Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/lOAfWhNrjSyehjs-ctvzyq6u4A0.roa
File: lOAfWhNrjSyehjs-ctvzyq6u4A0.roa (raw, json)
Hash identifier: laLaqUxbIc9B3anjAnU5pUlDB55t2lx7AyugC/qayRk=
Subject key identifier: 94:E0:1F:5A:13:6B:8D:2C:9E:86:3B:3E:72:DB:F3:CA:AE:AE:E0:0D
Certificate issuer: /CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Certificate serial: 06280823
Authority key identifier: E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/lOAfWhNrjSyehjs-ctvzyq6u4A0.roa
Signing time: Sat 01 Jan 2022 04:00:49 +0000
ROA not before: Sat 01 Jan 2022 04:00:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207594
IP address blocks: 85.116.152.0/22 maxlen: 22
85.116.152.0/21 maxlen: 21
85.116.148.0/22 maxlen: 22
85.116.158.0/24 maxlen: 24
85.116.159.0/24 maxlen: 24
85.116.156.0/23 maxlen: 23
185.30.80.0/22 maxlen: 22
185.68.192.0/22 maxlen: 22
2a05:10c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103286819 (0x6280823)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Validity
Not Before: Jan 1 04:00:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94e01f5a136b8d2c9e863b3e72dbf3caaeaee00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:fd:0c:9d:bb:03:b1:f7:b1:6b:44:07:6c:
69:68:6d:8e:ef:db:18:d5:07:e5:dd:b9:4d:b0:c3:
14:78:fb:7f:0b:a4:7a:ce:34:40:ad:c4:27:1f:5c:
a9:a9:c9:cd:8e:5f:b9:26:e9:3c:ce:23:c7:40:73:
e9:14:71:7f:9d:e3:c7:ad:05:3a:ed:96:d4:70:a2:
ff:08:e4:0f:40:25:52:be:c7:a7:e4:b9:de:f8:df:
2e:0c:a2:df:3a:47:42:d9:20:54:ca:ed:40:30:4a:
50:84:63:0a:01:cd:6d:e3:77:6c:e5:8f:4a:b0:15:
42:95:0c:b9:75:77:ee:12:b9:bf:6a:13:d3:f2:98:
7f:6a:22:4a:81:68:95:c0:82:fa:12:85:ea:8d:f8:
4e:e5:5d:3b:86:6c:c5:3e:9c:ac:bd:02:b0:90:60:
5f:4e:cf:d1:cc:73:72:f2:19:b6:87:bf:21:33:25:
e1:00:8d:61:04:f7:7e:e8:7d:f6:a9:16:4f:c9:39:
e9:88:d4:ce:5d:e9:87:e6:77:6a:c2:1a:e4:40:78:
53:9d:7a:61:82:db:e2:fa:6c:1c:3f:b1:8b:cb:37:
e6:bc:fc:a0:81:ca:86:81:1d:a2:cb:fa:13:fe:6b:
b7:ab:e4:31:50:de:25:b6:05:29:6c:a4:42:8f:4b:
74:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E0:1F:5A:13:6B:8D:2C:9E:86:3B:3E:72:DB:F3:CA:AE:AE:E0:0D
X509v3 Authority Key Identifier:
keyid:E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/lOAfWhNrjSyehjs-ctvzyq6u4A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.148.0-85.116.159.255
185.30.80.0/22
185.68.192.0/22
IPv6:
2a05:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:9e:01:39:b5:8a:fc:9e:09:56:0f:71:e0:48:5a:e0:70:e1:
83:a6:75:90:5a:99:aa:8a:1c:26:00:d7:11:d8:31:c0:81:19:
5d:7d:42:7f:0b:4e:3e:29:e5:f7:d7:00:14:d4:3d:3b:16:a6:
69:84:d8:ba:05:6e:c6:b4:30:2c:e8:f4:db:f6:6c:fa:65:65:
b7:02:dd:ff:7f:c6:35:be:bf:52:9a:73:e0:4f:60:23:97:b2:
7b:9b:15:2c:a7:cc:67:53:5c:d2:20:62:a7:fb:94:6b:3e:a6:
9a:08:1e:6c:d3:2e:9c:e3:5a:ca:37:f8:af:7c:bb:78:a0:fe:
cb:8b:3f:88:54:e3:ad:07:76:22:5f:02:72:07:f7:83:fd:b0:
93:60:bc:32:dd:e1:8d:9b:20:ac:f0:87:10:95:83:6a:e2:34:
61:4a:2c:6d:c8:17:91:cf:07:39:30:e2:4b:0b:c3:64:02:17:
a9:d9:3b:61:ae:2f:ca:76:b2:f8:06:d3:e2:89:41:b2:12:51:
93:db:bb:43:7b:ed:c1:5b:1a:46:53:bd:d6:0b:13:78:e4:bf:
0d:fe:61:4e:27:d4:28:1e:59:7e:04:57:ff:d0:bd:77:dd:fa:
7c:c5:e2:8a:bc:17:1b:7e:aa:1b:fd:fd:14:85:f2:c6:7e:3a:
05:f4:e2:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBigIIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MTRmMjY0ZmE0YTRjOTBkY2I0YTk5Y2NjZWM1MGM1NTA4ZjQ0NDk4MB4XDTIyMDEw
MTA0MDA0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRlMDFmNWExMzZi
OGQyYzllODYzYjNlNzJkYmYzY2FhZWFlZTAwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbp/QyduwOx97FrRAdsaWhtju/bGNUH5d25TbDDFHj7fwuk
es40QK3EJx9cqanJzY5fuSbpPM4jx0Bz6RRxf53jx60FOu2W1HCi/wjkD0AlUr7H
p+S53vjfLgyi3zpHQtkgVMrtQDBKUIRjCgHNbeN3bOWPSrAVQpUMuXV37hK5v2oT
0/KYf2oiSoFolcCC+hKF6o34TuVdO4ZsxT6crL0CsJBgX07P0cxzcvIZtoe/ITMl
4QCNYQT3fuh99qkWT8k56YjUzl3ph+Z3asIa5EB4U516YYLb4vpsHD+xi8s35rz8
oIHKhoEdosv6E/5rt6vkMVDeJbYFKWykQo9LdH0CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSU4B9aE2uNLJ6GOz5y2/PKrq7gDTAfBgNVHSMEGDAWgBThTyZPpKTJDctK
mczOxQxVCPREmDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRVOG1UNlNreVEzTFNwbk16c1VNVlFqMFJKZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmMvNDE1OWMzLTgxNGQtNDAwMS04NTI3LTEzOTA0Mzc0OWM0OC8x
L2xPQWZXaE5yalN5ZWhqcy1jdHZ6eXE2dTRBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmMv
NDE1OWMzLTgxNGQtNDAwMS04NTI3LTEzOTA0Mzc0OWM0OC8xLzRVOG1UNlNreVEz
TFNwbk16c1VNVlFqMFJKZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQCVXSUAwQFVXSAAwQCuR5QAwQC
uUTAMA0EAgACMAcDBQMqBRDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLngE5tYr8nglW
D3HgSFrgcOGDpnWQWpmqihwmANcR2DHAgRldfUJ/C04+KeX31wAU1D07FqZphNi6
BW7GtDAs6PTb9mz6ZWW3At3/f8Y1vr9SmnPgT2Ajl7J7mxUsp8xnU1zSIGKn+5Rr
PqaaCB5s0y6c41rKN/ivfLt4oP7Liz+IVOOtB3YiXwJyB/eD/bCTYLwy3eGNmyCs
8IcQlYNq4jRhSixtyBeRzwc5MOJLC8NkAhep2Tthri/KdrL4BtPiiUGyElGT27tD
e+3BWxpGU73WCxN45L8N/mFOJ9QoHll+BFf/0L133fp8xeKKvBcbfqob/f0UhfLG
fjoF9OIX
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:36:39 2025 by rpki-client