Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/2mW7EXWryXIRCsIm4qdwvurQjbU.roa
File: 2mW7EXWryXIRCsIm4qdwvurQjbU.roa (raw, json)
Hash identifier: oFPTPXLLF/SLrfKYEyl44vPPFK4mINX5PxKjTF3DbAc=
Subject key identifier: DA:65:BB:11:75:AB:C9:72:11:0A:C2:26:E2:A7:70:BE:EA:D0:8D:B5
Certificate issuer: /CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Certificate serial: 09459A25
Authority key identifier: 97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/2mW7EXWryXIRCsIm4qdwvurQjbU.roa
Signing time: Sat 01 Jan 2022 14:57:14 +0000
ROA not before: Sat 01 Jan 2022 14:57:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206610
IP address blocks: 85.208.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155556389 (0x9459a25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971c78b305fb49cbd4005d4427c1f62c6a455a68
Validity
Not Before: Jan 1 14:57:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da65bb1175abc972110ac226e2a770beead08db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1f:b2:d3:fb:ef:3d:8a:10:14:f6:3c:e4:f3:
d9:ad:10:c7:38:c4:ea:b5:14:6c:2c:d6:2d:23:57:
6f:1d:05:a6:93:bf:18:57:17:60:c5:c4:3b:0f:d7:
a9:ec:46:5b:7f:dd:16:63:04:35:39:12:83:b2:f4:
36:4d:99:ef:b1:4e:6f:80:5b:b6:0d:3b:82:7c:c2:
52:10:fd:c0:ac:e5:32:21:ba:4e:43:6b:1d:1a:8a:
b5:53:4a:5a:f4:57:4d:05:ac:ba:a1:fc:30:39:20:
9a:d7:13:84:a7:53:09:af:3d:fc:90:e7:ac:f5:18:
07:32:f0:1d:1c:78:38:e4:dc:9a:be:c3:81:d2:d8:
1a:fe:d6:01:04:03:45:92:23:97:dd:64:7c:20:bf:
e8:dc:0f:00:ae:9e:d2:3d:fd:8d:3e:89:05:ca:7e:
53:d1:22:06:69:0d:76:d4:0d:10:7e:f1:58:96:50:
62:6e:25:03:55:f8:7d:b5:cc:1d:59:fa:5f:f6:21:
36:68:05:3c:40:a3:53:e1:8d:81:3d:87:4f:37:38:
51:79:db:4a:67:4a:85:d3:56:99:b7:6b:7e:81:2e:
5c:dc:ab:0e:76:c3:e1:d5:5f:50:e4:e3:95:b2:eb:
23:28:de:b3:4a:7c:14:d8:c6:58:39:18:7b:ff:03:
36:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:BB:11:75:AB:C9:72:11:0A:C2:26:E2:A7:70:BE:EA:D0:8D:B5
X509v3 Authority Key Identifier:
keyid:97:1C:78:B3:05:FB:49:CB:D4:00:5D:44:27:C1:F6:2C:6A:45:5A:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxx4swX7ScvUAF1EJ8H2LGpFWmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/2mW7EXWryXIRCsIm4qdwvurQjbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/df3a15-2e49-4d8e-855a-1c2758651efa/1/lxx4swX7ScvUAF1EJ8H2LGpFWmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.4.0/22
Signature Algorithm: sha256WithRSAEncryption
07:18:a9:c1:89:66:a2:d6:16:ef:ed:fc:21:d5:6c:c9:28:0c:
ac:e4:b5:81:1a:d2:81:83:a0:94:19:c4:ad:d2:e8:14:1c:e1:
0d:c7:96:f2:52:7c:bc:02:ad:bc:a9:90:9e:cb:f9:40:42:49:
d1:bc:6f:6b:53:93:bd:d5:bc:6b:08:62:a7:58:58:9c:00:12:
c4:42:05:03:aa:35:7f:f0:a1:93:d4:af:83:1c:86:f2:be:b9:
25:a7:18:5d:b0:0a:cd:b1:3f:3a:74:01:e6:ac:98:3e:1c:b4:
23:69:0c:e1:9f:f0:ef:85:13:d4:3e:0f:56:80:58:95:a4:4b:
23:95:5e:4b:6d:6d:2f:e7:59:70:2b:5d:21:76:69:91:b9:e0:
c3:ac:f5:29:b9:19:0d:3d:fe:92:e0:60:b8:2b:de:8f:b7:ce:
74:72:74:88:ae:18:28:3e:e5:3a:fd:c7:3b:e1:19:da:c2:d0:
43:ff:43:62:6c:0e:dd:65:79:c0:82:a8:6b:be:2b:fb:3e:b1:
07:28:a0:33:36:34:1e:cb:e4:16:46:0c:45:36:49:40:ed:90:
50:d2:ef:fe:78:49:da:04:98:fb:6a:f5:a6:66:05:17:59:32:
3e:fc:60:12:5b:91:3b:e5:f1:1b:13:80:00:8e:0e:e8:b8:a5:
0f:db:c7:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECUWaJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzFjNzhiMzA1ZmI0OWNiZDQwMDVkNDQyN2MxZjYyYzZhNDU1YTY4MB4XDTIyMDEw
MTE0NTcxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE2NWJiMTE3NWFi
Yzk3MjExMGFjMjI2ZTJhNzcwYmVlYWQwOGRiNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwfstP77z2KEBT2POTz2a0QxzjE6rUUbCzWLSNXbx0FppO/
GFcXYMXEOw/XqexGW3/dFmMENTkSg7L0Nk2Z77FOb4Bbtg07gnzCUhD9wKzlMiG6
TkNrHRqKtVNKWvRXTQWsuqH8MDkgmtcThKdTCa89/JDnrPUYBzLwHRx4OOTcmr7D
gdLYGv7WAQQDRZIjl91kfCC/6NwPAK6e0j39jT6JBcp+U9EiBmkNdtQNEH7xWJZQ
Ym4lA1X4fbXMHVn6X/YhNmgFPECjU+GNgT2HTzc4UXnbSmdKhdNWmbdrfoEuXNyr
DnbD4dVfUOTjlbLrIyjes0p8FNjGWDkYe/8DNjsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTaZbsRdavJchEKwibip3C+6tCNtTAfBgNVHSMEGDAWgBSXHHizBftJy9QA
XUQnwfYsakVaaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x4eDRzd1g3U2N2VUFGMUVKOEgyTEdwRldtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvZGYzYTE1LTJlNDktNGQ4ZS04NTVhLTFjMjc1ODY1MWVmYS8x
LzJtVzdFWFdyeVhJUkNzSW00cWR3dnVyUWpiVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
ZGYzYTE1LTJlNDktNGQ4ZS04NTVhLTFjMjc1ODY1MWVmYS8xL2x4eDRzd1g3U2N2
VUFGMUVKOEgyTEdwRldtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXQBDANBgkqhkiG9w0BAQsFAAOC
AQEABxipwYlmotYW7+38IdVsySgMrOS1gRrSgYOglBnErdLoFBzhDceW8lJ8vAKt
vKmQnsv5QEJJ0bxva1OTvdW8awhip1hYnAASxEIFA6o1f/Chk9SvgxyG8r65JacY
XbAKzbE/OnQB5qyYPhy0I2kM4Z/w74UT1D4PVoBYlaRLI5VeS21tL+dZcCtdIXZp
kbngw6z1KbkZDT3+kuBguCvej7fOdHJ0iK4YKD7lOv3HO+EZ2sLQQ/9DYmwO3WV5
wIKoa74r+z6xByigMzY0HsvkFkYMRTZJQO2QUNLv/nhJ2gSY+2r1pmYFF1kyPvxg
EluRO+XxGxOAAI4O6LilD9vH0Q==
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:07:04 2025 by rpki-client