff:d8:0c:ce:4a:8a:78:6f:a6:1c:
88:2e:f9:e6:f9:5a:6a:33:d6:6d:65:a1:a5:fb:b1:90:34:62:
5e:1f:a8:35:10:21:99:c8:9f:3b:b6:ae:e1:f4:1f:fb:bf:e6:
f6:d1:45:e2:48:20:68:f9:64:7a:7c:56:b1:74:e8:02:d8:3c:
81:0d:01:c7:fd:7d:50:f3:5a:6d:99:36:fa:06:7e:8b:cb:0a:
5d:4d:c5:76:49:49:99:9d:2b:38:bc:5b:6e:10:be:ae:47:a4:
a2:5b:ff:bc:6a:9b:7b:3b:06:79:eb:4d:34:0f:6e:c6:b3:70:
e3:e6:e8:bd:68:ea:8c:b7:6f:f2:fe:5a:62:b1:08:6c:a6:5f:
81:f7:7c:b7:71:5a:8d:b1:0d:24:e0:d6:4f:08:b4:93:a9:30:
00:2b:18:24:b4:31:5f:74:15:a1:6b:f2:b2:54:7d:de:e3:34:
ad:a3:4d:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ5xn8P44XqUuD7jCDpsKczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMjIyMTUzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM2MGJkZDgyN2EyZTQwOGJjOThhZTlmNTI2ZGQ0ZmExYzdiMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM28bnyKD1r/9a30Lmx7DQ8zzQUw
XVx/qmJOwJLJa8tizdedXgSDfFTWgGB2X/MsVOkmE8BenKvyQF2jTYljGLw1zCJ7
MDPQ546tfk+xCnFBIYrWnzsLHYtcrqi5ZfLZEQAhAM7lEopJHUcyCXjBlaSNeYRq
ZX0HmJB3nCjJvKMuXr2RhOagXRDj3xFbXItQe39IP+YRWDDsiMdA+uXXe00VpKw/
XT3AicodZrrUVtMPhYWZgZu5Ef6RkV6V49sNqT5THGw3p2rwTEmHQdCUdF0hw57C
HBX8rl0ZUBFRu+iyPfXncgTORcHWQWCFod/lM3qQS+9A9LvWdVFrMc9IawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEc2C92Cei5Ai8mK6fUm3U+hx7AdMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvUnpZTDNZSjZMa0NMeVlycDlTYmRUNkhIc0IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcsoMA0G
CSqGSIb3DQEBCwUAA4IBAQB4QriNVztXXCaMJ7z3XHxIx2V+03dCKVzu+j1Tx7Pw
apxpwTC0kmv3JJpUS+8ullGY5wswbfdVFH5eDz8hjJTmCSxOI7aAOKZd2mep0QaH
4f/YDM5KinhvphyILvnm+VpqM9ZtZaGl+7GQNGJeH6g1ECGZyJ87tq7h9B/7v+b2
0UXiSCBo+WR6fFaxdOgC2DyBDQHH/X1Q81ptmTb6Bn6LywpdTcV2SUmZnSs4vFtu
EL6uR6SiW/+8apt7OwZ56000D27Gs3Dj5ui9aOqMt2/y/lpisQhspl+B93y3cVqN
sQ0k4NZPCLSTqTAAKxgktDFfdBWha/KyVH3e4zSto03o
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:50:19 2025 by rpki-client