Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/aDcVAzfaI-DA-zETu6uEfXEwdvw.roa
File: aDcVAzfaI-DA-zETu6uEfXEwdvw.roa (raw, json)
Hash identifier: 4nxPUVy5gUyVpkg/7Oq4UiWAYsR1qkXrdHg7mPiAfzg=
Subject key identifier: 68:37:15:03:37:DA:23:E0:C0:FB:31:13:BB:AB:84:7D:71:30:76:FC
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 01856E6FA64C60A0EEA99783E5C8448DF4E1
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/aDcVAzfaI-DA-zETu6uEfXEwdvw.roa
Signing time: Sun 01 Jan 2023 17:44:48 +0000
ROA not before: Sun 01 Jan 2023 17:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201333
IP address blocks: 194.156.8.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
185.54.212.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a6:4c:60:a0:ee:a9:97:83:e5:c8:44:8d:f4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Jan 1 17:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6837150337da23e0c0fb3113bbab847d713076fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:68:d9:3d:16:cd:be:f3:da:f6:ee:1d:c6:6b:
04:3e:94:d0:9e:ac:0d:89:14:47:16:f8:6f:4b:37:
a5:65:28:c0:52:e5:d8:cb:5e:db:9e:9c:39:8b:b2:
6d:15:b4:d9:49:f2:10:90:b2:03:7a:b5:30:19:f3:
c5:a9:20:7b:8e:3d:43:7e:60:01:71:cc:71:b6:42:
d3:c0:a6:78:a3:52:b4:88:c6:42:18:b9:5a:a6:2c:
96:1d:29:0e:28:9b:0d:73:e7:58:3e:ec:3b:4d:76:
9e:19:7d:d2:43:da:84:f8:17:63:f2:e9:24:4f:7a:
bc:9d:c7:5d:a3:e5:fa:64:b8:4f:21:2b:eb:69:8c:
7a:4f:ca:5d:11:dc:1d:43:82:85:99:5a:c0:c3:54:
7d:03:23:96:2d:a6:2b:09:39:f2:a6:fa:8f:a3:f5:
d2:f9:ce:51:0c:e8:90:9a:ba:fc:c5:7b:a1:96:aa:
25:64:3c:d6:2d:bb:fc:f1:4b:c7:d6:a4:ec:63:8f:
2a:b1:04:36:16:98:c9:40:52:b0:1d:1f:f4:d3:73:
88:20:06:53:b8:32:ba:d3:3d:b2:b6:51:f7:f5:51:
14:21:ca:c5:a0:b7:6c:a3:0b:62:0b:b8:d9:f0:d2:
50:ae:58:73:4e:cb:5d:c8:ee:9e:66:c4:75:3e:5d:
1a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:37:15:03:37:DA:23:E0:C0:FB:31:13:BB:AB:84:7D:71:30:76:FC
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/aDcVAzfaI-DA-zETu6uEfXEwdvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.212.0/22
185.78.48.0/22
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
66:5e:9f:8f:f9:76:32:0c:1e:ce:06:f3:d2:aa:f9:61:88:fa:
cb:94:0f:65:ee:04:9c:2b:30:ef:9d:5c:ff:df:85:fc:23:b5:
bd:a0:94:27:33:60:93:e8:e8:89:ec:f6:84:65:d1:7a:60:ea:
b8:72:93:d3:f8:1f:e0:f7:b7:85:6d:1a:a4:2e:de:ca:6a:5e:
79:32:76:78:6c:42:92:4e:a3:30:30:48:59:4d:f9:e0:13:d4:
ae:7a:36:c7:2b:61:0b:34:05:2c:62:c2:07:37:68:64:8c:72:
0f:89:3d:c2:ca:bb:63:4b:2b:9f:4c:8f:a5:58:d6:3d:94:84:
2f:78:47:27:ba:2f:0c:36:17:a3:49:9a:96:1c:c1:ff:bd:a7:
b1:a2:ef:b2:35:23:e0:5f:01:f8:3d:71:75:20:1b:e4:cf:6a:
a6:6c:97:db:3d:56:42:0d:be:0e:76:a1:c1:7b:34:50:3f:59:
28:f9:77:17:f1:9e:ef:5c:f8:8f:f8:84:b8:aa:09:d4:97:10:
be:97:7e:02:2e:74:49:74:5b:bd:92:dd:f5:79:4b:69:49:76:
40:6b:e3:4c:5e:78:7a:c9:f1:3f:68:7f:ea:95:82:21:c4:6a:
68:86:63:13:df:90:92:21:c0:2e:20:91:7f:56:af:b1:83:3c:
ae:17:12:61
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVub6ZMYKDuqZeD5chEjfThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyOTM5MDVhZmExMzQ5NDRmMDYzMGM5NDlmM2FiZGE0MDY0
NmRhYzEwHhcNMjMwMTAxMTc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM3MTUwMzM3ZGEyM2UwYzBmYjMxMTNiYmFiODQ3ZDcxMzA3NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GjZPRbNvvPa9u4dxmsEPpTQnqwN
iRRHFvhvSzelZSjAUuXYy17bnpw5i7JtFbTZSfIQkLIDerUwGfPFqSB7jj1DfmAB
ccxxtkLTwKZ4o1K0iMZCGLlapiyWHSkOKJsNc+dYPuw7TXaeGX3SQ9qE+Bdj8ukk
T3q8ncddo+X6ZLhPISvraYx6T8pdEdwdQ4KFmVrAw1R9AyOWLaYrCTnypvqPo/XS
+c5RDOiQmrr8xXuhlqolZDzWLbv88UvH1qTsY48qsQQ2FpjJQFKwHR/003OIIAZT
uDK60z2ytlH39VEUIcrFoLdsowtiC7jZ8NJQrlhzTstdyO6eZsR1Pl0aXQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGg3FQM32iPgwPsxE7urhH1xMHb8MB8GA1UdIwQY
MBaAFIKTkFr6E0lE8GMMlJ86vaQGRtrBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQt
ODEwOTVhMTNiOWRlLzEvYURjVkF6ZmFJLURBLXpFVHU2dUVmWEV3ZHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9lMWMzNzMtNjRmOC00MjI2LTkwNDQtODEwOTVhMTNiOWRl
LzEvZ3BPUVd2b1RTVVR3WXd5VW56cTlwQVpHMnNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTbUAwQC
uU4wAwQCwpwIMA0EAgACMAcDBQMqAkcgMA0GCSqGSIb3DQEBCwUAA4IBAQBmXp+P
+XYyDB7OBvPSqvlhiPrLlA9l7gScKzDvnVz/34X8I7W9oJQnM2CT6OiJ7PaEZdF6
YOq4cpPT+B/g97eFbRqkLt7Kal55MnZ4bEKSTqMwMEhZTfngE9SuejbHK2ELNAUs
YsIHN2hkjHIPiT3CyrtjSyufTI+lWNY9lIQveEcnui8MNhejSZqWHMH/vaexou+y
NSPgXwH4PXF1IBvkz2qmbJfbPVZCDb4OdqHBezRQP1ko+XcX8Z7vXPiP+IS4qgnU
lxC+l34CLnRJdFu9kt31eUtpSXZAa+NMXnh6yfE/aH/qlYIhxGpohmMT35CSIcAu
IJF/Vq+xgzyuFxJh
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:11:38 2025 by rpki-client