Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/hBoZJTgcK39rzrcPG4It2G8foZQ.roa
File: hBoZJTgcK39rzrcPG4It2G8foZQ.roa (raw, json)
Hash identifier: heJZBpBWAiChY0LI59TwZ+CR5K5LK032AkjQ3CCSvOs=
Subject key identifier: 84:1A:19:25:38:1C:2B:7F:6B:CE:B7:0F:1B:82:2D:D8:6F:1F:A1:94
Certificate issuer: /CN=06b8ed985ef2034e8e307c447f3496c32adad2c8
Certificate serial: 117F3017
Authority key identifier: 06:B8:ED:98:5E:F2:03:4E:8E:30:7C:44:7F:34:96:C3:2A:DA:D2:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BrjtmF7yA06OMHxEfzSWwyra0sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/hBoZJTgcK39rzrcPG4It2G8foZQ.roa
Signing time: Sat 01 Jan 2022 16:02:23 +0000
ROA not before: Sat 01 Jan 2022 16:02:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39605
IP address blocks: 185.99.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293548055 (0x117f3017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b8ed985ef2034e8e307c447f3496c32adad2c8
Validity
Not Before: Jan 1 16:02:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=841a1925381c2b7f6bceb70f1b822dd86f1fa194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:13:21:4f:52:4d:0d:ec:58:f4:ad:ef:90:b4:
27:19:c3:92:d8:7d:ac:47:56:99:17:4d:ab:56:65:
b9:c8:68:03:84:1c:48:6e:63:c9:e1:a6:b7:b9:07:
de:87:64:f2:b1:ca:72:f8:f9:93:98:ea:10:57:27:
64:e0:87:e5:4c:fb:40:7d:26:ca:4c:b2:27:63:39:
1e:73:6c:71:ff:11:66:4f:9b:4b:b8:a9:ea:6e:95:
9e:a3:b7:a3:fb:03:e5:93:3a:69:c1:6e:f9:06:b3:
05:6b:95:94:21:b2:1d:dc:1d:f1:d1:43:67:35:36:
24:20:44:18:da:24:67:6a:a1:a3:b1:33:a6:1e:b3:
53:fa:63:e0:a0:ba:39:a1:78:4c:f6:6e:80:37:a5:
a4:3c:15:2c:7f:b6:e7:f3:82:4e:a3:c7:5c:70:a7:
b7:70:fc:d3:e5:c3:b3:62:70:3d:90:bd:f7:19:95:
2d:ea:e0:12:2b:56:b6:3f:d9:82:65:92:46:cd:c1:
40:fd:cb:29:0a:f6:7d:ba:ef:63:32:71:38:27:67:
38:10:ff:93:e4:da:c4:e0:1c:a0:4e:f5:ce:ec:36:
7f:7a:51:18:45:77:ec:43:f8:b4:de:6d:ba:49:bb:
39:e7:48:ae:6e:ab:78:93:3d:7b:1d:42:85:ee:82:
68:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1A:19:25:38:1C:2B:7F:6B:CE:B7:0F:1B:82:2D:D8:6F:1F:A1:94
X509v3 Authority Key Identifier:
keyid:06:B8:ED:98:5E:F2:03:4E:8E:30:7C:44:7F:34:96:C3:2A:DA:D2:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BrjtmF7yA06OMHxEfzSWwyra0sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/hBoZJTgcK39rzrcPG4It2G8foZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/BrjtmF7yA06OMHxEfzSWwyra0sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.148.0/22
Signature Algorithm: sha256WithRSAEncryption
26:83:fe:19:ba:9b:21:82:16:2d:f5:ec:97:c0:7c:f9:c4:d6:
2f:17:07:a7:82:a9:83:23:17:14:9d:34:bb:6b:dc:fb:fa:ab:
3e:28:ac:c9:0b:e9:4a:b9:11:c1:82:c1:b0:15:f9:96:0c:5e:
11:dc:66:f7:65:02:67:b0:13:8a:00:b6:5e:56:5a:cf:7e:3d:
3c:ee:89:aa:c2:dc:79:ff:e2:db:25:68:fa:da:f0:12:a8:7c:
da:5b:43:e3:17:31:dd:28:3f:76:47:84:77:df:3e:7d:e1:a3:
99:72:56:2c:10:46:d0:52:88:81:10:d1:7f:7d:08:c8:47:c2:
29:eb:ca:dd:0c:67:aa:13:f6:01:13:b4:bb:b3:12:d5:d7:43:
65:3f:4c:75:cd:d9:23:7f:77:ba:47:dd:dd:0c:0a:91:ab:bf:
94:21:63:72:59:e0:da:7e:0d:2e:c4:e9:39:8d:d0:0d:e2:de:
d0:20:e5:30:03:0d:60:44:2e:d3:33:cc:e8:b0:2b:72:24:a0:
55:a8:d7:f4:8c:9b:15:f4:64:ce:d1:9c:8b:25:51:86:44:fa:
d3:fc:e3:fc:46:62:2e:21:8a:67:07:36:ff:c5:06:36:4a:c0:
39:a6:5a:0c:70:d6:8c:13:62:18:d6:b3:d8:ef:9b:b4:06:35:
44:07:02:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEX8wFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NmI4ZWQ5ODVlZjIwMzRlOGUzMDdjNDQ3ZjM0OTZjMzJhZGFkMmM4MB4XDTIyMDEw
MTE2MDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQxYTE5MjUzODFj
MmI3ZjZiY2ViNzBmMWI4MjJkZDg2ZjFmYTE5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUTIU9STQ3sWPSt75C0JxnDkth9rEdWmRdNq1ZluchoA4Qc
SG5jyeGmt7kH3odk8rHKcvj5k5jqEFcnZOCH5Uz7QH0mykyyJ2M5HnNscf8RZk+b
S7ip6m6VnqO3o/sD5ZM6acFu+QazBWuVlCGyHdwd8dFDZzU2JCBEGNokZ2qho7Ez
ph6zU/pj4KC6OaF4TPZugDelpDwVLH+25/OCTqPHXHCnt3D80+XDs2JwPZC99xmV
LergEitWtj/ZgmWSRs3BQP3LKQr2fbrvYzJxOCdnOBD/k+TaxOAcoE71zuw2f3pR
GEV37EP4tN5tukm7OedIrm6reJM9ex1Che6CaL0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSEGhklOBwrf2vOtw8bgi3Ybx+hlDAfBgNVHSMEGDAWgBQGuO2YXvIDTo4w
fER/NJbDKtrSyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JyanRtRjd5QTA2T01IeEVmelNXd3lyYTBzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvZmM1YWY1LTBiNTAtNDUzMS05Mzc0LWViZWI5YTk5MTQ4OC8x
L2hCb1pKVGdjSzM5cnpyY1BHNEl0Mkc4Zm9aUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
ZmM1YWY1LTBiNTAtNDUzMS05Mzc0LWViZWI5YTk5MTQ4OC8xL0JyanRtRjd5QTA2
T01IeEVmelNXd3lyYTBzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArljlDANBgkqhkiG9w0BAQsFAAOC
AQEAJoP+GbqbIYIWLfXsl8B8+cTWLxcHp4KpgyMXFJ00u2vc+/qrPiisyQvpSrkR
wYLBsBX5lgxeEdxm92UCZ7ATigC2XlZaz349PO6JqsLcef/i2yVo+trwEqh82ltD
4xcx3Sg/dkeEd98+feGjmXJWLBBG0FKIgRDRf30IyEfCKevK3QxnqhP2ARO0u7MS
1ddDZT9Mdc3ZI393ukfd3QwKkau/lCFjclng2n4NLsTpOY3QDeLe0CDlMAMNYEQu
0zPM6LArciSgVajX9IybFfRkztGciyVRhkT60/zj/EZiLiGKZwc2/8UGNkrAOaZa
DHDWjBNiGNaz2O+btAY1RAcCrg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:40 2025 by rpki-client