Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/_Vt_0oqAPYBz1-Wil7sAb06-Oak.roa
File: _Vt_0oqAPYBz1-Wil7sAb06-Oak.roa (raw, json)
Hash identifier: l79vFidnYYrAdyPJ79eIm7b+9x2f3DZEYFCxiDiw9JI=
Subject key identifier: FD:5B:7F:D2:8A:80:3D:80:73:D7:E5:A2:97:BB:00:6F:4E:BE:39:A9
Certificate issuer: /CN=a11f205979d2fbde95756a46a0f2739d7816d459
Certificate serial: 0BE6D784
Authority key identifier: A1:1F:20:59:79:D2:FB:DE:95:75:6A:46:A0:F2:73:9D:78:16:D4:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oR8gWXnS-96VdWpGoPJznXgW1Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/_Vt_0oqAPYBz1-Wil7sAb06-Oak.roa
Signing time: Sat 01 Jan 2022 01:58:48 +0000
ROA not before: Sat 01 Jan 2022 01:58:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60414
IP address blocks: 185.31.136.0/22 maxlen: 22
85.194.238.0/23 maxlen: 23
89.44.211.0/24 maxlen: 24
2a00:bbe0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199677828 (0xbe6d784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11f205979d2fbde95756a46a0f2739d7816d459
Validity
Not Before: Jan 1 01:58:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd5b7fd28a803d8073d7e5a297bb006f4ebe39a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f5:7a:ff:26:0a:7b:aa:de:f5:74:a4:c0:8a:
76:94:df:3f:91:23:fe:64:b9:c6:93:b4:d7:7f:80:
9d:2b:c0:09:62:49:06:6b:e5:cc:d1:e0:4d:d1:e0:
18:c6:27:de:f5:d8:fb:b2:d8:22:b0:b6:34:3e:3b:
32:6d:47:49:f8:74:e5:d0:86:f6:5e:2e:ab:1c:c2:
3f:3a:25:51:98:b5:be:52:92:d6:68:f3:40:c9:39:
d3:d6:4a:71:54:b6:57:19:7f:99:ce:f5:74:88:a8:
6f:42:50:cc:a9:88:bb:81:61:46:b6:59:d0:05:bd:
18:56:18:a3:7a:53:d2:94:22:91:35:9a:6e:d2:3d:
d4:2a:fc:c7:d4:51:26:7a:18:b2:8e:25:38:52:de:
57:21:31:24:9d:02:38:26:a9:b2:0a:76:6e:ff:8b:
45:5d:e5:5e:3f:74:4d:5d:b4:3a:bb:13:9a:3c:9b:
27:5c:db:ea:4f:a2:4f:e6:19:cd:4e:44:a6:f8:b8:
2b:0c:da:bb:48:e3:f4:3c:b8:1d:0c:cf:c1:58:73:
48:6a:0c:9c:74:d1:9c:97:0f:2d:bb:f9:c2:55:33:
35:73:bb:f2:e2:4c:83:90:65:bf:fd:ff:5e:2f:60:
11:ca:ed:b4:90:f4:e0:39:73:78:e6:a9:a3:d2:f3:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5B:7F:D2:8A:80:3D:80:73:D7:E5:A2:97:BB:00:6F:4E:BE:39:A9
X509v3 Authority Key Identifier:
keyid:A1:1F:20:59:79:D2:FB:DE:95:75:6A:46:A0:F2:73:9D:78:16:D4:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oR8gWXnS-96VdWpGoPJznXgW1Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/_Vt_0oqAPYBz1-Wil7sAb06-Oak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/oR8gWXnS-96VdWpGoPJznXgW1Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.238.0/23
89.44.211.0/24
185.31.136.0/22
IPv6:
2a00:bbe0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:e9:c9:a0:e9:6a:05:39:69:32:61:b0:57:76:03:da:aa:e8:
73:04:c3:dd:bc:a6:dd:7d:07:3a:54:61:06:fe:b7:32:88:4d:
c7:aa:c6:1b:2f:88:24:cd:d9:61:a7:a3:ec:14:3c:07:4c:ac:
92:bb:78:da:ad:f1:47:b1:41:65:4a:99:0d:d1:10:fe:89:ea:
3c:ea:43:60:de:82:c1:ac:f7:44:48:ad:02:f2:42:a5:29:19:
6a:8a:60:e0:85:9a:9e:a2:a2:c2:4e:d7:7a:63:f1:31:98:00:
1b:a1:28:d3:92:7d:c2:0c:5e:09:e0:64:ee:93:0c:e8:de:f2:
6b:8b:9c:13:e5:94:bf:ee:80:31:da:80:f1:55:76:ed:ce:38:
c3:da:c9:37:cd:0c:6e:95:36:60:3d:04:94:5b:97:f4:d3:30:
f7:0d:fd:d0:2a:be:2f:ba:53:4b:82:a3:ac:0b:81:0a:81:98:
59:03:c6:01:e5:7d:0c:f5:5d:2e:1b:43:9c:df:80:4a:36:35:
ba:c5:96:5d:e8:44:f9:17:f9:30:2a:cd:99:5d:af:4d:9a:6f:
22:fc:95:cc:fc:d8:1f:a7:2e:13:fe:d9:c9:88:31:86:82:f3:
02:61:f0:b2:af:ef:18:6c:fa:af:c3:64:a6:be:60:7b:7e:6f:
14:89:e8:0f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEC+bXhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTFmMjA1OTc5ZDJmYmRlOTU3NTZhNDZhMGYyNzM5ZDc4MTZkNDU5MB4XDTIyMDEw
MTAxNTg0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ1YjdmZDI4YTgw
M2Q4MDczZDdlNWEyOTdiYjAwNmY0ZWJlMzlhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH1ev8mCnuq3vV0pMCKdpTfP5Ej/mS5xpO013+AnSvACWJJ
BmvlzNHgTdHgGMYn3vXY+7LYIrC2ND47Mm1HSfh05dCG9l4uqxzCPzolUZi1vlKS
1mjzQMk509ZKcVS2Vxl/mc71dIiob0JQzKmIu4FhRrZZ0AW9GFYYo3pT0pQikTWa
btI91Cr8x9RRJnoYso4lOFLeVyExJJ0COCapsgp2bv+LRV3lXj90TV20OrsTmjyb
J1zb6k+iT+YZzU5Epvi4Kwzau0jj9Dy4HQzPwVhzSGoMnHTRnJcPLbv5wlUzNXO7
8uJMg5Blv/3/Xi9gEcrttJD04DlzeOapo9LzZhsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBT9W3/SioA9gHPX5aKXuwBvTr45qTAfBgNVHSMEGDAWgBShHyBZedL73pV1
akag8nOdeBbUWTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29SOGdXWG5TLTk2VmRXcEdvUEp6blhnVzFGay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvMTlmMjI5LWE5MGYtNDJjNC05ODBiLTE1NTBmMmFjODdiMy8x
L19WdF8wb3FBUFlCejEtV2lsN3NBYjA2LU9hay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
MTlmMjI5LWE5MGYtNDJjNC05ODBiLTE1NTBmMmFjODdiMy8xL29SOGdXWG5TLTk2
VmRXcEdvUEp6blhnVzFGay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVXC7gMEAFks0wMEArkfiDANBAIA
AjAHAwUDKgC74DANBgkqhkiG9w0BAQsFAAOCAQEAP+nJoOlqBTlpMmGwV3YD2qro
cwTD3bym3X0HOlRhBv63MohNx6rGGy+IJM3ZYaej7BQ8B0yskrt42q3xR7FBZUqZ
DdEQ/onqPOpDYN6Cwaz3REitAvJCpSkZaopg4IWanqKiwk7XemPxMZgAG6Eo05J9
wgxeCeBk7pMM6N7ya4ucE+WUv+6AMdqA8VV27c44w9rJN80MbpU2YD0ElFuX9NMw
9w390Cq+L7pTS4KjrAuBCoGYWQPGAeV9DPVdLhtDnN+ASjY1usWWXehE+Rf5MCrN
mV2vTZpvIvyVzPzYH6cuE/7ZyYgxhoLzAmHwsq/vGGz6r8Nkpr5ge35vFInoDw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:39:22 2025 by rpki-client