Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/86ybYD94dtGDvmFXMj62u1KPo2c.roa
File: 86ybYD94dtGDvmFXMj62u1KPo2c.roa (raw, json)
Hash identifier: VhMCa/PtB4T2su7Syyeu/C7MXJheXuRNX2TXif2qxR4=
Subject key identifier: F3:AC:9B:60:3F:78:76:D1:83:BE:61:57:32:3E:B6:BB:52:8F:A3:67
Certificate issuer: /CN=2f9cc6a3f4c2381930ba8d1af0d95abec09681e4
Certificate serial: 0D96E3D9
Authority key identifier: 2F:9C:C6:A3:F4:C2:38:19:30:BA:8D:1A:F0:D9:5A:BE:C0:96:81:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5zGo_TCOBkwuo0a8NlavsCWgeQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/86ybYD94dtGDvmFXMj62u1KPo2c.roa
Signing time: Sat 01 Jan 2022 13:06:29 +0000
ROA not before: Sat 01 Jan 2022 13:06:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62416
IP address blocks: 185.32.188.0/22 maxlen: 24
185.222.8.0/22 maxlen: 24
2a00:c560::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227992537 (0xd96e3d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f9cc6a3f4c2381930ba8d1af0d95abec09681e4
Validity
Not Before: Jan 1 13:06:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3ac9b603f7876d183be6157323eb6bb528fa367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8c:4f:34:eb:6d:f3:68:cd:32:e9:2c:3f:90:
ca:6e:2d:47:88:8b:25:be:10:8b:61:f5:02:ac:10:
92:54:de:76:69:93:17:6a:1a:fb:12:19:ea:06:16:
54:ae:0b:aa:21:42:11:50:d0:11:e7:29:9c:b7:d3:
f7:56:53:bd:21:0a:76:0b:49:fd:4d:a1:1e:f7:eb:
91:f6:55:77:b0:65:74:c3:5a:db:2d:fc:da:4a:f5:
f9:e7:10:c7:e1:9f:18:4a:60:69:e6:48:a9:2f:ec:
44:3a:01:29:b2:5d:dd:59:0f:51:03:0d:59:ff:b5:
35:93:29:19:96:a7:41:b5:e0:ac:cf:eb:35:d5:32:
4e:13:6e:41:f8:47:eb:09:a6:73:cc:8c:b7:ac:28:
8a:f9:cf:dd:b6:33:f5:3b:a2:4b:df:e7:15:c2:94:
7d:69:70:a3:0d:73:03:cb:c4:73:d0:e4:94:36:54:
3b:01:ef:5a:d9:ba:8b:f5:cb:81:29:73:01:c9:66:
10:66:63:71:b5:34:06:f2:b1:c4:97:42:f7:ea:05:
f1:5e:bf:2c:53:49:17:1c:da:19:bc:4d:e7:22:51:
3d:4b:bb:64:be:bd:a0:da:b8:6f:a2:d1:52:2a:bb:
ca:b0:e2:2f:59:c2:75:ea:16:f3:04:74:6d:9d:f9:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AC:9B:60:3F:78:76:D1:83:BE:61:57:32:3E:B6:BB:52:8F:A3:67
X509v3 Authority Key Identifier:
keyid:2F:9C:C6:A3:F4:C2:38:19:30:BA:8D:1A:F0:D9:5A:BE:C0:96:81:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5zGo_TCOBkwuo0a8NlavsCWgeQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/86ybYD94dtGDvmFXMj62u1KPo2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/424dcb-1221-4e42-ba0e-a4dc5559d449/1/L5zGo_TCOBkwuo0a8NlavsCWgeQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.188.0/22
185.222.8.0/22
IPv6:
2a00:c560::/29
Signature Algorithm: sha256WithRSAEncryption
76:43:22:e0:8e:11:ef:5b:fa:8a:45:d6:51:99:8a:86:ae:c0:
64:4e:43:9a:4a:1f:f1:20:3f:df:d7:db:93:2c:e3:1e:d6:5b:
42:7a:af:d9:bd:8e:c1:99:a8:70:42:0e:cc:e1:84:0d:2d:0d:
92:49:86:8f:f3:e1:22:2c:24:d4:5c:e7:be:51:af:3f:c7:82:
91:09:e4:4a:de:55:d7:e1:26:32:66:a3:52:6f:c0:55:42:f3:
19:72:3c:8d:57:92:8c:2f:a1:6f:d9:77:78:3b:61:56:ca:fa:
95:93:fa:1d:fe:d7:9f:b1:dc:0d:ae:33:df:59:c6:da:41:5f:
27:b3:8f:fa:b5:0d:a6:4d:a2:eb:44:07:b3:ff:17:1d:2a:44:
2f:d7:f4:de:62:17:87:ae:cc:e4:16:aa:56:be:63:1f:e5:a9:
ff:c9:88:14:f2:3e:c3:47:ef:38:0c:4a:e4:86:cd:8c:dc:55:
49:3f:35:91:f7:66:f0:41:dd:8f:df:83:0e:95:2d:3a:60:46:
5d:43:fc:5c:21:20:7b:cf:64:b0:35:9c:de:24:5c:8c:51:f3:
90:29:c0:4b:0a:48:cd:c5:e6:03:3a:13:ac:54:cd:a7:49:fb:
8c:32:79:41:af:0b:7b:2a:6c:b7:55:84:18:f6:b1:80:53:73:
90:f7:15:08
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDZbj2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjljYzZhM2Y0YzIzODE5MzBiYThkMWFmMGQ5NWFiZWMwOTY4MWU0MB4XDTIyMDEw
MTEzMDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNhYzliNjAzZjc4
NzZkMTgzYmU2MTU3MzIzZWI2YmI1MjhmYTM2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSMTzTrbfNozTLpLD+Qym4tR4iLJb4Qi2H1AqwQklTedmmT
F2oa+xIZ6gYWVK4LqiFCEVDQEecpnLfT91ZTvSEKdgtJ/U2hHvfrkfZVd7BldMNa
2y382kr1+ecQx+GfGEpgaeZIqS/sRDoBKbJd3VkPUQMNWf+1NZMpGZanQbXgrM/r
NdUyThNuQfhH6wmmc8yMt6woivnP3bYz9TuiS9/nFcKUfWlwow1zA8vEc9DklDZU
OwHvWtm6i/XLgSlzAclmEGZjcbU0BvKxxJdC9+oF8V6/LFNJFxzaGbxN5yJRPUu7
ZL69oNq4b6LRUiq7yrDiL1nCdeoW8wR0bZ3536kCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTzrJtgP3h20YO+YVcyPra7Uo+jZzAfBgNVHSMEGDAWgBQvnMaj9MI4GTC6
jRrw2Vq+wJaB5DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0w1ekdvX1RDT0Jrd3VvMGE4TmxhdnNDV2dlUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvNDI0ZGNiLTEyMjEtNGU0Mi1iYTBlLWE0ZGM1NTU5ZDQ0OS8x
Lzg2eWJZRDk0ZHRHRHZtRlhNajYydTFLUG8yYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
NDI0ZGNiLTEyMjEtNGU0Mi1iYTBlLWE0ZGM1NTU5ZDQ0OS8xL0w1ekdvX1RDT0Jr
d3VvMGE4TmxhdnNDV2dlUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkgvAMEArneCDANBAIAAjAHAwUD
KgDFYDANBgkqhkiG9w0BAQsFAAOCAQEAdkMi4I4R71v6ikXWUZmKhq7AZE5Dmkof
8SA/39fbkyzjHtZbQnqv2b2OwZmocEIOzOGEDS0NkkmGj/PhIiwk1FznvlGvP8eC
kQnkSt5V1+EmMmajUm/AVULzGXI8jVeSjC+hb9l3eDthVsr6lZP6Hf7Xn7HcDa4z
31nG2kFfJ7OP+rUNpk2i60QHs/8XHSpEL9f03mIXh67M5BaqVr5jH+Wp/8mIFPI+
w0fvOAxK5IbNjNxVST81kfdm8EHdj9+DDpUtOmBGXUP8XCEge89ksDWc3iRcjFHz
kCnASwpIzcXmAzoTrFTNp0n7jDJ5Qa8Leypst1WEGPaxgFNzkPcVCA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:35 2025 by rpki-client