Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/8cYa7WlVz3Sl0Sqf0a28sLjnmSM.roa
File: 8cYa7WlVz3Sl0Sqf0a28sLjnmSM.roa (raw, json)
Hash identifier: OgyHmaRiCqS0x+ZJf5RYy6oA4aEb3FS/B2d9a+0yXW4=
Subject key identifier: F1:C6:1A:ED:69:55:CF:74:A5:D1:2A:9F:D1:AD:BC:B0:B8:E7:99:23
Certificate issuer: /CN=e86360db81f505c5e9a9b5ad10a81c64f4a85bd2
Certificate serial: 0582A1C5
Authority key identifier: E8:63:60:DB:81:F5:05:C5:E9:A9:B5:AD:10:A8:1C:64:F4:A8:5B:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6GNg24H1BcXpqbWtEKgcZPSoW9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/8cYa7WlVz3Sl0Sqf0a28sLjnmSM.roa
Signing time: Sat 01 Jan 2022 07:57:22 +0000
ROA not before: Sat 01 Jan 2022 07:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202382
IP address blocks: 194.62.200.0/22 maxlen: 24
185.152.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92447173 (0x582a1c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e86360db81f505c5e9a9b5ad10a81c64f4a85bd2
Validity
Not Before: Jan 1 07:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1c61aed6955cf74a5d12a9fd1adbcb0b8e79923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:52:7e:6b:3b:3b:3a:85:a3:2a:b8:b3:12:
e5:1d:e7:47:13:05:3a:15:4e:24:9d:9e:f3:c3:30:
57:c9:17:5f:df:4a:37:ce:1b:5b:1a:41:44:28:85:
38:f8:35:a4:ef:23:f4:e4:a7:2d:c7:85:23:94:02:
f4:cd:e2:bc:8e:03:ae:b6:f4:3e:2e:08:8d:ba:f6:
32:cf:09:2b:d2:0b:a8:d2:7a:ad:7c:de:f9:ec:0a:
1f:da:8e:72:3f:ca:7e:30:14:6c:71:d7:d1:46:39:
37:b0:b5:24:c5:8b:20:7a:11:21:8f:89:69:6a:0c:
f9:d6:d4:7f:c1:ad:24:a9:35:55:90:50:86:fe:47:
98:6a:8f:bf:bb:d4:fb:3d:d1:54:07:10:ea:c7:60:
d6:bc:09:43:8d:66:f1:b7:88:1c:86:92:bc:58:52:
16:a6:32:86:9e:d9:da:f2:e9:d7:de:54:a3:ef:8c:
76:f4:a8:f9:fd:9c:cf:93:e2:bd:1f:c6:10:de:95:
47:10:43:2d:77:58:a9:5c:15:24:91:38:e5:10:86:
c8:8d:82:ea:1b:34:05:45:e3:4b:b9:e1:3e:43:d8:
3d:cd:0d:0a:a0:36:70:44:b5:86:0b:f2:c9:19:04:
80:ed:3f:0c:e9:0b:c8:16:d7:4a:d1:0a:67:be:3f:
64:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:C6:1A:ED:69:55:CF:74:A5:D1:2A:9F:D1:AD:BC:B0:B8:E7:99:23
X509v3 Authority Key Identifier:
keyid:E8:63:60:DB:81:F5:05:C5:E9:A9:B5:AD:10:A8:1C:64:F4:A8:5B:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6GNg24H1BcXpqbWtEKgcZPSoW9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/8cYa7WlVz3Sl0Sqf0a28sLjnmSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/e177f7-6348-4744-ad9c-76189bd4a040/1/6GNg24H1BcXpqbWtEKgcZPSoW9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.252.0/22
194.62.200.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:ad:f2:65:16:d2:8c:14:60:2d:dd:83:5e:82:b5:6d:9a:68:
94:bd:01:65:ff:9c:5d:d0:36:9a:8c:ad:52:d1:e0:71:31:7b:
aa:44:68:ad:7d:70:b8:8e:66:f1:de:b9:6e:86:02:5b:fe:4a:
36:57:08:de:1d:4d:7d:df:55:9f:dc:e9:da:98:83:a1:83:58:
8a:92:59:58:2d:47:ef:1a:39:d9:23:ba:b9:52:85:24:31:38:
d1:ca:49:c7:c5:f1:5e:8e:9f:fe:2a:81:00:38:12:c3:f3:b0:
3d:22:f2:04:1c:73:e1:33:7b:58:95:ea:d0:5a:52:d3:7d:23:
51:64:c1:d4:b2:12:51:5f:9e:33:27:60:55:af:d2:61:37:2e:
79:4a:ab:bd:8c:d3:8e:3b:db:12:6b:0e:a6:2a:4b:43:39:fa:
1f:8a:3a:68:b7:cc:52:e9:a3:56:8b:14:b8:42:ce:78:bb:97:
9d:35:2d:01:6c:8e:1f:43:8a:97:85:33:cf:05:c4:f3:05:86:
f6:6a:27:6c:f7:af:e3:40:ad:6f:f4:b7:79:68:5c:b6:13:bc:
59:27:48:ad:b7:e6:4b:8f:95:5c:73:a1:d3:27:d8:63:0f:40:
ac:b5:9c:22:67:9a:01:8c:64:32:3b:00:00:be:24:a9:04:4e:
6b:b5:59:10
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBYKhxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODYzNjBkYjgxZjUwNWM1ZTlhOWI1YWQxMGE4MWM2NGY0YTg1YmQyMB4XDTIyMDEw
MTA3NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFjNjFhZWQ2OTU1
Y2Y3NGE1ZDEyYTlmZDFhZGJjYjBiOGU3OTkyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvWUn5rOzs6haMquLMS5R3nRxMFOhVOJJ2e88MwV8kXX99K
N84bWxpBRCiFOPg1pO8j9OSnLceFI5QC9M3ivI4Drrb0Pi4Ijbr2Ms8JK9ILqNJ6
rXze+ewKH9qOcj/KfjAUbHHX0UY5N7C1JMWLIHoRIY+JaWoM+dbUf8GtJKk1VZBQ
hv5HmGqPv7vU+z3RVAcQ6sdg1rwJQ41m8beIHIaSvFhSFqYyhp7Z2vLp195Uo++M
dvSo+f2cz5PivR/GEN6VRxBDLXdYqVwVJJE45RCGyI2C6hs0BUXjS7nhPkPYPc0N
CqA2cES1hgvyyRkEgO0/DOkLyBbXStEKZ74/ZJ0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTxxhrtaVXPdKXRKp/RrbywuOeZIzAfBgNVHSMEGDAWgBToY2DbgfUFxemp
ta0QqBxk9Khb0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZHTmcyNEgxQmNYcHFiV3RFS2djWlBTb1c5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZTE3N2Y3LTYzNDgtNDc0NC1hZDljLTc2MTg5YmQ0YTA0MC8x
LzhjWWE3V2xWejNTbDBTcWYwYTI4c0xqbm1TTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZTE3N2Y3LTYzNDgtNDc0NC1hZDljLTc2MTg5YmQ0YTA0MC8xLzZHTmcyNEgxQmNY
cHFiV3RFS2djWlBTb1c5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmY/AMEAsI+yDANBgkqhkiG9w0B
AQsFAAOCAQEAsq3yZRbSjBRgLd2DXoK1bZpolL0BZf+cXdA2moytUtHgcTF7qkRo
rX1wuI5m8d65boYCW/5KNlcI3h1Nfd9Vn9zp2piDoYNYipJZWC1H7xo52SO6uVKF
JDE40cpJx8XxXo6f/iqBADgSw/OwPSLyBBxz4TN7WJXq0FpS030jUWTB1LISUV+e
MydgVa/SYTcueUqrvYzTjjvbEmsOpipLQzn6H4o6aLfMUumjVosUuELOeLuXnTUt
AWyOH0OKl4UzzwXE8wWG9monbPev40Ctb/S3eWhcthO8WSdIrbfmS4+VXHOh0yfY
Yw9ArLWcImeaAYxkMjsAAL4kqQROa7VZEA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:21 2025 by rpki-client