Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aDFLlz_qP0cUeM9vrai4z9ED8NQ.roa
File: aDFLlz_qP0cUeM9vrai4z9ED8NQ.roa (raw, json)
Hash identifier: ID6J/q3EaBABxN1uassZF4QtjHGR39PvLPo1ASH0egI=
Subject key identifier: 68:31:4B:97:3F:EA:3F:47:14:78:CF:6F:AD:A8:B8:CF:D1:03:F0:D4
Certificate issuer: /CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Certificate serial: 01856CB839907C3059E2779C7CE5EF826085
Authority key identifier: 1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aDFLlz_qP0cUeM9vrai4z9ED8NQ.roa
Signing time: Sun 01 Jan 2023 09:44:50 +0000
ROA not before: Sun 01 Jan 2023 09:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212341
IP address blocks: 85.202.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:39:90:7c:30:59:e2:77:9c:7c:e5:ef:82:60:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Validity
Not Before: Jan 1 09:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68314b973fea3f471478cf6fada8b8cfd103f0d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:34:27:db:8a:1a:f2:d2:1f:51:5d:57:f3:ae:
86:fe:90:7e:57:b9:f5:11:e2:4d:4c:68:67:eb:bd:
32:47:cb:0f:f0:89:42:dd:89:a7:17:56:af:8e:4b:
0d:fd:55:3f:5a:4b:ff:30:65:84:80:ed:21:4d:53:
7a:63:11:af:3c:d3:88:92:91:23:2a:0a:2b:e4:1c:
3b:29:41:66:90:55:0e:64:44:69:7d:d8:5e:7b:d6:
60:45:ed:81:0f:cc:ce:1a:56:b9:f1:72:13:aa:5a:
a2:27:9f:8e:87:9d:26:76:26:b1:c2:db:89:d9:85:
f5:4f:8e:de:90:70:b4:d2:c6:02:18:61:ea:5c:75:
e8:2d:83:6a:48:03:ed:19:a8:c3:de:c4:4a:8d:dc:
f6:52:75:f4:e0:1b:08:21:31:06:9d:4b:bf:1b:33:
9c:f0:e8:b6:c6:66:fd:48:3d:c0:65:07:f6:cf:47:
52:e7:42:c3:bc:28:76:94:6a:17:7a:a1:db:c0:52:
a0:8a:a3:c3:88:45:64:c7:d1:4d:60:41:e8:ca:78:
ed:0c:f1:fc:da:90:5e:21:2b:53:4b:02:74:ad:17:
a9:d3:0a:16:ed:9f:9b:45:b5:b2:72:11:82:e1:d4:
00:40:2a:12:3f:fa:46:ed:ae:54:b8:7b:68:1b:fd:
9e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:31:4B:97:3F:EA:3F:47:14:78:CF:6F:AD:A8:B8:CF:D1:03:F0:D4
X509v3 Authority Key Identifier:
keyid:1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aDFLlz_qP0cUeM9vrai4z9ED8NQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/GiR0zlteIgufQxr8hq9OwUD18Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.88.0/22
Signature Algorithm: sha256WithRSAEncryption
19:02:d1:e4:6f:e7:3c:9c:a9:a2:90:0b:e5:c6:f5:ef:1f:0e:
80:dd:3f:a6:63:20:07:28:9c:15:76:fd:93:dd:00:c2:33:84:
f1:fd:1b:f4:23:4d:d0:6c:f3:41:aa:5d:e8:1e:35:36:4c:27:
21:b7:78:cd:94:ef:25:9b:83:4f:6a:d0:3d:f4:79:f3:e0:8a:
8a:c3:43:80:c9:0c:6b:77:75:d2:f6:d2:1e:52:ab:2a:55:b4:
a4:bb:79:64:fc:cc:92:57:fb:4b:aa:0e:3a:d1:c0:91:98:93:
54:8f:4e:66:9a:fb:e7:16:d4:db:61:70:d3:4b:2d:59:d6:51:
b8:f1:f0:02:4b:87:02:0f:cf:70:a0:d3:3b:8b:3c:4c:ef:40:
df:3e:95:86:12:e5:b5:45:d1:d0:da:37:ac:e1:6e:43:84:fb:
0c:11:e8:ed:3c:5f:c9:4a:05:f1:ec:fb:8f:8f:4f:bc:b3:c5:
49:b4:24:45:fd:91:c4:d5:9d:81:87:17:5f:63:7d:04:f9:74:
77:ca:bb:8f:d6:5b:7d:02:aa:b2:bb:38:44:17:34:c7:4c:9b:
53:8a:e0:aa:8c:bb:b1:19:af:25:3e:07:6d:5e:dc:8c:dc:6e:
c2:01:22:b6:0c:d8:56:95:42:d5:20:fe:77:f6:5c:bc:79:55:
5a:b3:e2:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuDmQfDBZ4necfOXvgmCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMjQ3NGNlNWI1ZTIyMGI5ZjQzMWFmYzg2YWY0ZWMxNDBm
NWYxNmMwHhcNMjMwMTAxMDk0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODMxNGI5NzNmZWEzZjQ3MTQ3OGNmNmZhZGE4YjhjZmQxMDNmMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzQn24oa8tIfUV1X866G/pB+V7n1
EeJNTGhn670yR8sP8IlC3YmnF1avjksN/VU/Wkv/MGWEgO0hTVN6YxGvPNOIkpEj
Kgor5Bw7KUFmkFUOZERpfdhee9ZgRe2BD8zOGla58XITqlqiJ5+Oh50mdiaxwtuJ
2YX1T47ekHC00sYCGGHqXHXoLYNqSAPtGajD3sRKjdz2UnX04BsIITEGnUu/GzOc
8Oi2xmb9SD3AZQf2z0dS50LDvCh2lGoXeqHbwFKgiqPDiEVkx9FNYEHoynjtDPH8
2pBeIStTSwJ0rRep0woW7Z+bRbWychGC4dQAQCoSP/pG7a5UuHtoG/2ekQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGgxS5c/6j9HFHjPb62ouM/RA/DUMB8GA1UdIwQY
MBaAFBokdM5bXiILn0Ma/IavTsFA9fFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2It
ZDdkMDJlOTdlMjVkLzEvYURGTGx6X3FQMGNVZU05dnJhaTR6OUVEOE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2ItZDdkMDJlOTdlMjVk
LzEvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcpYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZAtHkb+c8nKmikAvlxvXvHw6A3T+mYyAHKJwVdv2T
3QDCM4Tx/Rv0I03QbPNBql3oHjU2TCcht3jNlO8lm4NPatA99Hnz4IqKw0OAyQxr
d3XS9tIeUqsqVbSku3lk/MySV/tLqg460cCRmJNUj05mmvvnFtTbYXDTSy1Z1lG4
8fACS4cCD89woNM7izxM70DfPpWGEuW1RdHQ2jes4W5DhPsMEejtPF/JSgXx7PuP
j0+8s8VJtCRF/ZHE1Z2BhxdfY30E+XR3yruP1lt9AqqyuzhEFzTHTJtTiuCqjLux
Ga8lPgdtXtyM3G7CASK2DNhWlULVIP539ly8eVVas+IC
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:12:29 2025 by rpki-client