Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/YXIcgYIgJ3sKhFQPh9VJ4mcmFN0.roa
File: YXIcgYIgJ3sKhFQPh9VJ4mcmFN0.roa (raw, json)
Hash identifier: uhXOI/A0lBIDAgVbhBIdT2DnqL7qhLHuu+Kif/H7w7g=
Subject key identifier: 61:72:1C:81:82:20:27:7B:0A:84:54:0F:87:D5:49:E2:67:26:14:DD
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 01886BB63C4FB0054B5BF500C65D8F41B75F
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/YXIcgYIgJ3sKhFQPh9VJ4mcmFN0.roa
Signing time: Tue 30 May 2023 08:11:24 +0000
ROA not before: Tue 30 May 2023 08:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200711
IP address blocks: 185.50.88.0/22 maxlen: 22
2a01:a7e0::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:b6:3c:4f:b0:05:4b:5b:f5:00:c6:5d:8f:41:b7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 30 08:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=61721c818220277b0a84540f87d549e2672614dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:9b:02:c9:d3:77:41:2e:ec:75:ec:53:04:
eb:56:0f:b0:10:0b:91:67:3c:44:28:20:82:82:c6:
26:1e:62:44:57:8b:8b:a3:10:94:32:99:4b:15:25:
e0:46:2b:3d:d5:42:53:18:8c:5f:1e:9f:d2:13:61:
45:74:d8:71:2d:88:50:42:ba:44:33:e6:4a:7f:88:
fe:6f:0b:ae:90:20:17:98:29:77:9b:50:e0:d6:67:
2e:fe:d6:86:da:16:d7:36:d4:1f:46:15:2c:89:d9:
5c:72:c5:35:5c:2b:5c:39:1a:a0:49:17:ed:a9:24:
c4:96:0a:47:02:b6:e4:bf:69:6b:d6:20:58:b2:3a:
ff:7d:9d:2f:3e:6a:21:77:99:64:c9:96:a7:b8:15:
31:98:eb:7d:75:ca:69:1e:5d:09:99:6d:1c:7a:96:
25:70:8d:af:18:26:48:d5:cd:67:13:a7:1d:f8:62:
41:91:89:0d:df:58:96:fe:8d:6e:48:39:71:a0:de:
96:7e:0d:1c:40:0c:27:7e:e8:8b:59:cd:33:0a:7d:
11:56:79:73:ec:8e:37:54:12:0a:8e:5c:9c:5c:50:
59:c8:4d:7e:91:54:22:1b:6e:5c:89:fd:fc:1a:ae:
42:fd:cb:c1:e0:56:c1:7d:08:0f:a3:ef:ac:f0:0b:
2c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:72:1C:81:82:20:27:7B:0A:84:54:0F:87:D5:49:E2:67:26:14:DD
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/YXIcgYIgJ3sKhFQPh9VJ4mcmFN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.88.0/22
IPv6:
2a01:a7e0::/36
Signature Algorithm: sha256WithRSAEncryption
67:f5:9a:06:bc:25:28:d4:04:87:f1:33:1b:b4:2c:c9:67:92:
97:46:ad:ab:0d:45:ba:46:86:0c:f8:16:32:61:fa:43:34:08:
92:c0:64:d2:18:5f:cb:27:18:2c:bc:ba:6a:f3:14:e8:7c:d0:
b6:58:e1:e1:2d:a4:b1:31:c6:0b:0a:9c:7d:af:d7:e0:54:05:
93:18:56:a3:b0:47:de:ec:bc:a2:b7:cf:99:6e:8f:9b:bd:80:
e9:6e:66:0c:5b:67:44:b7:51:43:ab:92:00:9a:fb:fe:82:d5:
0d:97:ca:c2:4a:b6:1c:04:8c:1d:b7:a5:9f:6e:0a:0b:be:36:
5f:03:40:2b:5e:d0:45:59:c4:4a:2c:da:fb:4b:16:1a:37:81:
1f:6c:85:95:7f:de:76:26:41:9c:68:8f:cc:0d:ad:1e:47:53:
a8:b8:f9:75:42:4d:94:dc:d2:65:1f:19:81:c7:d5:e1:1b:72:
83:65:93:cd:87:91:a9:11:da:a5:7e:b7:36:79:ba:de:9f:1d:
2e:d1:75:f9:25:92:5e:3d:16:18:87:8e:53:07:2e:9a:b4:95:
49:6d:c8:13:dc:ad:4b:b4:26:86:7b:3d:a9:42:90:cc:78:2c:
ed:7a:b7:ac:e7:07:da:b2:f0:16:58:14:84:53:b7:b2:bd:3a:
5c:f0:fe:da
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYhrtjxPsAVLW/UAxl2PQbdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTMwMDgxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTcyMWM4MTgyMjAyNzdiMGE4NDU0MGY4N2Q1NDllMjY3MjYxNGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuH2bAsnTd0Eu7HXsUwTrVg+wEAuR
ZzxEKCCCgsYmHmJEV4uLoxCUMplLFSXgRis91UJTGIxfHp/SE2FFdNhxLYhQQrpE
M+ZKf4j+bwuukCAXmCl3m1Dg1mcu/taG2hbXNtQfRhUsidlccsU1XCtcORqgSRft
qSTElgpHArbkv2lr1iBYsjr/fZ0vPmohd5lkyZanuBUxmOt9dcppHl0JmW0cepYl
cI2vGCZI1c1nE6cd+GJBkYkN31iW/o1uSDlxoN6Wfg0cQAwnfuiLWc0zCn0RVnlz
7I43VBIKjlycXFBZyE1+kVQiG25cif38Gq5C/cvB4FbBfQgPo++s8AssdQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGFyHIGCICd7CoRUD4fVSeJnJhTdMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvWVhJY2dZSWdKM3NLaEZRUGg5Vko0bWNtRk4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuTJYMA4E
AgACMAgDBgQqAafgADANBgkqhkiG9w0BAQsFAAOCAQEAZ/WaBrwlKNQEh/EzG7Qs
yWeSl0atqw1FukaGDPgWMmH6QzQIksBk0hhfyycYLLy6avMU6HzQtljh4S2ksTHG
Cwqcfa/X4FQFkxhWo7BH3uy8orfPmW6Pm72A6W5mDFtnRLdRQ6uSAJr7/oLVDZfK
wkq2HASMHbeln24KC742XwNAK17QRVnESiza+0sWGjeBH2yFlX/ediZBnGiPzA2t
HkdTqLj5dUJNlNzSZR8ZgcfV4Rtyg2WTzYeRqRHapX63Nnm63p8dLtF1+SWSXj0W
GIeOUwcumrSVSW3IE9ytS7Qmhns9qUKQzHgs7Xq3rOcH2rLwFlgUhFO3sr06XPD+
2g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:29 2025 by rpki-client