Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/rgj6vfUxtsDLJnlo6GBI_Ov5L9c.roa
File: rgj6vfUxtsDLJnlo6GBI_Ov5L9c.roa (raw, json)
Hash identifier: HsrPRstiyWl4YhCXOjKm68wrwaDYSFVybWIaqhsSgpM=
Subject key identifier: AE:08:FA:BD:F5:31:B6:C0:CB:26:79:68:E8:60:48:FC:EB:F9:2F:D7
Certificate issuer: /CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Certificate serial: 0182D0534A1185EFD3438E5A8D3752579B6C
Authority key identifier: B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/rgj6vfUxtsDLJnlo6GBI_Ov5L9c.roa
Signing time: Wed 24 Aug 2022 14:48:15 +0000
ROA not before: Wed 24 Aug 2022 14:48:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205313
IP address blocks: 185.222.74.0/23 maxlen: 23
185.222.75.0/24 maxlen: 24
185.222.72.0/24 maxlen: 24
185.222.73.0/24 maxlen: 24
185.222.72.0/23 maxlen: 23
185.222.72.0/22 maxlen: 22
185.222.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:53:4a:11:85:ef:d3:43:8e:5a:8d:37:52:57:9b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Validity
Not Before: Aug 24 14:48:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae08fabdf531b6c0cb267968e86048fcebf92fd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:06:cd:45:a1:ab:df:77:3c:6f:89:33:47:de:
2e:06:b9:7b:02:60:e0:fa:a4:f7:4f:da:30:c4:44:
86:da:67:ab:1c:d1:bf:76:05:3a:e1:b4:92:69:e3:
15:50:e7:74:ec:5f:10:12:21:d8:5e:08:45:db:ab:
9e:93:b6:d6:19:86:40:e8:78:ad:31:05:d7:6d:10:
d6:c7:00:cf:e7:6f:aa:81:02:81:6e:ab:1a:62:ad:
95:b8:c9:7f:94:8b:a9:70:3a:89:f7:72:fd:c1:44:
f6:f7:c0:6c:80:db:ef:20:89:f1:36:52:c4:d4:12:
75:9f:97:61:0b:9a:22:ff:37:7d:99:fb:a2:47:55:
9a:b9:af:a5:8d:21:4d:59:fe:4f:98:64:58:f4:42:
ef:8e:7a:86:ae:56:61:64:41:65:cc:2d:14:ff:9e:
b3:77:2b:6f:63:dc:98:d5:48:9d:64:b9:30:27:24:
5e:73:d2:26:de:8c:c9:e3:2f:dd:03:63:44:e5:fd:
82:7a:28:02:07:6b:60:f3:72:d2:b8:ae:eb:21:00:
89:f0:85:61:d6:ff:1c:7f:11:8f:25:f6:2c:3e:da:
45:a0:80:c4:c3:6e:3f:34:b7:81:d6:54:43:8d:76:
a7:df:f2:8a:96:0e:24:3a:9b:41:95:fa:ff:83:48:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:08:FA:BD:F5:31:B6:C0:CB:26:79:68:E8:60:48:FC:EB:F9:2F:D7
X509v3 Authority Key Identifier:
keyid:B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/rgj6vfUxtsDLJnlo6GBI_Ov5L9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:0d:03:06:61:79:36:34:69:51:7e:b7:6d:7b:a5:31:2e:85:
32:28:cc:da:53:7a:d4:74:2b:b5:a3:55:7b:e9:69:9a:4d:45:
b1:21:d2:38:c7:43:73:51:a4:f3:20:c5:4b:7e:0b:4a:f8:7a:
c9:0d:01:6b:ff:1e:72:73:3e:36:08:88:22:68:09:6b:bf:3d:
b1:3f:24:ef:9c:8d:33:f7:ae:ed:f5:93:9d:a3:43:ce:d0:42:
0b:59:86:36:d4:13:73:d1:08:5f:f8:ac:bf:1c:17:03:91:1b:
f2:c9:e8:24:a5:ce:6c:66:dd:69:67:3b:b4:0a:14:dd:2d:cd:
34:5e:03:7b:8f:3d:56:ab:67:74:64:47:eb:dc:b9:bc:6d:7d:
47:fd:cb:a1:b7:32:85:07:1b:ac:50:df:d2:5e:70:33:c1:9d:
10:62:86:22:f1:fe:63:09:34:e1:51:12:8e:f4:7b:8a:d6:72:
35:c4:78:34:a8:3a:d6:df:c5:a7:50:f5:33:5f:7f:f1:67:38:
6a:2d:0e:32:4e:46:8b:cf:72:af:65:35:3c:14:6b:b8:fa:63:
4f:93:e7:70:04:2f:72:b9:87:04:6b:f3:54:26:96:1a:9b:21:
47:ac:97:6b:10:40:51:0e:56:ff:df:90:ad:15:34:e1:81:6d:
7f:6a:cb:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLQU0oRhe/TQ45ajTdSV5tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjdkMDA5NGFkYzk4ZDliMDMyNzIwZTgxZTNkYjVhYTc1
ODFjNzQwHhcNMjIwODI0MTQ0ODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTA4ZmFiZGY1MzFiNmMwY2IyNjc5NjhlODYwNDhmY2ViZjkyZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAbNRaGr33c8b4kzR94uBrl7AmDg
+qT3T9owxESG2merHNG/dgU64bSSaeMVUOd07F8QEiHYXghF26uek7bWGYZA6Hit
MQXXbRDWxwDP52+qgQKBbqsaYq2VuMl/lIupcDqJ93L9wUT298BsgNvvIInxNlLE
1BJ1n5dhC5oi/zd9mfuiR1Waua+ljSFNWf5PmGRY9ELvjnqGrlZhZEFlzC0U/56z
dytvY9yY1UidZLkwJyRec9Im3ozJ4y/dA2NE5f2CeigCB2tg83LSuK7rIQCJ8IVh
1v8cfxGPJfYsPtpFoIDEw24/NLeB1lRDjXan3/KKlg4kOptBlfr/g0jkiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4I+r31MbbAyyZ5aOhgSPzr+S/XMB8GA1UdIwQY
MBaAFLH30AlK3JjZsDJyDoHj21qnWBx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMt
YTU0Yjg2OWRjZDI3LzEvcmdqNnZmVXh0c0RMSm5sbzZHQklfT3Y1TDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMtYTU0Yjg2OWRjZDI3
LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud5IMA0G
CSqGSIb3DQEBCwUAA4IBAQC3DQMGYXk2NGlRfrdte6UxLoUyKMzaU3rUdCu1o1V7
6WmaTUWxIdI4x0NzUaTzIMVLfgtK+HrJDQFr/x5ycz42CIgiaAlrvz2xPyTvnI0z
967t9ZOdo0PO0EILWYY21BNz0Qhf+Ky/HBcDkRvyyegkpc5sZt1pZzu0ChTdLc00
XgN7jz1Wq2d0ZEfr3Lm8bX1H/cuhtzKFBxusUN/SXnAzwZ0QYoYi8f5jCTThURKO
9HuK1nI1xHg0qDrW38WnUPUzX3/xZzhqLQ4yTkaLz3KvZTU8FGu4+mNPk+dwBC9y
uYcEa/NUJpYamyFHrJdrEEBRDlb/35CtFTThgW1/asvR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:43 2025 by rpki-client