Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/AvpjpD3qPYzB8sVpkVPzC0lNtGY.roa
File: AvpjpD3qPYzB8sVpkVPzC0lNtGY.roa (raw, json)
Hash identifier: 9aYB3AzcWDdLMrxrLuGSL/uGggQVXd0ayRHosz3IpOU=
Subject key identifier: 02:FA:63:A4:3D:EA:3D:8C:C1:F2:C5:69:91:53:F3:0B:49:4D:B4:66
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018AFB54DED97AD330312DD674905DDF1D81
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/AvpjpD3qPYzB8sVpkVPzC0lNtGY.roa
Signing time: Wed 04 Oct 2023 15:35:57 +0000
ROA not before: Wed 04 Oct 2023 15:35:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211415
IP address blocks: 85.8.168.0/22 maxlen: 22
2.56.184.0/22 maxlen: 22
194.124.144.0/24 maxlen: 24
45.90.248.0/22 maxlen: 22
194.31.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:54:de:d9:7a:d3:30:31:2d:d6:74:90:5d:df:1d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 4 15:35:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02fa63a43dea3d8cc1f2c5699153f30b494db466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a6:b5:06:e4:b9:cf:97:ca:99:ad:f5:1a:73:
ac:75:ad:9c:a8:fd:22:ca:02:15:69:f1:1a:ac:20:
06:f7:0d:d1:54:d6:ba:78:fc:61:31:ef:e4:35:5f:
0e:07:af:67:ef:22:66:c2:b2:43:5c:a3:9e:7f:c8:
b6:79:7c:e3:2e:72:51:3b:d0:48:3b:5f:c1:43:a1:
5f:2e:d6:c3:dc:df:fb:11:fe:0d:63:9d:b2:a9:51:
7c:6b:bb:95:ff:0d:73:da:8e:8d:4a:a9:01:66:1d:
df:f0:c0:53:41:9c:22:b4:e1:19:e5:a2:15:b9:c0:
99:81:98:ca:d2:3a:db:66:3d:3c:ad:66:94:24:8d:
74:d5:d4:ba:cb:d2:a1:d8:14:5f:54:0d:81:7d:ec:
45:65:c5:8b:73:f7:f6:dd:63:10:97:c2:64:ae:60:
c8:31:99:fe:11:31:cd:32:27:8c:1b:57:0e:64:fd:
69:f3:aa:34:9f:95:79:91:85:5d:ff:cf:54:90:d2:
25:fd:a1:68:f5:a8:71:74:8f:00:dd:63:c4:68:14:
17:71:7f:00:8c:4b:68:ea:13:fd:66:7b:b8:c6:b0:
96:c8:a3:66:78:29:ef:c2:53:ee:cb:6c:9f:f9:f4:
1f:8f:c8:61:d0:b9:54:be:27:54:7c:c4:fb:22:e6:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FA:63:A4:3D:EA:3D:8C:C1:F2:C5:69:91:53:F3:0B:49:4D:B4:66
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/AvpjpD3qPYzB8sVpkVPzC0lNtGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
45.90.248.0/22
85.8.168.0/22
194.31.180.0/22
194.124.144.0/24
Signature Algorithm: sha256WithRSAEncryption
32:61:40:e8:ca:5c:32:85:a0:65:1c:8d:08:5c:31:00:f7:3e:
2d:52:b0:c0:cf:a3:5f:87:ad:02:f3:35:91:d0:55:36:42:e8:
d6:05:c7:3f:8e:e2:a8:82:c0:2d:35:2c:16:af:9f:87:0d:1a:
3e:9a:26:53:5f:e9:61:07:0e:cc:aa:15:10:5a:99:36:ab:27:
a8:e6:99:7f:f6:73:2b:6d:5b:19:2f:83:b0:60:d4:f3:c5:d4:
bb:0d:d9:69:40:0e:54:af:f9:30:06:a0:72:29:46:26:c0:45:
5e:03:29:80:29:18:97:c3:07:36:eb:b2:80:a8:23:26:02:83:
b5:42:a8:4e:9b:27:4b:82:bf:7c:5e:fb:79:90:99:7e:a8:c0:
ce:89:ec:8b:01:dc:b9:23:68:bd:b9:4e:df:3d:78:51:c4:b3:
78:47:aa:76:fb:f3:57:21:85:07:8d:3d:39:49:e1:a4:08:3f:
90:de:30:76:eb:5a:08:eb:d5:32:e0:77:df:19:0e:bc:c0:0e:
6b:40:17:7f:54:c4:fa:24:09:e1:a5:88:b7:9f:74:2c:ce:62:
2f:f0:50:8a:37:3d:f3:0b:d8:57:42:23:43:3f:c9:c7:28:c7:
fc:86:17:9a:99:57:49:f7:42:81:f6:4a:39:f4:24:30:e5:08:
93:a9:dc:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYr7VN7ZetMwMS3WdJBd3x2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDA0MTUzNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhNjNhNDNkZWEzZDhjYzFmMmM1Njk5MTUzZjMwYjQ5NGRiNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6a1BuS5z5fKma31GnOsda2cqP0i
ygIVafEarCAG9w3RVNa6ePxhMe/kNV8OB69n7yJmwrJDXKOef8i2eXzjLnJRO9BI
O1/BQ6FfLtbD3N/7Ef4NY52yqVF8a7uV/w1z2o6NSqkBZh3f8MBTQZwitOEZ5aIV
ucCZgZjK0jrbZj08rWaUJI101dS6y9Kh2BRfVA2BfexFZcWLc/f23WMQl8JkrmDI
MZn+ETHNMieMG1cOZP1p86o0n5V5kYVd/89UkNIl/aFo9ahxdI8A3WPEaBQXcX8A
jEto6hP9Znu4xrCWyKNmeCnvwlPuy2yf+fQfj8hh0LlUvidUfMT7IubHhwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAL6Y6Q96j2MwfLFaZFT8wtJTbRmMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQXZwanBEM3FQWXpCOHNWcGtWUHpDMGxOdEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAji4AwQC
LVr4AwQCVQioAwQCwh+0AwQAwnyQMA0GCSqGSIb3DQEBCwUAA4IBAQAyYUDoylwy
haBlHI0IXDEA9z4tUrDAz6Nfh60C8zWR0FU2QujWBcc/juKogsAtNSwWr5+HDRo+
miZTX+lhBw7MqhUQWpk2qyeo5pl/9nMrbVsZL4OwYNTzxdS7DdlpQA5Ur/kwBqBy
KUYmwEVeAymAKRiXwwc267KAqCMmAoO1QqhOmydLgr98Xvt5kJl+qMDOieyLAdy5
I2i9uU7fPXhRxLN4R6p2+/NXIYUHjT05SeGkCD+Q3jB261oI69Uy4HffGQ68wA5r
QBd/VMT6JAnhpYi3n3QszmIv8FCKNz3zC9hXQiNDP8nHKMf8hheamVdJ90KB9ko5
9CQw5QiTqdyU
-----END CERTIFICATE-----
Generated at Tue Jun 17 03:27:31 2025 by rpki-client