Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/arhSsDB4USiwfsb31cXLIm9477k.roa
File: arhSsDB4USiwfsb31cXLIm9477k.roa (raw, json)
Hash identifier: vMF4MojA0pbRyzdPtFlgwHfPcNMEyQN1i9CuOS7JUAU=
Subject key identifier: 6A:B8:52:B0:30:78:51:28:B0:7E:C6:F7:D5:C5:CB:22:6F:78:EF:B9
Certificate issuer: /CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Certificate serial: 160E5125
Authority key identifier: B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/arhSsDB4USiwfsb31cXLIm9477k.roa
Signing time: Sat 01 Jan 2022 12:03:29 +0000
ROA not before: Sat 01 Jan 2022 12:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48629
IP address blocks: 185.86.161.0/24 maxlen: 24
185.86.160.0/24 maxlen: 24
185.86.163.0/24 maxlen: 24
185.86.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 370037029 (0x160e5125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a7d05482b84d3bb604f099bcaf9e7ed346889a
Validity
Not Before: Jan 1 12:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ab852b030785128b07ec6f7d5c5cb226f78efb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f4:0b:ba:3c:8c:07:d4:b2:1f:fe:ab:27:e8:
51:27:7d:94:80:1d:1f:80:c2:69:b2:2c:65:0b:03:
60:a5:d2:45:d2:e7:ca:48:b7:bb:be:ff:c6:7e:eb:
03:0c:e1:a6:d9:5f:70:16:f7:16:ca:b3:53:3c:c4:
d8:03:51:e5:59:90:67:bc:65:78:de:c9:10:77:c0:
95:b8:c3:05:e3:f7:11:80:e2:88:99:05:f9:c0:63:
4e:bd:91:8c:d4:71:98:78:7e:5e:2e:df:a8:d3:03:
dd:c3:5f:f5:56:bd:23:62:f9:c3:e3:a9:13:40:cc:
78:78:76:18:ce:27:3c:f0:71:10:e3:e4:66:70:e3:
94:7f:a6:a2:76:b4:23:12:3c:30:71:30:32:32:8f:
a6:0d:14:f4:50:c5:8a:6e:5f:9b:e1:34:0d:fc:28:
0a:08:09:49:32:83:b3:b0:d5:4a:ee:df:e1:fc:18:
02:a0:92:1a:26:a4:7c:7e:80:2f:fd:cf:bb:66:c3:
1f:bf:33:58:cb:d9:cd:2a:6d:77:65:a6:b1:88:37:
f1:bb:a9:91:41:8e:bf:33:c0:3f:ef:c0:e9:e4:92:
64:bf:6e:a3:cf:0b:5d:1d:3f:3a:5f:5c:e9:1a:61:
38:e8:aa:1c:e1:2a:48:56:0e:c0:a0:86:76:72:e0:
eb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B8:52:B0:30:78:51:28:B0:7E:C6:F7:D5:C5:CB:22:6F:78:EF:B9
X509v3 Authority Key Identifier:
keyid:B4:A7:D0:54:82:B8:4D:3B:B6:04:F0:99:BC:AF:9E:7E:D3:46:88:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKfQVIK4TTu2BPCZvK-eftNGiJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/arhSsDB4USiwfsb31cXLIm9477k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9dd8ae-4afc-44c1-9bd0-c532195eef49/1/tKfQVIK4TTu2BPCZvK-eftNGiJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.160.0/22
Signature Algorithm: sha256WithRSAEncryption
81:92:c7:a5:e1:63:ba:13:12:c7:dd:98:c2:3e:0d:36:77:4b:
d1:5c:4d:a9:fc:10:7c:01:f4:20:48:03:8f:c1:85:cc:d0:e8:
64:00:b0:cc:5b:79:1d:a9:e1:9b:7a:42:53:91:c6:65:d1:98:
d9:6c:00:ba:13:68:82:73:aa:d1:9a:29:8a:18:49:57:8a:e6:
d1:13:b1:8e:11:b1:41:42:5c:10:0b:37:f1:2b:3c:60:e4:86:
9c:da:de:3a:bd:ed:63:9d:89:c7:4e:89:0e:b8:1d:1b:e6:f1:
dc:f3:e6:b2:57:8b:81:d5:3b:8a:8d:93:a4:c8:69:cc:a5:1c:
c6:e9:81:03:d3:e3:28:99:3d:c6:37:1d:3d:01:fc:5a:96:c5:
33:52:12:fc:74:ae:49:8f:6f:e5:89:bc:33:6f:9b:91:51:ca:
b3:37:3d:e5:85:e6:30:54:f1:bd:53:11:2f:e5:57:56:e1:5f:
a7:ae:42:7a:c0:8a:02:bd:ee:de:c2:59:cf:33:a9:fe:ab:b2:
59:e1:84:c6:f7:e9:18:e7:a2:bc:20:15:a5:82:29:2c:26:59:
55:e1:e7:a3:0a:02:a8:f7:48:76:88:b9:a3:fe:09:33:fe:04:
a8:40:ae:df:a2:84:be:29:04:8c:2b:b1:69:02:04:11:ee:9e:
98:d0:05:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFg5RJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGE3ZDA1NDgyYjg0ZDNiYjYwNGYwOTliY2FmOWU3ZWQzNDY4ODlhMB4XDTIyMDEw
MTEyMDMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFiODUyYjAzMDc4
NTEyOGIwN2VjNmY3ZDVjNWNiMjI2Zjc4ZWZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMH0C7o8jAfUsh/+qyfoUSd9lIAdH4DCabIsZQsDYKXSRdLn
yki3u77/xn7rAwzhptlfcBb3FsqzUzzE2ANR5VmQZ7xleN7JEHfAlbjDBeP3EYDi
iJkF+cBjTr2RjNRxmHh+Xi7fqNMD3cNf9Va9I2L5w+OpE0DMeHh2GM4nPPBxEOPk
ZnDjlH+mona0IxI8MHEwMjKPpg0U9FDFim5fm+E0DfwoCggJSTKDs7DVSu7f4fwY
AqCSGiakfH6AL/3Pu2bDH78zWMvZzSptd2WmsYg38bupkUGOvzPAP+/A6eSSZL9u
o88LXR0/Ol9c6RphOOiqHOEqSFYOwKCGdnLg64sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRquFKwMHhRKLB+xvfVxcsib3jvuTAfBgNVHSMEGDAWgBS0p9BUgrhNO7YE
8Jm8r55+00aImjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLZlFWSUs0VFR1MkJQQ1p2Sy1lZnROR2lKby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvOWRkOGFlLTRhZmMtNDRjMS05YmQwLWM1MzIxOTVlZWY0OS8x
L2FyaFNzREI0VVNpd2ZzYjMxY1hMSW05NDc3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
OWRkOGFlLTRhZmMtNDRjMS05YmQwLWM1MzIxOTVlZWY0OS8xL3RLZlFWSUs0VFR1
MkJQQ1p2Sy1lZnROR2lKby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlWoDANBgkqhkiG9w0BAQsFAAOC
AQEAgZLHpeFjuhMSx92Ywj4NNndL0VxNqfwQfAH0IEgDj8GFzNDoZACwzFt5Hanh
m3pCU5HGZdGY2WwAuhNognOq0ZopihhJV4rm0ROxjhGxQUJcEAs38Ss8YOSGnNre
Or3tY52Jx06JDrgdG+bx3PPmsleLgdU7io2TpMhpzKUcxumBA9PjKJk9xjcdPQH8
WpbFM1IS/HSuSY9v5Ym8M2+bkVHKszc95YXmMFTxvVMRL+VXVuFfp65CesCKAr3u
3sJZzzOp/quyWeGExvfpGOeivCAVpYIpLCZZVeHnowoCqPdIdoi5o/4JM/4EqECu
36KEvikEjCuxaQIEEe6emNAFzw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:35 2025 by rpki-client