Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/irP5qxt55LRILRWa5GwW9JuLfZg.roa
File: irP5qxt55LRILRWa5GwW9JuLfZg.roa (raw, json)
Hash identifier: kniCmP+NgkAB5rnDbd2Cb26A554YZwGnVLjUke+DgJk=
Subject key identifier: 8A:B3:F9:AB:1B:79:E4:B4:48:2D:15:9A:E4:6C:16:F4:9B:8B:7D:98
Certificate issuer: /CN=b93a51da2053044f96262f637d0c9cc05d730041
Certificate serial: 0185E42169A19CAAD5F11EDBBC0A08113E39
Authority key identifier: B9:3A:51:DA:20:53:04:4F:96:26:2F:63:7D:0C:9C:C0:5D:73:00:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTpR2iBTBE-WJi9jfQycwF1zAEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/irP5qxt55LRILRWa5GwW9JuLfZg.roa
Signing time: Tue 24 Jan 2023 14:14:33 +0000
ROA not before: Tue 24 Jan 2023 14:14:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34769
IP address blocks: 85.94.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:21:69:a1:9c:aa:d5:f1:1e:db:bc:0a:08:11:3e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93a51da2053044f96262f637d0c9cc05d730041
Validity
Not Before: Jan 24 14:14:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ab3f9ab1b79e4b4482d159ae46c16f49b8b7d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5b:0b:ba:f5:06:d8:50:f0:ce:67:ec:0e:28:
71:37:aa:7f:b3:8b:76:35:09:2d:f9:8c:bb:9b:b9:
85:ad:a2:58:40:5e:b9:0e:fd:a0:7c:1d:3c:75:bd:
2f:92:f7:32:2b:d3:f8:be:1c:8a:7e:6f:6e:6b:0e:
23:24:29:8e:aa:03:0c:0f:38:e0:fb:01:58:1b:b8:
d4:89:9a:05:ca:d4:0c:eb:89:15:cf:e5:fa:68:cd:
a2:ea:e9:af:1c:39:96:15:3c:7e:6c:7f:21:fb:b8:
3a:6c:9c:97:44:7c:c7:b8:9c:52:ca:a1:16:c2:95:
5f:3e:5f:5d:7a:c5:17:b8:1e:9d:aa:29:6a:93:91:
6b:1d:28:6f:53:b2:4a:89:17:6d:79:cc:19:0c:fe:
bb:45:9b:34:dd:46:ac:13:0e:6e:9f:6b:46:a3:f5:
b3:34:01:c5:63:da:93:c9:6a:33:38:13:44:2e:5a:
c4:b3:3c:5a:ca:a6:68:66:6a:e7:05:b5:f0:cf:d6:
4c:d7:f3:8e:c7:8a:9e:6b:a1:a2:49:b1:1a:db:42:
36:5f:6e:49:ff:f0:b6:ea:43:56:3a:16:df:2e:9b:
40:99:a8:5d:69:27:f2:17:36:63:8c:64:ed:b3:3b:
27:27:b0:7c:30:85:6a:34:a4:51:af:b7:34:f2:5f:
e7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B3:F9:AB:1B:79:E4:B4:48:2D:15:9A:E4:6C:16:F4:9B:8B:7D:98
X509v3 Authority Key Identifier:
keyid:B9:3A:51:DA:20:53:04:4F:96:26:2F:63:7D:0C:9C:C0:5D:73:00:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTpR2iBTBE-WJi9jfQycwF1zAEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/irP5qxt55LRILRWa5GwW9JuLfZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/024143-042c-4222-be0b-a12b3c3ae88f/1/uTpR2iBTBE-WJi9jfQycwF1zAEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.94.224.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:75:5f:d4:92:08:75:b1:2e:cc:6d:e1:e6:64:ab:0e:bb:3b:
64:91:d0:52:49:51:82:45:9d:af:f3:b6:22:61:b4:ad:60:30:
fa:f1:e6:9f:4b:31:e2:76:9d:82:de:8b:7e:c9:8b:da:9c:fa:
26:fd:b1:ed:36:ab:22:dd:36:f6:90:ea:6a:fc:0e:dd:cf:df:
53:0d:52:b4:b8:73:1e:6b:ae:10:97:47:a9:f9:bd:88:b2:e4:
18:70:24:5e:59:19:4e:20:ed:00:90:9e:58:ee:1d:07:2e:ef:
75:9b:48:90:cb:00:00:33:5f:e5:1f:d9:9b:69:50:a5:52:9d:
ac:e3:77:ed:58:8e:0c:87:49:dd:3e:97:70:74:23:41:4b:c1:
b7:08:17:b7:ee:cc:29:3c:86:09:41:ad:e4:cf:6b:33:5f:ac:
30:16:48:5a:00:63:aa:5a:e9:c6:c5:0e:38:96:37:7c:10:f9:
00:87:d8:21:e8:20:fa:53:cc:3f:bf:08:dd:cc:1d:bd:c5:21:
10:b9:89:cc:d1:6e:b5:6e:68:2b:69:87:03:f3:9c:22:f5:14:
15:21:5b:8d:14:9a:a1:1a:dc:78:54:88:b8:a9:ef:61:b0:f0:
c0:5f:f5:a8:b2:d4:ff:19:b7:bd:91:b0:c6:b6:e9:33:f7:81:
6b:52:ba:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXkIWmhnKrV8R7bvAoIET45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5M2E1MWRhMjA1MzA0NGY5NjI2MmY2MzdkMGM5Y2MwNWQ3
MzAwNDEwHhcNMjMwMTI0MTQxNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWIzZjlhYjFiNzllNGI0NDgyZDE1OWFlNDZjMTZmNDliOGI3ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1sLuvUG2FDwzmfsDihxN6p/s4t2
NQkt+Yy7m7mFraJYQF65Dv2gfB08db0vkvcyK9P4vhyKfm9uaw4jJCmOqgMMDzjg
+wFYG7jUiZoFytQM64kVz+X6aM2i6umvHDmWFTx+bH8h+7g6bJyXRHzHuJxSyqEW
wpVfPl9desUXuB6dqilqk5FrHShvU7JKiRdtecwZDP67RZs03UasEw5un2tGo/Wz
NAHFY9qTyWozOBNELlrEszxayqZoZmrnBbXwz9ZM1/OOx4qea6GiSbEa20I2X25J
//C26kNWOhbfLptAmahdaSfyFzZjjGTtszsnJ7B8MIVqNKRRr7c08l/nJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqz+asbeeS0SC0VmuRsFvSbi32YMB8GA1UdIwQY
MBaAFLk6UdogUwRPliYvY30MnMBdcwBBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRwUjJpQlRCRS1XSmk5amZReWN3RjF6QUVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wMjQxNDMtMDQyYy00MjIyLWJlMGIt
YTEyYjNjM2FlODhmLzEvaXJQNXF4dDU1TFJJTFJXYTVHd1c5SnVMZlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wMjQxNDMtMDQyYy00MjIyLWJlMGItYTEyYjNjM2FlODhm
LzEvdVRwUjJpQlRCRS1XSmk5amZReWN3RjF6QUVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVV7gMA0G
CSqGSIb3DQEBCwUAA4IBAQCqdV/Ukgh1sS7MbeHmZKsOuztkkdBSSVGCRZ2v87Yi
YbStYDD68eafSzHidp2C3ot+yYvanPom/bHtNqsi3Tb2kOpq/A7dz99TDVK0uHMe
a64Ql0ep+b2IsuQYcCReWRlOIO0AkJ5Y7h0HLu91m0iQywAAM1/lH9mbaVClUp2s
43ftWI4Mh0ndPpdwdCNBS8G3CBe37swpPIYJQa3kz2szX6wwFkhaAGOqWunGxQ44
ljd8EPkAh9gh6CD6U8w/vwjdzB29xSEQuYnM0W61bmgraYcD85wi9RQVIVuNFJqh
Gtx4VIi4qe9hsPDAX/WostT/Gbe9kbDGtukz94FrUrpr
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:43:31 2025 by rpki-client