Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/bh399bP_NcKA75m3GhsI9aDUuwU.roa
File: bh399bP_NcKA75m3GhsI9aDUuwU.roa (raw, json)
Hash identifier: 8HuAR2hFeYnVEAbriOJ7LIlwT47NEBy3IskVDY7eqmE=
Subject key identifier: 6E:1D:FD:F5:B3:FF:35:C2:80:EF:99:B7:1A:1B:08:F5:A0:D4:BB:05
Certificate issuer: /CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Certificate serial: 294559CF
Authority key identifier: D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/bh399bP_NcKA75m3GhsI9aDUuwU.roa
Signing time: Sat 01 Jan 2022 11:03:37 +0000
ROA not before: Sat 01 Jan 2022 11:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47447
IP address blocks: 185.13.68.0/22 maxlen: 24
62.113.233.0/24 maxlen: 24
185.252.32.0/22 maxlen: 22
62.113.192.0/18 maxlen: 24
212.83.32.0/19 maxlen: 24
2a0c:2040::/29 maxlen: 29
2a00:f48::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 692410831 (0x294559cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d39493a17997d31e8d5aa6ccc9a6bd757f15c030
Validity
Not Before: Jan 1 11:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e1dfdf5b3ff35c280ef99b71a1b08f5a0d4bb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:08:94:c5:52:0f:88:be:08:af:88:28:25:3a:
97:13:7d:7f:76:e3:9a:77:db:ed:77:22:f5:ae:55:
95:05:4c:a2:96:18:24:a5:cc:e6:24:ce:b2:54:03:
a2:7a:23:cf:28:f5:e8:f4:2f:f5:e1:af:4d:e1:f3:
1d:fd:7f:10:6e:4c:2e:b1:d9:b9:5b:5f:15:4f:76:
60:be:8e:a6:50:ad:dc:9e:0d:95:ce:93:db:4c:12:
f2:66:23:61:95:34:ce:54:b1:76:5f:0f:eb:aa:f4:
c2:46:bd:5a:c8:7c:71:d0:36:5c:0b:20:d1:86:65:
77:ae:ac:d1:c2:23:48:e2:72:09:ce:b4:0a:9f:d0:
af:4e:fd:74:a8:88:5e:48:6d:23:91:69:c6:5a:36:
a2:58:66:f7:e8:0d:10:85:c3:6f:1c:f3:06:f3:37:
d7:d9:d8:b3:61:1f:3d:0d:e2:84:fe:fe:c7:51:55:
b8:9e:2a:5a:2b:f0:d6:fe:57:b7:b4:5e:3d:a8:54:
d8:28:1d:db:74:79:71:fe:31:21:ed:a4:38:02:30:
18:50:bd:fa:1a:bf:89:2a:2b:2e:73:f3:5b:01:35:
dd:0b:eb:92:40:cc:00:de:36:96:7f:9b:3e:1f:9f:
52:e0:ed:13:9c:2d:d2:54:57:74:d4:47:0d:fd:1f:
55:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1D:FD:F5:B3:FF:35:C2:80:EF:99:B7:1A:1B:08:F5:A0:D4:BB:05
X509v3 Authority Key Identifier:
keyid:D3:94:93:A1:79:97:D3:1E:8D:5A:A6:CC:C9:A6:BD:75:7F:15:C0:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05SToXmX0x6NWqbMyaa9dX8VwDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/bh399bP_NcKA75m3GhsI9aDUuwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e804e4-7f30-4049-948b-97923297cda7/1/05SToXmX0x6NWqbMyaa9dX8VwDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.192.0/18
185.13.68.0/22
185.252.32.0/22
212.83.32.0/19
IPv6:
2a00:f48::/32
2a0c:2040::/29
Signature Algorithm: sha256WithRSAEncryption
63:0f:7a:8c:b6:e3:ca:93:93:30:69:2e:0f:26:e8:2d:57:29:
02:28:a6:e1:ff:a4:de:dc:b8:5a:bd:74:fe:6c:63:b1:e8:ee:
f5:bc:b4:83:b0:31:79:68:68:8a:d0:2d:39:f8:97:51:dc:a0:
46:37:d5:cc:f3:23:89:a6:2d:18:52:d3:25:06:86:31:b5:a8:
d9:5f:c3:a8:e4:8b:b4:48:15:78:ca:75:fa:17:36:b0:f4:9d:
c4:7d:52:60:8c:9c:dd:8e:4e:1e:f5:c0:ea:a7:fc:21:d4:57:
a2:80:89:d7:04:87:e3:07:54:4a:58:25:5c:d8:a8:0f:a4:e2:
e0:ba:07:ef:a8:30:55:93:20:f0:48:66:b8:88:7b:40:16:29:
a4:b4:94:eb:76:83:59:d2:e4:4f:bc:af:1a:e4:35:66:79:c7:
79:df:c8:b8:d4:8b:24:3c:ba:ca:f9:57:bc:32:13:5c:27:0c:
b6:25:89:51:02:67:5c:b9:d0:0e:19:40:dd:70:a3:e6:52:26:
27:43:a8:70:63:06:ca:c5:0c:b3:5c:1a:34:d1:b6:7c:10:38:
c1:79:d5:48:80:12:6d:91:84:4c:0f:f1:85:69:0c:fe:b7:01:
b7:cd:9d:75:0c:1c:b2:85:51:e7:74:8a:a4:0c:1a:d5:94:1c:
88:12:5e:d0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEKUVZzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Mzk0OTNhMTc5OTdkMzFlOGQ1YWE2Y2NjOWE2YmQ3NTdmMTVjMDMwMB4XDTIyMDEw
MTExMDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmUxZGZkZjViM2Zm
MzVjMjgwZWY5OWI3MWExYjA4ZjVhMGQ0YmIwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcIlMVSD4i+CK+IKCU6lxN9f3bjmnfb7Xci9a5VlQVMopYY
JKXM5iTOslQDonojzyj16PQv9eGvTeHzHf1/EG5MLrHZuVtfFU92YL6OplCt3J4N
lc6T20wS8mYjYZU0zlSxdl8P66r0wka9Wsh8cdA2XAsg0YZld66s0cIjSOJyCc60
Cp/Qr079dKiIXkhtI5Fpxlo2olhm9+gNEIXDbxzzBvM319nYs2EfPQ3ihP7+x1FV
uJ4qWivw1v5Xt7RePahU2Cgd23R5cf4xIe2kOAIwGFC9+hq/iSorLnPzWwE13Qvr
kkDMAN42ln+bPh+fUuDtE5wt0lRXdNRHDf0fVYUCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBRuHf31s/81woDvmbcaGwj1oNS7BTAfBgNVHSMEGDAWgBTTlJOheZfTHo1a
pszJpr11fxXAMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA1U1RvWG1YMHg2TldxYk15YWE5ZFg4VndEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvZTgwNGU0LTdmMzAtNDA0OS05NDhiLTk3OTIzMjk3Y2RhNy8x
L2JoMzk5YlBfTmNLQTc1bTNHaHNJOWFEVXV3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ZTgwNGU0LTdmMzAtNDA0OS05NDhiLTk3OTIzMjk3Y2RhNy8xLzA1U1RvWG1YMHg2
TldxYk15YWE5ZFg4VndEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEBj5xwAMEArkNRAMEArn8IAMEBdRT
IDAUBAIAAjAOAwUAKgAPSAMFAyoMIEAwDQYJKoZIhvcNAQELBQADggEBAGMPeoy2
48qTkzBpLg8m6C1XKQIopuH/pN7cuFq9dP5sY7Ho7vW8tIOwMXloaIrQLTn4l1Hc
oEY31czzI4mmLRhS0yUGhjG1qNlfw6jki7RIFXjKdfoXNrD0ncR9UmCMnN2OTh71
wOqn/CHUV6KAidcEh+MHVEpYJVzYqA+k4uC6B++oMFWTIPBIZriIe0AWKaS0lOt2
g1nS5E+8rxrkNWZ5x3nfyLjUiyQ8usr5V7wyE1wnDLYliVECZ1y50A4ZQN1wo+ZS
JidDqHBjBsrFDLNcGjTRtnwQOMF51UiAEm2RhEwP8YVpDP63AbfNnXUMHLKFUed0
iqQMGtWUHIgSXtA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:23:33 2025 by rpki-client