Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urqpsUIflMaZwUbMI7Crckz0-TA.roa
File: urqpsUIflMaZwUbMI7Crckz0-TA.roa (raw, json)
Hash identifier: Vu/2X0flQ2jOi+v/nvNeUSkgEKVpJu/2nIAw4ANSS80=
Subject key identifier: BA:BA:A9:B1:42:1F:94:C6:99:C1:46:CC:23:B0:AB:72:4C:F4:F9:30
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018997133C0BB004544863AF3F7D363D8B63
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urqpsUIflMaZwUbMI7Crckz0-TA.roa
Signing time: Thu 27 Jul 2023 11:19:27 +0000
ROA not before: Thu 27 Jul 2023 11:19:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 87.120.166.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:13:3c:0b:b0:04:54:48:63:af:3f:7d:36:3d:8b:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 27 11:19:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=babaa9b1421f94c699c146cc23b0ab724cf4f930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b9:51:f5:2a:f8:0d:04:76:f8:94:c3:4d:84:
10:6f:c1:11:bc:d8:04:41:8d:8c:92:5f:75:13:3b:
24:c9:43:b4:7b:59:a6:19:7b:93:e8:23:fc:70:fa:
4e:79:a3:83:db:ab:30:19:3d:2e:7e:1d:4b:4e:06:
80:a4:c4:b9:f7:51:32:5c:f4:89:bd:22:ab:11:a7:
ad:e8:e3:a8:c0:41:ec:a6:e3:f4:e9:30:5a:45:8d:
1b:82:bd:b4:d6:2d:ab:3e:0d:0e:b2:d9:63:a7:a7:
ca:c0:97:9d:cd:2c:20:65:d6:3e:4d:8f:28:b4:3a:
ab:6c:3c:77:31:c3:4a:b2:9b:5b:bb:2c:41:7a:a1:
e7:f0:1f:7d:53:36:bd:3b:0b:e1:32:79:bc:31:49:
45:53:da:2f:c8:2c:84:93:ec:db:86:33:17:4c:94:
07:f6:b5:79:88:e0:4a:cd:88:95:4d:17:f1:ac:b8:
9f:35:2f:14:db:00:54:1c:ff:47:2f:84:95:4a:49:
12:3a:0e:83:a3:a8:df:fa:15:ab:92:48:74:b6:8f:
50:e4:8d:d9:75:1e:f4:81:27:b4:03:2f:ba:22:53:
da:70:e8:99:60:fb:4b:72:86:51:57:39:5b:8d:a1:
ec:ff:9f:13:f1:ed:f3:60:de:17:e6:c1:fe:e3:a5:
46:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BA:A9:B1:42:1F:94:C6:99:C1:46:CC:23:B0:AB:72:4C:F4:F9:30
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/urqpsUIflMaZwUbMI7Crckz0-TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
85.31.47.0/24
87.120.36.0/24
87.120.166.0/24
87.121.44.0/24
87.121.46.0/24
87.121.98.0/24
88.218.76.0/22
94.156.79.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:f8:3c:81:cc:e7:2c:9b:72:cb:73:f8:12:4f:4c:0f:d4:d0:
cc:17:84:b2:2a:b9:37:b5:9f:22:e7:1e:6d:7c:21:50:21:28:
43:f2:20:e4:bc:dc:f3:46:96:22:04:b1:9b:54:41:8a:18:cb:
ca:19:37:e6:e1:fc:6e:7d:90:1e:5f:2c:7d:c2:d2:eb:fe:9f:
70:e5:2f:bf:90:22:bd:1b:04:13:f8:fc:07:70:67:c6:53:e3:
ce:d2:ea:63:c1:72:06:85:58:c4:59:2d:46:4c:f0:4f:16:52:
ff:0e:1a:53:da:41:01:cd:6d:60:37:64:ef:b7:12:b8:54:b7:
0b:d9:fe:c6:f4:a1:56:1a:96:48:a3:ed:41:e3:7d:28:18:fb:
f0:52:e9:77:da:3b:7d:a7:cc:ce:57:61:b5:32:70:1b:df:5e:
26:76:70:26:cf:77:e4:a2:91:0c:b9:59:b9:ca:ab:75:77:ed:
db:68:92:3f:70:dc:f4:75:18:e2:be:e6:f8:7a:48:81:03:25:
79:c6:ce:ba:fb:89:32:13:42:1a:e4:ea:51:01:8e:30:c3:26:
2d:9c:4f:af:4e:6b:b9:38:ce:b7:a5:3b:ff:c4:4c:2c:09:c3:
0d:58:7b:ac:eb:0e:fe:88:61:8c:20:70:c7:3a:a7:9a:93:d2:
8b:34:c8:9c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYmXEzwLsARUSGOvP302PYtjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI3MTExOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWJhYTliMTQyMWY5NGM2OTljMTQ2Y2MyM2IwYWI3MjRjZjRmOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLlR9Sr4DQR2+JTDTYQQb8ERvNgE
QY2Mkl91EzskyUO0e1mmGXuT6CP8cPpOeaOD26swGT0ufh1LTgaApMS591EyXPSJ
vSKrEaet6OOowEHspuP06TBaRY0bgr201i2rPg0Ostljp6fKwJedzSwgZdY+TY8o
tDqrbDx3McNKsptbuyxBeqHn8B99Uza9OwvhMnm8MUlFU9ovyCyEk+zbhjMXTJQH
9rV5iOBKzYiVTRfxrLifNS8U2wBUHP9HL4SVSkkSOg6Do6jf+hWrkkh0to9Q5I3Z
dR70gSe0Ay+6IlPacOiZYPtLcoZRVzlbjaHs/58T8e3zYN4X5sH+46VGrwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLq6qbFCH5TGmcFGzCOwq3JM9PkwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdXJxcHNVSWZsTWFad1ViTUk3Q3Jja3owLVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYDpAwQA
VR8vAwQAV3gkAwQAV3imAwQAV3ksAwQAV3kuAwQAV3liAwQCWNpMAwQAXpxPAwQA
ud1AMA0GCSqGSIb3DQEBCwUAA4IBAQAL+DyBzOcsm3LLc/gST0wP1NDMF4SyKrk3
tZ8i5x5tfCFQIShD8iDkvNzzRpYiBLGbVEGKGMvKGTfm4fxufZAeXyx9wtLr/p9w
5S+/kCK9GwQT+PwHcGfGU+PO0upjwXIGhVjEWS1GTPBPFlL/DhpT2kEBzW1gN2Tv
txK4VLcL2f7G9KFWGpZIo+1B430oGPvwUul32jt9p8zOV2G1MnAb314mdnAmz3fk
opEMuVm5yqt1d+3baJI/cNz0dRjivub4ekiBAyV5xs66+4kyE0Ia5OpRAY4wwyYt
nE+vTmu5OM63pTv/xEwsCcMNWHus6w7+iGGMIHDHOqeak9KLNMic
-----END CERTIFICATE-----
Generated at Tue May 13 18:02:57 2025 by rpki-client