Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/_0pQYxdP4sLJRABEvgD9vhMJqqw.roa
File: _0pQYxdP4sLJRABEvgD9vhMJqqw.roa (raw, json)
Hash identifier: LXVq0cncQtfRawWuq6yivJaOLbn1phdsR/alhjum488=
Subject key identifier: FF:4A:50:63:17:4F:E2:C2:C9:44:00:44:BE:00:FD:BE:13:09:AA:AC
Certificate issuer: /CN=7e566fff407f31c6ae856c3743ef3e5f22f8d35b
Certificate serial: 04FDB3EC
Authority key identifier: 7E:56:6F:FF:40:7F:31:C6:AE:85:6C:37:43:EF:3E:5F:22:F8:D3:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flZv_0B_McauhWw3Q-8-XyL401s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/_0pQYxdP4sLJRABEvgD9vhMJqqw.roa
Signing time: Sat 01 Jan 2022 08:04:00 +0000
ROA not before: Sat 01 Jan 2022 08:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61351
IP address blocks: 185.206.140.0/22 maxlen: 22
2a04:a240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83735532 (0x4fdb3ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e566fff407f31c6ae856c3743ef3e5f22f8d35b
Validity
Not Before: Jan 1 08:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff4a5063174fe2c2c9440044be00fdbe1309aaac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:f0:46:e5:4c:51:4f:15:65:2f:96:2d:4a:
ff:77:19:f7:cc:35:7e:ba:f8:71:6a:32:de:e9:5d:
ae:a7:9d:95:4d:12:f6:e0:e6:dd:fa:81:e8:4e:ae:
14:a3:31:2a:1a:85:38:40:2b:0b:85:eb:54:3f:2e:
54:a2:95:87:58:cc:8e:33:73:79:fc:1a:ad:93:a5:
02:31:88:44:1b:f0:6b:57:98:e5:9e:c1:2f:3b:0d:
23:d1:bc:2c:d0:55:d8:12:2e:28:b0:45:4b:09:e7:
fc:09:21:ea:09:d2:e4:5e:dd:71:b4:16:43:02:9b:
41:9c:8e:35:93:af:64:c9:50:73:b2:45:66:2e:09:
e4:10:c5:a3:13:35:c2:3b:26:7e:e0:e8:3f:a3:fc:
a1:55:e9:7a:ea:28:20:fd:f1:88:08:ab:24:db:43:
3d:f6:4e:92:b2:e3:60:62:5a:69:73:ce:cf:39:6d:
f5:8c:91:c9:72:77:d7:30:0a:c4:cf:47:d5:d6:e1:
8e:4e:08:41:62:b6:c5:a8:0e:69:fe:f8:c9:15:3b:
ee:ed:b2:dc:84:7f:51:15:12:84:f0:56:aa:56:5a:
c7:3d:a8:42:96:4e:6b:3c:7f:a8:09:47:6b:6b:b1:
b1:a2:09:34:bc:b0:7e:b0:ce:59:41:a8:29:81:80:
c1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4A:50:63:17:4F:E2:C2:C9:44:00:44:BE:00:FD:BE:13:09:AA:AC
X509v3 Authority Key Identifier:
keyid:7E:56:6F:FF:40:7F:31:C6:AE:85:6C:37:43:EF:3E:5F:22:F8:D3:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flZv_0B_McauhWw3Q-8-XyL401s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/_0pQYxdP4sLJRABEvgD9vhMJqqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/040564-5952-4223-bcca-f876c055a315/1/flZv_0B_McauhWw3Q-8-XyL401s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.140.0/22
IPv6:
2a04:a240::/29
Signature Algorithm: sha256WithRSAEncryption
b1:ac:d4:77:01:c5:b3:f2:fa:8d:19:64:2a:78:f3:60:51:2c:
24:42:76:0d:89:55:90:81:55:f4:7a:b9:17:87:82:56:12:11:
d2:50:09:6f:1d:e1:ff:86:88:d0:4b:0c:3e:96:7a:93:3b:4a:
c3:cc:19:21:20:91:92:bf:c5:34:a0:62:a6:9e:7f:36:5f:2f:
62:fc:7f:57:e6:44:fc:e3:43:c2:ae:7c:6e:55:5f:70:fa:e8:
90:28:2d:a8:f2:83:ed:23:4e:cd:37:c0:f9:58:b8:49:7c:95:
e0:92:61:d2:af:cb:8e:2a:9f:6d:81:51:94:3e:d6:62:4c:66:
c5:2c:c2:a6:7a:73:c8:48:55:6a:26:eb:ed:5b:e5:6f:25:c5:
1f:89:28:04:28:5f:51:e5:1e:13:d0:73:44:9a:43:ea:f3:f5:
74:2a:fd:4d:6c:53:55:2e:df:d7:4d:35:0b:19:17:1a:88:ba:
07:48:ae:01:81:36:af:2c:66:c0:de:b5:e5:28:e6:76:eb:0f:
60:48:c1:9b:d9:f6:b1:11:fb:44:a9:32:b8:69:d0:b8:5b:97:
fd:00:88:19:00:47:67:8b:30:af:ae:46:b7:9f:e8:99:b8:8b:
b1:26:55:9d:0c:18:91:2d:9c:d8:3e:e6:b9:7c:3a:81:d2:07:
eb:ff:c5:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBP2z7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTU2NmZmZjQwN2YzMWM2YWU4NTZjMzc0M2VmM2U1ZjIyZjhkMzViMB4XDTIyMDEw
MTA4MDQwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY0YTUwNjMxNzRm
ZTJjMmM5NDQwMDQ0YmUwMGZkYmUxMzA5YWFhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPD8EblTFFPFWUvli1K/3cZ98w1frr4cWoy3uldrqedlU0S
9uDm3fqB6E6uFKMxKhqFOEArC4XrVD8uVKKVh1jMjjNzefwarZOlAjGIRBvwa1eY
5Z7BLzsNI9G8LNBV2BIuKLBFSwnn/Akh6gnS5F7dcbQWQwKbQZyONZOvZMlQc7JF
Zi4J5BDFoxM1wjsmfuDoP6P8oVXpeuooIP3xiAirJNtDPfZOkrLjYGJaaXPOzzlt
9YyRyXJ31zAKxM9H1dbhjk4IQWK2xagOaf74yRU77u2y3IR/URUShPBWqlZaxz2o
QpZOazx/qAlHa2uxsaIJNLywfrDOWUGoKYGAwXkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT/SlBjF0/iwslEAES+AP2+EwmqrDAfBgNVHSMEGDAWgBR+Vm//QH8xxq6F
bDdD7z5fIvjTWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZsWnZfMEJfTWNhdWhXdzNRLTgtWHlMNDAxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMDQwNTY0LTU5NTItNDIyMy1iY2NhLWY4NzZjMDU1YTMxNS8x
L18wcFFZeGRQNHNMSlJBQkV2Z0Q5dmhNSnFxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MDQwNTY0LTU5NTItNDIyMy1iY2NhLWY4NzZjMDU1YTMxNS8xL2ZsWnZfMEJfTWNh
dWhXdzNRLTgtWHlMNDAxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnOjDANBAIAAjAHAwUDKgSiQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsazUdwHFs/L6jRlkKnjzYFEsJEJ2DYlVkIFV9Hq5
F4eCVhIR0lAJbx3h/4aI0EsMPpZ6kztKw8wZISCRkr/FNKBipp5/Nl8vYvx/V+ZE
/ONDwq58blVfcProkCgtqPKD7SNOzTfA+Vi4SXyV4JJh0q/LjiqfbYFRlD7WYkxm
xSzCpnpzyEhVaibr7VvlbyXFH4koBChfUeUeE9BzRJpD6vP1dCr9TWxTVS7f1001
CxkXGoi6B0iuAYE2ryxmwN615SjmdusPYEjBm9n2sRH7RKkyuGnQuFuX/QCIGQBH
Z4swr65Gt5/ombiLsSZVnQwYkS2c2D7muXw6gdIH6//FzA==
-----END CERTIFICATE-----
Generated at Sun May 4 17:33:56 2025 by rpki-client