Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/URqLmhnTEUNUzsfpioVysXBkoGw.roa
File: URqLmhnTEUNUzsfpioVysXBkoGw.roa (raw, json)
Hash identifier: QAZhOYSlZXwW/OATnE6n1x5ZpRerTT7Apol++fo7jlw=
Subject key identifier: 51:1A:8B:9A:19:D3:11:43:54:CE:C7:E9:8A:85:72:B1:70:64:A0:6C
Certificate issuer: /CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Certificate serial: 0186711EED332F922C163D962814AF1C4AF5
Authority key identifier: B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/URqLmhnTEUNUzsfpioVysXBkoGw.roa
Signing time: Mon 20 Feb 2023 23:18:17 +0000
ROA not before: Mon 20 Feb 2023 23:18:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204560
IP address blocks: 185.246.140.0/22 maxlen: 22
193.194.102.0/23 maxlen: 23
193.194.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:71:1e:ed:33:2f:92:2c:16:3d:96:28:14:af:1c:4a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Validity
Not Before: Feb 20 23:18:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=511a8b9a19d3114354cec7e98a8572b17064a06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5f:e2:f1:9f:51:05:7c:74:6c:a3:e6:09:6d:
0e:5c:7b:7d:4a:65:40:00:67:62:5d:7a:e1:49:c4:
ec:9b:a3:5f:08:01:40:2c:62:f0:f6:2c:9d:0d:8a:
a3:40:82:26:d1:f5:f0:71:22:e7:52:6a:ad:ca:eb:
ed:8e:47:ad:a0:ce:a8:f8:a0:ea:8c:12:75:87:f5:
fc:fd:ca:21:12:fe:86:42:d8:e2:39:83:07:6f:fc:
3e:6b:08:d1:e9:0d:f6:2a:1f:05:75:db:92:7c:77:
be:74:5f:af:47:f2:6a:a5:2d:71:42:45:2b:fb:0c:
9f:08:72:1a:9e:3e:03:bc:5a:de:6b:f2:f6:a1:e7:
d8:7f:0b:28:13:72:38:cb:da:19:e8:14:dc:38:b1:
9c:bb:29:2d:78:d7:2a:a8:8b:c2:64:a0:d2:94:58:
5a:b2:16:88:2a:52:7b:f9:42:ae:73:dc:87:2c:c1:
c5:90:80:a5:86:34:4c:1f:a6:af:72:90:d2:90:8b:
e6:37:75:4a:f7:01:e7:28:d5:d9:1b:3a:01:60:4e:
02:56:bc:4d:a1:7c:c3:1d:1d:8a:1c:e5:7a:4b:f0:
c8:34:ca:8a:9c:0b:c0:ea:75:bf:9c:64:8b:89:0a:
46:a1:a2:97:82:08:03:81:66:de:97:7b:c8:f8:d9:
74:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1A:8B:9A:19:D3:11:43:54:CE:C7:E9:8A:85:72:B1:70:64:A0:6C
X509v3 Authority Key Identifier:
keyid:B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/URqLmhnTEUNUzsfpioVysXBkoGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.140.0/22
193.194.102.0-193.194.104.255
Signature Algorithm: sha256WithRSAEncryption
81:22:ca:7b:bc:37:2d:f1:d4:78:17:f3:ab:7c:ee:87:ce:2f:
32:b5:75:5f:f5:71:6b:ac:b7:24:11:92:fc:51:22:94:ae:3d:
e7:4f:a7:f6:1c:1e:3c:b5:cd:5b:ce:1f:6f:4e:ba:14:40:95:
5a:dc:9b:32:47:84:7f:a6:f5:0c:aa:ac:be:55:ca:7e:5c:34:
94:73:48:64:48:03:27:93:8b:f0:2f:37:62:93:56:ab:00:61:
5f:64:25:88:d9:c1:95:74:80:72:16:d5:59:79:7b:df:a8:74:
8d:0a:7b:f1:ed:13:c1:c6:d5:3a:13:50:95:91:03:ce:0e:13:
f0:ab:af:82:a1:a9:e3:bd:33:63:fc:23:70:90:77:4a:4a:50:
d0:c1:4c:f6:c4:cc:3c:24:52:01:6c:96:35:26:5a:b7:c8:7a:
46:50:38:57:92:61:82:3e:1d:c2:a7:f5:14:39:68:9d:ee:58:
28:93:3c:ce:77:87:b8:2e:6d:71:63:1b:e5:e8:0e:9e:db:ac:
27:c6:24:66:75:23:c3:ae:03:da:ec:47:f6:5b:26:42:e4:fb:
1d:ed:47:4e:59:69:84:e7:48:16:2c:b8:bb:b5:a5:a7:23:cc:
52:32:54:1a:34:5d:cd:92:61:10:75:99:22:3c:26:d8:9e:a8:
b4:37:64:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYZxHu0zL5IsFj2WKBSvHEr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MzYyOGEzNjMwNGUzYmRjMjFmODUzYmIzZmFkNDNlNDg2
MWE1YzUwHhcNMjMwMjIwMjMxODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTFhOGI5YTE5ZDMxMTQzNTRjZWM3ZTk4YTg1NzJiMTcwNjRhMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApF/i8Z9RBXx0bKPmCW0OXHt9SmVA
AGdiXXrhScTsm6NfCAFALGLw9iydDYqjQIIm0fXwcSLnUmqtyuvtjketoM6o+KDq
jBJ1h/X8/cohEv6GQtjiOYMHb/w+awjR6Q32Kh8FdduSfHe+dF+vR/JqpS1xQkUr
+wyfCHIanj4DvFrea/L2oefYfwsoE3I4y9oZ6BTcOLGcuykteNcqqIvCZKDSlFha
shaIKlJ7+UKuc9yHLMHFkIClhjRMH6avcpDSkIvmN3VK9wHnKNXZGzoBYE4CVrxN
oXzDHR2KHOV6S/DINMqKnAvA6nW/nGSLiQpGoaKXgggDgWbel3vI+Nl0lQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFEai5oZ0xFDVM7H6YqFcrFwZKBsMB8GA1UdIwQY
MBaAFLk2KKNjBOO9wh+FO7P61D5IYaXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmIt
ODdkM2VjN2YwNDEwLzEvVVJxTG1oblRFVU5VenNmcGlvVnlzWEJrb0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmItODdkM2VjN2YwNDEw
LzEvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCufaMMAwD
BAHBwmYDBADBwmgwDQYJKoZIhvcNAQELBQADggEBAIEiynu8Ny3x1HgX86t87ofO
LzK1dV/1cWustyQRkvxRIpSuPedPp/YcHjy1zVvOH29OuhRAlVrcmzJHhH+m9Qyq
rL5Vyn5cNJRzSGRIAyeTi/AvN2KTVqsAYV9kJYjZwZV0gHIW1Vl5e9+odI0Ke/Ht
E8HG1ToTUJWRA84OE/Crr4KhqeO9M2P8I3CQd0pKUNDBTPbEzDwkUgFsljUmWrfI
ekZQOFeSYYI+HcKn9RQ5aJ3uWCiTPM53h7gubXFjG+XoDp7brCfGJGZ1I8OuA9rs
R/ZbJkLk+x3tR05ZaYTnSBYsuLu1pacjzFIyVBo0Xc2SYRB1mSI8JtieqLQ3ZMs=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:55:11 2025 by rpki-client