Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/okP0MdTwGh9lO7HAe_QSPfVnhoU.roa
File: okP0MdTwGh9lO7HAe_QSPfVnhoU.roa (raw, json)
Hash identifier: qIjV9ogFUYlwCehVxYmUMQQlUQMIAkGMBARXN2r45tc=
Subject key identifier: A2:43:F4:31:D4:F0:1A:1F:65:3B:B1:C0:7B:F4:12:3D:F5:67:86:85
Certificate issuer: /CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Certificate serial: 03DEEF0B
Authority key identifier: 49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/okP0MdTwGh9lO7HAe_QSPfVnhoU.roa
Signing time: Sat 01 Jan 2022 14:08:15 +0000
ROA not before: Sat 01 Jan 2022 14:08:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34863
IP address blocks: 185.85.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64941835 (0x3deef0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49b2444644c43348d7c50f4e50e74356e9896dbf
Validity
Not Before: Jan 1 14:08:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a243f431d4f01a1f653bb1c07bf4123df5678685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:bc:34:f9:e4:bc:10:30:bd:f9:aa:ac:e7:
bd:16:e9:7b:db:d4:10:08:c7:1d:b0:32:f2:ba:cc:
21:6e:4c:d2:77:a4:75:81:88:30:bd:63:04:8c:88:
b3:7c:53:82:3c:d3:11:ef:76:ee:ea:01:17:18:2f:
35:20:d1:14:81:a5:0e:17:5b:61:b2:0a:90:c8:35:
0f:24:4d:2f:cc:35:7e:83:95:d8:6f:26:e4:58:cf:
86:b5:25:84:06:c9:73:2e:11:37:71:07:6f:74:1a:
e8:0c:e0:6b:2e:87:01:ca:ad:4c:b9:61:00:69:d1:
db:d7:bc:a4:d0:cb:ec:97:2d:f1:b9:84:16:9a:60:
b9:d0:af:3f:70:90:f8:1b:ad:f3:79:bf:4a:37:1f:
06:e5:d3:2b:0a:06:e2:f6:a0:5b:d6:29:3f:df:56:
53:67:af:f3:88:c9:7f:76:ad:77:37:a6:ec:df:95:
ef:c3:85:f4:9d:c4:6f:34:bc:70:80:28:b3:4a:ee:
4c:7d:69:4a:2e:af:9c:2b:f7:bf:28:00:fe:70:68:
86:e1:34:92:84:b4:73:17:a3:75:f8:c7:72:16:18:
15:11:5c:ae:44:b3:72:91:40:c4:18:7c:d2:33:5f:
d4:c2:f5:ee:2e:4c:b4:68:5c:50:04:73:48:e4:5e:
bb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:F4:31:D4:F0:1A:1F:65:3B:B1:C0:7B:F4:12:3D:F5:67:86:85
X509v3 Authority Key Identifier:
keyid:49:B2:44:46:44:C4:33:48:D7:C5:0F:4E:50:E7:43:56:E9:89:6D:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SbJERkTEM0jXxQ9OUOdDVumJbb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/okP0MdTwGh9lO7HAe_QSPfVnhoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/64cdbd-c851-4b35-bb79-753d969a0702/1/SbJERkTEM0jXxQ9OUOdDVumJbb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.232.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:ae:8d:ee:41:f7:65:14:5c:43:d7:91:71:25:cc:72:b3:5c:
a6:5e:f9:94:e4:e1:85:24:87:25:b5:c2:c1:e8:79:0e:67:6c:
0d:91:b5:aa:44:92:5f:49:e6:dc:44:6c:3b:1f:a8:06:15:b1:
9b:11:cd:30:cb:53:9c:fc:78:a8:30:25:50:e6:23:a0:76:da:
26:50:d6:61:11:c0:aa:66:09:4b:bd:73:1a:e3:56:66:59:97:
2c:82:c7:ad:ef:60:0a:44:12:20:31:e8:db:00:67:20:80:fe:
57:28:a1:a4:3f:33:89:9c:5e:4c:2c:43:69:6a:69:60:32:f8:
96:81:ff:7d:b4:1a:98:1a:0b:6b:0f:d2:b1:0d:a3:3c:84:6c:
28:26:ff:7a:b5:3f:7b:40:25:2e:e7:38:92:c2:5e:24:08:50:
c3:05:e8:5c:5d:09:49:a8:c0:5c:f9:7b:9d:8f:2a:5d:8a:6c:
2a:a6:15:dd:74:ba:3a:4f:5c:8a:3f:ab:60:15:1a:6c:1a:62:
88:8e:8f:6b:a0:f8:25:1c:38:94:9c:f8:ed:66:82:82:64:5b:
1e:0a:57:18:82:8d:4f:e9:02:95:dc:5c:35:7a:b3:e3:7a:33:
1e:38:60:42:95:f3:ee:e7:3c:e4:d1:3b:09:44:14:96:10:1d:
ab:c8:79:0a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA97vCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OWIyNDQ0NjQ0YzQzMzQ4ZDdjNTBmNGU1MGU3NDM1NmU5ODk2ZGJmMB4XDTIyMDEw
MTE0MDgxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI0M2Y0MzFkNGYw
MWExZjY1M2JiMWMwN2JmNDEyM2RmNTY3ODY4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKYvDT55LwQML35qqznvRbpe9vUEAjHHbAy8rrMIW5M0nek
dYGIML1jBIyIs3xTgjzTEe927uoBFxgvNSDRFIGlDhdbYbIKkMg1DyRNL8w1foOV
2G8m5FjPhrUlhAbJcy4RN3EHb3Qa6Azgay6HAcqtTLlhAGnR29e8pNDL7Jct8bmE
FppgudCvP3CQ+But83m/SjcfBuXTKwoG4vagW9YpP99WU2ev84jJf3atdzem7N+V
78OF9J3EbzS8cIAos0ruTH1pSi6vnCv3vygA/nBohuE0koS0cxejdfjHchYYFRFc
rkSzcpFAxBh80jNf1ML17i5MtGhcUARzSOReuzUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiQ/Qx1PAaH2U7scB79BI99WeGhTAfBgNVHSMEGDAWgBRJskRGRMQzSNfF
D05Q50NW6YltvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NiSkVSa1RFTTBqWHhROU9VT2REVnVtSmJiOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNjRjZGJkLWM4NTEtNGIzNS1iYjc5LTc1M2Q5NjlhMDcwMi8x
L29rUDBNZFR3R2g5bE83SEFlX1FTUGZWbmhvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
NjRjZGJkLWM4NTEtNGIzNS1iYjc5LTc1M2Q5NjlhMDcwMi8xL1NiSkVSa1RFTTBq
WHhROU9VT2REVnVtSmJiOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlV6DANBgkqhkiG9w0BAQsFAAOC
AQEAPK6N7kH3ZRRcQ9eRcSXMcrNcpl75lOThhSSHJbXCweh5DmdsDZG1qkSSX0nm
3ERsOx+oBhWxmxHNMMtTnPx4qDAlUOYjoHbaJlDWYRHAqmYJS71zGuNWZlmXLILH
re9gCkQSIDHo2wBnIID+VyihpD8ziZxeTCxDaWppYDL4loH/fbQamBoLaw/SsQ2j
PIRsKCb/erU/e0AlLuc4ksJeJAhQwwXoXF0JSajAXPl7nY8qXYpsKqYV3XS6Ok9c
ij+rYBUabBpiiI6Pa6D4JRw4lJz47WaCgmRbHgpXGIKNT+kCldxcNXqz43ozHjhg
QpXz7uc85NE7CUQUlhAdq8h5Cg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:56:27 2025 by rpki-client