Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/G-aXlaDPqfgBMTydcUPGb4-_MdU.roa
File: G-aXlaDPqfgBMTydcUPGb4-_MdU.roa (raw, json)
Hash identifier: gxHfWBdCmGjeyVebQ++70prjthSypJ7MAkzAWsn9TiU=
Subject key identifier: 1B:E6:97:95:A0:CF:A9:F8:01:31:3C:9D:71:43:C6:6F:8F:BF:31:D5
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018A3C81937DE8BD8EED936BF16AE3927846
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/G-aXlaDPqfgBMTydcUPGb4-_MdU.roa
Signing time: Mon 28 Aug 2023 14:17:19 +0000
ROA not before: Mon 28 Aug 2023 14:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207023
IP address blocks: 85.255.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:81:93:7d:e8:bd:8e:ed:93:6b:f1:6a:e3:92:78:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Aug 28 14:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be69795a0cfa9f801313c9d7143c66f8fbf31d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:13:eb:69:7a:14:c8:58:76:be:f9:74:2c:
a3:d8:af:19:5d:2b:3a:bf:de:b0:14:49:ec:61:8e:
5d:d1:63:ae:93:8b:3a:29:1b:9f:3c:8f:88:82:b4:
73:76:62:66:96:2b:a7:6f:da:86:22:71:aa:88:c5:
d2:07:63:76:ae:72:c4:f9:4f:ce:f3:c6:8a:e5:bb:
fc:21:92:36:a2:ba:30:2d:e6:4b:01:51:2b:83:62:
b8:17:ab:d8:93:bb:0e:b4:c4:e3:68:a5:02:f4:75:
7c:19:f3:eb:ac:88:e5:79:7a:ec:d4:e9:61:60:ea:
23:06:c4:c8:8e:58:b3:a1:dc:50:63:f9:40:9c:52:
fd:4d:90:1a:31:11:da:87:d7:bc:db:b5:ee:86:0e:
85:c5:c7:c6:94:df:a4:a4:df:6f:2b:55:fb:84:32:
14:43:ea:db:05:bd:76:c0:c3:81:d1:a1:dd:eb:e1:
cc:68:09:49:32:1c:89:bb:13:88:69:00:eb:c8:5e:
64:3b:00:7f:7f:65:13:00:83:ba:22:0f:fb:9d:e2:
90:0d:e7:50:bb:85:34:cb:f4:4a:82:fc:88:b8:3a:
01:bc:8c:b6:ae:43:28:9d:53:39:f2:f9:fe:8a:ae:
77:ee:02:82:f4:fe:e5:4b:90:e6:6f:c2:a4:87:2d:
aa:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E6:97:95:A0:CF:A9:F8:01:31:3C:9D:71:43:C6:6F:8F:BF:31:D5
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/G-aXlaDPqfgBMTydcUPGb4-_MdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.112.0/21
Signature Algorithm: sha256WithRSAEncryption
03:9f:3e:60:f4:2c:cc:67:56:5d:f6:e5:63:19:ff:6d:d3:98:
d4:da:59:50:f8:ac:f4:98:7a:31:d1:2f:53:16:c3:69:3c:99:
b0:ab:fc:d6:37:ca:ad:e9:c4:2f:00:9b:16:fc:21:39:7d:0c:
ef:75:1f:1c:ae:f3:7d:9a:3d:68:68:34:21:0b:f5:51:ca:1b:
50:02:46:d7:ea:68:dc:57:5e:91:2e:40:0a:f1:f6:13:a2:e8:
58:73:3f:76:55:a0:74:48:e6:82:06:e8:72:5f:d6:69:8f:89:
d3:92:9d:a5:4e:aa:2a:3c:15:55:a4:04:00:49:25:db:5c:e6:
57:ac:76:a4:e1:53:ec:46:b5:df:ba:0e:6f:91:60:68:9e:9e:
72:0c:79:b7:99:14:3c:fb:36:69:06:6d:7e:8d:4a:82:6d:28:
95:d8:d6:cc:b1:3c:d7:a3:65:9e:01:45:a6:c5:ba:cd:7f:c3:
b8:12:7c:20:c9:60:bb:94:b7:34:6e:26:fa:96:fa:81:1d:6f:
dd:a1:7f:bc:93:28:9e:40:35:6e:44:9a:93:82:a2:35:b1:be:
76:b5:e8:88:5b:62:19:32:b1:35:4e:73:17:7c:fd:ba:ca:52:
3f:a3:92:30:e5:0b:cd:57:f0:fa:71:d2:ed:f6:df:28:98:8d:
54:81:85:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo8gZN96L2O7ZNr8WrjknhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMwODI4MTQxNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU2OTc5NWEwY2ZhOWY4MDEzMTNjOWQ3MTQzYzY2ZjhmYmYzMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ8T62l6FMhYdr75dCyj2K8ZXSs6
v96wFEnsYY5d0WOuk4s6KRufPI+IgrRzdmJmliunb9qGInGqiMXSB2N2rnLE+U/O
88aK5bv8IZI2orowLeZLAVErg2K4F6vYk7sOtMTjaKUC9HV8GfPrrIjleXrs1Olh
YOojBsTIjlizodxQY/lAnFL9TZAaMRHah9e827Xuhg6FxcfGlN+kpN9vK1X7hDIU
Q+rbBb12wMOB0aHd6+HMaAlJMhyJuxOIaQDryF5kOwB/f2UTAIO6Ig/7neKQDedQ
u4U0y/RKgvyIuDoBvIy2rkMonVM58vn+iq537gKC9P7lS5Dmb8Kkhy2qtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvml5Wgz6n4ATE8nXFDxm+PvzHVMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvRy1hWGxhRFBxZmdCTVR5ZGNVUEdiNC1fTWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVf9wMA0G
CSqGSIb3DQEBCwUAA4IBAQADnz5g9CzMZ1Zd9uVjGf9t05jU2llQ+Kz0mHox0S9T
FsNpPJmwq/zWN8qt6cQvAJsW/CE5fQzvdR8crvN9mj1oaDQhC/VRyhtQAkbX6mjc
V16RLkAK8fYTouhYcz92VaB0SOaCBuhyX9Zpj4nTkp2lTqoqPBVVpAQASSXbXOZX
rHak4VPsRrXfug5vkWBonp5yDHm3mRQ8+zZpBm1+jUqCbSiV2NbMsTzXo2WeAUWm
xbrNf8O4EnwgyWC7lLc0bib6lvqBHW/doX+8kyieQDVuRJqTgqI1sb52teiIW2IZ
MrE1TnMXfP26ylI/o5Iw5QvNV/D6cdLt9t8omI1UgYWH
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:08:39 2025 by rpki-client