Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/oJLg3QUuNzEeodlm7izYuBFw1NU.roa
File: oJLg3QUuNzEeodlm7izYuBFw1NU.roa (raw, json)
Hash identifier: jq8TJ9wDIadmV9Ocpc/eAvbZFZhkto5ziiNW6yccAwM=
Subject key identifier: A0:92:E0:DD:05:2E:37:31:1E:A1:D9:66:EE:2C:D8:B8:11:70:D4:D5
Certificate issuer: /CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Certificate serial: 01864CB364F7A62D65E1E63C7CC78944561C
Authority key identifier: EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/oJLg3QUuNzEeodlm7izYuBFw1NU.roa
Signing time: Mon 13 Feb 2023 21:34:30 +0000
ROA not before: Mon 13 Feb 2023 21:34:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42000
IP address blocks: 185.216.220.0/22 maxlen: 22
2a0b:bdc0::/29 maxlen: 29
2a0b:bdc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:b3:64:f7:a6:2d:65:e1:e6:3c:7c:c7:89:44:56:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec5fdf6a51b98091e9ec7bdfaf483ec7743a5a25
Validity
Not Before: Feb 13 21:34:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a092e0dd052e37311ea1d966ee2cd8b81170d4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:c0:d9:4d:23:5d:e2:a7:b8:29:5b:01:be:
e9:74:a3:e3:c8:3b:51:67:da:63:32:20:cb:d2:fa:
cd:09:d2:78:25:91:c4:37:17:a9:59:5d:30:c5:ed:
42:21:71:f8:a7:97:e3:44:a9:4f:64:35:42:06:8b:
32:01:e4:20:25:7d:a8:ff:62:13:ce:1c:d6:1d:0b:
15:18:42:2c:0d:18:45:1f:6f:26:2e:ac:77:f0:81:
2d:e2:2c:72:28:e5:d9:fc:56:8d:7d:41:52:5b:4d:
12:a3:79:83:a5:1b:76:b4:e7:3c:c1:c5:fd:f3:09:
4e:bc:05:1c:8e:49:22:dc:e3:70:53:cf:ad:59:48:
90:ac:58:bf:c2:fe:6b:7c:1d:df:d6:0e:de:85:d6:
d5:fe:2b:61:80:73:76:c2:f0:0a:ce:69:23:77:9b:
3e:f9:72:f5:dc:31:9f:b5:c8:31:78:69:fe:39:d8:
6b:8e:35:0a:19:be:49:80:52:ec:c3:4d:6d:9f:33:
21:27:68:de:3f:47:db:7d:3b:f0:65:ff:a0:25:bb:
0d:f2:5d:cd:c1:01:e5:ed:22:6c:ca:a3:ef:0e:bd:
52:e3:22:b0:09:0f:44:cd:00:14:aa:54:8c:3b:be:
00:9e:7e:88:c6:13:cb:d4:cf:d3:1b:ae:ab:9c:ac:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:92:E0:DD:05:2E:37:31:1E:A1:D9:66:EE:2C:D8:B8:11:70:D4:D5
X509v3 Authority Key Identifier:
keyid:EC:5F:DF:6A:51:B9:80:91:E9:EC:7B:DF:AF:48:3E:C7:74:3A:5A:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7F_falG5gJHp7Hvfr0g-x3Q6WiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/oJLg3QUuNzEeodlm7izYuBFw1NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e6a554-d974-4377-becc-cbf343deb7bc/1/7F_falG5gJHp7Hvfr0g-x3Q6WiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.220.0/22
IPv6:
2a0b:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
95:6b:85:0e:08:94:b9:1f:5b:b6:22:5d:76:7a:07:8c:04:d7:
5b:72:9f:bb:e2:b0:09:ed:45:fb:2a:3f:73:3f:49:a2:f3:d3:
8c:61:60:7c:5b:51:e5:3a:a2:4c:fd:91:0e:62:0c:d2:69:b4:
93:4b:67:28:17:8d:e9:2e:63:40:41:0c:ea:62:57:85:ed:c8:
9d:4e:28:bc:0d:12:bb:c6:08:1d:dd:64:ab:42:a4:35:01:a7:
6e:b0:66:b5:6a:17:d5:cd:7c:0f:8f:45:fa:9f:2e:7c:00:38:
e1:92:93:b7:fe:a3:10:a6:db:23:64:30:fa:39:94:a1:12:5e:
0a:50:f9:d6:36:28:c5:a3:d5:17:2c:62:be:29:ff:c2:9a:5a:
78:39:1e:44:67:a4:a2:ab:27:b8:96:fd:42:37:bb:b7:33:39:
8d:22:3c:e5:88:01:97:9d:a2:15:22:75:56:62:98:0b:2e:9f:
4a:c6:34:d5:17:18:94:06:c1:6f:19:c8:a2:df:78:7b:67:7e:
29:f8:5e:aa:48:6f:1b:40:e5:f1:12:6e:c7:7b:d5:07:24:a8:
d8:06:b8:33:cf:ec:07:50:79:71:63:6d:63:58:94:3d:f2:22:
eb:ce:9b:56:c6:6b:7b:03:35:74:48:50:2b:cf:4b:3a:df:72:
92:87:21:64
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZMs2T3pi1l4eY8fMeJRFYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNWZkZjZhNTFiOTgwOTFlOWVjN2JkZmFmNDgzZWM3NzQz
YTVhMjUwHhcNMjMwMjEzMjEzNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkyZTBkZDA1MmUzNzMxMWVhMWQ5NjZlZTJjZDhiODExNzBkNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlDA2U0jXeKnuClbAb7pdKPjyDtR
Z9pjMiDL0vrNCdJ4JZHENxepWV0wxe1CIXH4p5fjRKlPZDVCBosyAeQgJX2o/2IT
zhzWHQsVGEIsDRhFH28mLqx38IEt4ixyKOXZ/FaNfUFSW00So3mDpRt2tOc8wcX9
8wlOvAUcjkki3ONwU8+tWUiQrFi/wv5rfB3f1g7ehdbV/ithgHN2wvAKzmkjd5s+
+XL13DGftcgxeGn+OdhrjjUKGb5JgFLsw01tnzMhJ2jeP0fbfTvwZf+gJbsN8l3N
wQHl7SJsyqPvDr1S4yKwCQ9EzQAUqlSMO74Ann6IxhPL1M/TG66rnKxm1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCS4N0FLjcxHqHZZu4s2LgRcNTVMB8GA1UdIwQY
MBaAFOxf32pRuYCR6ex7369IPsd0OlolMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2Mt
Y2JmMzQzZGViN2JjLzEvb0pMZzNRVXVOekVlb2RsbTdpell1QkZ3MU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lNmE1NTQtZDk3NC00Mzc3LWJlY2MtY2JmMzQzZGViN2Jj
LzEvN0ZfZmFsRzVnSkhwN0h2ZnIwZy14M1E2V2lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudjcMA0E
AgACMAcDBQMqC73AMA0GCSqGSIb3DQEBCwUAA4IBAQCVa4UOCJS5H1u2Il12egeM
BNdbcp+74rAJ7UX7Kj9zP0mi89OMYWB8W1HlOqJM/ZEOYgzSabSTS2coF43pLmNA
QQzqYleF7cidTii8DRK7xggd3WSrQqQ1AadusGa1ahfVzXwPj0X6ny58ADjhkpO3
/qMQptsjZDD6OZShEl4KUPnWNijFo9UXLGK+Kf/Cmlp4OR5EZ6Siqye4lv1CN7u3
MzmNIjzliAGXnaIVInVWYpgLLp9KxjTVFxiUBsFvGcii33h7Z34p+F6qSG8bQOXx
Em7He9UHJKjYBrgzz+wHUHlxY21jWJQ98iLrzptWxmt7AzV0SFArz0s633KShyFk
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:35:14 2025 by rpki-client