Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rY5DE6lnZURUZh9MgZPKORCx4SE.roa
File: rY5DE6lnZURUZh9MgZPKORCx4SE.roa (raw, json)
Hash identifier: UDNcbMAf/IPcqqimEIdB7BKZ2BpZ3kL7AzpHR9OfD2I=
Subject key identifier: AD:8E:43:13:A9:67:65:44:54:66:1F:4C:81:93:CA:39:10:B1:E1:21
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 09548AEA
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rY5DE6lnZURUZh9MgZPKORCx4SE.roa
Signing time: Sat 01 Jan 2022 07:57:37 +0000
ROA not before: Sat 01 Jan 2022 07:57:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49562
IP address blocks: 185.2.172.0/22 maxlen: 22
2a02:80c0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156535530 (0x9548aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 07:57:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad8e4313a967654454661f4c8193ca3910b1e121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:64:d8:a0:81:42:89:d3:4a:e6:2d:d4:bf:16:
6a:32:d7:9f:d4:3f:3c:7c:65:9f:c5:87:ef:ac:f0:
2c:a2:e7:8a:2d:96:a6:d0:62:08:11:59:ec:d1:2b:
c4:c5:2b:5e:27:8f:bf:e5:38:dc:4b:ea:35:cd:00:
0e:54:fa:8f:f4:f4:b3:f3:eb:d8:54:41:88:f9:63:
25:35:bc:9c:d0:ce:98:bf:cf:4a:9d:c5:77:82:8c:
b2:9e:04:48:07:9e:ad:84:11:e2:8f:ca:ad:9b:dd:
9b:29:86:da:bd:ff:ba:77:86:c0:e2:6c:64:4d:6c:
e8:82:0e:98:63:4e:ff:e9:82:7c:8d:8a:36:0d:e6:
42:ad:d6:dd:38:08:ad:a2:34:3e:6b:8f:4e:98:92:
3b:ab:91:43:4f:30:d4:f0:66:30:0a:42:5d:01:6d:
e3:e7:31:7b:32:39:9b:7e:79:68:7c:22:d8:9b:c0:
09:d8:e9:a9:04:51:96:53:61:4b:c4:de:28:1a:aa:
fd:e1:ca:45:40:f0:b1:ce:fe:83:bc:5e:e6:91:4e:
2c:1a:74:15:e3:41:15:a2:6c:27:94:fd:ee:4d:52:
5e:50:fe:87:8b:56:31:4a:7e:0f:c2:31:98:b3:ce:
0d:e6:a2:81:36:b3:2a:6c:6d:97:b3:ec:86:b8:9c:
c4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8E:43:13:A9:67:65:44:54:66:1F:4C:81:93:CA:39:10:B1:E1:21
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/rY5DE6lnZURUZh9MgZPKORCx4SE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
1c:33:a6:a2:9b:c2:f8:1a:06:51:73:41:92:3a:e6:0c:23:eb:
5f:5e:80:d9:81:16:f3:eb:b6:e9:26:2c:ba:91:4f:89:cf:dd:
e1:35:7f:8c:92:75:af:1f:fa:74:8a:7d:74:05:b4:d7:06:bf:
3f:17:0c:2b:c5:54:90:d3:b1:27:f6:62:62:db:5d:8c:55:42:
58:08:d7:f0:2b:82:e2:32:b7:fc:65:43:97:2f:cb:19:e3:a9:
e1:20:a0:d1:2f:10:c4:a6:f8:50:c1:e1:96:94:7b:ee:75:62:
94:42:96:24:29:83:68:10:04:26:02:bb:d2:73:f0:f1:03:0d:
27:ce:c3:75:06:7f:14:2b:68:25:91:13:70:11:f9:50:5d:eb:
71:49:db:de:8b:cc:9a:3c:79:06:fe:77:e9:3b:e9:6d:f3:7a:
28:bc:90:69:fa:8d:fe:96:01:d5:8a:46:c5:51:1c:45:5a:05:
65:68:8b:b5:b7:7f:96:dd:33:6e:f0:c6:cb:91:9b:d4:6b:70:
78:34:78:1a:1e:5e:32:53:7d:42:17:9b:9e:b5:5b:15:aa:3d:
68:93:c5:62:f8:ba:ee:db:40:db:17:cd:76:d6:ca:7b:c5:d9:
57:66:9f:45:47:01:22:fa:15:00:e7:e5:d6:bb:e6:5f:94:2a:
0b:fd:77:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECVSK6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWVlZDQwOTEzODNkOWVkNDA1NmQ5ZjRlZmY3ZDI2MjJkZGNlMjA1MB4XDTIyMDEw
MTA3NTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ4ZTQzMTNhOTY3
NjU0NDU0NjYxZjRjODE5M2NhMzkxMGIxZTEyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhk2KCBQonTSuYt1L8WajLXn9Q/PHxln8WH76zwLKLnii2W
ptBiCBFZ7NErxMUrXiePv+U43EvqNc0ADlT6j/T0s/Pr2FRBiPljJTW8nNDOmL/P
Sp3Fd4KMsp4ESAeerYQR4o/KrZvdmymG2r3/uneGwOJsZE1s6IIOmGNO/+mCfI2K
Ng3mQq3W3TgIraI0PmuPTpiSO6uRQ08w1PBmMApCXQFt4+cxezI5m355aHwi2JvA
CdjpqQRRllNhS8TeKBqq/eHKRUDwsc7+g7xe5pFOLBp0FeNBFaJsJ5T97k1SXlD+
h4tWMUp+D8IxmLPODeaigTazKmxtl7PshricxMECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBStjkMTqWdlRFRmH0yBk8o5ELHhITAfBgNVHSMEGDAWgBSB7tQJE4PZ7UBW
2fTv99JiLdziBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dlN1VDUk9EMmUxQVZ0bjA3X2ZTWWkzYzRnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvNGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8x
L3JZNURFNmxuWlVSVVpoOU1nWlBLT1JDeDRTRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
NGE5Y2M0LTJiOWEtNGVmMi1hMzNhLTg3MmIzNzEwYzJhMS8xL2dlN1VDUk9EMmUx
QVZ0bjA3X2ZTWWkzYzRnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkCrDANBAIAAjAHAwUCKgKAwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHDOmopvC+BoGUXNBkjrmDCPrX16A2YEW8+u26SYs
upFPic/d4TV/jJJ1rx/6dIp9dAW01wa/PxcMK8VUkNOxJ/ZiYttdjFVCWAjX8CuC
4jK3/GVDly/LGeOp4SCg0S8QxKb4UMHhlpR77nVilEKWJCmDaBAEJgK70nPw8QMN
J87DdQZ/FCtoJZETcBH5UF3rcUnb3ovMmjx5Bv536TvpbfN6KLyQafqN/pYB1YpG
xVEcRVoFZWiLtbd/lt0zbvDGy5Gb1GtweDR4Gh5eMlN9QhebnrVbFao9aJPFYvi6
7ttA2xfNdtbKe8XZV2afRUcBIvoVAOfl1rvmX5QqC/13lA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:50:29 2025 by rpki-client