Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/2v7CvvCvekNG72xXlnBv6k_xVp0.roa
File: 2v7CvvCvekNG72xXlnBv6k_xVp0.roa (raw, json)
Hash identifier: 59X3V5Loxe+STYXpL+2GuvX9cd0mtIUbobfnfFpM3e4=
Subject key identifier: DA:FE:C2:BE:F0:AF:7A:43:46:EF:6C:57:96:70:6F:EA:4F:F1:56:9D
Certificate issuer: /CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Certificate serial: 2422768F
Authority key identifier: 79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/2v7CvvCvekNG72xXlnBv6k_xVp0.roa
Signing time: Sat 01 Jan 2022 02:57:15 +0000
ROA not before: Sat 01 Jan 2022 02:57:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60252
IP address blocks: 185.33.196.0/22 maxlen: 22
2a00:cfe0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 606238351 (0x2422768f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7979863cea82aeb8e9df384b39aa5176f4bcfa61
Validity
Not Before: Jan 1 02:57:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dafec2bef0af7a4346ef6c5796706fea4ff1569d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:81:ce:2c:b6:06:90:b6:5e:23:9f:9f:a6:30:
6e:e8:37:17:d1:91:ca:9d:0c:19:d0:18:37:70:e3:
61:7c:c8:17:99:9e:02:97:ce:f7:eb:0b:ef:a6:2f:
a6:c1:e1:7d:97:c1:e5:33:a1:ce:44:bb:53:68:65:
d0:44:9e:f6:b3:6e:f2:da:29:48:ce:f0:d7:c7:1d:
8e:49:41:16:7d:70:97:ee:64:1b:08:11:13:56:00:
c1:43:e1:f1:35:f5:f2:31:13:59:7e:a9:b3:11:8f:
a5:81:02:86:c1:97:a2:e6:e8:e7:4f:b6:f3:f1:7c:
07:23:c5:65:1a:aa:c2:21:cc:93:8a:ea:df:e8:32:
7c:7c:8a:63:be:fa:b6:fd:4d:0f:c3:54:66:33:5b:
2e:f1:4c:ce:f2:ac:ca:fa:82:19:16:8d:54:44:03:
a5:d8:95:4b:11:a1:9f:c4:5b:72:67:28:e8:5b:41:
c9:63:d3:31:8e:47:b1:58:ca:cd:7b:cb:1e:63:01:
68:3b:b6:85:70:36:d5:a5:87:42:09:e5:f3:36:d1:
22:ab:8b:3f:1b:23:00:f8:03:9c:b8:53:0a:44:d2:
bd:30:e0:ea:72:f2:ba:b1:4e:74:19:94:32:b4:eb:
4e:c8:e3:98:6a:1a:81:a4:e9:08:50:df:52:9b:4c:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FE:C2:BE:F0:AF:7A:43:46:EF:6C:57:96:70:6F:EA:4F:F1:56:9D
X509v3 Authority Key Identifier:
keyid:79:79:86:3C:EA:82:AE:B8:E9:DF:38:4B:39:AA:51:76:F4:BC:FA:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXmGPOqCrrjp3zhLOapRdvS8-mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/2v7CvvCvekNG72xXlnBv6k_xVp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/1ccf25-20de-4b2e-a0e1-de4acf447fae/1/eXmGPOqCrrjp3zhLOapRdvS8-mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.196.0/22
IPv6:
2a00:cfe0::/32
Signature Algorithm: sha256WithRSAEncryption
08:b8:d5:61:fd:d0:60:12:19:1d:ab:e8:37:e6:6e:e4:82:4d:
11:0a:d8:a7:38:51:a1:94:61:6a:3b:22:a6:0b:a3:c3:ac:a8:
74:cb:df:46:ce:1d:e7:29:70:c1:22:3b:88:c1:7a:e0:cb:ef:
7a:7d:ff:f5:4d:1d:92:ee:49:86:96:19:00:00:bc:fc:67:a1:
30:0a:9d:eb:82:57:7d:6b:b4:db:7d:2e:33:2a:85:1d:70:25:
5b:05:cb:fe:da:e0:f6:b0:bc:34:4f:07:40:b8:f8:9f:c6:c6:
3e:1c:13:74:cc:68:77:4f:ad:a6:b2:45:9f:98:75:13:7f:26:
40:4c:70:27:5c:67:d7:74:e2:c9:7c:e5:44:07:be:72:5d:94:
60:9f:04:8e:6a:fd:af:24:5d:d9:9a:15:27:82:5d:18:51:63:
20:98:76:2c:1e:aa:2e:f6:06:81:26:af:1b:22:ed:f5:5f:77:
09:72:72:60:81:c4:ac:4d:55:a6:e2:71:4e:8c:37:f4:3f:1a:
67:23:45:56:e0:6c:61:4e:30:8c:55:5a:1f:22:47:20:0d:ee:
79:d3:43:42:7d:07:88:bf:81:cd:49:4a:71:d7:02:1c:87:54:
d9:de:cf:b9:ee:6c:2f:9f:d4:ea:f3:61:a1:c6:ee:a8:34:f5:
25:ad:61:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEJCJ2jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
OTc5ODYzY2VhODJhZWI4ZTlkZjM4NGIzOWFhNTE3NmY0YmNmYTYxMB4XDTIyMDEw
MTAyNTcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFmZWMyYmVmMGFm
N2E0MzQ2ZWY2YzU3OTY3MDZmZWE0ZmYxNTY5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWBziy2BpC2XiOfn6Ywbug3F9GRyp0MGdAYN3DjYXzIF5me
ApfO9+sL76YvpsHhfZfB5TOhzkS7U2hl0ESe9rNu8topSM7w18cdjklBFn1wl+5k
GwgRE1YAwUPh8TX18jETWX6psxGPpYEChsGXoubo50+28/F8ByPFZRqqwiHMk4rq
3+gyfHyKY776tv1ND8NUZjNbLvFMzvKsyvqCGRaNVEQDpdiVSxGhn8Rbcmco6FtB
yWPTMY5HsVjKzXvLHmMBaDu2hXA21aWHQgnl8zbRIquLPxsjAPgDnLhTCkTSvTDg
6nLyurFOdBmUMrTrTsjjmGoagaTpCFDfUptM0okCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTa/sK+8K96Q0bvbFeWcG/qT/FWnTAfBgNVHSMEGDAWgBR5eYY86oKuuOnf
OEs5qlF29Lz6YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VYbUdQT3FDcnJqcDN6aExPYXBSZHZTOC1tRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvMWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8x
LzJ2N0N2dkN2ZWtORzcyeFhsbkJ2NmtfeFZwMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
MWNjZjI1LTIwZGUtNGIyZS1hMGUxLWRlNGFjZjQ0N2ZhZS8xL2VYbUdQT3FDcnJq
cDN6aExPYXBSZHZTOC1tRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkhxDANBAIAAjAHAwUAKgDP4DAN
BgkqhkiG9w0BAQsFAAOCAQEACLjVYf3QYBIZHavoN+Zu5IJNEQrYpzhRoZRhajsi
pgujw6yodMvfRs4d5ylwwSI7iMF64Mvven3/9U0dku5JhpYZAAC8/GehMAqd64JX
fWu0230uMyqFHXAlWwXL/trg9rC8NE8HQLj4n8bGPhwTdMxod0+tprJFn5h1E38m
QExwJ1xn13TiyXzlRAe+cl2UYJ8Ejmr9ryRd2ZoVJ4JdGFFjIJh2LB6qLvYGgSav
GyLt9V93CXJyYIHErE1VpuJxTow39D8aZyNFVuBsYU4wjFVaHyJHIA3uedNDQn0H
iL+BzUlKcdcCHIdU2d7Pue5sL5/U6vNhocbuqDT1Ja1hnQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:15:25 2025 by rpki-client