Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/06970a-2866-489d-b71a-84e6cd2232ac/1/oqcVDeAsSmR5jCSTUERovRTRO9w.roa
File: oqcVDeAsSmR5jCSTUERovRTRO9w.roa (raw, json)
Hash identifier: MNoytxIf+lUKGFHbrScxZslftquLEInX02eU06GofZU=
Subject key identifier: A2:A7:15:0D:E0:2C:4A:64:79:8C:24:93:50:44:68:BD:14:D1:3B:DC
Certificate issuer: /CN=fc6a4c595f0b2dd05a1fe67287c13ce0ebc80adb
Certificate serial: 0A71C083
Authority key identifier: FC:6A:4C:59:5F:0B:2D:D0:5A:1F:E6:72:87:C1:3C:E0:EB:C8:0A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_GpMWV8LLdBaH-Zyh8E84OvICts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/06970a-2866-489d-b71a-84e6cd2232ac/1/oqcVDeAsSmR5jCSTUERovRTRO9w.roa
Signing time: Sat 01 Jan 2022 12:57:47 +0000
ROA not before: Sat 01 Jan 2022 12:57:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203602
IP address blocks: 185.255.244.0/22 maxlen: 22
2a0c:61c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175227011 (0xa71c083)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc6a4c595f0b2dd05a1fe67287c13ce0ebc80adb
Validity
Not Before: Jan 1 12:57:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2a7150de02c4a64798c2493504468bd14d13bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:37:7e:f7:d0:e9:f6:8f:25:18:24:6b:a6:27:
d7:69:98:21:f2:6b:72:d3:be:47:c6:d6:36:1a:0b:
6e:ff:a9:8e:fc:f2:14:44:4f:7d:ac:eb:88:29:3a:
6a:4c:65:c5:27:69:19:14:ce:03:c7:aa:31:0b:a8:
ad:ad:fe:cc:02:c6:36:b9:2c:b4:96:11:79:d6:85:
75:83:3a:8a:46:b2:46:6c:d5:cd:38:ed:62:30:50:
09:e3:4c:7f:13:5b:02:73:ba:b5:6c:6d:95:96:34:
0a:21:47:5e:0c:4e:e6:39:97:dd:c1:86:87:ff:41:
d4:68:47:9f:12:52:5b:f9:e8:cf:a2:ba:67:64:02:
71:17:17:2b:54:c0:9f:66:e9:1c:a0:04:d0:5a:4f:
9e:f1:b0:6e:1b:e8:94:fd:b2:27:63:54:a0:e5:44:
ec:56:04:a1:ba:ac:cf:e6:a0:07:de:6b:c7:0b:2f:
c1:10:a4:62:22:5c:3e:db:bd:58:a7:38:9e:71:2f:
45:dc:71:f0:ce:14:c5:81:64:6f:85:35:57:f5:36:
9d:18:28:45:cb:54:dc:ab:85:aa:49:c6:34:05:bf:
48:73:50:a0:f8:c6:6f:dd:83:8f:51:49:01:e1:b4:
5f:b6:4c:fb:aa:c6:de:d5:90:bd:13:9a:f2:32:17:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A7:15:0D:E0:2C:4A:64:79:8C:24:93:50:44:68:BD:14:D1:3B:DC
X509v3 Authority Key Identifier:
keyid:FC:6A:4C:59:5F:0B:2D:D0:5A:1F:E6:72:87:C1:3C:E0:EB:C8:0A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_GpMWV8LLdBaH-Zyh8E84OvICts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/06970a-2866-489d-b71a-84e6cd2232ac/1/oqcVDeAsSmR5jCSTUERovRTRO9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/06970a-2866-489d-b71a-84e6cd2232ac/1/_GpMWV8LLdBaH-Zyh8E84OvICts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.244.0/22
IPv6:
2a0c:61c0::/32
Signature Algorithm: sha256WithRSAEncryption
36:c5:2c:2d:95:fb:63:a2:43:37:c2:4a:29:7f:1c:02:dd:f9:
cb:ea:82:be:a9:4f:2a:4f:f0:b5:f2:90:eb:23:ec:ee:2d:95:
2b:cb:f2:b5:92:29:66:02:2e:3a:2a:19:ab:b2:8f:e2:aa:c6:
51:36:8f:d6:04:ba:dc:a2:33:19:b6:53:11:b2:e0:0a:27:97:
b2:f4:5e:5d:95:c6:af:48:cc:79:aa:a7:f3:5a:52:ab:5f:3d:
1f:33:94:35:6f:92:5e:5a:0d:89:23:eb:e9:0d:a9:ed:ac:fc:
a6:ba:5e:70:26:0a:dd:65:77:18:08:a0:aa:22:77:47:c3:e7:
d0:8a:34:2b:53:1b:4d:a8:40:fa:a7:e9:b7:21:89:96:b1:93:
f2:db:4c:f8:80:cd:33:2f:54:95:1e:bb:f2:c5:00:d1:5a:69:
10:60:4c:03:c0:f0:68:20:5e:60:28:51:d8:02:db:3b:b3:da:
b3:2c:2f:4d:06:46:c4:01:f6:f5:d0:81:ed:f7:48:2c:3b:d6:
f8:23:d3:16:27:41:25:7e:e9:f0:0d:8e:b7:5c:f0:65:38:f2:
c6:3f:37:fc:c6:ac:57:08:fd:77:af:dd:1c:49:86:15:3d:cc:
1d:62:7b:54:86:06:73:f4:51:b7:47:4f:ed:9a:69:12:49:c0:
f8:30:a0:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECnHAgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YzZhNGM1OTVmMGIyZGQwNWExZmU2NzI4N2MxM2NlMGViYzgwYWRiMB4XDTIyMDEw
MTEyNTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJhNzE1MGRlMDJj
NGE2NDc5OGMyNDkzNTA0NDY4YmQxNGQxM2JkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALM3fvfQ6faPJRgka6Yn12mYIfJrctO+R8bWNhoLbv+pjvzy
FERPfazriCk6akxlxSdpGRTOA8eqMQuora3+zALGNrkstJYRedaFdYM6ikayRmzV
zTjtYjBQCeNMfxNbAnO6tWxtlZY0CiFHXgxO5jmX3cGGh/9B1GhHnxJSW/noz6K6
Z2QCcRcXK1TAn2bpHKAE0FpPnvGwbhvolP2yJ2NUoOVE7FYEobqsz+agB95rxwsv
wRCkYiJcPtu9WKc4nnEvRdxx8M4UxYFkb4U1V/U2nRgoRctU3KuFqknGNAW/SHNQ
oPjGb92Dj1FJAeG0X7ZM+6rG3tWQvROa8jIXxpECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSipxUN4CxKZHmMJJNQRGi9FNE73DAfBgNVHSMEGDAWgBT8akxZXwst0Fof
5nKHwTzg68gK2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19HcE1XVjhMTGRCYUgtWnloOEU4NE92SUN0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvMDY5NzBhLTI4NjYtNDg5ZC1iNzFhLTg0ZTZjZDIyMzJhYy8x
L29xY1ZEZUFzU21SNWpDU1RVRVJvdlJUUk85dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
MDY5NzBhLTI4NjYtNDg5ZC1iNzFhLTg0ZTZjZDIyMzJhYy8xL19HcE1XVjhMTGRC
YUgtWnloOEU4NE92SUN0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn/9DANBAIAAjAHAwUAKgxhwDAN
BgkqhkiG9w0BAQsFAAOCAQEANsUsLZX7Y6JDN8JKKX8cAt35y+qCvqlPKk/wtfKQ
6yPs7i2VK8vytZIpZgIuOioZq7KP4qrGUTaP1gS63KIzGbZTEbLgCieXsvReXZXG
r0jMeaqn81pSq189HzOUNW+SXloNiSPr6Q2p7az8prpecCYK3WV3GAigqiJ3R8Pn
0Io0K1MbTahA+qfptyGJlrGT8ttM+IDNMy9UlR678sUA0VppEGBMA8DwaCBeYChR
2ALbO7PasywvTQZGxAH29dCB7fdILDvW+CPTFidBJX7p8A2Ot1zwZTjyxj83/Mas
Vwj9d6/dHEmGFT3MHWJ7VIYGc/RRt0dP7ZppEknA+DCgSw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:57:35 2025 by rpki-client