Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/RtnVDz1yKtWQmkqf-KmNcNRQGMQ.roa
File: RtnVDz1yKtWQmkqf-KmNcNRQGMQ.roa (raw, json)
Hash identifier: i8iD77g5Hw+KqU2n+9o1PuZrzYyxnzKySx1jkevRPKY=
Subject key identifier: 46:D9:D5:0F:3D:72:2A:D5:90:9A:4A:9F:F8:A9:8D:70:D4:50:18:C4
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 034A2F8D
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/RtnVDz1yKtWQmkqf-KmNcNRQGMQ.roa
Signing time: Wed 23 Feb 2022 09:12:13 +0000
ROA not before: Wed 23 Feb 2022 09:12:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15924
IP address blocks: 185.252.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55193485 (0x34a2f8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Feb 23 09:12:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46d9d50f3d722ad5909a4a9ff8a98d70d45018c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d1:32:95:49:f8:ab:fb:c6:de:12:a3:6c:88:
c6:3d:1c:1d:91:31:48:af:01:1f:f9:07:5d:94:24:
09:4b:11:46:c8:d8:27:a8:fb:2d:be:c3:47:2a:0d:
19:54:9a:fd:f6:4c:6e:3a:40:09:59:c8:60:27:3a:
7a:93:2b:ad:b0:45:fa:0b:32:34:18:ba:2b:99:b9:
04:65:18:29:b0:9b:f2:2c:4d:c1:9a:d6:07:92:2f:
4a:6b:c0:6e:07:cc:78:c7:4f:cb:96:c7:d6:d7:41:
5a:27:fb:8a:cf:46:78:ba:f4:80:4f:8d:91:61:be:
f5:17:30:62:e0:21:92:a1:90:d1:e9:fb:3b:b5:0a:
1c:2e:c3:a4:ac:cb:67:6e:38:53:e1:82:c0:81:f5:
ab:83:00:69:d4:ae:ed:64:ff:38:d7:6f:c7:69:28:
45:41:63:3d:a9:48:b2:f1:a8:df:d2:70:cc:f5:70:
9b:fb:12:f0:14:9b:9b:c1:22:0d:19:80:1d:de:00:
f9:95:17:d0:0f:4f:40:69:bf:25:23:f3:2a:c5:8c:
27:40:12:70:2d:d5:7b:a7:d6:92:57:51:0f:46:db:
8a:6f:7b:50:9b:05:b1:21:07:5b:fd:51:e0:43:ce:
50:3e:a5:8f:09:f4:f5:15:77:ad:17:64:1d:00:2f:
31:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:D9:D5:0F:3D:72:2A:D5:90:9A:4A:9F:F8:A9:8D:70:D4:50:18:C4
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/RtnVDz1yKtWQmkqf-KmNcNRQGMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.114.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:f4:81:51:a8:3d:b7:9b:e8:09:72:f9:35:19:9c:04:48:55:
c2:f0:78:e3:c0:e6:fb:cd:82:66:d5:83:81:74:41:cb:aa:ec:
a5:fb:19:b8:f1:ad:df:a5:21:01:8b:1b:76:f8:48:5a:9c:02:
79:ea:2f:b5:7a:55:d4:31:d6:2f:15:da:34:bc:cb:e6:eb:8f:
72:18:54:c6:35:95:08:54:25:81:81:08:25:d6:5a:35:62:e0:
d5:ba:e8:52:60:19:d3:30:fd:2d:40:c3:c3:c9:e2:70:c7:31:
a5:62:6c:a3:fd:9b:39:fc:46:a0:b8:ef:8b:55:26:c3:7f:ab:
1c:33:75:01:85:ae:42:a3:e5:1a:47:ce:43:cf:dc:56:e8:a7:
89:f1:e9:49:f1:6d:e8:90:7f:44:a0:d8:ab:4a:a5:af:f5:2e:
f0:fb:09:e1:e8:12:5b:0e:32:65:f2:1c:30:91:1f:79:ee:5b:
05:f7:7a:a4:51:da:d0:12:47:52:32:1b:8d:73:44:e2:07:53:
8d:0f:09:06:82:ba:68:a5:2d:69:3b:67:f9:da:a0:70:2e:a6:
76:12:f5:26:a6:ea:cd:c4:39:18:ec:7d:5a:dd:9d:85:8c:22:
ed:29:ed:60:c9:65:61:e7:ca:ab:3b:10:a5:86:06:c0:5d:21:
83:9b:72:fe
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA0ovjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGIyMmVlYTRhNGEzYjgxNjU0YTIyN2VkYTk0ZTBlNzU5MzdiMDE1MB4XDTIyMDIy
MzA5MTIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDZkOWQ1MGYzZDcy
MmFkNTkwOWE0YTlmZjhhOThkNzBkNDUwMThjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrRMpVJ+Kv7xt4So2yIxj0cHZExSK8BH/kHXZQkCUsRRsjY
J6j7Lb7DRyoNGVSa/fZMbjpACVnIYCc6epMrrbBF+gsyNBi6K5m5BGUYKbCb8ixN
wZrWB5IvSmvAbgfMeMdPy5bH1tdBWif7is9GeLr0gE+NkWG+9RcwYuAhkqGQ0en7
O7UKHC7DpKzLZ244U+GCwIH1q4MAadSu7WT/ONdvx2koRUFjPalIsvGo39JwzPVw
m/sS8BSbm8EiDRmAHd4A+ZUX0A9PQGm/JSPzKsWMJ0AScC3Ve6fWkldRD0bbim97
UJsFsSEHW/1R4EPOUD6ljwn09RV3rRdkHQAvMX8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRG2dUPPXIq1ZCaSp/4qY1w1FAYxDAfBgNVHSMEGDAWgBRosi7qSko7gWVK
In7alODnWTewFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FMSXU2a3BLTzRGbFNpSi0ycFRnNTFrM3NCVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvNjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8x
L1J0blZEejF5S3RXUW1rcWYtS21OY05SUUdNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
NjljYmMwLWI2YzUtNGU2Ny1hNzNiLTJiNjVhN2E4YmU4Yy8xL2FMSXU2a3BLTzRG
bFNpSi0ycFRnNTFrM3NCVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn8cjANBgkqhkiG9w0BAQsFAAOC
AQEATfSBUag9t5voCXL5NRmcBEhVwvB448Dm+82CZtWDgXRBy6rspfsZuPGt36Uh
AYsbdvhIWpwCeeovtXpV1DHWLxXaNLzL5uuPchhUxjWVCFQlgYEIJdZaNWLg1bro
UmAZ0zD9LUDDw8nicMcxpWJso/2bOfxGoLjvi1Umw3+rHDN1AYWuQqPlGkfOQ8/c
VuinifHpSfFt6JB/RKDYq0qlr/Uu8PsJ4egSWw4yZfIcMJEfee5bBfd6pFHa0BJH
UjIbjXNE4gdTjQ8JBoK6aKUtaTtn+dqgcC6mdhL1JqbqzcQ5GOx9Wt2dhYwi7Snt
YMllYefKqzsQpYYGwF0hg5ty/g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:57 2025 by rpki-client