Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/afbac0-e7a5-4c95-88b6-84a9efec0d1b/1/1-ULF0Pa6tKNTrLTVSefTwpqXzqg.roa
File: 1-ULF0Pa6tKNTrLTVSefTwpqXzqg.roa (raw, json)
Hash identifier: Vp27dovVefTY4FcK6n5rpvJobu9D/GIi0CCSr6B2NyY=
Subject key identifier: F9:42:C5:D0:F6:BA:B4:A3:53:AC:B4:D5:49:E7:D3:C2:9A:97:CE:A8
Certificate issuer: /CN=01bae509df7ec524d4f750ff809274ab00649322
Certificate serial: 01B23DF0
Authority key identifier: 01:BA:E5:09:DF:7E:C5:24:D4:F7:50:FF:80:92:74:AB:00:64:93:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AbrlCd9-xSTU91D_gJJ0qwBkkyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/afbac0-e7a5-4c95-88b6-84a9efec0d1b/1/1-ULF0Pa6tKNTrLTVSefTwpqXzqg.roa
Signing time: Sat 01 Jan 2022 14:07:50 +0000
ROA not before: Sat 01 Jan 2022 14:07:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203293
IP address blocks: 185.139.92.0/22 maxlen: 24
2a07:1440::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28458480 (0x1b23df0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bae509df7ec524d4f750ff809274ab00649322
Validity
Not Before: Jan 1 14:07:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f942c5d0f6bab4a353acb4d549e7d3c29a97cea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0c:1f:96:91:a0:bb:85:88:b6:06:b2:d2:b8:
1d:ea:45:d3:c1:96:42:56:26:df:8b:c4:50:64:a4:
a2:0f:e0:53:23:f7:3b:35:fb:cb:89:92:8a:84:e4:
99:29:26:9a:fa:52:f8:a2:e9:e0:35:97:d0:03:fc:
03:26:43:83:04:c9:56:07:68:d5:97:30:99:ca:b5:
7e:9b:97:31:c0:d2:5d:32:61:9a:39:d8:bf:61:c6:
03:25:f6:f6:e0:99:22:50:35:de:20:39:b9:e5:22:
8f:a8:87:60:c9:de:c8:6d:3c:37:3b:3f:c9:92:00:
9f:0f:27:a7:0e:28:9a:9c:27:da:23:5e:d3:bb:5b:
06:3c:bc:6d:6f:6a:24:35:f6:92:dd:09:67:10:fa:
be:3d:dd:52:3a:53:26:bd:59:86:d8:9c:ad:07:0d:
c4:f6:22:6a:bb:62:e4:78:7f:4f:f0:fc:24:73:a0:
a4:46:e5:4c:f2:4b:3e:a9:a8:85:19:99:eb:a0:a6:
f0:c7:7f:4c:30:05:dc:52:53:9d:d8:09:0f:64:b8:
b4:49:15:08:97:95:70:02:97:85:ca:12:f0:bd:ed:
13:b0:2e:48:85:31:87:f2:7d:2a:56:17:ff:20:d1:
ac:67:59:b9:25:fa:37:a8:7b:5b:55:c7:a8:9b:e9:
2e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:42:C5:D0:F6:BA:B4:A3:53:AC:B4:D5:49:E7:D3:C2:9A:97:CE:A8
X509v3 Authority Key Identifier:
keyid:01:BA:E5:09:DF:7E:C5:24:D4:F7:50:FF:80:92:74:AB:00:64:93:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AbrlCd9-xSTU91D_gJJ0qwBkkyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/afbac0-e7a5-4c95-88b6-84a9efec0d1b/1/1-ULF0Pa6tKNTrLTVSefTwpqXzqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/afbac0-e7a5-4c95-88b6-84a9efec0d1b/1/AbrlCd9-xSTU91D_gJJ0qwBkkyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.92.0/22
IPv6:
2a07:1440::/29
Signature Algorithm: sha256WithRSAEncryption
4e:bf:c3:91:3c:48:5e:ca:4a:38:d0:eb:45:0e:10:c7:a7:77:
fb:22:7e:a4:ac:f7:0c:6a:03:b1:9b:64:17:28:61:ed:6b:12:
c2:3e:f7:35:f8:d9:65:a7:b6:b2:36:13:b2:87:28:36:d5:75:
38:16:cc:c4:f4:e1:66:d7:41:a1:01:83:24:97:51:ab:07:c4:
d5:0d:3f:45:53:c1:7b:9e:1e:f4:4f:ac:b5:f6:15:c0:46:6a:
67:f4:f6:a7:32:aa:0e:1a:56:62:0c:f7:a7:54:e5:77:7a:e4:
05:95:cd:35:c0:ab:98:05:5e:46:ad:eb:d6:f0:a2:0a:d0:c0:
ed:49:03:38:b8:cb:f2:c9:ef:08:17:50:49:dc:ca:40:17:75:
83:6d:ef:3a:19:90:ed:37:51:1a:87:34:02:ef:8a:cd:af:6c:
f4:fb:22:c1:90:47:81:72:11:c4:c7:b6:21:9a:b6:be:2e:d3:
a6:15:4d:ea:a9:9d:81:24:2e:1e:af:ee:7e:45:6d:f9:9b:73:
e1:06:29:04:96:5e:b6:64:25:32:f0:41:98:ed:db:14:5f:2b:
fb:88:97:80:5e:d3:37:c4:70:a5:81:a9:f3:24:4c:d5:2b:39:
1e:fc:92:d5:a8:ca:cb:b6:28:92:d7:fe:d9:3c:93:b2:cb:e6:
80:49:72:df
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEAbI98DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWJhZTUwOWRmN2VjNTI0ZDRmNzUwZmY4MDkyNzRhYjAwNjQ5MzIyMB4XDTIyMDEw
MTE0MDc1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjk0MmM1ZDBmNmJh
YjRhMzUzYWNiNGQ1NDllN2QzYzI5YTk3Y2VhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEMH5aRoLuFiLYGstK4HepF08GWQlYm34vEUGSkog/gUyP3
OzX7y4mSioTkmSkmmvpS+KLp4DWX0AP8AyZDgwTJVgdo1Zcwmcq1fpuXMcDSXTJh
mjnYv2HGAyX29uCZIlA13iA5ueUij6iHYMneyG08Nzs/yZIAnw8npw4ompwn2iNe
07tbBjy8bW9qJDX2kt0JZxD6vj3dUjpTJr1ZhticrQcNxPYiarti5Hh/T/D8JHOg
pEblTPJLPqmohRmZ66Cm8Md/TDAF3FJTndgJD2S4tEkVCJeVcAKXhcoS8L3tE7Au
SIUxh/J9KlYX/yDRrGdZuSX6N6h7W1XHqJvpLtcCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT5QsXQ9rq0o1OstNVJ59PCmpfOqDAfBgNVHSMEGDAWgBQBuuUJ337FJNT3
UP+AknSrAGSTIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FicmxDZDkteFNUVTkxRF9nSkowcXdCa2t5SS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvYWZiYWMwLWU3YTUtNGM5NS04OGI2LTg0YTllZmVjMGQxYi8x
LzEtVUxGMFBhNnRLTlRyTFRWU2VmVHdwcVh6cWcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYy
L2FmYmFjMC1lN2E1LTRjOTUtODhiNi04NGE5ZWZlYzBkMWIvMS9BYnJsQ2Q5LXhT
VFU5MURfZ0pKMHF3QmtreUkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5i1wwDQQCAAIwBwMFAyoHFEAw
DQYJKoZIhvcNAQELBQADggEBAE6/w5E8SF7KSjjQ60UOEMend/sifqSs9wxqA7Gb
ZBcoYe1rEsI+9zX42WWntrI2E7KHKDbVdTgWzMT04WbXQaEBgySXUasHxNUNP0VT
wXueHvRPrLX2FcBGamf09qcyqg4aVmIM96dU5Xd65AWVzTXAq5gFXkat69bwogrQ
wO1JAzi4y/LJ7wgXUEncykAXdYNt7zoZkO03URqHNALvis2vbPT7IsGQR4FyEcTH
tiGatr4u06YVTeqpnYEkLh6v7n5Fbfmbc+EGKQSWXrZkJTLwQZjt2xRfK/uIl4Be
0zfEcKWBqfMkTNUrOR78ktWoysu2KJLX/tk8k7LL5oBJct8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:14:58 2025 by rpki-client