Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/ts9xC615-TDy8bIYLtO8K2pW844.roa
File: ts9xC615-TDy8bIYLtO8K2pW844.roa (raw, json)
Hash identifier: 1PCtMrMsAYZuQGW2ku7WeCK9+FPVNummEr0DOXc8hH8=
Subject key identifier: B6:CF:71:0B:AD:79:F9:30:F2:F1:B2:18:2E:D3:BC:2B:6A:56:F3:8E
Certificate issuer: /CN=1b6df0bc093f298b043522ebd4ede19793081a29
Certificate serial: 06F37A0F
Authority key identifier: 1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/ts9xC615-TDy8bIYLtO8K2pW844.roa
Signing time: Sat 01 Jan 2022 11:54:46 +0000
ROA not before: Sat 01 Jan 2022 11:54:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42221
IP address blocks: 185.87.0.0/24 maxlen: 24
185.87.3.0/24 maxlen: 24
185.87.2.0/24 maxlen: 24
185.87.1.0/24 maxlen: 24
2a05:bd04::/31 maxlen: 31
2a05:bd06::/31 maxlen: 31
2a05:bd02::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116619791 (0x6f37a0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6df0bc093f298b043522ebd4ede19793081a29
Validity
Not Before: Jan 1 11:54:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6cf710bad79f930f2f1b2182ed3bc2b6a56f38e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9d:cf:5e:34:82:2e:fd:15:11:55:4c:05:5d:
f1:0f:1a:42:47:22:03:c1:99:14:7e:7f:01:ce:87:
18:ea:c7:a6:9d:f3:a2:f5:96:54:19:fd:3a:70:74:
1d:4e:9c:ad:36:c8:da:2b:c4:92:37:8f:89:d8:97:
53:15:76:2c:d4:ba:e2:db:cd:5b:3a:d9:90:58:53:
81:33:c5:49:f6:70:0e:2c:ef:46:d2:c3:a5:b7:43:
99:85:28:81:3d:0f:c7:22:e0:ea:4f:18:5e:c9:2f:
49:e8:60:23:51:fd:d6:a4:cc:36:45:86:04:20:12:
d5:ca:43:38:05:1f:2d:9f:7c:78:5c:19:dc:16:3a:
0a:d4:5c:5d:eb:a8:e6:cd:d3:a4:be:49:ab:85:db:
e6:01:64:ea:d6:83:35:41:28:9e:95:57:b7:6e:af:
41:5f:ae:a3:8d:24:6a:14:30:d2:44:af:bc:d9:0d:
89:fa:bd:a0:db:4a:03:f0:5d:e7:5a:a6:ec:1d:0b:
31:05:c2:0f:3c:91:67:7b:d1:17:fe:06:33:f9:15:
d1:f8:67:d7:5b:e8:c0:fc:b6:f9:20:b1:69:fa:5e:
c5:7c:dc:0b:78:92:de:b8:b2:4c:84:1c:42:32:1d:
a5:a0:da:fb:2f:8c:d7:30:a2:d4:f5:2f:c6:f9:4b:
be:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CF:71:0B:AD:79:F9:30:F2:F1:B2:18:2E:D3:BC:2B:6A:56:F3:8E
X509v3 Authority Key Identifier:
keyid:1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/ts9xC615-TDy8bIYLtO8K2pW844.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/G23wvAk_KYsENSLr1O3hl5MIGik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.0.0/22
IPv6:
2a05:bd02::-2a05:bd07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:57:e1:b0:e8:de:19:74:8c:1c:0e:bc:c3:aa:6b:1d:9c:39:
eb:97:0b:29:f5:0f:d3:6c:84:de:f6:e0:1c:d3:bd:3a:88:d3:
a2:2b:6e:11:97:86:15:40:34:b5:6e:31:e6:85:a0:f2:9d:11:
75:cc:18:bf:40:13:db:b9:25:4b:80:52:97:cd:f5:37:b4:9d:
5c:1d:3f:43:5e:a1:59:9e:6e:0f:14:4b:9c:9b:a1:3d:fa:15:
f9:cc:81:2c:9b:3b:09:93:ca:75:37:2b:95:51:ed:cb:a0:a4:
2d:b3:b5:54:f1:4d:14:a3:df:ec:1b:0f:b5:f2:67:87:6f:46:
48:42:27:84:8b:e2:c5:65:8d:0f:e8:7c:6d:f6:82:ca:54:d8:
7d:90:89:e5:ae:42:20:ba:a6:5d:89:8a:f9:f5:17:8d:10:20:
28:ed:92:16:30:74:9a:a0:40:d1:eb:a3:76:a8:33:21:29:31:
af:88:63:54:8e:48:85:f8:8f:e0:70:d4:5f:80:d9:2a:05:30:
32:de:a3:5f:f5:72:ff:e4:20:85:93:37:04:1e:ec:da:91:e9:
0e:f4:f4:6a:c8:02:b4:d3:3f:b6:c5:1b:83:78:75:55:ab:11:
23:ef:42:28:80:d7:ec:55:2f:51:8e:1c:24:47:20:dd:dd:2b:
c7:8a:5a:cb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEBvN6DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjZkZjBiYzA5M2YyOThiMDQzNTIyZWJkNGVkZTE5NzkzMDgxYTI5MB4XDTIyMDEw
MTExNTQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZjZjcxMGJhZDc5
ZjkzMGYyZjFiMjE4MmVkM2JjMmI2YTU2ZjM4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOdz140gi79FRFVTAVd8Q8aQkciA8GZFH5/Ac6HGOrHpp3z
ovWWVBn9OnB0HU6crTbI2ivEkjePidiXUxV2LNS64tvNWzrZkFhTgTPFSfZwDizv
RtLDpbdDmYUogT0PxyLg6k8YXskvSehgI1H91qTMNkWGBCAS1cpDOAUfLZ98eFwZ
3BY6CtRcXeuo5s3TpL5Jq4Xb5gFk6taDNUEonpVXt26vQV+uo40kahQw0kSvvNkN
ifq9oNtKA/Bd51qm7B0LMQXCDzyRZ3vRF/4GM/kV0fhn11vowPy2+SCxafpexXzc
C3iS3riyTIQcQjIdpaDa+y+M1zCi1PUvxvlLvnMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBS2z3ELrXn5MPLxshgu07wralbzjjAfBgNVHSMEGDAWgBQbbfC8CT8piwQ1
IuvU7eGXkwgaKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0cyM3d2QWtfS1lzRU5TTHIxTzNobDVNSUdpay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvODNjZjAxLTZjY2EtNDhkMS05Y2JmLTVhYzZmZGZkYzBjYy8x
L3RzOXhDNjE1LVREeThiSVlMdE84SzJwVzg0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ODNjZjAxLTZjY2EtNDhkMS05Y2JmLTVhYzZmZGZkYzBjYy8xL0cyM3d2QWtfS1lz
RU5TTHIxTzNobDVNSUdpay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEArlXADAWBAIAAjAQMA4DBQEqBb0C
AwUDKgW9ADANBgkqhkiG9w0BAQsFAAOCAQEAFlfhsOjeGXSMHA68w6prHZw565cL
KfUP02yE3vbgHNO9OojToituEZeGFUA0tW4x5oWg8p0RdcwYv0AT27klS4BSl831
N7SdXB0/Q16hWZ5uDxRLnJuhPfoV+cyBLJs7CZPKdTcrlVHty6CkLbO1VPFNFKPf
7BsPtfJnh29GSEInhIvixWWND+h8bfaCylTYfZCJ5a5CILqmXYmK+fUXjRAgKO2S
FjB0mqBA0eujdqgzISkxr4hjVI5IhfiP4HDUX4DZKgUwMt6jX/Vy/+QghZM3BB7s
2pHpDvT0asgCtNM/tsUbg3h1VasRI+9CKIDX7FUvUY4cJEcg3d0rx4payw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:50:40 2025 by rpki-client