Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/Avo-Quu8hG0FQxfqgoesl6UFPZo.roa
File: Avo-Quu8hG0FQxfqgoesl6UFPZo.roa (raw, json)
Hash identifier: JzmVuKqpN7kueTi4K8tytdLvmW9KEAGgJiOvy1UUhWw=
Subject key identifier: 02:FA:3E:42:EB:BC:84:6D:05:43:17:EA:82:87:AC:97:A5:05:3D:9A
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 0182440A09241E27AB8BCA219929531AF1F3
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/Avo-Quu8hG0FQxfqgoesl6UFPZo.roa
Signing time: Thu 28 Jul 2022 09:01:24 +0000
ROA not before: Thu 28 Jul 2022 09:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12459
IP address blocks: 185.241.212.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
185.119.90.0/24 maxlen: 24
2a0c:bf80:5a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:44:0a:09:24:1e:27:ab:8b:ca:21:99:29:53:1a:f1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Jul 28 09:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02fa3e42ebbc846d054317ea8287ac97a5053d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:b0:7f:0e:61:5e:11:69:83:24:c4:a8:c4:
ae:fe:e6:05:68:c4:53:4e:6d:62:ea:d6:98:6f:8e:
e4:4c:69:7d:fe:06:2c:c7:a3:a2:b2:b9:64:94:79:
e3:b4:19:b2:42:fc:a0:8c:ae:2e:10:64:1d:b9:c8:
86:73:47:b2:81:2f:11:e6:35:da:e3:b7:c4:47:81:
3a:07:e7:5c:6d:3f:69:c0:ee:cb:21:78:f3:ea:e3:
48:e5:dd:bc:4d:39:8e:44:9e:68:9e:e5:39:e0:24:
61:32:e7:79:ea:98:40:e2:4e:91:db:3e:2c:5f:6b:
27:03:cb:e0:3a:f7:72:4a:6b:cc:93:e3:4a:15:a0:
f0:a7:f4:e6:fe:26:13:ad:1b:f5:c0:fb:fa:c8:f2:
cf:68:24:92:cb:0a:97:92:8f:bb:56:90:69:df:25:
2b:c4:78:e1:d9:0f:7c:10:b7:7a:63:1c:da:c5:70:
57:6e:d1:ef:97:a0:d2:7d:3c:e0:90:30:44:d5:c4:
b1:f1:56:66:c3:29:79:05:bf:38:75:70:f0:eb:e9:
4b:69:0a:bc:8f:6c:47:0f:e8:37:9c:e6:c2:de:2d:
29:1c:46:94:25:74:92:35:13:72:2e:4f:ca:a2:e7:
bb:60:83:c7:98:4c:31:62:35:80:89:cc:d6:f0:ad:
51:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:3E:42:EB:BC:84:6D:05:43:17:EA:82:87:AC:97:A5:05:3D:9A
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/Avo-Quu8hG0FQxfqgoesl6UFPZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.89.0-185.119.90.255
185.241.212.0/24
IPv6:
2a0c:bf80:5a::/48
Signature Algorithm: sha256WithRSAEncryption
09:11:79:81:78:84:74:05:6f:d3:94:c1:a3:d5:27:c3:1a:82:
29:39:c7:e4:ef:d4:01:18:e1:8f:a6:08:67:ba:9c:91:cb:44:
7f:33:de:f2:2a:c5:05:9e:d5:3b:b8:8e:ca:f9:90:fd:88:17:
f9:8f:6b:46:33:e5:49:06:8a:d8:90:2f:82:fb:0b:9f:4a:59:
7c:f3:de:33:a1:e7:71:9a:2a:ec:c7:6a:b4:7f:5f:7d:69:d6:
e9:de:06:d7:13:07:37:ed:de:da:7c:a7:d1:71:d9:3e:26:5f:
b8:44:ff:02:05:a1:9f:54:6a:a0:24:c2:01:32:3a:1c:24:87:
82:9c:0f:f6:b9:c6:75:00:34:b4:77:ba:dc:9b:0b:af:29:9b:
7c:87:7c:da:28:3d:ca:23:0c:ab:05:87:7e:eb:78:81:e4:c2:
d5:6f:db:c4:fc:65:54:4d:9a:1e:bf:cf:99:74:48:0a:bb:60:
fb:13:4d:b7:98:5d:64:26:29:03:f5:56:4d:dc:54:e0:b8:1d:
bd:f5:38:7c:7e:b5:26:ac:c3:91:ae:13:4e:12:ef:1e:d9:62:
1f:71:0e:b4:a8:41:e3:34:44:55:4a:9b:30:55:37:4a:87:c1:
b6:c6:89:89:8d:8a:b9:be:a5:d6:4d:d4:c4:3e:33:7f:6b:c0:
92:8e:b2:45
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYJECgkkHieri8ohmSlTGvHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjIwNzI4MDkwMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhM2U0MmViYmM4NDZkMDU0MzE3ZWE4Mjg3YWM5N2E1MDUzZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7mwfw5hXhFpgyTEqMSu/uYFaMRT
Tm1i6taYb47kTGl9/gYsx6OisrlklHnjtBmyQvygjK4uEGQduciGc0eygS8R5jXa
47fER4E6B+dcbT9pwO7LIXjz6uNI5d28TTmORJ5onuU54CRhMud56phA4k6R2z4s
X2snA8vgOvdySmvMk+NKFaDwp/Tm/iYTrRv1wPv6yPLPaCSSywqXko+7VpBp3yUr
xHjh2Q98ELd6YxzaxXBXbtHvl6DSfTzgkDBE1cSx8VZmwyl5Bb84dXDw6+lLaQq8
j2xHD+g3nObC3i0pHEaUJXSSNRNyLk/Koue7YIPHmEwxYjWAiczW8K1R2QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFAL6PkLrvIRtBUMX6oKHrJelBT2aMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvQXZvLVF1dThoRzBGUXhmcWdvZXNsNlVGUFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAC5d1kD
BAC5d1oDBAC58dQwDwQCAAIwCQMHACoMv4AAWjANBgkqhkiG9w0BAQsFAAOCAQEA
CRF5gXiEdAVv05TBo9UnwxqCKTnH5O/UARjhj6YIZ7qckctEfzPe8irFBZ7VO7iO
yvmQ/YgX+Y9rRjPlSQaK2JAvgvsLn0pZfPPeM6HncZoq7MdqtH9ffWnW6d4G1xMH
N+3e2nyn0XHZPiZfuET/AgWhn1RqoCTCATI6HCSHgpwP9rnGdQA0tHe63JsLrymb
fId82ig9yiMMqwWHfut4geTC1W/bxPxlVE2aHr/PmXRICrtg+xNNt5hdZCYpA/VW
TdxU4LgdvfU4fH61JqzDka4TThLvHtliH3EOtKhB4zREVUqbMFU3SofBtsaJiY2K
ub6l1k3UxD4zf2vAko6yRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:23 2025 by rpki-client