Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/9SgSvdbwJcOcxNVvUjt9pH8GxBY.roa
File: 9SgSvdbwJcOcxNVvUjt9pH8GxBY.roa (raw, json)
Hash identifier: 524/h2yPeyukTa7HEt5QCjA19IfKmL/Ac38Dlk6WW/w=
Subject key identifier: F5:28:12:BD:D6:F0:25:C3:9C:C4:D5:6F:52:3B:7D:A4:7F:06:C4:16
Certificate issuer: /CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Certificate serial: 01856FF0208E7DC8EDAA1B81A7F7096C64B3
Authority key identifier: 85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/9SgSvdbwJcOcxNVvUjt9pH8GxBY.roa
Signing time: Mon 02 Jan 2023 00:44:45 +0000
ROA not before: Mon 02 Jan 2023 00:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3352
IP address blocks: 185.51.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:20:8e:7d:c8:ed:aa:1b:81:a7:f7:09:6c:64:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85b611a0b7d4334b7a2395e8cce7b0e3c9b838e8
Validity
Not Before: Jan 2 00:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f52812bdd6f025c39cc4d56f523b7da47f06c416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c0:d3:d3:0d:f9:42:25:88:65:23:7b:d6:90:
3f:94:f0:63:3c:da:64:31:5a:03:55:44:72:9d:f1:
bb:ef:9e:a7:7b:a4:51:f7:63:dd:b8:e3:1a:b2:4c:
ec:c9:fb:af:70:6f:61:2f:58:90:dc:4c:ec:2c:f4:
39:19:fd:9f:01:c2:66:2f:5f:d3:6b:71:2f:dd:37:
40:87:ee:8d:fd:d7:be:a6:b2:75:96:fc:ed:3b:f6:
d4:b8:88:1f:55:8e:1f:eb:c6:97:52:89:16:02:9d:
eb:0e:95:9c:d8:0e:7a:a9:7d:7e:7b:82:78:ef:be:
00:9c:f6:e4:a2:a8:74:96:aa:92:06:e8:b3:f6:0a:
18:c7:d8:75:45:7b:c5:c0:50:34:c4:fa:b5:ae:95:
14:11:1e:6d:0f:92:78:1d:38:e6:eb:46:a9:25:4c:
8d:bb:fa:42:68:43:0f:81:45:87:2f:64:50:bc:12:
d2:38:32:ac:01:71:5c:c1:64:fe:36:c9:13:a7:b7:
7f:0e:fd:75:4a:80:48:d5:7a:98:32:64:49:e3:79:
e1:4c:3b:f3:6f:c0:7f:db:91:da:56:9f:36:59:30:
91:bf:4a:e1:6a:74:79:77:1a:0c:ce:51:a5:4e:53:
82:a8:87:58:63:c4:e4:cd:16:c7:c9:5c:a4:86:8d:
30:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:28:12:BD:D6:F0:25:C3:9C:C4:D5:6F:52:3B:7D:A4:7F:06:C4:16
X509v3 Authority Key Identifier:
keyid:85:B6:11:A0:B7:D4:33:4B:7A:23:95:E8:CC:E7:B0:E3:C9:B8:38:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hbYRoLfUM0t6I5XozOew48m4OOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/9SgSvdbwJcOcxNVvUjt9pH8GxBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9d563d-c470-43b3-82bb-88cb4e7106ea/1/hbYRoLfUM0t6I5XozOew48m4OOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:e3:cd:0d:fa:7d:cb:ac:cc:e1:5e:fd:8d:ce:4f:26:0f:c8:
1a:20:52:b5:7b:16:00:b3:c3:ac:59:f8:c4:19:85:4b:97:46:
5e:a5:4b:a7:5c:f9:89:7a:84:ae:36:18:eb:06:d7:6b:10:97:
39:bc:51:dc:3f:34:85:f9:9e:dc:e2:cb:02:9c:14:06:fe:5c:
d6:14:b8:74:2c:6c:1d:ad:55:35:07:8a:c6:d7:b3:bf:b2:8f:
a7:8f:c0:42:45:c4:48:b7:fe:d8:43:57:c1:47:d0:be:dc:d3:
b5:c6:4c:5f:dc:89:d9:6b:92:78:6b:73:e0:a3:72:bd:d4:df:
80:b7:dd:f5:36:ab:89:f9:28:fa:a3:45:63:8d:d0:82:aa:c4:
e6:bd:64:10:2b:92:33:33:8b:ee:c5:16:8e:85:b2:96:33:36:
f9:fd:3a:bd:c5:70:c0:d4:81:2e:4f:2e:e9:5b:62:64:b3:c0:
4d:2f:e2:05:d8:fe:26:f7:d6:f4:b4:5b:83:e6:fc:04:d2:8d:
54:cd:a5:df:4c:3a:97:31:2f:ea:58:5f:f2:61:07:e3:f7:96:
e1:7c:fc:00:e4:4e:11:e0:55:69:92:94:e9:87:38:06:70:30:
7c:c2:61:b4:4c:e7:63:27:1f:1a:54:6c:93:07:08:d0:74:b4:
f1:d3:9f:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8CCOfcjtqhuBp/cJbGSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YjYxMWEwYjdkNDMzNGI3YTIzOTVlOGNjZTdiMGUzYzli
ODM4ZTgwHhcNMjMwMTAyMDA0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTI4MTJiZGQ2ZjAyNWMzOWNjNGQ1NmY1MjNiN2RhNDdmMDZjNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMDT0w35QiWIZSN71pA/lPBjPNpk
MVoDVURynfG7756ne6RR92PduOMaskzsyfuvcG9hL1iQ3EzsLPQ5Gf2fAcJmL1/T
a3Ev3TdAh+6N/de+prJ1lvztO/bUuIgfVY4f68aXUokWAp3rDpWc2A56qX1+e4J4
774AnPbkoqh0lqqSBuiz9goYx9h1RXvFwFA0xPq1rpUUER5tD5J4HTjm60apJUyN
u/pCaEMPgUWHL2RQvBLSODKsAXFcwWT+NskTp7d/Dv11SoBI1XqYMmRJ43nhTDvz
b8B/25HaVp82WTCRv0rhanR5dxoMzlGlTlOCqIdYY8TkzRbHyVykho0wlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPUoEr3W8CXDnMTVb1I7faR/BsQWMB8GA1UdIwQY
MBaAFIW2EaC31DNLeiOV6MznsOPJuDjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmIt
ODhjYjRlNzEwNmVhLzEvOVNnU3ZkYndKY09jeE5WdlVqdDlwSDhHeEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ZDU2M2QtYzQ3MC00M2IzLTgyYmItODhjYjRlNzEwNmVh
LzEvaGJZUm9MZlVNMHQ2STVYb3pPZXc0OG00T09nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTMsMA0G
CSqGSIb3DQEBCwUAA4IBAQAe480N+n3LrMzhXv2Nzk8mD8gaIFK1exYAs8OsWfjE
GYVLl0ZepUunXPmJeoSuNhjrBtdrEJc5vFHcPzSF+Z7c4ssCnBQG/lzWFLh0LGwd
rVU1B4rG17O/so+nj8BCRcRIt/7YQ1fBR9C+3NO1xkxf3InZa5J4a3Pgo3K91N+A
t931NquJ+Sj6o0VjjdCCqsTmvWQQK5IzM4vuxRaOhbKWMzb5/Tq9xXDA1IEuTy7p
W2Jks8BNL+IF2P4m99b0tFuD5vwE0o1UzaXfTDqXMS/qWF/yYQfj95bhfPwA5E4R
4FVpkpTphzgGcDB8wmG0TOdjJx8aVGyTBwjQdLTx05+/
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:11:00 2025 by rpki-client