Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/u2VBl1Bv35EAr3Gr0VnvF6gu0B0.roa
File: u2VBl1Bv35EAr3Gr0VnvF6gu0B0.roa (raw, json)
Hash identifier: ADeelX1EmAOzGRJ7QRx4gFC/nZeF8OPdtTevMbjfflM=
Subject key identifier: BB:65:41:97:50:6F:DF:91:00:AF:71:AB:D1:59:EF:17:A8:2E:D0:1D
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01835A2BEAA6C6DF45858B6BA593A4F4AF09
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/u2VBl1Bv35EAr3Gr0VnvF6gu0B0.roa
Signing time: Tue 20 Sep 2022 09:12:50 +0000
ROA not before: Tue 20 Sep 2022 09:12:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205673
IP address blocks: 185.210.84.0/22 maxlen: 23
185.244.168.0/22 maxlen: 23
185.235.132.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:2b:ea:a6:c6:df:45:85:8b:6b:a5:93:a4:f4:af:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Sep 20 09:12:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb654197506fdf9100af71abd159ef17a82ed01d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ee:20:28:22:d8:5f:0d:6f:57:e3:90:fc:75:
51:45:33:bf:05:8b:5c:ca:ab:d6:08:15:44:2c:1b:
3a:74:71:91:bf:f4:97:ee:f6:b1:df:cb:86:23:be:
8b:2e:7e:79:4f:19:77:94:12:b9:28:42:f5:eb:2d:
61:73:d6:20:9a:bd:3b:f6:63:41:e9:c2:e6:b2:a3:
53:51:d2:55:c5:92:a4:91:2a:84:24:3a:9e:01:03:
0f:f7:90:f0:13:e1:16:ba:60:f4:9e:73:f7:ce:ae:
ed:2d:90:82:ba:ce:06:1f:ac:18:41:e0:dc:b3:fd:
17:ed:26:73:9b:be:36:93:78:34:b8:22:04:75:c9:
bb:b5:cc:af:55:3b:74:b4:81:ee:f5:40:99:4c:86:
16:9d:34:03:c5:b3:cb:02:f8:29:2f:2c:cf:a0:ca:
7a:b2:37:cf:e3:27:9c:24:c7:f9:75:4d:7b:40:86:
03:66:f9:b9:7c:48:46:5c:c9:5d:2b:f7:38:8a:10:
1a:4e:26:b2:32:53:48:72:97:f0:2f:28:3b:a1:cd:
ee:8a:86:e6:73:d2:df:be:92:a7:f2:a9:ee:98:90:
73:86:5c:f6:2c:1f:63:4b:72:12:d4:1f:cb:5e:76:
7d:ae:d3:36:09:1e:42:15:95:0b:ca:99:d1:d2:b1:
31:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:65:41:97:50:6F:DF:91:00:AF:71:AB:D1:59:EF:17:A8:2E:D0:1D
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/u2VBl1Bv35EAr3Gr0VnvF6gu0B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.84.0/22
185.235.132.0/22
185.244.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:28:ed:73:b5:36:b5:eb:12:bb:c9:f4:61:5a:a0:0e:f9:c0:
41:3c:c2:a4:53:aa:bd:4d:b5:46:eb:36:82:66:5c:ec:56:cd:
a7:91:0d:aa:fd:ed:38:01:1a:4f:b2:97:00:1c:44:7e:c7:3a:
76:a0:22:a8:87:dd:a5:3b:4e:41:fc:1b:f0:26:8f:fb:5d:98:
68:6c:55:2c:2f:00:6f:26:c7:28:04:5f:5a:ad:47:9a:3f:40:
ff:1f:92:9b:86:4e:14:0e:4a:c6:4e:3f:96:03:7b:10:4d:48:
ad:88:f2:9b:f6:24:88:67:25:eb:32:e7:8f:9c:73:1f:1d:2b:
07:e9:55:fa:56:65:c4:98:c5:ce:5f:68:26:ee:3c:67:e5:71:
bd:63:e2:1f:21:13:af:ec:a6:1a:dd:94:28:6e:aa:31:5b:9c:
dc:1c:61:f4:85:dd:fb:a8:1c:de:4c:3e:15:4c:b4:bd:1a:d8:
d2:92:b2:7c:87:98:77:d2:c2:16:f1:fe:b0:80:1c:74:18:af:
d3:9a:63:69:97:2b:1b:0d:a5:fa:a6:d0:6b:62:ba:ee:e1:d8:
7a:03:27:c0:62:9c:98:2a:df:91:67:42:de:71:0d:57:d9:fe:
7e:58:44:95:73:46:41:77:a6:3b:85:ec:f3:6c:fd:e6:63:70:
ff:c4:55:75
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYNaK+qmxt9FhYtrpZOk9K8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjIwOTIwMDkxMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1NDE5NzUwNmZkZjkxMDBhZjcxYWJkMTU5ZWYxN2E4MmVkMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+4gKCLYXw1vV+OQ/HVRRTO/BYtc
yqvWCBVELBs6dHGRv/SX7vax38uGI76LLn55Txl3lBK5KEL16y1hc9Ygmr079mNB
6cLmsqNTUdJVxZKkkSqEJDqeAQMP95DwE+EWumD0nnP3zq7tLZCCus4GH6wYQeDc
s/0X7SZzm742k3g0uCIEdcm7tcyvVTt0tIHu9UCZTIYWnTQDxbPLAvgpLyzPoMp6
sjfP4yecJMf5dU17QIYDZvm5fEhGXMldK/c4ihAaTiayMlNIcpfwLyg7oc3uiobm
c9LfvpKn8qnumJBzhlz2LB9jS3IS1B/LXnZ9rtM2CR5CFZULypnR0rExQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLtlQZdQb9+RAK9xq9FZ7xeoLtAdMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL3UyVkJsMUJ2MzVFQXIzR3IwVm52RjZndTBCMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAK50lQD
BAK564QDBAK59KgwDQYJKoZIhvcNAQELBQADggEBALUo7XO1NrXrErvJ9GFaoA75
wEE8wqRTqr1NtUbrNoJmXOxWzaeRDar97TgBGk+ylwAcRH7HOnagIqiH3aU7TkH8
G/Amj/tdmGhsVSwvAG8mxygEX1qtR5o/QP8fkpuGThQOSsZOP5YDexBNSK2I8pv2
JIhnJesy54+ccx8dKwfpVfpWZcSYxc5faCbuPGflcb1j4h8hE6/sphrdlChuqjFb
nNwcYfSF3fuoHN5MPhVMtL0a2NKSsnyHmHfSwhbx/rCAHHQYr9OaY2mXKxsNpfqm
0Gtiuu7h2HoDJ8BinJgq35FnQt5xDVfZ/n5YRJVzRkF3pjuF7PNs/eZjcP/EVXU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:37 2025 by rpki-client