Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/0crK2S970gBDYv2Q9VnfWkucfnM.roa
File: 0crK2S970gBDYv2Q9VnfWkucfnM.roa (raw, json)
Hash identifier: +pMLfq/7u7kUDh2rjAfwzegluJ52a5Rso6cbq5JUe7Q=
Subject key identifier: D1:CA:CA:D9:2F:7B:D2:00:43:62:FD:90:F5:59:DF:5A:4B:9C:7E:73
Certificate issuer: /CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Certificate serial: 01856EF42639A957A8A87DFE50A6A000498E
Authority key identifier: 5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/0crK2S970gBDYv2Q9VnfWkucfnM.roa
Signing time: Sun 01 Jan 2023 20:09:32 +0000
ROA not before: Sun 01 Jan 2023 20:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209810
IP address blocks: 85.92.96.0/22 maxlen: 23
194.31.188.0/22 maxlen: 22
89.190.128.0/22 maxlen: 22
2a09:1980::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:26:39:a9:57:a8:a8:7d:fe:50:a6:a0:00:49:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e42c35612f45af41103520af2761cdaa51e3aa4
Validity
Not Before: Jan 1 20:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1cacad92f7bd2004362fd90f559df5a4b9c7e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:a3:f5:51:f4:ac:d1:a8:48:e3:7d:a9:0c:
b1:b0:2c:bf:30:98:41:60:38:98:1c:fb:c6:0c:27:
6f:0c:a9:f2:8b:fc:f0:94:74:34:40:88:d6:f7:c3:
2e:94:e1:b0:7a:39:31:f0:4c:2d:64:04:a8:31:14:
86:0c:bd:ef:8f:eb:de:57:ea:05:73:0e:26:3a:57:
44:ed:f8:2b:f0:3e:be:54:c7:6e:ae:b3:db:f7:35:
2a:da:34:c1:3b:25:a5:01:6c:53:c6:72:d7:68:e5:
db:10:80:33:e1:a7:61:1e:15:53:c9:56:63:66:41:
bb:6b:66:a4:06:64:df:3e:75:2f:17:1d:90:64:0c:
e4:ce:1f:e2:1b:9b:a4:88:a3:d5:3b:d8:27:20:b6:
86:20:2e:d6:6a:0c:a3:93:e6:21:61:d4:00:7f:9b:
0e:95:13:f0:93:06:7d:97:54:6c:36:4a:07:a6:75:
e5:55:aa:61:ef:4e:4a:c4:57:9a:45:32:13:e2:4b:
26:39:4d:fc:18:4c:59:78:55:6a:db:e8:20:b9:e6:
ff:88:07:e0:e6:12:81:0c:31:57:21:d5:73:09:6a:
27:df:0b:a4:c2:bd:f1:7c:ae:65:cc:2e:96:d6:e5:
f9:17:da:86:f8:0a:9a:55:7a:df:cd:a1:55:77:13:
88:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CA:CA:D9:2F:7B:D2:00:43:62:FD:90:F5:59:DF:5A:4B:9C:7E:73
X509v3 Authority Key Identifier:
keyid:5E:42:C3:56:12:F4:5A:F4:11:03:52:0A:F2:76:1C:DA:A5:1E:3A:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/0crK2S970gBDYv2Q9VnfWkucfnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/674496-97bd-4eb0-a886-82119978d6bb/1/XkLDVhL0WvQRA1IK8nYc2qUeOqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.96.0/22
89.190.128.0/22
194.31.188.0/22
IPv6:
2a09:1980::/29
Signature Algorithm: sha256WithRSAEncryption
1a:91:20:fb:bf:c7:95:47:69:ee:27:2a:a9:40:19:ba:f3:93:
13:81:6d:ea:d7:5e:86:05:27:43:a4:62:17:56:4e:b1:da:2f:
df:f6:23:0f:4b:4e:20:1a:53:11:22:5e:1b:1f:64:90:c0:3e:
25:91:63:d2:58:14:47:7e:25:3e:f4:28:82:46:1b:3e:37:3c:
7e:0a:36:74:14:ea:e9:c1:3c:4e:e0:57:65:f3:80:f3:c2:af:
2f:59:d2:84:bd:fd:23:f1:a1:12:c3:ca:2a:28:fd:7c:ff:9c:
c5:4b:4c:a7:f2:1c:b5:0a:32:f4:81:bb:cb:93:ea:df:24:fc:
14:fd:f8:08:c8:5d:99:5b:7c:0b:ca:e8:b9:84:16:d1:37:1f:
9a:68:62:0c:82:9c:7f:6d:66:82:19:e6:28:4f:7a:51:0a:64:
44:2a:be:5e:5e:f2:7d:4d:0d:09:51:9d:6f:99:30:17:ec:f4:
ea:ae:e2:50:9a:ad:73:39:32:b4:e1:49:8e:4e:96:d8:37:e4:
d0:4f:9d:47:0b:0f:ac:12:e1:c5:33:ba:d8:d3:62:74:e7:50:
bc:84:f7:65:7e:a4:e9:cc:53:0b:6c:fa:21:e0:7f:f5:e6:3b:
43:6d:82:bb:bd:73:45:22:08:59:6f:4d:a1:28:13:2e:7a:94:
76:74:f6:b4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVu9CY5qVeoqH3+UKagAEmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNDJjMzU2MTJmNDVhZjQxMTAzNTIwYWYyNzYxY2RhYTUx
ZTNhYTQwHhcNMjMwMTAxMjAwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNhY2FkOTJmN2JkMjAwNDM2MmZkOTBmNTU5ZGY1YTRiOWM3ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiKj9VH0rNGoSON9qQyxsCy/MJhB
YDiYHPvGDCdvDKnyi/zwlHQ0QIjW98MulOGwejkx8EwtZASoMRSGDL3vj+veV+oF
cw4mOldE7fgr8D6+VMdurrPb9zUq2jTBOyWlAWxTxnLXaOXbEIAz4adhHhVTyVZj
ZkG7a2akBmTfPnUvFx2QZAzkzh/iG5ukiKPVO9gnILaGIC7Wagyjk+YhYdQAf5sO
lRPwkwZ9l1RsNkoHpnXlVaph705KxFeaRTIT4ksmOU38GExZeFVq2+ggueb/iAfg
5hKBDDFXIdVzCWon3wukwr3xfK5lzC6W1uX5F9qG+AqaVXrfzaFVdxOIEQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNHKytkve9IAQ2L9kPVZ31pLnH5zMB8GA1UdIwQY
MBaAFF5Cw1YS9Fr0EQNSCvJ2HNqlHjqkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYt
ODIxMTk5NzhkNmJiLzEvMGNySzJTOTcwZ0JEWXYyUTlWbmZXa3VjZm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NzQ0OTYtOTdiZC00ZWIwLWE4ODYtODIxMTk5NzhkNmJi
LzEvWGtMRFZoTDBXdlFSQTFJSzhuWWMycVVlT3FRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVVxgAwQC
Wb6AAwQCwh+8MA0EAgACMAcDBQMqCRmAMA0GCSqGSIb3DQEBCwUAA4IBAQAakSD7
v8eVR2nuJyqpQBm685MTgW3q116GBSdDpGIXVk6x2i/f9iMPS04gGlMRIl4bH2SQ
wD4lkWPSWBRHfiU+9CiCRhs+Nzx+CjZ0FOrpwTxO4Fdl84Dzwq8vWdKEvf0j8aES
w8oqKP18/5zFS0yn8hy1CjL0gbvLk+rfJPwU/fgIyF2ZW3wLyui5hBbRNx+aaGIM
gpx/bWaCGeYoT3pRCmREKr5eXvJ9TQ0JUZ1vmTAX7PTqruJQmq1zOTK04UmOTpbY
N+TQT51HCw+sEuHFM7rY02J051C8hPdlfqTpzFMLbPoh4H/15jtDbYK7vXNFIghZ
b02hKBMuepR2dPa0
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:10:12 2025 by rpki-client