Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/hYw4a3LC5oRib1Urbl_9jxEm-k0.roa
File: hYw4a3LC5oRib1Urbl_9jxEm-k0.roa (raw, json)
Hash identifier: jOaIcA+df6WHeguK1VkZdQ3XaT2pUUC+sLGAsVT0+LU=
Subject key identifier: 85:8C:38:6B:72:C2:E6:84:62:6F:55:2B:6E:5F:FD:8F:11:26:FA:4D
Certificate issuer: /CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Certificate serial: 01856CAF3089386C529EF9579F9371CB550D
Authority key identifier: AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/hYw4a3LC5oRib1Urbl_9jxEm-k0.roa
Signing time: Sun 01 Jan 2023 09:34:58 +0000
ROA not before: Sun 01 Jan 2023 09:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61189
IP address blocks: 85.194.201.0/24 maxlen: 24
85.194.200.0/22 maxlen: 22
185.7.252.0/22 maxlen: 22
185.7.252.0/23 maxlen: 23
2a03:29c0:2000::/36 maxlen: 36
2a03:29c0:1000::/36 maxlen: 36
2a03:29c0:a000::/35 maxlen: 35
2a03:29c0:8000::/33 maxlen: 33
2a03:29c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:30:89:38:6c:52:9e:f9:57:9f:93:71:cb:55:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedc8f327a461964c0a87a9c7809401c57c86d41
Validity
Not Before: Jan 1 09:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=858c386b72c2e684626f552b6e5ffd8f1126fa4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:19:66:fb:8f:a7:aa:b0:e4:6b:73:33:a2:
74:2c:6e:85:ee:b7:b3:b3:b8:b1:19:e5:c6:95:60:
26:c1:eb:9c:00:26:f4:46:a4:5f:01:3a:75:7b:74:
58:1b:4a:0e:4c:da:74:11:d8:c7:27:1b:55:18:4f:
df:90:af:dd:95:17:bd:5d:0b:47:f9:36:ac:03:6b:
17:bb:72:e0:34:9c:0f:2e:43:79:53:7d:b3:49:42:
3f:2d:7c:c5:5d:ed:c6:4c:86:11:be:b5:51:3b:09:
02:14:d4:2a:22:e8:dd:bf:10:28:8f:f0:3a:ce:7d:
d5:30:79:e9:e9:0f:12:73:e5:9a:e8:22:27:f3:fd:
3b:90:53:5c:c3:eb:37:14:93:da:df:ed:82:0c:58:
f5:8d:b1:6d:46:79:69:25:98:2d:3b:d9:c2:f0:23:
e1:35:d0:bd:68:53:aa:f8:b5:b2:e8:3e:d3:73:ba:
78:e0:51:c8:62:d4:4b:f9:57:bc:5a:92:0f:be:ae:
d5:c1:cf:72:06:46:c3:fb:3e:62:9f:09:03:2d:df:
0c:40:1d:fc:b3:d9:90:47:05:c1:ea:75:58:c8:02:
75:d3:e5:da:76:fa:30:38:e5:3e:50:18:45:99:92:
38:7c:d0:6f:e4:83:1c:20:9d:fb:8b:3e:a4:f2:bb:
40:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:8C:38:6B:72:C2:E6:84:62:6F:55:2B:6E:5F:FD:8F:11:26:FA:4D
X509v3 Authority Key Identifier:
keyid:AE:DC:8F:32:7A:46:19:64:C0:A8:7A:9C:78:09:40:1C:57:C8:6D:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtyPMnpGGWTAqHqceAlAHFfIbUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/hYw4a3LC5oRib1Urbl_9jxEm-k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0dc52-416e-4a02-8993-fbc5a1e382c5/1/rtyPMnpGGWTAqHqceAlAHFfIbUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.200.0/22
185.7.252.0/22
IPv6:
2a03:29c0::/32
Signature Algorithm: sha256WithRSAEncryption
a1:d7:50:50:83:0c:47:6c:f2:36:2b:94:5c:c7:c4:9d:25:a9:
7a:79:f0:00:16:cb:c9:03:47:dd:7a:0a:3e:7e:a4:1d:79:3f:
54:ce:33:48:00:19:7b:af:60:e0:f7:be:87:ad:fc:b5:4f:9f:
66:e8:34:0c:2d:fb:ed:b3:ac:b4:e9:93:be:98:6f:12:96:9e:
4f:4f:d6:4f:bd:64:49:cc:11:2a:bc:be:e4:fd:65:d3:6d:76:
b2:53:79:db:46:6b:d8:e5:47:be:ea:1b:84:a0:fd:84:67:3f:
e9:e6:c7:2a:92:5e:73:37:96:32:0f:40:5d:6c:b2:c4:db:ad:
6e:9d:50:26:d7:1e:39:3e:3a:38:b7:cc:9e:11:f1:49:4f:70:
4e:71:b6:f9:63:a1:a9:60:2c:a5:69:d7:43:75:1f:53:57:46:
c9:66:b2:0f:90:dd:a9:3c:89:b0:c4:2e:8d:9e:45:6d:ea:57:
7f:5c:1c:a2:73:74:9a:bb:a0:9e:e3:a8:88:fd:54:00:1b:53:
76:18:05:1e:dc:d7:d9:38:98:fc:7b:f4:31:15:26:bf:8d:3d:
b0:14:91:31:f0:46:93:41:33:65:d8:7f:64:3f:ab:1d:cc:ad:
5d:c8:41:1b:75:0c:19:9e:88:8b:ba:c9:13:3b:f4:c9:c9:32:
a8:03:54:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsrzCJOGxSnvlXn5Nxy1UNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGM4ZjMyN2E0NjE5NjRjMGE4N2E5Yzc4MDk0MDFjNTdj
ODZkNDEwHhcNMjMwMTAxMDkzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NThjMzg2YjcyYzJlNjg0NjI2ZjU1MmI2ZTVmZmQ4ZjExMjZmYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiggZZvuPp6qw5GtzM6J0LG6F7rez
s7ixGeXGlWAmweucACb0RqRfATp1e3RYG0oOTNp0EdjHJxtVGE/fkK/dlRe9XQtH
+TasA2sXu3LgNJwPLkN5U32zSUI/LXzFXe3GTIYRvrVROwkCFNQqIujdvxAoj/A6
zn3VMHnp6Q8Sc+Wa6CIn8/07kFNcw+s3FJPa3+2CDFj1jbFtRnlpJZgtO9nC8CPh
NdC9aFOq+LWy6D7Tc7p44FHIYtRL+Ve8WpIPvq7Vwc9yBkbD+z5inwkDLd8MQB38
s9mQRwXB6nVYyAJ10+XadvowOOU+UBhFmZI4fNBv5IMcIJ37iz6k8rtADQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIWMOGtywuaEYm9VK25f/Y8RJvpNMB8GA1UdIwQY
MBaAFK7cjzJ6RhlkwKh6nHgJQBxXyG1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMt
ZmJjNWExZTM4MmM1LzEvaFl3NGEzTEM1b1JpYjFVcmJsXzlqeEVtLWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iMGRjNTItNDE2ZS00YTAyLTg5OTMtZmJjNWExZTM4MmM1
LzEvcnR5UE1ucEdHV1RBcUhxY2VBbEFIRmZJYlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCVcLIAwQC
uQf8MA0EAgACMAcDBQAqAynAMA0GCSqGSIb3DQEBCwUAA4IBAQCh11BQgwxHbPI2
K5Rcx8SdJal6efAAFsvJA0fdego+fqQdeT9UzjNIABl7r2Dg976Hrfy1T59m6DQM
Lfvts6y06ZO+mG8Slp5PT9ZPvWRJzBEqvL7k/WXTbXayU3nbRmvY5Ue+6huEoP2E
Zz/p5scqkl5zN5YyD0BdbLLE261unVAm1x45Pjo4t8yeEfFJT3BOcbb5Y6GpYCyl
addDdR9TV0bJZrIPkN2pPImwxC6NnkVt6ld/XByic3Sau6Ce46iI/VQAG1N2GAUe
3NfZOJj8e/QxFSa/jT2wFJEx8EaTQTNl2H9kP6sdzK1dyEEbdQwZnoiLuskTO/TJ
yTKoA1RC
-----END CERTIFICATE-----
Generated at Wed May 7 05:20:33 2025 by rpki-client