Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/rfztK9YPiAkkF2DpaMeQsq-nbOM.roa
File: rfztK9YPiAkkF2DpaMeQsq-nbOM.roa (raw, json)
Hash identifier: XmmmJaP7zKr05m/1wAE5v64F5pKedYTnZFinbg+kGCU=
Subject key identifier: AD:FC:ED:2B:D6:0F:88:09:24:17:60:E9:68:C7:90:B2:AF:A7:6C:E3
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01856EC207FE70B85BD85C39373FFF63BD5A
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/rfztK9YPiAkkF2DpaMeQsq-nbOM.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208058
IP address blocks: 185.125.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:07:fe:70:b8:5b:d8:5c:39:37:3f:ff:63:bd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=adfced2bd60f8809241760e968c790b2afa76ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:20:6c:cd:96:1c:7a:5f:14:fd:aa:84:38:dc:
12:b8:90:7f:ab:ef:fd:53:62:9c:8a:32:4c:bc:e1:
e4:b1:d6:9a:26:46:84:e3:8f:c3:d3:06:a9:37:d3:
91:76:80:66:3e:65:0f:d1:50:47:6f:a6:e9:78:a6:
8c:b0:78:19:91:fa:e7:a5:89:0c:71:81:23:9d:73:
a8:ad:0d:b2:21:c7:6f:dc:60:e3:ff:b7:c7:2c:ff:
0c:e0:a2:f6:5a:32:f7:d0:5d:5e:26:ba:c6:26:f2:
85:dd:63:69:8c:12:1c:70:f0:8a:1b:cb:7d:7f:0f:
68:c1:cc:94:e7:72:8e:ba:4f:4b:0d:1d:cc:b5:c6:
49:f1:d3:00:b6:a2:44:db:65:c9:5e:91:5b:4d:6c:
e4:db:ca:b0:81:35:c4:70:60:23:d7:c6:90:ec:37:
d4:ad:67:10:f7:9a:ca:7f:2e:45:7c:04:84:ce:8a:
53:7e:f2:70:76:d3:72:6b:45:d3:f6:d1:d4:a0:d3:
04:1c:46:02:1b:d5:41:a9:62:b0:55:2b:d1:4f:cd:
ba:2b:47:fa:b7:b9:05:23:dd:cc:bf:6f:37:7a:03:
17:56:68:e0:f1:22:c3:7a:c8:90:a4:30:f3:40:3f:
f3:a5:05:67:d2:f8:8b:d4:78:c8:d9:e7:c7:8c:c1:
5a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FC:ED:2B:D6:0F:88:09:24:17:60:E9:68:C7:90:B2:AF:A7:6C:E3
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/rfztK9YPiAkkF2DpaMeQsq-nbOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.192.0/22
Signature Algorithm: sha256WithRSAEncryption
96:f1:61:0c:e2:2e:9f:d6:8e:44:3c:0f:e5:68:93:eb:c8:f8:
68:54:eb:94:8b:88:07:ee:d7:a9:93:da:c9:9e:fd:24:07:d7:
9e:e3:de:47:1d:5d:e1:89:7a:86:f1:02:ec:f5:9a:fc:a8:20:
0a:c1:99:f1:46:fd:26:8b:2e:85:6d:45:e8:68:d8:1c:00:33:
23:ba:e1:16:87:77:79:9a:e7:5c:e5:2d:78:a6:b4:26:d8:5a:
a7:dc:df:43:fb:9b:62:a5:78:22:82:79:af:39:ab:a9:9f:c9:
3e:f8:5e:fb:8c:c9:5c:2b:24:7c:d2:b3:1a:05:7f:ae:0f:c3:
2b:02:58:c7:cb:f3:76:3a:e9:63:16:bf:15:7c:14:a0:af:e7:
c8:28:a7:8e:44:fb:85:ff:f4:5c:b4:61:6d:ee:ca:ac:6f:6d:
a6:de:76:dc:a7:f8:5d:ef:c9:e7:f9:13:08:b0:20:13:ae:66:
09:02:16:05:34:4d:a2:bf:83:3f:45:ba:33:7b:9f:cc:4f:96:
d3:80:64:c0:92:0d:21:46:e1:1e:48:57:12:5e:c8:3d:4d:12:
ca:ed:99:19:3c:08:15:c9:66:1a:89:38:f6:6d:f7:3a:ad:d3:
61:6d:c1:5b:ef:42:62:a6:52:c7:42:38:84:5c:b8:ba:67:11:
ed:85:f4:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgf+cLhb2Fw5Nz//Y71aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZjZWQyYmQ2MGY4ODA5MjQxNzYwZTk2OGM3OTBiMmFmYTc2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SBszZYcel8U/aqEONwSuJB/q+/9
U2KcijJMvOHksdaaJkaE44/D0wapN9ORdoBmPmUP0VBHb6bpeKaMsHgZkfrnpYkM
cYEjnXOorQ2yIcdv3GDj/7fHLP8M4KL2WjL30F1eJrrGJvKF3WNpjBIccPCKG8t9
fw9owcyU53KOuk9LDR3MtcZJ8dMAtqJE22XJXpFbTWzk28qwgTXEcGAj18aQ7DfU
rWcQ95rKfy5FfASEzopTfvJwdtNya0XT9tHUoNMEHEYCG9VBqWKwVSvRT826K0f6
t7kFI93Mv283egMXVmjg8SLDesiQpDDzQD/zpQVn0viL1HjI2efHjMFaSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK387SvWD4gJJBdg6WjHkLKvp2zjMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvcmZ6dEs5WVBpQWtrRjJEcGFNZVFzcS1uYk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCW8WEM4i6f1o5EPA/laJPryPhoVOuUi4gH7tepk9rJ
nv0kB9ee495HHV3hiXqG8QLs9Zr8qCAKwZnxRv0miy6FbUXoaNgcADMjuuEWh3d5
mudc5S14prQm2Fqn3N9D+5tipXgignmvOaupn8k++F77jMlcKyR80rMaBX+uD8Mr
AljHy/N2OuljFr8VfBSgr+fIKKeORPuF//RctGFt7sqsb22m3nbcp/hd78nn+RMI
sCATrmYJAhYFNE2iv4M/Rboze5/MT5bTgGTAkg0hRuEeSFcSXsg9TRLK7ZkZPAgV
yWYaiTj2bfc6rdNhbcFb70JiplLHQjiEXLi6ZxHthfQM
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:30:33 2025 by rpki-client