Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/Io8uQT9tCuwTvqY83WEEubywWeo.roa
File: Io8uQT9tCuwTvqY83WEEubywWeo.roa (raw, json)
Hash identifier: DhzYVzZEPynITlSdW7r9i2prFyacdNdalAuyBtzndPU=
Subject key identifier: 22:8F:2E:41:3F:6D:0A:EC:13:BE:A6:3C:DD:61:04:B9:BC:B0:59:EA
Certificate issuer: /CN=ed5902bdfbd74c33ea76453d145e76f6aa857c41
Certificate serial: 0185723A2DA4A5235115ECA4DE6F7DCE4125
Authority key identifier: ED:59:02:BD:FB:D7:4C:33:EA:76:45:3D:14:5E:76:F6:AA:85:7C:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VkCvfvXTDPqdkU9FF529qqFfEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/Io8uQT9tCuwTvqY83WEEubywWeo.roa
Signing time: Mon 02 Jan 2023 11:24:53 +0000
ROA not before: Mon 02 Jan 2023 11:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34752
IP address blocks: 91.102.248.0/21 maxlen: 21
85.116.32.0/19 maxlen: 19
2a01:7b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:2d:a4:a5:23:51:15:ec:a4:de:6f:7d:ce:41:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed5902bdfbd74c33ea76453d145e76f6aa857c41
Validity
Not Before: Jan 2 11:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=228f2e413f6d0aec13bea63cdd6104b9bcb059ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:43:65:91:75:94:23:ac:c5:a3:81:fe:e9:
58:3e:72:f9:47:18:df:8c:1d:1c:1e:5a:74:e8:e5:
6e:22:98:61:a6:f4:51:4b:cd:44:d0:7f:d9:0d:f3:
cb:38:31:88:21:b1:e9:60:aa:75:f9:f8:68:54:59:
21:3f:09:a2:25:48:4e:ca:f7:d5:87:cb:bd:d0:7a:
22:44:ac:d0:27:d6:a7:44:36:3e:39:e5:15:28:db:
38:0c:65:ac:a0:65:01:29:52:ad:53:d5:af:fb:2e:
f7:64:b8:16:d5:81:d2:7d:3e:66:54:59:9e:9c:60:
40:c5:08:35:10:1b:36:a8:59:38:54:ef:53:7d:dc:
ff:b3:47:2e:05:46:fd:18:2c:a3:58:64:61:0a:37:
77:61:94:cd:5c:81:b6:1e:1f:fa:00:94:ec:f4:ac:
a3:8d:31:fc:16:08:61:cf:61:b7:26:a5:7c:c0:b3:
d8:e7:7f:ef:96:a7:55:22:d5:1b:a5:05:ce:af:c8:
88:d1:fb:c8:2f:fb:52:d7:6a:3a:66:d9:66:70:9b:
db:d0:47:f7:17:3b:eb:d6:8d:4b:51:db:52:3a:e6:
d1:18:8a:7d:b1:ea:dc:46:0f:2d:e3:e2:35:d8:0a:
97:1b:54:d0:2c:b4:1f:22:57:8c:6a:55:29:db:5d:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:8F:2E:41:3F:6D:0A:EC:13:BE:A6:3C:DD:61:04:B9:BC:B0:59:EA
X509v3 Authority Key Identifier:
keyid:ED:59:02:BD:FB:D7:4C:33:EA:76:45:3D:14:5E:76:F6:AA:85:7C:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VkCvfvXTDPqdkU9FF529qqFfEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/Io8uQT9tCuwTvqY83WEEubywWeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/4301c9-c0ee-4040-a742-50336f5d340e/1/7VkCvfvXTDPqdkU9FF529qqFfEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.32.0/19
91.102.248.0/21
IPv6:
2a01:7b0::/32
Signature Algorithm: sha256WithRSAEncryption
83:f8:6b:2b:04:21:47:06:ec:0f:95:5e:64:94:fc:1c:36:a7:
03:c0:57:09:be:2b:f9:97:a2:19:7d:c2:65:e6:88:70:dd:98:
93:6c:02:37:5f:0b:56:50:84:82:5c:52:1f:b4:1e:a3:89:a0:
0d:07:d8:29:e8:87:ad:67:d3:c5:7f:ad:1f:31:05:06:9b:12:
99:94:d4:4c:ba:d3:ae:d9:1c:a7:61:b4:61:61:1c:1c:98:00:
82:e9:71:1f:90:a9:5a:4a:80:2d:b8:65:d4:b2:13:f7:67:2d:
69:b9:68:36:e3:73:5f:f2:9f:51:e9:62:97:46:ec:e5:cf:20:
b1:63:76:6b:d0:50:0d:27:22:9f:87:e8:87:bf:7f:b4:26:76:
2d:74:88:eb:e1:aa:d0:3b:ba:06:23:74:4a:1f:d1:ef:be:9a:
fc:20:9e:69:31:7b:f3:83:07:88:ee:96:c1:5c:9d:cc:57:43:
21:c9:ce:83:64:e5:49:c4:d0:20:a7:bf:4e:3e:ed:4d:69:58:
4b:5b:4c:0a:a1:a1:36:25:aa:03:ff:58:97:3d:b9:28:f0:ca:
ce:97:c6:2d:ed:ef:ae:90:51:55:b3:83:84:a0:54:65:70:d1:
41:ca:3d:6d:08:f7:ae:3f:fc:1f:a1:77:57:69:0b:8f:27:1c:
56:65:ad:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyOi2kpSNRFeyk3m99zkElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNTkwMmJkZmJkNzRjMzNlYTc2NDUzZDE0NWU3NmY2YWE4
NTdjNDEwHhcNMjMwMTAyMTEyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhmMmU0MTNmNmQwYWVjMTNiZWE2M2NkZDYxMDRiOWJjYjA1OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+9DZZF1lCOsxaOB/ulYPnL5Rxjf
jB0cHlp06OVuIphhpvRRS81E0H/ZDfPLODGIIbHpYKp1+fhoVFkhPwmiJUhOyvfV
h8u90HoiRKzQJ9anRDY+OeUVKNs4DGWsoGUBKVKtU9Wv+y73ZLgW1YHSfT5mVFme
nGBAxQg1EBs2qFk4VO9Tfdz/s0cuBUb9GCyjWGRhCjd3YZTNXIG2Hh/6AJTs9Kyj
jTH8Fghhz2G3JqV8wLPY53/vlqdVItUbpQXOr8iI0fvIL/tS12o6ZtlmcJvb0Ef3
Fzvr1o1LUdtSOubRGIp9sercRg8t4+I12AqXG1TQLLQfIleMalUp211jXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCKPLkE/bQrsE76mPN1hBLm8sFnqMB8GA1UdIwQY
MBaAFO1ZAr3710wz6nZFPRRedvaqhXxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1ZrQ3ZmdlhURFBxZGtVOUZGNTI5cXFGZkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi80MzAxYzktYzBlZS00MDQwLWE3NDIt
NTAzMzZmNWQzNDBlLzEvSW84dVFUOXRDdXdUdnFZODNXRUV1Ynl3V2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi80MzAxYzktYzBlZS00MDQwLWE3NDItNTAzMzZmNWQzNDBl
LzEvN1ZrQ3ZmdlhURFBxZGtVOUZGNTI5cXFGZkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFVXQgAwQD
W2b4MA0EAgACMAcDBQAqAQewMA0GCSqGSIb3DQEBCwUAA4IBAQCD+GsrBCFHBuwP
lV5klPwcNqcDwFcJviv5l6IZfcJl5ohw3ZiTbAI3XwtWUISCXFIftB6jiaANB9gp
6IetZ9PFf60fMQUGmxKZlNRMutOu2RynYbRhYRwcmACC6XEfkKlaSoAtuGXUshP3
Zy1puWg243Nf8p9R6WKXRuzlzyCxY3Zr0FANJyKfh+iHv3+0JnYtdIjr4arQO7oG
I3RKH9Hvvpr8IJ5pMXvzgweI7pbBXJ3MV0Mhyc6DZOVJxNAgp79OPu1NaVhLW0wK
oaE2JaoD/1iXPbko8MrOl8Yt7e+ukFFVs4OEoFRlcNFByj1tCPeuP/wfoXdXaQuP
JxxWZa1R
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:04:58 2025 by rpki-client