Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/bNAxQsOZPs49gixaaKJPTIcx2zA.roa
File: bNAxQsOZPs49gixaaKJPTIcx2zA.roa (raw, json)
Hash identifier: 6BNeoO5ROEGcvNb/P3ifQZT09gRCQW+UttVTVfUxOKI=
Subject key identifier: 6C:D0:31:42:C3:99:3E:CE:3D:82:2C:5A:68:A2:4F:4C:87:31:DB:30
Certificate issuer: /CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Certificate serial: 01857170ABA089408D6204AEE5F8338518CB
Authority key identifier: A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/bNAxQsOZPs49gixaaKJPTIcx2zA.roa
Signing time: Mon 02 Jan 2023 07:44:47 +0000
ROA not before: Mon 02 Jan 2023 07:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 185.232.200.0/22 maxlen: 22
2a0d:9bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:ab:a0:89:40:8d:62:04:ae:e5:f8:33:85:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a50cd3b9fb6464915ad0d3760934c0182889f1fb
Validity
Not Before: Jan 2 07:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd03142c3993ece3d822c5a68a24f4c8731db30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c7:17:d4:7b:17:8e:3e:8c:c4:b1:54:50:f5:
8a:8d:64:1d:c6:37:06:b8:b2:83:f9:ee:ad:4e:ef:
54:17:35:60:40:18:7a:87:57:4a:2c:a9:bb:6c:6b:
ca:58:c4:ea:33:22:dc:45:73:32:f2:4e:8d:c0:85:
91:57:28:bb:73:c8:6a:d3:03:f8:d3:3e:2b:08:ae:
df:97:b9:13:e5:3d:59:52:60:fd:56:2f:48:81:73:
09:a2:8e:08:9a:b2:5f:86:09:22:cd:98:e8:bd:12:
ed:c0:b5:65:26:39:d0:78:49:f6:62:4f:9f:39:10:
f4:bc:91:1e:21:cf:0c:9a:00:a8:e0:5c:17:de:9d:
42:50:34:25:60:42:8a:56:ff:18:fc:18:18:d5:15:
5a:74:70:4a:c6:09:04:76:f9:42:e5:cc:29:44:08:
14:a9:d1:4d:07:1e:b2:a9:03:9c:b8:0f:a4:bc:6f:
c2:29:a9:be:7e:17:49:4d:fa:da:14:51:34:7c:09:
35:57:c8:e5:e1:fe:d3:56:18:a1:57:43:fd:99:97:
92:db:44:b6:29:1f:bb:22:ee:9c:a5:db:92:34:af:
b1:96:50:c5:23:af:55:d7:65:bb:76:ab:28:90:d0:
54:8c:bb:f6:57:58:04:ea:2d:e0:02:61:45:3e:ae:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D0:31:42:C3:99:3E:CE:3D:82:2C:5A:68:A2:4F:4C:87:31:DB:30
X509v3 Authority Key Identifier:
keyid:A5:0C:D3:B9:FB:64:64:91:5A:D0:D3:76:09:34:C0:18:28:89:F1:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQzTuftkZJFa0NN2CTTAGCiJ8fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/bNAxQsOZPs49gixaaKJPTIcx2zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3c92fa-c3d5-4a36-9e17-37e9e86a9279/1/pQzTuftkZJFa0NN2CTTAGCiJ8fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.200.0/22
IPv6:
2a0d:9bc0::/32
Signature Algorithm: sha256WithRSAEncryption
4b:d6:51:3c:c8:11:bd:06:dc:a0:af:f8:6d:6f:da:52:c0:d7:
bc:b8:10:59:b9:72:70:39:29:7f:d7:92:5b:8b:f2:b2:bb:e8:
fa:80:89:23:a3:92:14:07:fc:ad:67:93:44:87:6c:d3:17:85:
aa:b5:5e:6e:2a:14:53:74:a3:03:1e:4a:39:85:9f:ad:91:4c:
13:c6:bf:e8:b8:ec:98:9e:12:04:1c:3f:49:3c:9f:3a:4c:7e:
cc:58:91:c5:8e:aa:41:91:91:e6:be:08:be:70:2d:45:44:d5:
34:cf:63:3d:1a:00:0b:c3:c6:fa:21:ce:ac:90:47:26:b5:7a:
22:6f:3d:4e:1b:8a:00:e6:58:59:e3:e4:2c:21:a1:99:b6:66:
f5:dc:e5:bd:85:01:6b:e9:23:ea:b7:11:65:32:c2:dc:f8:67:
62:28:29:8b:ff:d7:6f:2f:4d:b7:12:74:f5:94:69:d8:ab:07:
03:5e:e2:53:28:43:5a:b0:42:fe:18:30:ae:61:ff:65:64:a0:
d9:12:db:dc:59:a7:ce:21:ea:9d:2a:16:b6:b9:a3:56:1b:20:
20:c1:e4:38:96:a3:22:02:33:e6:dc:16:2e:95:e8:38:8a:c7:
1e:0e:44:84:8a:9d:0c:84:0c:59:47:73:89:f6:9f:61:70:69:
a9:11:65:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxcKugiUCNYgSu5fgzhRjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MGNkM2I5ZmI2NDY0OTE1YWQwZDM3NjA5MzRjMDE4Mjg4
OWYxZmIwHhcNMjMwMTAyMDc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2QwMzE0MmMzOTkzZWNlM2Q4MjJjNWE2OGEyNGY0Yzg3MzFkYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8cX1HsXjj6MxLFUUPWKjWQdxjcG
uLKD+e6tTu9UFzVgQBh6h1dKLKm7bGvKWMTqMyLcRXMy8k6NwIWRVyi7c8hq0wP4
0z4rCK7fl7kT5T1ZUmD9Vi9IgXMJoo4ImrJfhgkizZjovRLtwLVlJjnQeEn2Yk+f
ORD0vJEeIc8MmgCo4FwX3p1CUDQlYEKKVv8Y/BgY1RVadHBKxgkEdvlC5cwpRAgU
qdFNBx6yqQOcuA+kvG/CKam+fhdJTfraFFE0fAk1V8jl4f7TVhihV0P9mZeS20S2
KR+7Iu6cpduSNK+xllDFI69V12W7dqsokNBUjLv2V1gE6i3gAmFFPq5TvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzQMULDmT7OPYIsWmiiT0yHMdswMB8GA1UdIwQY
MBaAFKUM07n7ZGSRWtDTdgk0wBgoifH7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTct
MzdlOWU4NmE5Mjc5LzEvYk5BeFFzT1pQczQ5Z2l4YWFLSlBUSWN4MnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zYzkyZmEtYzNkNS00YTM2LTllMTctMzdlOWU4NmE5Mjc5
LzEvcFF6VHVmdGtaSkZhME5OMkNUVEFHQ2lKOGZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuejIMA0E
AgACMAcDBQAqDZvAMA0GCSqGSIb3DQEBCwUAA4IBAQBL1lE8yBG9Btygr/htb9pS
wNe8uBBZuXJwOSl/15Jbi/Kyu+j6gIkjo5IUB/ytZ5NEh2zTF4WqtV5uKhRTdKMD
Hko5hZ+tkUwTxr/ouOyYnhIEHD9JPJ86TH7MWJHFjqpBkZHmvgi+cC1FRNU0z2M9
GgALw8b6Ic6skEcmtXoibz1OG4oA5lhZ4+QsIaGZtmb13OW9hQFr6SPqtxFlMsLc
+GdiKCmL/9dvL023EnT1lGnYqwcDXuJTKENasEL+GDCuYf9lZKDZEtvcWafOIeqd
Kha2uaNWGyAgweQ4lqMiAjPm3BYuleg4isceDkSEip0MhAxZR3OJ9p9hcGmpEWVq
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:25:07 2025 by rpki-client