Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/2ppioE-fDLYRuKsMkOYgMj3J-nU.roa
File: 2ppioE-fDLYRuKsMkOYgMj3J-nU.roa (raw, json)
Hash identifier: ps7DaOLjahnGevOPdotaNsG2rogvUR4zusKfbPLFr98=
Subject key identifier: DA:9A:62:A0:4F:9F:0C:B6:11:B8:AB:0C:90:E6:20:32:3D:C9:FA:75
Certificate issuer: /CN=a2900e4655ab349a4632b140719dc97230431725
Certificate serial: 0185724C67F2A73E29D69EA4857F873FC5F8
Authority key identifier: A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/2ppioE-fDLYRuKsMkOYgMj3J-nU.roa
Signing time: Mon 02 Jan 2023 11:44:48 +0000
ROA not before: Mon 02 Jan 2023 11:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205216
IP address blocks: 185.221.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:67:f2:a7:3e:29:d6:9e:a4:85:7f:87:3f:c5:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2900e4655ab349a4632b140719dc97230431725
Validity
Not Before: Jan 2 11:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9a62a04f9f0cb611b8ab0c90e620323dc9fa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8b:cd:ac:7c:2a:93:ef:47:bd:1e:66:40:52:
c3:fd:6e:e2:19:fb:38:a1:36:d6:bd:16:c8:0f:14:
d1:eb:2e:01:e7:db:22:49:75:ed:6e:27:7f:14:87:
ab:e2:7d:ad:86:f6:42:39:56:2b:2a:8f:23:51:e0:
5a:c9:c2:f4:73:46:78:0a:b8:2c:da:2e:1a:94:ec:
b3:6a:df:40:7e:04:91:1c:a8:ba:ee:3f:89:15:f4:
92:77:bc:2e:81:e5:f9:1b:60:81:85:f6:86:a2:c7:
57:72:ee:49:5e:a4:26:2c:ef:47:71:7b:f3:9e:db:
81:43:c7:08:13:08:ed:b9:08:73:03:62:6b:d8:30:
ea:83:29:41:17:e4:93:51:0f:6a:90:33:cd:6a:fb:
73:90:5c:27:3a:60:49:9e:4e:bf:e0:a7:75:46:41:
d7:ab:1c:c9:da:51:01:3b:24:96:16:92:5e:49:ea:
d2:90:a5:2c:a0:5f:c0:99:ba:8e:6b:19:6b:35:a1:
e1:99:06:b1:76:d9:95:78:ed:17:b9:35:d7:76:62:
e4:8a:21:ee:88:9b:56:6a:87:c4:50:d5:47:0f:32:
5c:4a:5b:7a:7d:60:35:26:62:56:8b:14:57:37:11:
dd:ef:4e:84:7f:81:fd:c6:14:94:47:2e:36:f8:e5:
6d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:62:A0:4F:9F:0C:B6:11:B8:AB:0C:90:E6:20:32:3D:C9:FA:75
X509v3 Authority Key Identifier:
keyid:A2:90:0E:46:55:AB:34:9A:46:32:B1:40:71:9D:C9:72:30:43:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/opAORlWrNJpGMrFAcZ3JcjBDFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/2ppioE-fDLYRuKsMkOYgMj3J-nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/4f701a-ed6f-47c8-bf73-f4c5fc3ca2c4/1/opAORlWrNJpGMrFAcZ3JcjBDFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.47.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:65:51:bc:23:17:f3:3c:82:9c:2a:2f:67:c8:5f:0e:d6:5e:
a2:a1:29:2f:a4:18:0b:2b:4f:d4:66:d1:81:41:3f:f4:af:e8:
30:4f:75:b1:7c:41:54:18:74:08:10:ca:43:fa:49:44:7e:a0:
95:af:13:92:bc:d1:82:23:be:27:41:ad:d7:c6:b7:87:6e:61:
d0:49:08:33:f1:dd:c5:04:94:08:e2:90:6f:19:34:e0:96:0e:
12:7c:f4:d3:18:00:65:be:d1:1f:de:9d:36:ff:59:76:ef:f6:
95:10:f4:7e:f4:f9:05:b3:1a:dc:6d:05:2b:f0:10:69:71:f0:
cd:e1:ac:30:59:6d:c2:bd:cf:b3:5f:af:1e:fe:bf:55:43:7a:
d3:8d:85:70:86:36:79:a3:e5:9f:04:60:9f:4f:01:d4:5a:a8:
9f:07:14:8c:74:c0:57:9e:6e:af:41:65:2f:f1:0d:2d:29:2b:
2b:dc:00:9e:7a:be:48:e8:64:83:dc:32:6e:6f:92:21:12:ab:
bd:83:1c:5d:58:e3:41:3f:ab:42:a5:a9:1d:a5:25:27:4c:6b:
cb:4a:4e:d4:35:eb:85:65:7b:9d:17:29:ed:4b:2f:2c:80:1f:
9f:64:e5:6d:5b:9f:71:43:61:f4:3c:b7:9d:8a:de:1b:d7:86:
1b:d8:73:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTGfypz4p1p6khX+HP8X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyOTAwZTQ2NTVhYjM0OWE0NjMyYjE0MDcxOWRjOTcyMzA0
MzE3MjUwHhcNMjMwMTAyMTE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhNjJhMDRmOWYwY2I2MTFiOGFiMGM5MGU2MjAzMjNkYzlmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYvNrHwqk+9HvR5mQFLD/W7iGfs4
oTbWvRbIDxTR6y4B59siSXXtbid/FIer4n2thvZCOVYrKo8jUeBaycL0c0Z4Crgs
2i4alOyzat9AfgSRHKi67j+JFfSSd7wugeX5G2CBhfaGosdXcu5JXqQmLO9HcXvz
ntuBQ8cIEwjtuQhzA2Jr2DDqgylBF+STUQ9qkDPNavtzkFwnOmBJnk6/4Kd1RkHX
qxzJ2lEBOySWFpJeSerSkKUsoF/AmbqOaxlrNaHhmQaxdtmVeO0XuTXXdmLkiiHu
iJtWaofEUNVHDzJcSlt6fWA1JmJWixRXNxHd706Ef4H9xhSURy42+OVtpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNqaYqBPnwy2EbirDJDmIDI9yfp1MB8GA1UdIwQY
MBaAFKKQDkZVqzSaRjKxQHGdyXIwQxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMt
ZjRjNWZjM2NhMmM0LzEvMnBwaW9FLWZETFlSdUtzTWtPWWdNajNKLW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80ZjcwMWEtZWQ2Zi00N2M4LWJmNzMtZjRjNWZjM2NhMmM0
LzEvb3BBT1JsV3JOSnBHTXJGQWNaM0pjakJERnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud0vMA0G
CSqGSIb3DQEBCwUAA4IBAQCoZVG8IxfzPIKcKi9nyF8O1l6ioSkvpBgLK0/UZtGB
QT/0r+gwT3WxfEFUGHQIEMpD+klEfqCVrxOSvNGCI74nQa3XxreHbmHQSQgz8d3F
BJQI4pBvGTTglg4SfPTTGABlvtEf3p02/1l27/aVEPR+9PkFsxrcbQUr8BBpcfDN
4awwWW3Cvc+zX68e/r9VQ3rTjYVwhjZ5o+WfBGCfTwHUWqifBxSMdMBXnm6vQWUv
8Q0tKSsr3ACeer5I6GSD3DJub5IhEqu9gxxdWONBP6tCpakdpSUnTGvLSk7UNeuF
ZXudFyntSy8sgB+fZOVtW59xQ2H0PLedit4b14Yb2HP4
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:13:49 2025 by rpki-client