Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/H4jQGGRR7vzcq9CobGlaorr4sdo.roa
File: H4jQGGRR7vzcq9CobGlaorr4sdo.roa (raw, json)
Hash identifier: bnq1wXEBlxoW/+hGcaUc98qfa5wGl3257jMc42Y9lzc=
Subject key identifier: 1F:88:D0:18:64:51:EE:FC:DC:AB:D0:A8:6C:69:5A:A2:BA:F8:B1:DA
Certificate issuer: /CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Certificate serial: 01856C011C11642969FBC09C53540E821796
Authority key identifier: 0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/H4jQGGRR7vzcq9CobGlaorr4sdo.roa
Signing time: Sun 01 Jan 2023 06:24:49 +0000
ROA not before: Sun 01 Jan 2023 06:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200739
IP address blocks: 185.97.224.0/22 maxlen: 22
2a06:8c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:1c:11:64:29:69:fb:c0:9c:53:54:0e:82:17:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d9302d546e068c2fd7677d9d5200add36c8bcd5
Validity
Not Before: Jan 1 06:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f88d0186451eefcdcabd0a86c695aa2baf8b1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cd:f8:7a:05:42:ab:b0:06:33:2c:b5:87:d3:
22:f5:4e:b1:57:4d:b8:e9:e1:8b:d0:57:24:42:fb:
3b:58:3f:b1:b9:76:30:7f:07:65:fd:34:34:8a:02:
8c:c8:83:68:59:a4:53:f0:24:0a:b4:59:d4:ac:4e:
59:02:b0:58:62:ab:16:79:42:bb:e0:03:50:ff:0d:
be:1c:42:46:13:16:ee:44:d8:27:a5:90:a0:91:1b:
58:0f:5f:60:98:f4:df:a7:58:21:e4:9a:5c:da:19:
ca:ca:cf:c3:c9:66:44:30:3e:75:34:e0:0a:54:f2:
f3:67:ec:a3:d3:8e:c7:ba:f5:19:28:f5:a2:34:a1:
61:10:4a:04:17:d4:ef:fa:4b:af:64:98:ea:83:1f:
af:43:88:15:dd:8d:39:bd:0d:76:e0:5f:eb:db:f1:
b9:1c:bc:d0:a7:32:0e:4f:b9:9f:77:fe:f7:18:d8:
db:bc:d9:ba:e9:56:90:e0:a1:58:f3:d9:5d:84:25:
b6:31:f9:01:40:2b:d8:40:25:9c:f5:cc:81:dd:75:
0a:de:06:b6:ba:0d:1a:2d:02:b9:37:01:aa:b8:85:
4b:cc:49:8e:7a:04:4f:1a:4f:ff:db:99:16:e2:99:
7d:85:96:1c:ff:9d:70:87:23:c8:9c:d2:5a:11:2f:
07:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:88:D0:18:64:51:EE:FC:DC:AB:D0:A8:6C:69:5A:A2:BA:F8:B1:DA
X509v3 Authority Key Identifier:
keyid:0D:93:02:D5:46:E0:68:C2:FD:76:77:D9:D5:20:0A:DD:36:C8:BC:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DZMC1UbgaML9dnfZ1SAK3TbIvNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/H4jQGGRR7vzcq9CobGlaorr4sdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/010161-b840-4497-afbe-4bef43d3fb17/1/DZMC1UbgaML9dnfZ1SAK3TbIvNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.224.0/22
IPv6:
2a06:8c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:06:0c:3e:52:db:10:44:b9:d3:73:2e:0e:05:91:72:11:a7:
fe:42:40:1d:82:bd:8f:f4:fd:29:fc:b0:33:8b:80:5f:85:d8:
69:11:94:ad:56:fc:c9:9b:d6:27:06:f0:3e:2a:65:14:e1:db:
a3:21:10:02:ce:a6:87:4d:4a:6d:f3:00:ac:4d:ca:8c:59:f0:
e0:43:47:37:bb:39:9e:d2:76:7b:f7:c6:74:e4:d4:61:57:79:
0c:58:6f:d2:dd:08:de:ee:95:8f:73:14:35:a1:02:e5:87:1c:
34:4b:38:57:0d:21:d7:ee:b8:d0:94:6a:6e:4f:61:9d:32:e6:
7d:45:cf:f9:58:6d:4a:27:0f:9a:ed:42:e7:ba:e4:ea:b8:78:
f4:6b:59:32:3c:cc:ee:bc:2f:db:bc:e8:63:62:20:1a:89:d1:
0a:68:f6:cb:b6:38:61:c6:77:ae:08:c6:a4:74:33:fe:1d:00:
cc:36:ae:a0:94:54:76:77:93:c1:b9:a4:f6:92:b8:32:3c:5a:
79:81:d0:c8:b2:2a:63:e6:b7:8e:7d:b7:ec:6c:40:d9:3d:16:
a9:e9:f1:22:18:10:f8:45:c3:d1:47:ad:30:e4:48:c9:1c:d5:
7f:2b:7a:2c:59:69:c2:30:ff:5c:94:3e:88:78:2b:ad:a8:8e:
b4:1c:41:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsARwRZClp+8CcU1QOgheWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOTMwMmQ1NDZlMDY4YzJmZDc2NzdkOWQ1MjAwYWRkMzZj
OGJjZDUwHhcNMjMwMTAxMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg4ZDAxODY0NTFlZWZjZGNhYmQwYTg2YzY5NWFhMmJhZjhiMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc34egVCq7AGMyy1h9Mi9U6xV024
6eGL0FckQvs7WD+xuXYwfwdl/TQ0igKMyINoWaRT8CQKtFnUrE5ZArBYYqsWeUK7
4ANQ/w2+HEJGExbuRNgnpZCgkRtYD19gmPTfp1gh5Jpc2hnKys/DyWZEMD51NOAK
VPLzZ+yj047HuvUZKPWiNKFhEEoEF9Tv+kuvZJjqgx+vQ4gV3Y05vQ124F/r2/G5
HLzQpzIOT7mfd/73GNjbvNm66VaQ4KFY89ldhCW2MfkBQCvYQCWc9cyB3XUK3ga2
ug0aLQK5NwGquIVLzEmOegRPGk//25kW4pl9hZYc/51whyPInNJaES8HsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB+I0BhkUe783KvQqGxpWqK6+LHaMB8GA1UdIwQY
MBaAFA2TAtVG4GjC/XZ32dUgCt02yLzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUt
NGJlZjQzZDNmYjE3LzEvSDRqUUdHUlI3dnpjcTlDb2JHbGFvcnI0c2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8wMTAxNjEtYjg0MC00NDk3LWFmYmUtNGJlZjQzZDNmYjE3
LzEvRFpNQzFVYmdhTUw5ZG5mWjFTQUszVGJJdk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWHgMA0E
AgACMAcDBQMqBgjAMA0GCSqGSIb3DQEBCwUAA4IBAQCeBgw+UtsQRLnTcy4OBZFy
Eaf+QkAdgr2P9P0p/LAzi4BfhdhpEZStVvzJm9YnBvA+KmUU4dujIRACzqaHTUpt
8wCsTcqMWfDgQ0c3uzme0nZ798Z05NRhV3kMWG/S3Qje7pWPcxQ1oQLlhxw0SzhX
DSHX7rjQlGpuT2GdMuZ9Rc/5WG1KJw+a7ULnuuTquHj0a1kyPMzuvC/bvOhjYiAa
idEKaPbLtjhhxneuCMakdDP+HQDMNq6glFR2d5PBuaT2krgyPFp5gdDIsipj5reO
fbfsbEDZPRap6fEiGBD4RcPRR60w5EjJHNV/K3osWWnCMP9clD6IeCutqI60HEEC
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:07 2025 by rpki-client