Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/id_Vc6e1j1HWKgIX1NLW8ccghjw.roa
File: id_Vc6e1j1HWKgIX1NLW8ccghjw.roa (raw, json)
Hash identifier: Z9LJzry6GI/gzr6NlWa52IMRoRKDIEXuep+imZnXePo=
Subject key identifier: 89:DF:D5:73:A7:B5:8F:51:D6:2A:02:17:D4:D2:D6:F1:C7:20:86:3C
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 01844740F2C43A3EE5BFE3886DA83B8DC88E
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/id_Vc6e1j1HWKgIX1NLW8ccghjw.roa
Signing time: Sat 05 Nov 2022 10:05:49 +0000
ROA not before: Sat 05 Nov 2022 10:05:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57811
IP address blocks: 188.64.85.0/24 maxlen: 24
188.64.80.0/23 maxlen: 23
188.64.82.0/24 maxlen: 24
188.64.83.0/24 maxlen: 24
188.64.84.0/24 maxlen: 24
188.64.86.0/24 maxlen: 24
188.64.87.0/24 maxlen: 24
185.73.211.0/24 maxlen: 24
2a00:8dc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:47:40:f2:c4:3a:3e:e5:bf:e3:88:6d:a8:3b:8d:c8:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Nov 5 10:05:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89dfd573a7b58f51d62a0217d4d2d6f1c720863c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:9d:c6:2e:5a:cb:0c:59:02:85:1d:77:bb:
a3:b4:cf:d5:e6:71:67:c9:c3:3a:19:d1:b3:d0:2c:
06:4d:80:69:b0:d0:c0:5e:02:ee:9d:88:cf:93:b5:
e0:a7:85:54:00:80:45:b2:ff:91:52:43:c4:ea:01:
7d:7a:9d:a4:bb:33:e9:fa:93:4c:2a:75:b6:0e:9e:
e4:6f:ce:aa:c8:ad:3f:78:12:cf:9a:49:5b:45:d0:
85:06:a0:d6:d7:f1:ea:e1:00:de:22:c1:fb:f7:47:
03:2a:3a:34:16:d9:5f:00:f9:db:9d:2f:d9:81:74:
d5:03:89:9f:32:cd:cf:3d:63:fc:f9:38:ff:58:fd:
83:c4:53:4f:60:77:8c:5f:eb:21:7b:cc:fb:5f:d3:
3d:2f:66:0f:e9:29:78:1b:c1:b3:bb:93:eb:55:78:
2c:44:e6:9b:6b:d3:60:d5:f6:84:61:03:44:a4:17:
24:7f:b4:fc:dc:82:70:37:47:ec:20:dd:66:62:f9:
ac:8c:1d:f7:81:67:85:8d:e3:2a:df:17:2a:be:ac:
0c:73:f1:36:b3:df:d2:a8:d4:9e:86:4b:5f:8e:2c:
47:e2:87:e0:22:cd:a6:63:e9:ea:e0:2f:e3:f4:7f:
fe:69:61:33:13:02:4b:d7:8e:76:08:e7:8d:36:14:
af:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DF:D5:73:A7:B5:8F:51:D6:2A:02:17:D4:D2:D6:F1:C7:20:86:3C
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/id_Vc6e1j1HWKgIX1NLW8ccghjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.211.0/24
188.64.80.0/21
IPv6:
2a00:8dc0::/32
Signature Algorithm: sha256WithRSAEncryption
41:a5:72:4e:64:1a:33:fc:4a:f5:01:3e:d9:30:3a:b8:b4:b8:
6b:1b:8c:55:b9:56:40:12:7b:bf:a9:51:b3:e6:7d:e3:ab:e0:
20:0f:45:9c:6e:aa:80:2f:11:9a:c6:de:2c:d4:d6:b2:95:f4:
bd:83:30:81:d2:72:19:d7:e7:0b:9f:37:ed:84:8e:23:c7:25:
1d:de:b9:dd:22:fa:95:e7:36:7c:17:6d:34:fe:d6:4b:06:cf:
8c:77:1c:8c:61:80:fa:dc:69:47:0a:0d:86:81:b4:65:a3:ae:
34:3b:57:9f:71:eb:4d:b2:91:fa:65:59:ea:4c:5a:a4:82:4b:
00:ef:d4:b6:2b:a2:81:45:99:67:b4:b5:b8:67:20:94:87:ac:
2e:7c:c6:e8:76:5b:fa:14:75:a8:c0:39:54:d5:5f:f9:e4:2c:
74:15:0c:54:3f:dc:fe:b3:71:ad:af:60:a6:f5:ab:dd:a7:a8:
9d:e3:38:15:16:b2:bb:7f:ec:15:bc:61:06:86:85:8a:87:98:
f8:bb:3b:5a:e0:ba:25:b3:c0:d6:f2:67:a3:92:88:a4:84:e4:
c9:34:bd:03:99:84:7e:35:74:c9:3e:51:64:3d:0e:c2:be:b8:
eb:53:70:81:33:f6:ee:05:1e:07:3d:5d:46:e7:2d:eb:1c:c3:
e8:27:f7:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRHQPLEOj7lv+OIbag7jciOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjIxMTA1MTAwNTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRmZDU3M2E3YjU4ZjUxZDYyYTAyMTdkNGQyZDZmMWM3MjA4NjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso+dxi5aywxZAoUdd7ujtM/V5nFn
ycM6GdGz0CwGTYBpsNDAXgLunYjPk7Xgp4VUAIBFsv+RUkPE6gF9ep2kuzPp+pNM
KnW2Dp7kb86qyK0/eBLPmklbRdCFBqDW1/Hq4QDeIsH790cDKjo0FtlfAPnbnS/Z
gXTVA4mfMs3PPWP8+Tj/WP2DxFNPYHeMX+she8z7X9M9L2YP6Sl4G8Gzu5PrVXgs
ROaba9Ng1faEYQNEpBckf7T83IJwN0fsIN1mYvmsjB33gWeFjeMq3xcqvqwMc/E2
s9/SqNSehktfjixH4ofgIs2mY+nq4C/j9H/+aWEzEwJL1452COeNNhSvcwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFInf1XOntY9R1ioCF9TS1vHHIIY8MB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvaWRfVmM2ZTFqMUhXS2dJWDFOTFc4Y2NnaGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuUnTAwQD
vEBQMA0EAgACMAcDBQAqAI3AMA0GCSqGSIb3DQEBCwUAA4IBAQBBpXJOZBoz/Er1
AT7ZMDq4tLhrG4xVuVZAEnu/qVGz5n3jq+AgD0WcbqqALxGaxt4s1NaylfS9gzCB
0nIZ1+cLnzfthI4jxyUd3rndIvqV5zZ8F200/tZLBs+MdxyMYYD63GlHCg2GgbRl
o640O1efcetNspH6ZVnqTFqkgksA79S2K6KBRZlntLW4ZyCUh6wufMbodlv6FHWo
wDlU1V/55Cx0FQxUP9z+s3Gtr2Cm9avdp6id4zgVFrK7f+wVvGEGhoWKh5j4uzta
4Lols8DW8mejkoikhOTJNL0DmYR+NXTJPlFkPQ7CvrjrU3CBM/buBR4HPV1G5y3r
HMPoJ/dy
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:38 2025 by rpki-client