Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/bRdOKPU6jLns7QhrbnwgTZa0FZY.roa
File: bRdOKPU6jLns7QhrbnwgTZa0FZY.roa (raw, json)
Hash identifier: wwp+tfbOdte6LxAfwe7Cf71ln7QojlWme+OBvk798G0=
Subject key identifier: 6D:17:4E:28:F5:3A:8C:B9:EC:ED:08:6B:6E:7C:20:4D:96:B4:15:96
Certificate issuer: /CN=a24cf90329c47ba343a66cd65d38833a357b5955
Certificate serial: 01856C53D4C8CF947F3BFD81E9A2E4C2AAE2
Authority key identifier: A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/bRdOKPU6jLns7QhrbnwgTZa0FZY.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 185.217.28.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d4:c8:cf:94:7f:3b:fd:81:e9:a2:e4:c2:aa:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24cf90329c47ba343a66cd65d38833a357b5955
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d174e28f53a8cb9eced086b6e7c204d96b41596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ac:3b:bc:4f:4f:8c:95:6c:0d:b5:7f:99:65:
05:30:be:46:fc:96:34:6d:36:12:97:b7:84:0a:ec:
74:56:cb:e4:53:c3:64:47:b1:c2:d6:0b:eb:72:d2:
6a:11:bd:fb:03:ea:4a:3a:1b:0b:6b:ad:5c:78:80:
79:db:a9:8f:f7:f7:b9:24:f2:6f:02:7b:5f:e6:70:
52:62:4d:6b:1e:e7:7b:6b:70:fe:50:f4:e1:36:f1:
df:96:ff:5f:45:64:db:fb:d9:fc:f4:ff:06:ef:ba:
39:5c:4e:19:6b:b4:1f:8a:1c:8b:11:34:b7:82:ce:
2a:ab:ce:6f:3a:38:2b:a1:a6:34:ce:82:a9:fb:db:
32:3f:fe:12:a9:18:35:d6:c0:96:4c:a3:c2:2f:f1:
74:fe:1b:18:68:f9:2e:8f:c9:9e:ed:12:b7:04:8c:
61:d5:fd:fa:96:3c:dd:ef:c7:93:29:77:a2:64:f3:
df:a8:9f:53:ed:16:f3:05:ff:41:54:a0:d0:bf:16:
26:bc:53:9f:2f:07:b9:56:fb:96:01:f4:b5:18:89:
ac:1a:2e:03:bd:08:a4:85:cb:18:53:d1:2a:68:88:
68:a7:e2:37:50:4a:db:d6:91:f3:9a:f4:5f:93:e2:
d3:f1:2a:dd:93:ac:f0:b4:24:0e:49:1a:47:53:ce:
99:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:17:4E:28:F5:3A:8C:B9:EC:ED:08:6B:6E:7C:20:4D:96:B4:15:96
X509v3 Authority Key Identifier:
keyid:A2:4C:F9:03:29:C4:7B:A3:43:A6:6C:D6:5D:38:83:3A:35:7B:59:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/okz5AynEe6NDpmzWXTiDOjV7WVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/bRdOKPU6jLns7QhrbnwgTZa0FZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/dea149-4fb8-4978-a46b-33985db8047a/1/okz5AynEe6NDpmzWXTiDOjV7WVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:d6:f2:28:1c:e4:fd:63:f4:27:5b:5b:30:18:f5:55:91:58:
3a:f2:c5:5c:49:ae:ee:0c:11:0e:60:41:51:8b:81:d9:e9:cf:
be:cd:10:dd:7f:bb:c4:ed:a6:89:f5:dc:65:00:1a:67:56:92:
66:b0:0d:7f:02:ca:e2:8c:7f:8f:54:36:de:2b:ea:3c:4b:8e:
f7:15:c6:98:68:80:45:61:e5:7c:f3:23:4b:ed:bc:42:ad:0f:
72:35:a6:ca:58:fc:f9:c9:8b:e8:8a:e0:97:f8:f4:b8:2f:54:
e3:a2:fa:09:ef:9b:f0:b9:43:b3:e3:08:f2:69:53:c6:11:54:
94:44:a0:9a:8f:c4:77:e5:b3:12:a3:4b:20:da:c2:26:b7:75:
60:a6:45:66:62:19:a6:2a:c7:f2:41:31:c8:66:fa:32:b4:3f:
33:5b:cc:82:3a:c8:19:36:d9:d5:4d:ac:3a:3b:04:80:5e:99:
3e:60:66:d9:8b:5a:4d:03:f8:66:eb:8a:43:fb:b2:e0:48:c8:
5c:44:94:48:8d:f3:f9:cf:4b:3c:f6:c5:5e:a8:be:8b:76:a5:
d2:06:97:94:9b:9e:b3:39:25:98:eb:ac:22:cd:52:c2:34:fb:
50:bf:03:dd:6e:5e:57:18:77:32:8b:32:7f:90:7f:8a:86:0f:
0c:bd:c8:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU9TIz5R/O/2B6aLkwqriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGNmOTAzMjljNDdiYTM0M2E2NmNkNjVkMzg4MzNhMzU3
YjU5NTUwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDE3NGUyOGY1M2E4Y2I5ZWNlZDA4NmI2ZTdjMjA0ZDk2YjQxNTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKw7vE9PjJVsDbV/mWUFML5G/JY0
bTYSl7eECux0VsvkU8NkR7HC1gvrctJqEb37A+pKOhsLa61ceIB526mP9/e5JPJv
Antf5nBSYk1rHud7a3D+UPThNvHflv9fRWTb+9n89P8G77o5XE4Za7QfihyLETS3
gs4qq85vOjgroaY0zoKp+9syP/4SqRg11sCWTKPCL/F0/hsYaPkuj8me7RK3BIxh
1f36ljzd78eTKXeiZPPfqJ9T7RbzBf9BVKDQvxYmvFOfLwe5VvuWAfS1GImsGi4D
vQikhcsYU9EqaIhop+I3UErb1pHzmvRfk+LT8Srdk6zwtCQOSRpHU86ZrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0XTij1Ooy57O0Ia258IE2WtBWWMB8GA1UdIwQY
MBaAFKJM+QMpxHujQ6Zs1l04gzo1e1lVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmIt
MzM5ODVkYjgwNDdhLzEvYlJkT0tQVTZqTG5zN1FocmJud2dUWmEwRlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kZWExNDktNGZiOC00OTc4LWE0NmItMzM5ODVkYjgwNDdh
LzEvb2t6NUF5bkVlNk5EcG16V1hUaURPalY3V1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCj1vIoHOT9Y/QnW1swGPVVkVg68sVcSa7uDBEOYEFR
i4HZ6c++zRDdf7vE7aaJ9dxlABpnVpJmsA1/AsrijH+PVDbeK+o8S473FcaYaIBF
YeV88yNL7bxCrQ9yNabKWPz5yYvoiuCX+PS4L1TjovoJ75vwuUOz4wjyaVPGEVSU
RKCaj8R35bMSo0sg2sImt3VgpkVmYhmmKsfyQTHIZvoytD8zW8yCOsgZNtnVTaw6
OwSAXpk+YGbZi1pNA/hm64pD+7LgSMhcRJRIjfP5z0s89sVeqL6LdqXSBpeUm56z
OSWY66wizVLCNPtQvwPdbl5XGHcyizJ/kH+Khg8Mvcjx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:16 2025 by rpki-client