Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/LhWvS7qhWnakxF7OThMoXR_8HyY.roa
File: LhWvS7qhWnakxF7OThMoXR_8HyY.roa (raw, json)
Hash identifier: ufzMn3HfAg/cLQji9OONgkYGTon53eHfKKXEtcbEdHs=
Subject key identifier: 2E:15:AF:4B:BA:A1:5A:76:A4:C4:5E:CE:4E:13:28:5D:1F:FC:1F:26
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 01857328167D956F79F79E4D2FC852775850
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/LhWvS7qhWnakxF7OThMoXR_8HyY.roa
Signing time: Mon 02 Jan 2023 15:44:45 +0000
ROA not before: Mon 02 Jan 2023 15:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62306
IP address blocks: 185.221.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:16:7d:95:6f:79:f7:9e:4d:2f:c8:52:77:58:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 15:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e15af4bbaa15a76a4c45ece4e13285d1ffc1f26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d2:ab:90:2c:c9:31:4f:18:f9:d2:87:87:9b:
fd:3d:05:30:3c:97:3d:3a:4a:f4:a4:46:4f:c1:42:
d1:47:19:a3:47:33:9a:d5:c8:a6:de:f8:46:b4:cf:
d1:1a:9f:5b:cd:29:eb:e7:31:c9:81:58:ad:23:37:
9e:6c:65:e0:58:f3:25:32:6f:8d:c2:99:1e:37:77:
bd:0e:e2:e9:2b:1c:58:fc:ff:0e:a8:21:3f:95:03:
6f:ee:82:3f:66:14:8a:6d:5b:65:78:d6:3c:f5:2d:
d0:5e:04:ac:7c:b6:5c:20:6d:05:71:ed:72:6c:5f:
45:17:02:55:ce:47:ae:39:e7:fa:77:05:40:f2:2d:
e1:59:8e:81:45:88:b2:66:b0:78:fc:bb:17:6c:1c:
d7:96:26:dd:c1:48:c7:14:5d:e6:fc:09:fa:40:62:
01:82:01:71:4f:95:98:8f:cb:ba:e3:26:92:a4:4c:
e0:be:b7:dc:59:9d:c3:f4:9f:82:0b:d4:4f:c5:ee:
16:b0:e2:63:68:a6:95:c1:a4:c2:e8:a7:cb:2e:5a:
81:a7:54:18:94:58:09:f1:fb:c0:d2:0c:14:a1:47:
62:c3:af:a5:f2:ce:ee:1d:3b:72:94:05:c2:93:f6:
19:12:8b:2e:7a:71:cc:1d:54:51:44:e3:ce:b2:4d:
52:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:15:AF:4B:BA:A1:5A:76:A4:C4:5E:CE:4E:13:28:5D:1F:FC:1F:26
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/LhWvS7qhWnakxF7OThMoXR_8HyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.220.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:50:2d:e0:47:b0:67:29:9c:a2:37:b1:de:3f:23:bf:12:71:
ff:fa:cc:87:70:91:1c:6f:b4:97:6b:e5:bc:34:f5:36:91:70:
c9:b7:96:24:49:c6:a2:9f:b6:45:64:eb:46:95:77:7c:ae:49:
dd:93:6d:1d:27:6b:af:c1:03:2e:76:10:1c:2d:12:97:a2:dc:
41:29:3f:de:12:8d:f3:14:b0:da:00:60:a5:dd:da:c5:ba:ef:
80:2d:eb:5c:0c:f7:d2:14:0c:89:40:11:ae:bc:47:47:fe:fc:
29:4b:14:ca:bf:3c:2a:34:87:a1:4e:3f:0b:56:bc:98:32:1a:
78:97:8b:ca:9e:87:56:d8:33:8a:30:43:b4:13:8b:41:80:b5:
3b:75:e2:ca:48:9e:48:0c:d1:bd:32:ab:ed:19:17:d1:73:cd:
80:a6:6d:7a:76:d4:83:a7:12:09:62:59:d7:9f:b9:99:56:ef:
f5:f7:2a:f2:e5:79:68:83:d4:6c:15:74:72:47:78:d8:f4:12:
29:ef:c1:95:16:69:1a:d4:97:1d:78:88:dd:96:08:f4:60:d6:
c1:76:89:bd:35:fa:ec:c4:e0:51:c1:25:3d:28:86:fc:1e:6b:
77:59:c8:e9:a9:c0:e2:94:7c:1a:46:21:65:6b:57:e3:af:7d:
64:01:2b:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBZ9lW95955NL8hSd1hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMTAyMTU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTE1YWY0YmJhYTE1YTc2YTRjNDVlY2U0ZTEzMjg1ZDFmZmMxZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9KrkCzJMU8Y+dKHh5v9PQUwPJc9
Okr0pEZPwULRRxmjRzOa1cim3vhGtM/RGp9bzSnr5zHJgVitIzeebGXgWPMlMm+N
wpkeN3e9DuLpKxxY/P8OqCE/lQNv7oI/ZhSKbVtleNY89S3QXgSsfLZcIG0Fce1y
bF9FFwJVzkeuOef6dwVA8i3hWY6BRYiyZrB4/LsXbBzXlibdwUjHFF3m/An6QGIB
ggFxT5WYj8u64yaSpEzgvrfcWZ3D9J+CC9RPxe4WsOJjaKaVwaTC6KfLLlqBp1QY
lFgJ8fvA0gwUoUdiw6+l8s7uHTtylAXCk/YZEosuenHMHVRRROPOsk1S/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4Vr0u6oVp2pMRezk4TKF0f/B8mMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvTGhXdlM3cWhXbmFreEY3T1RoTW9YUl84SHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud3cMA0G
CSqGSIb3DQEBCwUAA4IBAQAqUC3gR7BnKZyiN7HePyO/EnH/+syHcJEcb7SXa+W8
NPU2kXDJt5YkScain7ZFZOtGlXd8rkndk20dJ2uvwQMudhAcLRKXotxBKT/eEo3z
FLDaAGCl3drFuu+ALetcDPfSFAyJQBGuvEdH/vwpSxTKvzwqNIehTj8LVryYMhp4
l4vKnodW2DOKMEO0E4tBgLU7deLKSJ5IDNG9MqvtGRfRc82Apm16dtSDpxIJYlnX
n7mZVu/19yry5Xlog9RsFXRyR3jY9BIp78GVFmka1JcdeIjdlgj0YNbBdom9Nfrs
xOBRwSU9KIb8Hmt3WcjpqcDilHwaRiFla1fjr31kASuT
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:39 2025 by rpki-client