Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ESqxMuJS9ZVcHaIsR8efQlD8zZw.roa
File: ESqxMuJS9ZVcHaIsR8efQlD8zZw.roa (raw, json)
Hash identifier: sduZn4VNtRUvboMtcmRJZyCE9qW48isdt/6XBSlHkm4=
Subject key identifier: 11:2A:B1:32:E2:52:F5:95:5C:1D:A2:2C:47:C7:9F:42:50:FC:CD:9C
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 0185729EB9CC9354FDCE65D63DA4A058F4C3
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ESqxMuJS9ZVcHaIsR8efQlD8zZw.roa
Signing time: Mon 02 Jan 2023 13:14:42 +0000
ROA not before: Mon 02 Jan 2023 13:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202932
IP address blocks: 185.47.224.0/22 maxlen: 22
185.47.227.0/24 maxlen: 24
185.150.68.0/22 maxlen: 22
2a07:6e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:b9:cc:93:54:fd:ce:65:d6:3d:a4:a0:58:f4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Jan 2 13:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=112ab132e252f5955c1da22c47c79f4250fccd9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5b:a5:a2:c4:09:be:c2:b2:6b:14:f0:70:e4:
51:03:8d:f2:b7:24:82:b9:a9:05:79:c8:28:5e:88:
2c:25:96:ed:8e:1a:ec:e1:58:ab:0a:e9:ee:f0:6b:
71:22:a9:88:15:b7:44:bd:84:a4:f8:bf:0b:8d:13:
03:ad:69:5a:50:13:5f:24:4f:0c:7f:55:62:d1:1c:
73:e3:43:07:2d:a1:7d:59:29:25:21:e9:74:21:5c:
1e:e4:0a:77:b3:c0:77:40:71:05:ff:08:6b:a9:da:
fe:2a:be:86:bc:5b:b0:be:85:56:6f:64:3d:fc:26:
7a:36:81:96:97:7e:51:3f:e5:6c:23:bd:5b:ec:b5:
62:8e:75:dd:81:6c:2a:1d:8f:ca:d2:40:ad:61:92:
e7:fe:53:25:3c:36:60:d6:9b:b3:c5:b5:a8:a1:2f:
04:8d:d2:86:fb:38:d6:53:48:bf:6f:df:f3:19:a7:
b4:70:5a:38:de:d4:44:bd:8e:21:93:dc:76:f8:60:
39:97:8a:29:a8:eb:23:9e:b2:6b:f4:40:3f:72:e9:
a9:b1:5b:68:a7:a7:f8:99:3b:29:7d:13:42:6c:99:
b6:73:d3:85:22:9d:49:8f:24:8e:b4:df:af:5f:76:
83:c5:95:08:e0:9f:65:c7:6e:04:1c:d4:d5:e2:d5:
05:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2A:B1:32:E2:52:F5:95:5C:1D:A2:2C:47:C7:9F:42:50:FC:CD:9C
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ESqxMuJS9ZVcHaIsR8efQlD8zZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.224.0/22
185.150.68.0/22
IPv6:
2a07:6e80::/29
Signature Algorithm: sha256WithRSAEncryption
67:79:e8:0c:c4:7d:40:3d:fb:ae:32:77:b3:bb:7a:24:bd:d5:
1b:b5:0b:f6:1e:b9:6e:5f:fa:33:53:94:cf:64:e7:33:dd:af:
97:f7:32:01:bd:4e:b8:43:b7:42:b0:31:ae:9a:82:fc:87:e4:
93:ff:47:6d:7f:62:bf:b6:ff:bf:b8:bc:d3:d6:a8:31:ab:2f:
ed:99:60:6b:02:ea:c1:95:10:ce:ce:4a:e3:34:a4:04:3e:a9:
c2:d3:21:17:20:21:d1:c9:3e:d0:aa:ef:03:ae:da:40:e2:37:
7b:b2:a4:7d:36:37:21:a7:be:6c:2c:9a:55:fa:1c:d7:e2:48:
6b:ea:c7:3f:43:43:3d:df:41:c9:19:c3:6a:1b:28:3e:20:ce:
68:0e:31:54:6a:43:ff:41:0c:fe:df:58:42:35:29:91:dc:90:
ab:a2:59:55:d7:da:27:70:9c:98:43:b8:ae:4f:d1:10:47:4e:
2d:80:eb:16:ff:ea:e9:5d:1a:60:6b:d5:6c:32:bd:bc:62:7e:
dc:4c:13:ee:8c:ee:87:df:86:0b:74:af:23:dd:6d:eb:37:bd:
ee:23:e4:79:a2:23:bf:15:5d:17:28:e7:5e:f5:31:00:a2:e6:
c4:84:b6:38:c0:72:ef:2e:f5:37:e1:ac:d6:16:8a:9e:5b:6d:
e1:d3:ef:11
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVynrnMk1T9zmXWPaSgWPTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTgyNmRlMTA3MGQ5ZDc5ZGFhOWU0MTVmYzQzMjYxM2Nj
NTdlNTcwHhcNMjMwMTAyMTMxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJhYjEzMmUyNTJmNTk1NWMxZGEyMmM0N2M3OWY0MjUwZmNjZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ulosQJvsKyaxTwcORRA43ytySC
uakFecgoXogsJZbtjhrs4VirCunu8GtxIqmIFbdEvYSk+L8LjRMDrWlaUBNfJE8M
f1Vi0Rxz40MHLaF9WSklIel0IVwe5Ap3s8B3QHEF/whrqdr+Kr6GvFuwvoVWb2Q9
/CZ6NoGWl35RP+VsI71b7LVijnXdgWwqHY/K0kCtYZLn/lMlPDZg1puzxbWooS8E
jdKG+zjWU0i/b9/zGae0cFo43tREvY4hk9x2+GA5l4opqOsjnrJr9EA/cumpsVto
p6f4mTspfRNCbJm2c9OFIp1JjySOtN+vX3aDxZUI4J9lx24EHNTV4tUFFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBEqsTLiUvWVXB2iLEfHn0JQ/M2cMB8GA1UdIwQY
MBaAFPjoJt4QcNnXnaqeQV/EMmE8xX5XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PZ20zaEJ3MmRlZHFwNUJYOFF5WVR6RmZsYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4
LWVhZWRiNzA5ZWZiZi8xL0VTcXhNdUpTOVpWY0hhSXNSOGVmUWxEOHpady5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4LWVhZWRiNzA5ZWZi
Zi8xLzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5L+AD
BAK5lkQwDQQCAAIwBwMFAyoHboAwDQYJKoZIhvcNAQELBQADggEBAGd56AzEfUA9
+64yd7O7eiS91Ru1C/YeuW5f+jNTlM9k5zPdr5f3MgG9TrhDt0KwMa6agvyH5JP/
R21/Yr+2/7+4vNPWqDGrL+2ZYGsC6sGVEM7OSuM0pAQ+qcLTIRcgIdHJPtCq7wOu
2kDiN3uypH02NyGnvmwsmlX6HNfiSGvqxz9DQz3fQckZw2obKD4gzmgOMVRqQ/9B
DP7fWEI1KZHckKuiWVXX2idwnJhDuK5P0RBHTi2A6xb/6uldGmBr1WwyvbxiftxM
E+6M7offhgt0ryPdbes3ve4j5HmiI78VXRco5171MQCi5sSEtjjAcu8u9TfhrNYW
ip5bbeHT7xE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:52:39 2025 by rpki-client