Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rbPs0IZq193Ty1AKmDmAJ2WmnCA.roa
File: rbPs0IZq193Ty1AKmDmAJ2WmnCA.roa (raw, json)
Hash identifier: xClV+logJm/0jp8vuaFrKJuPK+dUEddK9iYDw6DtXaY=
Subject key identifier: AD:B3:EC:D0:86:6A:D7:DD:D3:CB:50:0A:98:39:80:27:65:A6:9C:20
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0566B31F
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rbPs0IZq193Ty1AKmDmAJ2WmnCA.roa
Signing time: Sat 01 Jan 2022 15:07:18 +0000
ROA not before: Sat 01 Jan 2022 15:07:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.203.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90616607 (0x566b31f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adb3ecd0866ad7ddd3cb500a9839802765a69c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:55:5a:23:97:dd:05:de:12:d5:9c:e7:76:05:
a6:05:e7:df:2c:f7:44:b0:0b:56:4c:e0:af:05:ba:
35:5f:0b:03:43:cd:b8:d0:95:ac:e6:8f:0f:da:ec:
ab:3b:a3:c9:4d:95:30:b1:ee:0f:99:b2:c4:a4:98:
a9:84:eb:75:09:89:a8:5a:cc:5a:c7:d9:47:8b:79:
d4:85:1d:43:97:9d:6a:13:a4:5a:d5:43:82:84:a0:
96:92:25:49:1c:fa:f9:0c:6a:ac:4d:b2:3a:79:9d:
3a:13:2f:d5:eb:cc:88:71:7e:df:7b:31:1b:2f:29:
35:84:cd:f2:42:c8:ca:6f:8f:6e:6d:38:c9:73:fa:
7e:ae:0d:4f:59:3c:1b:95:84:99:7d:56:43:3b:e6:
e0:ac:88:07:62:10:1c:00:0c:12:36:b5:f0:2d:fd:
cc:29:f9:91:9b:bc:97:d2:7d:c4:80:d7:e6:35:a3:
34:e4:b5:f4:2b:b8:e5:cd:6f:46:15:a4:6f:2c:ee:
30:49:11:87:94:ca:1c:39:31:6b:be:f9:26:14:7e:
2c:33:dc:36:fb:74:31:2c:25:be:69:d1:b6:7b:bb:
12:08:15:5f:da:a9:90:78:6e:f1:1d:cb:77:cc:f1:
b3:c8:c9:a2:8e:3d:94:49:b1:b5:ef:79:67:2a:62:
8d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B3:EC:D0:86:6A:D7:DD:D3:CB:50:0A:98:39:80:27:65:A6:9C:20
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/rbPs0IZq193Ty1AKmDmAJ2WmnCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
71:dc:cb:da:c0:c4:3c:50:d1:f5:f5:77:9b:70:46:5d:8c:67:
29:08:7f:d4:70:11:89:51:30:f3:77:e6:64:2d:86:a2:c9:5c:
29:43:06:2e:8f:59:e2:42:f3:73:db:89:f3:69:dc:0c:e5:8d:
1c:43:71:a3:12:aa:45:5d:27:3d:df:cf:e5:bc:7c:77:92:56:
35:eb:09:24:b7:0f:c4:5e:62:9d:95:e3:24:8d:6f:7c:83:f1:
e6:ff:e1:37:56:b9:22:05:f3:53:e9:e2:24:6f:12:e9:d3:a0:
5e:6a:e9:ca:a9:44:b1:97:60:d3:8d:39:10:1f:a8:ef:e2:79:
30:38:d9:3a:52:56:bd:a9:c0:2b:36:8e:83:48:d3:14:4e:b5:
58:ba:23:74:0e:ae:2b:47:03:1f:02:e2:ca:70:d1:8c:b5:1c:
fc:c9:0b:6b:4b:ae:58:55:a2:04:79:0e:54:4b:f9:9c:6b:6e:
4e:13:5f:fb:bb:d5:d5:2c:b8:87:87:b1:b6:37:33:41:dc:d1:
f9:96:22:f0:ac:b7:f1:e5:4f:61:2e:ac:e4:4a:d5:f5:64:a0:
73:0a:0b:ba:d3:79:2a:1c:4a:f8:e4:50:77:33:4b:c3:81:31:
cb:89:81:58:07:2d:06:0e:fe:40:e4:7b:34:22:ab:7a:c2:29:
26:4f:e0:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWazHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWRiM2VjZDA4NjZh
ZDdkZGQzY2I1MDBhOTgzOTgwMjc2NWE2OWMyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtVWiOX3QXeEtWc53YFpgXn3yz3RLALVkzgrwW6NV8LA0PN
uNCVrOaPD9rsqzujyU2VMLHuD5myxKSYqYTrdQmJqFrMWsfZR4t51IUdQ5edahOk
WtVDgoSglpIlSRz6+QxqrE2yOnmdOhMv1evMiHF+33sxGy8pNYTN8kLIym+Pbm04
yXP6fq4NT1k8G5WEmX1WQzvm4KyIB2IQHAAMEja18C39zCn5kZu8l9J9xIDX5jWj
NOS19Cu45c1vRhWkbyzuMEkRh5TKHDkxa775JhR+LDPcNvt0MSwlvmnRtnu7EggV
X9qpkHhu8R3Ld8zxs8jJoo49lEmxte95ZypijXsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSts+zQhmrX3dPLUAqYOYAnZaacIDAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L3JiUHMwSVpxMTkzVHkxQUttRG1BSjJXbW5DQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLNDANBgkqhkiG9w0BAQsFAAOC
AQEAcdzL2sDEPFDR9fV3m3BGXYxnKQh/1HARiVEw83fmZC2GoslcKUMGLo9Z4kLz
c9uJ82ncDOWNHENxoxKqRV0nPd/P5bx8d5JWNesJJLcPxF5inZXjJI1vfIPx5v/h
N1a5IgXzU+niJG8S6dOgXmrpyqlEsZdg0405EB+o7+J5MDjZOlJWvanAKzaOg0jT
FE61WLojdA6uK0cDHwLiynDRjLUc/MkLa0uuWFWiBHkOVEv5nGtuThNf+7vV1Sy4
h4extjczQdzR+ZYi8Ky38eVPYS6s5ErV9WSgcwoLutN5KhxK+ORQdzNLw4Exy4mB
WActBg7+QOR7NCKresIpJk/gWQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:06:28 2025 by rpki-client