Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/1QgV5sxyCIGzKwT5R-aoJaFLq-A.roa
File: 1QgV5sxyCIGzKwT5R-aoJaFLq-A.roa (raw, json)
Hash identifier: 3OxuU+BU/XlzGVmEBNc6Vedxc7jpRzSXq2FlD+8Fwnc=
Subject key identifier: D5:08:15:E6:CC:72:08:81:B3:2B:04:F9:47:E6:A8:25:A1:4B:AB:E0
Certificate issuer: /CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Certificate serial: 0230E9E3
Authority key identifier: 13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/1QgV5sxyCIGzKwT5R-aoJaFLq-A.roa
Signing time: Sat 01 Jan 2022 03:56:27 +0000
ROA not before: Sat 01 Jan 2022 03:56:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211417
IP address blocks: 185.144.92.0/22 maxlen: 24
2a03:a920::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36760035 (0x230e9e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13afa6ce6542e1bb523e1d03bd00a4d22b7fdaed
Validity
Not Before: Jan 1 03:56:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d50815e6cc720881b32b04f947e6a825a14babe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:e6:52:cc:b6:bf:e6:29:26:1b:87:6d:55:
46:4f:28:80:d8:36:5a:c4:8f:5e:4f:7f:de:c9:5c:
36:06:89:93:95:37:3f:d6:ef:6d:3b:d0:0d:e7:9c:
d0:33:17:19:b7:2c:14:69:13:c4:75:bf:c5:cd:b8:
72:8a:15:0c:d2:53:ad:6b:d2:72:c2:6b:e2:10:31:
27:53:cc:b9:75:e4:54:a8:bd:6d:50:93:f4:bf:3f:
0f:9b:96:40:03:8b:15:34:96:74:e8:d4:75:dd:af:
04:e0:c1:a1:42:3f:ca:ba:4a:9a:f2:b5:e2:6f:07:
1b:16:5b:37:d3:f5:5e:0d:e1:cd:7e:82:e0:c6:84:
ab:a9:ce:70:1a:86:61:09:c3:67:0f:ed:f9:ca:0a:
ad:3e:0e:4a:6f:1f:cb:9e:bd:de:69:48:27:65:af:
d4:fe:85:7d:04:c4:b7:f6:58:e8:a4:7b:35:a7:ff:
9e:db:2e:59:74:4e:66:75:bd:18:bb:e3:80:ef:b0:
1c:8b:63:05:c0:54:7b:2e:2b:17:7f:b3:e5:bd:06:
e0:12:77:06:a9:4a:3e:43:fb:c5:24:d4:c8:74:68:
6b:b5:fe:e5:67:6a:4b:d1:65:a9:4d:bd:87:9c:db:
1b:d7:b3:1b:7b:20:ee:d7:3c:f1:57:59:84:d7:1b:
af:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:08:15:E6:CC:72:08:81:B3:2B:04:F9:47:E6:A8:25:A1:4B:AB:E0
X509v3 Authority Key Identifier:
keyid:13:AF:A6:CE:65:42:E1:BB:52:3E:1D:03:BD:00:A4:D2:2B:7F:DA:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6-mzmVC4btSPh0DvQCk0it_2u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/1QgV5sxyCIGzKwT5R-aoJaFLq-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/731c7c-9a17-4bca-984c-c7fbfc4dc9dc/1/E6-mzmVC4btSPh0DvQCk0it_2u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.92.0/22
IPv6:
2a03:a920::/32
Signature Algorithm: sha256WithRSAEncryption
32:93:4d:75:c5:ed:25:dc:b0:c8:d4:3d:ec:e8:2a:b8:cd:d4:
e6:de:ed:8e:43:02:5f:7e:31:c1:b3:ff:92:5d:72:e7:77:32:
22:39:4a:a8:7c:44:17:3f:fe:63:a0:ee:e0:12:bc:3f:11:c6:
fc:13:38:10:21:25:cd:a1:bc:08:ca:9f:39:bb:fb:c4:e6:31:
d7:64:cb:7c:53:c9:5a:85:ac:12:9e:e5:09:3c:44:d4:22:6e:
73:f1:2c:a0:72:ab:33:75:7f:1a:fa:de:c7:f3:02:db:d8:d4:
6f:d0:03:04:6d:b4:b8:3c:a9:73:78:84:20:e2:6a:28:d9:61:
3a:6b:14:95:b0:05:f3:9b:cb:9c:1f:10:96:77:51:66:23:c6:
0e:ff:40:bc:87:d9:d2:7f:e8:90:ac:31:dc:d6:cc:0a:bd:b2:
fc:2b:47:2f:86:8f:9d:a2:89:d3:b9:26:78:6e:0f:98:c1:66:
b0:7b:b9:74:ae:d9:86:0c:48:db:de:6a:94:45:cf:89:e7:19:
76:30:52:14:26:0d:69:cc:f3:50:67:2a:3a:b6:a2:47:21:b3:
ee:74:1c:84:cd:7d:42:51:ac:0c:cd:ec:4c:93:b8:0e:80:a2:
bd:18:8c:1b:51:02:2c:db:29:a1:f8:5d:d2:56:ec:97:db:b6:
e6:18:9b:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAjDp4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
M2FmYTZjZTY1NDJlMWJiNTIzZTFkMDNiZDAwYTRkMjJiN2ZkYWVkMB4XDTIyMDEw
MTAzNTYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUwODE1ZTZjYzcy
MDg4MWIzMmIwNGY5NDdlNmE4MjVhMTRiYWJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqs5lLMtr/mKSYbh21VRk8ogNg2WsSPXk9/3slcNgaJk5U3
P9bvbTvQDeec0DMXGbcsFGkTxHW/xc24cooVDNJTrWvScsJr4hAxJ1PMuXXkVKi9
bVCT9L8/D5uWQAOLFTSWdOjUdd2vBODBoUI/yrpKmvK14m8HGxZbN9P1Xg3hzX6C
4MaEq6nOcBqGYQnDZw/t+coKrT4OSm8fy5693mlIJ2Wv1P6FfQTEt/ZY6KR7Naf/
ntsuWXROZnW9GLvjgO+wHItjBcBUey4rF3+z5b0G4BJ3BqlKPkP7xSTUyHRoa7X+
5WdqS9FlqU29h5zbG9ezG3sg7tc88VdZhNcbr+sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTVCBXmzHIIgbMrBPlH5qgloUur4DAfBgNVHSMEGDAWgBQTr6bOZULhu1I+
HQO9AKTSK3/a7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0U2LW16bVZDNGJ0U1BoMER2UUNrMGl0XzJ1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvNzMxYzdjLTlhMTctNGJjYS05ODRjLWM3ZmJmYzRkYzlkYy8x
LzFRZ1Y1c3h5Q0lHekt3VDVSLWFvSmFGTHEtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
NzMxYzdjLTlhMTctNGJjYS05ODRjLWM3ZmJmYzRkYzlkYy8xL0U2LW16bVZDNGJ0
U1BoMER2UUNrMGl0XzJ1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmQXDANBAIAAjAHAwUAKgOpIDAN
BgkqhkiG9w0BAQsFAAOCAQEAMpNNdcXtJdywyNQ97OgquM3U5t7tjkMCX34xwbP/
kl1y53cyIjlKqHxEFz/+Y6Du4BK8PxHG/BM4ECElzaG8CMqfObv7xOYx12TLfFPJ
WoWsEp7lCTxE1CJuc/EsoHKrM3V/Gvrex/MC29jUb9ADBG20uDypc3iEIOJqKNlh
OmsUlbAF85vLnB8QlndRZiPGDv9AvIfZ0n/okKwx3NbMCr2y/CtHL4aPnaKJ07km
eG4PmMFmsHu5dK7ZhgxI295qlEXPiecZdjBSFCYNaczzUGcqOraiRyGz7nQchM19
QlGsDM3sTJO4DoCivRiMG1ECLNspofhd0lbsl9u25hibQQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:58:21 2025 by rpki-client