Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aNK32OsGQDlLPonaj6gDx02Q2nk.roa
File: aNK32OsGQDlLPonaj6gDx02Q2nk.roa (raw, json)
Hash identifier: HnoNiDAIuEjYI/w1nzCsDN4OzVE3PpPnyTSUxBB+nj4=
Subject key identifier: 68:D2:B7:D8:EB:06:40:39:4B:3E:89:DA:8F:A8:03:C7:4D:90:DA:79
Certificate issuer: /CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Certificate serial: 0183F9B40B1BD97BD4DC32C77C4AC09B5525
Authority key identifier: 1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aNK32OsGQDlLPonaj6gDx02Q2nk.roa
Signing time: Fri 21 Oct 2022 08:41:09 +0000
ROA not before: Fri 21 Oct 2022 08:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 85.202.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:b4:0b:1b:d9:7b:d4:dc:32:c7:7c:4a:c0:9b:55:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Validity
Not Before: Oct 21 08:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68d2b7d8eb0640394b3e89da8fa803c74d90da79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:69:4f:c5:45:89:70:4c:cb:e4:28:4f:5a:
b8:e5:61:fd:21:d1:25:03:89:39:fe:dc:e7:24:4b:
80:7b:08:06:e3:7d:98:25:58:1b:55:af:3a:8b:91:
d7:18:9c:41:cd:9c:d1:cd:a0:a0:63:50:17:4a:c6:
04:40:c2:c2:49:da:3f:0a:57:f7:e7:17:66:8d:5b:
4e:97:d1:3d:82:10:8f:77:6f:06:57:96:60:46:17:
95:9d:85:bd:ac:f2:7b:a1:5a:fc:f6:ac:cc:d8:54:
d2:25:c3:f3:5b:aa:ca:d3:f3:2d:4e:1b:ab:f4:ca:
52:8c:2f:eb:39:04:9e:54:79:fe:31:46:a0:32:86:
96:85:1c:00:9e:70:63:ca:c7:4b:f1:55:14:01:68:
9c:04:6b:a6:78:ad:cc:31:0d:13:03:ec:45:69:72:
b5:49:ba:40:bc:15:57:7e:12:be:8c:ed:07:6d:75:
01:26:d6:6d:01:be:f7:12:5e:65:73:76:8b:14:d5:
fb:74:89:76:26:d6:e7:6a:c7:b6:08:d8:8e:92:0c:
5d:2d:b9:02:f2:60:a5:da:57:02:c9:9f:92:33:09:
0c:51:2e:eb:40:c9:dc:e0:ba:17:84:dc:d2:e2:ae:
5b:50:48:0a:96:af:22:27:82:52:11:e3:c7:8a:76:
3e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D2:B7:D8:EB:06:40:39:4B:3E:89:DA:8F:A8:03:C7:4D:90:DA:79
X509v3 Authority Key Identifier:
keyid:1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/aNK32OsGQDlLPonaj6gDx02Q2nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/GiR0zlteIgufQxr8hq9OwUD18Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.88.0/22
Signature Algorithm: sha256WithRSAEncryption
76:96:18:96:f9:81:7d:a8:83:a3:a7:40:7c:54:ba:3f:ec:b7:
4f:32:12:b1:dd:62:89:8e:eb:bc:3e:ee:e2:1b:9f:34:a3:55:
9e:b5:c7:ff:89:fc:14:d4:99:9b:cb:b7:76:dc:ec:0d:cf:24:
ab:03:c1:c9:c9:61:bd:64:bb:34:d3:05:43:b9:be:c5:3b:1a:
51:a6:a3:8e:36:6a:a8:d1:bf:73:fa:97:13:cd:9c:cd:60:1b:
dc:36:ec:b4:10:ea:a0:5e:34:86:43:3f:d8:50:d2:aa:39:5f:
f2:d0:2f:23:0b:0c:00:f5:32:91:20:30:56:81:11:f2:d8:24:
27:56:51:ec:4a:85:39:e0:2f:42:66:99:83:96:f9:96:2b:3a:
fd:b9:5e:b2:a7:25:ca:01:05:a4:a7:7e:92:28:a4:0d:62:de:
b9:54:87:24:06:ec:68:4e:c6:1d:e4:33:24:2f:19:79:b8:65:
ea:46:f4:f5:d2:b5:bf:a3:b1:f1:e0:a2:1f:34:61:04:03:13:
29:ec:9f:fc:8a:60:18:03:cb:c1:31:fb:00:a0:d1:55:29:c7:
f6:6a:fe:20:1c:55:ba:84:a5:40:bf:b6:eb:b5:bd:65:33:fa:
11:74:b5:84:dd:cd:9c:b5:2b:d5:c3:8f:a3:62:cd:8e:64:10:
cb:98:41:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5tAsb2XvU3DLHfErAm1UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMjQ3NGNlNWI1ZTIyMGI5ZjQzMWFmYzg2YWY0ZWMxNDBm
NWYxNmMwHhcNMjIxMDIxMDg0MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQyYjdkOGViMDY0MDM5NGIzZTg5ZGE4ZmE4MDNjNzRkOTBkYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfdpT8VFiXBMy+QoT1q45WH9IdEl
A4k5/tznJEuAewgG432YJVgbVa86i5HXGJxBzZzRzaCgY1AXSsYEQMLCSdo/Clf3
5xdmjVtOl9E9ghCPd28GV5ZgRheVnYW9rPJ7oVr89qzM2FTSJcPzW6rK0/MtThur
9MpSjC/rOQSeVHn+MUagMoaWhRwAnnBjysdL8VUUAWicBGumeK3MMQ0TA+xFaXK1
SbpAvBVXfhK+jO0HbXUBJtZtAb73El5lc3aLFNX7dIl2Jtbnase2CNiOkgxdLbkC
8mCl2lcCyZ+SMwkMUS7rQMnc4LoXhNzS4q5bUEgKlq8iJ4JSEePHinY+wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGjSt9jrBkA5Sz6J2o+oA8dNkNp5MB8GA1UdIwQY
MBaAFBokdM5bXiILn0Ma/IavTsFA9fFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2It
ZDdkMDJlOTdlMjVkLzEvYU5LMzJPc0dRRGxMUG9uYWo2Z0R4MDJRMm5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2ItZDdkMDJlOTdlMjVk
LzEvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcpYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2lhiW+YF9qIOjp0B8VLo/7LdPMhKx3WKJjuu8Pu7i
G580o1Wetcf/ifwU1Jmby7d23OwNzySrA8HJyWG9ZLs00wVDub7FOxpRpqOONmqo
0b9z+pcTzZzNYBvcNuy0EOqgXjSGQz/YUNKqOV/y0C8jCwwA9TKRIDBWgRHy2CQn
VlHsSoU54C9CZpmDlvmWKzr9uV6ypyXKAQWkp36SKKQNYt65VIckBuxoTsYd5DMk
Lxl5uGXqRvT10rW/o7Hx4KIfNGEEAxMp7J/8imAYA8vBMfsAoNFVKcf2av4gHFW6
hKVAv7brtb1lM/oRdLWE3c2ctSvVw4+jYs2OZBDLmEGk
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:49:26 2025 by rpki-client