Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/2rqZvI4D4uIcOaYyPZPgNPJcaAQ.roa
File: 2rqZvI4D4uIcOaYyPZPgNPJcaAQ.roa (raw, json)
Hash identifier: MSYkpRomU4m+syqAnXnM2MdkD6c1ezNtbdU0WGxN4oY=
Subject key identifier: DA:BA:99:BC:8E:03:E2:E2:1C:39:A6:32:3D:93:E0:34:F2:5C:68:04
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 018572D5BFE15CF3D3B9B3CDA818A04C43C3
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/2rqZvI4D4uIcOaYyPZPgNPJcaAQ.roa
Signing time: Mon 02 Jan 2023 14:14:48 +0000
ROA not before: Mon 02 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42695
IP address blocks: 185.141.152.0/22 maxlen: 22
2a07:2440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:bf:e1:5c:f3:d3:b9:b3:cd:a8:18:a0:4c:43:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: Jan 2 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daba99bc8e03e2e21c39a6323d93e034f25c6804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:45:64:d9:c6:04:81:03:ba:e9:f2:a8:96:5c:
c7:64:95:0c:55:79:dd:db:f7:ae:1e:ff:1f:e2:31:
1d:6e:ca:68:0f:3b:2d:1d:de:f9:28:66:d5:af:df:
2e:d2:03:51:2b:80:93:53:4b:e9:7f:3c:13:4a:6e:
5c:3f:2d:ac:8f:4d:d4:9f:87:f3:a7:8f:80:91:fc:
c0:30:7f:f5:74:65:c0:76:b9:57:c9:43:26:16:cb:
bb:9e:69:f3:2a:0f:38:ab:3e:0b:69:9d:fa:95:a3:
41:22:7a:8f:68:fc:33:a6:01:96:b0:4d:91:95:76:
10:58:95:09:ff:a2:9e:d4:6f:c4:a2:ce:3f:e7:59:
03:d0:43:96:41:d1:f5:89:b7:1c:27:35:64:a7:01:
92:2d:04:29:7f:c1:55:4d:f0:b4:43:2f:1e:81:a6:
b7:a4:0b:59:48:20:4f:78:b2:2c:8e:88:fb:05:e4:
6a:78:03:d4:c8:b5:1b:96:5b:b6:78:11:07:fd:62:
be:36:70:59:06:db:81:9d:10:4b:00:ec:7f:f9:1e:
75:4e:de:e7:25:76:b6:a6:68:d8:3f:1c:b4:12:fd:
e4:d4:24:62:57:af:a5:ca:36:2c:6b:af:8c:6c:45:
9a:e7:b3:04:2c:4a:e6:ab:df:fa:81:18:71:f2:91:
9f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BA:99:BC:8E:03:E2:E2:1C:39:A6:32:3D:93:E0:34:F2:5C:68:04
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/2rqZvI4D4uIcOaYyPZPgNPJcaAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
45:e5:09:c7:d9:3e:31:35:78:bf:a5:1a:2a:77:52:3a:f2:f5:
01:7a:1f:26:aa:42:88:6b:a3:f3:4b:78:0c:06:9d:47:e5:fb:
73:6c:ea:f8:34:d9:4e:be:c8:e5:df:3a:c7:7b:1c:fe:82:f3:
3e:70:b7:8c:42:07:14:3f:b0:76:07:e2:02:d7:70:bd:af:27:
47:e5:05:97:12:98:75:8a:53:a4:33:08:43:4f:59:45:fc:97:
32:6e:b1:12:4e:67:7d:cc:9e:76:27:76:5e:98:cc:c6:92:76:
b8:18:eb:70:15:ed:3c:ab:93:06:41:18:ac:10:38:06:cc:76:
2b:e9:d8:b7:ae:ee:cb:d7:7d:3e:81:39:6d:0b:0d:44:1b:4e:
6b:33:83:82:58:c1:a2:81:1a:5c:c9:37:f0:5e:ca:05:d4:3e:
ef:5b:a4:33:57:f6:62:0d:ac:67:f2:82:1e:44:b4:d0:4e:ad:
49:03:0d:9a:a2:50:33:7a:ee:11:ac:b5:95:53:8b:8d:f4:25:
ea:7a:7a:86:b0:6f:df:f2:7e:f7:28:64:fa:94:44:3b:d3:3f:
06:f9:a5:33:1d:b0:5a:4c:d8:4c:8a:14:73:57:e5:bb:42:64:
dd:1a:a1:ef:ae:3a:74:57:2c:c8:bc:d1:27:46:b2:18:fb:58:
bc:0d:11:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy1b/hXPPTubPNqBigTEPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjMwMTAyMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJhOTliYzhlMDNlMmUyMWMzOWE2MzIzZDkzZTAzNGYyNWM2ODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UVk2cYEgQO66fKollzHZJUMVXnd
2/euHv8f4jEdbspoDzstHd75KGbVr98u0gNRK4CTU0vpfzwTSm5cPy2sj03Un4fz
p4+AkfzAMH/1dGXAdrlXyUMmFsu7nmnzKg84qz4LaZ36laNBInqPaPwzpgGWsE2R
lXYQWJUJ/6Ke1G/Eos4/51kD0EOWQdH1ibccJzVkpwGSLQQpf8FVTfC0Qy8egaa3
pAtZSCBPeLIsjoj7BeRqeAPUyLUbllu2eBEH/WK+NnBZBtuBnRBLAOx/+R51Tt7n
JXa2pmjYPxy0Ev3k1CRiV6+lyjYsa6+MbEWa57MELErmq9/6gRhx8pGfkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNq6mbyOA+LiHDmmMj2T4DTyXGgEMB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvMnJxWnZJNEQ0dUljT2FZeVBaUGdOUEpjYUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2YMA0E
AgACMAcDBQMqByRAMA0GCSqGSIb3DQEBCwUAA4IBAQBF5QnH2T4xNXi/pRoqd1I6
8vUBeh8mqkKIa6PzS3gMBp1H5ftzbOr4NNlOvsjl3zrHexz+gvM+cLeMQgcUP7B2
B+IC13C9rydH5QWXEph1ilOkMwhDT1lF/JcybrESTmd9zJ52J3ZemMzGkna4GOtw
Fe08q5MGQRisEDgGzHYr6di3ru7L130+gTltCw1EG05rM4OCWMGigRpcyTfwXsoF
1D7vW6QzV/ZiDaxn8oIeRLTQTq1JAw2aolAzeu4RrLWVU4uN9CXqenqGsG/f8n73
KGT6lEQ70z8G+aUzHbBaTNhMihRzV+W7QmTdGqHvrjp0VyzIvNEnRrIY+1i8DRHG
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:51:16 2025 by rpki-client