Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/aXeAv-6pssVYyv-i2hWdjz5C7VI.roa
File: aXeAv-6pssVYyv-i2hWdjz5C7VI.roa (raw, json)
Hash identifier: ObUQR7S204XLHKQ80beFlwKTFyn35z3vZ8YWbSLJmYc=
Subject key identifier: 69:77:80:BF:EE:A9:B2:C5:58:CA:FF:A2:DA:15:9D:8F:3E:42:ED:52
Certificate issuer: /CN=b4089f84483057ac364647c80a1b23c976b93016
Certificate serial: 0D24A5CE
Authority key identifier: B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/aXeAv-6pssVYyv-i2hWdjz5C7VI.roa
Signing time: Sat 01 Jan 2022 13:56:55 +0000
ROA not before: Sat 01 Jan 2022 13:56:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20582
IP address blocks: 185.113.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220505550 (0xd24a5ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4089f84483057ac364647c80a1b23c976b93016
Validity
Not Before: Jan 1 13:56:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=697780bfeea9b2c558caffa2da159d8f3e42ed52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:08:88:0d:19:cf:c3:89:29:9e:81:1c:37:24:
96:20:be:65:d0:30:fc:b1:a3:c4:37:57:ee:c9:df:
1e:f6:cb:16:af:7e:0d:fe:87:3a:3a:d3:1a:25:0e:
1f:95:44:b3:f7:4f:1a:c0:46:1a:dc:b1:c0:73:6c:
42:35:19:38:8f:d4:fe:ce:f9:7d:cc:8c:1d:fc:61:
c3:7d:5a:e4:15:24:5f:96:47:69:35:ba:44:07:c5:
ca:ff:b1:bf:59:98:d6:f7:4d:fb:78:e9:76:c5:d5:
e3:ea:cf:c3:38:0c:f4:93:19:01:54:48:45:9d:41:
64:22:95:3b:06:98:59:58:79:21:8a:38:81:4e:82:
bb:de:ad:e6:78:4f:c6:81:d8:e4:fd:89:ee:b2:34:
a2:7c:81:23:07:6e:bd:26:85:6e:b5:65:d8:b1:c6:
0e:98:9c:f4:9c:ab:ff:7d:53:b6:fb:69:68:0f:0f:
85:05:f9:cf:27:b2:69:51:31:bc:e6:48:fa:95:b2:
b8:a5:0d:f0:f2:f8:59:de:51:2f:43:94:4e:df:da:
1b:f0:41:20:a2:7e:da:38:d1:9f:22:d4:55:d0:a4:
0a:e6:32:3a:47:7c:33:ff:19:50:dc:99:23:d7:e3:
6b:5b:83:eb:80:8e:35:c8:a0:e7:22:29:7f:c2:6c:
ab:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:77:80:BF:EE:A9:B2:C5:58:CA:FF:A2:DA:15:9D:8F:3E:42:ED:52
X509v3 Authority Key Identifier:
keyid:B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/aXeAv-6pssVYyv-i2hWdjz5C7VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.20.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:db:d1:59:99:6c:c6:d9:1e:89:5f:50:8a:ad:19:05:17:cc:
ab:5e:ad:7f:ba:cb:f8:6f:a2:14:e5:67:6e:e3:b3:6e:8d:7c:
b9:d6:44:ad:70:d0:f2:01:6c:36:f0:c0:76:c7:26:67:ae:bc:
68:11:1a:6e:48:f5:e5:f6:97:58:67:21:15:89:26:8c:bf:9f:
bc:c0:49:62:dd:ca:b9:ef:62:3b:ca:b3:ff:0f:7e:e7:2d:5d:
f9:5d:97:4e:0b:08:ff:c9:b8:09:ae:10:de:32:5c:41:b0:a5:
fe:dc:6e:c9:77:00:06:80:3a:90:6d:6f:ec:14:3a:d5:48:1f:
c9:22:75:43:31:dc:d0:e9:3b:39:63:42:77:aa:0d:f0:03:ba:
16:a4:a2:df:5f:07:1d:ac:08:a5:9d:3c:52:2e:9b:cd:f4:17:
38:76:d1:3e:d1:f4:6c:01:9c:4f:5b:9d:d0:6e:a2:b5:a5:06:
16:e2:61:ae:57:92:84:aa:01:82:33:4a:cf:f1:74:e6:5a:8f:
88:e4:5d:22:5c:78:ed:0b:73:47:f1:bd:ec:fc:41:8d:e0:40:
13:be:49:ec:34:9a:9a:d1:90:53:71:57:60:54:a5:af:bc:34:
75:1d:0c:6b:a0:e3:6f:17:78:d2:2e:08:b9:23:48:72:8c:27:
de:5c:2f:f5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDSSlzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDA4OWY4NDQ4MzA1N2FjMzY0NjQ3YzgwYTFiMjNjOTc2YjkzMDE2MB4XDTIyMDEw
MTEzNTY1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk3NzgwYmZlZWE5
YjJjNTU4Y2FmZmEyZGExNTlkOGYzZTQyZWQ1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8IiA0Zz8OJKZ6BHDckliC+ZdAw/LGjxDdX7snfHvbLFq9+
Df6HOjrTGiUOH5VEs/dPGsBGGtyxwHNsQjUZOI/U/s75fcyMHfxhw31a5BUkX5ZH
aTW6RAfFyv+xv1mY1vdN+3jpdsXV4+rPwzgM9JMZAVRIRZ1BZCKVOwaYWVh5IYo4
gU6Cu96t5nhPxoHY5P2J7rI0onyBIwduvSaFbrVl2LHGDpic9Jyr/31TtvtpaA8P
hQX5zyeyaVExvOZI+pWyuKUN8PL4Wd5RL0OUTt/aG/BBIKJ+2jjRnyLUVdCkCuYy
Okd8M/8ZUNyZI9fja1uD64CONcig5yIpf8Jsq4ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRpd4C/7qmyxVjK/6LaFZ2PPkLtUjAfBgNVHSMEGDAWgBS0CJ+ESDBXrDZG
R8gKGyPJdrkwFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RBaWZoRWd3VjZ3MlJrZklDaHNqeVhhNU1CWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNjQ1ZjZhLTI2NTMtNGQzMS1iYjRlLTFmODc5NzYxMzdhMC8x
L2FYZUF2LTZwc3NWWXl2LWkyaFdkano1QzdWSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NjQ1ZjZhLTI2NTMtNGQzMS1iYjRlLTFmODc5NzYxMzdhMC8xL3RBaWZoRWd3VjZ3
MlJrZklDaHNqeVhhNU1CWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlxFDANBgkqhkiG9w0BAQsFAAOC
AQEAetvRWZlsxtkeiV9Qiq0ZBRfMq16tf7rL+G+iFOVnbuOzbo18udZErXDQ8gFs
NvDAdscmZ668aBEabkj15faXWGchFYkmjL+fvMBJYt3Kue9iO8qz/w9+5y1d+V2X
TgsI/8m4Ca4Q3jJcQbCl/txuyXcABoA6kG1v7BQ61UgfySJ1QzHc0Ok7OWNCd6oN
8AO6FqSi318HHawIpZ08Ui6bzfQXOHbRPtH0bAGcT1ud0G6itaUGFuJhrleShKoB
gjNKz/F05lqPiORdIlx47QtzR/G97PxBjeBAE75J7DSamtGQU3FXYFSlr7w0dR0M
a6Djbxd40i4IuSNIcown3lwv9Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:24 2025 by rpki-client