Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5q2TVgPgKNUddTJUOf-gVX0jC9o.roa
File: 5q2TVgPgKNUddTJUOf-gVX0jC9o.roa (raw, json)
Hash identifier: zONVBXD4NTcqwN/u6fqC0OkpFXEwzQXwPi2TaCY3dFM=
Subject key identifier: E6:AD:93:56:03:E0:28:D5:1D:75:32:54:39:FF:A0:55:7D:23:0B:DA
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01857082C7852D63AD33265DB6BADFAF7143
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5q2TVgPgKNUddTJUOf-gVX0jC9o.roa
Signing time: Mon 02 Jan 2023 03:24:56 +0000
ROA not before: Mon 02 Jan 2023 03:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204504
IP address blocks: 185.227.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c7:85:2d:63:ad:33:26:5d:b6:ba:df:af:71:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 2 03:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e6ad935603e028d51d75325439ffa0557d230bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ab:a8:1e:26:47:3f:8f:45:0b:f5:2f:2f:35:
51:d5:62:de:09:cc:b1:19:ed:4f:b9:3b:d0:8a:da:
91:c7:d8:97:f0:77:cf:b7:81:5d:59:b5:d6:7a:05:
98:10:ae:1f:d9:71:d3:47:9d:fb:c9:ef:88:58:d8:
96:ca:8a:05:0a:8f:ed:a1:ad:e7:60:e3:9e:6c:da:
03:76:4b:95:8d:59:b7:f4:67:a1:8d:9a:1b:81:c9:
15:ee:9c:35:92:fa:98:df:d1:57:c7:40:83:e6:21:
09:b3:39:3e:0e:26:06:e2:83:7c:15:f3:57:37:f7:
ff:72:de:19:01:54:71:45:be:20:ba:0f:a4:5e:d2:
09:6a:9d:5f:12:6c:5c:31:d7:e9:76:a2:cc:32:f9:
b6:bc:6f:74:c0:b0:77:b5:26:21:96:4d:23:18:0f:
fc:0d:d0:4c:2d:36:65:6d:78:0e:da:33:bf:6c:f0:
52:b2:48:43:d3:91:51:a4:79:67:59:98:99:7e:9b:
35:56:76:63:d3:98:39:cb:d2:fc:f5:fe:63:d7:1b:
e1:8d:63:ed:f8:1f:a0:f4:97:f9:5c:40:22:c6:43:
2c:b6:70:25:8c:38:05:2f:d0:69:18:60:d6:26:80:
09:30:a8:8d:c7:d9:10:14:0b:81:8c:14:27:ed:9a:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AD:93:56:03:E0:28:D5:1D:75:32:54:39:FF:A0:55:7D:23:0B:DA
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5q2TVgPgKNUddTJUOf-gVX0jC9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.244.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:e1:5a:bb:4f:00:fc:e3:2f:19:72:a2:d1:be:87:7c:c8:d7:
e3:ff:2e:9f:c5:e0:50:72:f5:49:87:f9:ed:94:69:68:0c:02:
1d:d5:f3:7d:fb:2f:11:51:f6:9e:85:7f:05:bc:b7:57:54:29:
d0:04:7d:ef:34:a4:39:f9:c2:a4:2d:02:89:78:d6:78:b0:bf:
e1:91:ae:ef:21:e6:1e:43:22:51:76:4d:56:cf:91:29:96:85:
74:ee:20:a4:76:26:9c:f6:1c:c9:23:1f:70:11:12:13:65:5a:
9a:44:7f:4b:10:87:fb:69:b8:94:a5:be:a6:5c:8f:4c:6d:fc:
66:a0:ab:2b:11:92:c3:0d:cd:77:6a:01:43:11:09:42:93:de:
ae:8c:45:fb:15:68:a0:25:80:f2:90:72:27:15:f9:ec:8e:70:
74:04:62:27:f2:34:0c:2b:a5:f8:d5:1b:68:b2:42:5e:e9:f0:
a5:41:5a:f4:37:8a:67:3a:56:cd:48:01:cd:e7:d7:51:c3:69:
7c:ff:e6:5a:ab:9e:3e:17:9d:02:43:44:07:24:3f:87:dd:c8:
ea:a9:28:7e:fd:9b:7c:0a:8d:c6:72:a4:bf:a4:02:5e:da:a5:
b5:84:98:90:b4:54:6a:b5:43:0e:f9:b3:eb:61:f2:66:2c:6e:
4b:13:69:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgseFLWOtMyZdtrrfr3FDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwMTAyMDMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFkOTM1NjAzZTAyOGQ1MWQ3NTMyNTQzOWZmYTA1NTdkMjMwYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApauoHiZHP49FC/UvLzVR1WLeCcyx
Ge1PuTvQitqRx9iX8HfPt4FdWbXWegWYEK4f2XHTR537ye+IWNiWyooFCo/toa3n
YOOebNoDdkuVjVm39GehjZobgckV7pw1kvqY39FXx0CD5iEJszk+DiYG4oN8FfNX
N/f/ct4ZAVRxRb4gug+kXtIJap1fEmxcMdfpdqLMMvm2vG90wLB3tSYhlk0jGA/8
DdBMLTZlbXgO2jO/bPBSskhD05FRpHlnWZiZfps1VnZj05g5y9L89f5j1xvhjWPt
+B+g9Jf5XEAixkMstnAljDgFL9BpGGDWJoAJMKiNx9kQFAuBjBQn7ZrOPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOatk1YD4CjVHXUyVDn/oFV9IwvaMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvNXEyVFZnUGdLTlVkZFRKVU9mLWdWWDBqQzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueP0MA0G
CSqGSIb3DQEBCwUAA4IBAQBc4Vq7TwD84y8ZcqLRvod8yNfj/y6fxeBQcvVJh/nt
lGloDAId1fN9+y8RUfaehX8FvLdXVCnQBH3vNKQ5+cKkLQKJeNZ4sL/hka7vIeYe
QyJRdk1Wz5EploV07iCkdiac9hzJIx9wERITZVqaRH9LEIf7abiUpb6mXI9Mbfxm
oKsrEZLDDc13agFDEQlCk96ujEX7FWigJYDykHInFfnsjnB0BGIn8jQMK6X41Rto
skJe6fClQVr0N4pnOlbNSAHN59dRw2l8/+Zaq54+F50CQ0QHJD+H3cjqqSh+/Zt8
Co3GcqS/pAJe2qW1hJiQtFRqtUMO+bPrYfJmLG5LE2mZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:39 2025 by rpki-client