Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/71033c-0b6a-46e6-a5fe-329a99f0f1b5/1/H5eh98ofmuIvpwaSfa4iZYmv-QE.roa
File: H5eh98ofmuIvpwaSfa4iZYmv-QE.roa (raw, json)
Hash identifier: xSNrdJ/gbcvQVNn/n5oHz2FxYHWghbebX3kFWdfK0Ls=
Subject key identifier: 1F:97:A1:F7:CA:1F:9A:E2:2F:A7:06:92:7D:AE:22:65:89:AF:F9:01
Certificate issuer: /CN=e0c70cc2d21da8c2ea6481534f48da495aa84bdd
Certificate serial: 1AC66D37
Authority key identifier: E0:C7:0C:C2:D2:1D:A8:C2:EA:64:81:53:4F:48:DA:49:5A:A8:4B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4McMwtIdqMLqZIFTT0jaSVqoS90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/71033c-0b6a-46e6-a5fe-329a99f0f1b5/1/H5eh98ofmuIvpwaSfa4iZYmv-QE.roa
Signing time: Sat 01 Jan 2022 05:58:04 +0000
ROA not before: Sat 01 Jan 2022 05:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12519
IP address blocks: 185.10.100.0/22 maxlen: 24
82.148.32.0/19 maxlen: 24
87.252.32.0/19 maxlen: 24
81.31.64.0/20 maxlen: 24
212.42.160.0/19 maxlen: 24
2a02:13a0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449211703 (0x1ac66d37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c70cc2d21da8c2ea6481534f48da495aa84bdd
Validity
Not Before: Jan 1 05:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f97a1f7ca1f9ae22fa706927dae226589aff901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a4:84:f4:90:ec:35:04:f9:39:2f:46:4e:7c:
b4:ac:6b:6c:22:8d:39:b0:f2:e9:e5:fe:df:30:5d:
5b:02:5e:91:e5:be:0f:2e:c8:43:ec:f9:7c:fe:d5:
cc:40:8f:2b:ac:fd:35:08:ba:f5:20:28:a2:d6:c4:
58:07:f8:16:31:a0:7c:62:56:d6:8d:0d:da:e1:33:
d0:ea:42:ed:4a:18:22:55:a1:0d:ea:89:91:00:2f:
e4:e8:55:2c:59:a8:26:c1:ee:35:92:2d:7a:c2:33:
de:99:00:cb:d3:cb:92:72:3f:97:fa:08:e6:8f:da:
47:59:9d:ae:1a:70:80:65:c7:e0:f2:3f:2d:72:4f:
65:c1:06:78:d8:d6:7b:f8:77:ff:a1:95:5a:4a:e5:
c2:35:6b:ad:ed:f1:38:77:81:ac:d3:1e:2b:f4:0b:
be:99:5a:ec:bd:10:05:99:84:69:3a:59:d8:d7:a0:
2d:c8:7c:2b:91:ee:f8:9e:72:6e:0c:55:07:a3:cc:
b2:73:2d:40:49:9a:b6:d1:50:45:11:f7:b6:ff:5e:
1e:43:fe:c8:f7:40:3d:86:74:9c:2d:c3:d1:dc:ce:
44:f3:63:58:4c:9b:11:87:36:01:78:01:f7:c8:73:
54:e0:c9:33:f2:f0:27:85:62:12:6c:a9:05:15:dc:
bc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:97:A1:F7:CA:1F:9A:E2:2F:A7:06:92:7D:AE:22:65:89:AF:F9:01
X509v3 Authority Key Identifier:
keyid:E0:C7:0C:C2:D2:1D:A8:C2:EA:64:81:53:4F:48:DA:49:5A:A8:4B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4McMwtIdqMLqZIFTT0jaSVqoS90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/71033c-0b6a-46e6-a5fe-329a99f0f1b5/1/H5eh98ofmuIvpwaSfa4iZYmv-QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/71033c-0b6a-46e6-a5fe-329a99f0f1b5/1/4McMwtIdqMLqZIFTT0jaSVqoS90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.64.0/20
82.148.32.0/19
87.252.32.0/19
185.10.100.0/22
212.42.160.0/19
IPv6:
2a02:13a0::/32
Signature Algorithm: sha256WithRSAEncryption
56:c3:53:cf:86:a6:a2:61:2c:1a:00:58:67:41:a1:d0:40:64:
ab:d6:0d:13:38:52:d8:9c:89:aa:79:e4:67:f2:54:7f:a5:1f:
d2:04:e0:21:1d:82:eb:79:c6:d3:9b:ed:01:32:7c:b0:59:3d:
b5:3b:48:9c:52:3c:7b:b7:a9:47:87:ab:03:56:d6:cb:28:ae:
1a:be:75:30:9c:7a:05:03:5e:b1:e2:25:8c:eb:88:c9:13:ea:
52:84:ff:b0:ed:7b:48:3e:b6:d7:f4:17:6a:a1:46:5e:cb:80:
fa:0a:88:3b:6e:a0:4f:36:59:ff:50:d7:f5:c9:33:be:f5:bd:
35:52:04:e7:6a:7e:9d:58:24:0c:81:f8:77:ef:da:fe:96:c6:
fc:40:58:5e:21:6a:9b:26:26:b8:89:2c:ec:d6:a6:b9:cc:d3:
ec:1c:d7:6c:71:14:a1:13:af:05:74:fc:83:08:a4:c1:28:b4:
d2:d3:b7:f9:c4:b4:7f:f7:4f:6f:09:4a:80:0e:e6:c7:1f:b7:
de:06:d1:c8:0e:d0:e8:1e:72:be:8b:76:38:46:fd:ae:28:24:
19:72:0e:be:3e:47:96:1c:b3:61:2d:db:fa:ea:5f:d7:44:8e:
a3:71:26:6a:14:78:83:21:40:4a:24:a0:c7:cb:f2:04:b1:13:
35:60:75:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGsZtNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MGM3MGNjMmQyMWRhOGMyZWE2NDgxNTM0ZjQ4ZGE0OTVhYTg0YmRkMB4XDTIyMDEw
MTA1NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY5N2ExZjdjYTFm
OWFlMjJmYTcwNjkyN2RhZTIyNjU4OWFmZjkwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqkhPSQ7DUE+TkvRk58tKxrbCKNObDy6eX+3zBdWwJekeW+
Dy7IQ+z5fP7VzECPK6z9NQi69SAootbEWAf4FjGgfGJW1o0N2uEz0OpC7UoYIlWh
DeqJkQAv5OhVLFmoJsHuNZItesIz3pkAy9PLknI/l/oI5o/aR1mdrhpwgGXH4PI/
LXJPZcEGeNjWe/h3/6GVWkrlwjVrre3xOHeBrNMeK/QLvpla7L0QBZmEaTpZ2Neg
Lch8K5Hu+J5ybgxVB6PMsnMtQEmattFQRRH3tv9eHkP+yPdAPYZ0nC3D0dzORPNj
WEybEYc2AXgB98hzVODJM/LwJ4ViEmypBRXcvJMCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQfl6H3yh+a4i+nBpJ9riJlia/5ATAfBgNVHSMEGDAWgBTgxwzC0h2owupk
gVNPSNpJWqhL3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRNY013dElkcU1McVpJRlRUMGphU1Zxb1M5MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNzEwMzNjLTBiNmEtNDZlNi1hNWZlLTMyOWE5OWYwZjFiNS8x
L0g1ZWg5OG9mbXVJdnB3YVNmYTRpWlltdi1RRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NzEwMzNjLTBiNmEtNDZlNi1hNWZlLTMyOWE5OWYwZjFiNS8xLzRNY013dElkcU1M
cVpJRlRUMGphU1Zxb1M5MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBFEfQAMEBVKUIAMEBVf8IAMEArkK
ZAMEBdQqoDANBAIAAjAHAwUAKgIToDANBgkqhkiG9w0BAQsFAAOCAQEAVsNTz4am
omEsGgBYZ0Gh0EBkq9YNEzhS2JyJqnnkZ/JUf6Uf0gTgIR2C63nG05vtATJ8sFk9
tTtInFI8e7epR4erA1bWyyiuGr51MJx6BQNeseIljOuIyRPqUoT/sO17SD621/QX
aqFGXsuA+gqIO26gTzZZ/1DX9ckzvvW9NVIE52p+nVgkDIH4d+/a/pbG/EBYXiFq
myYmuIks7NamuczT7BzXbHEUoROvBXT8gwikwSi00tO3+cS0f/dPbwlKgA7mxx+3
3gbRyA7Q6B5yvot2OEb9rigkGXIOvj5HlhyzYS3b+upf10SOo3EmahR4gyFASiSg
x8vyBLETNWB1Eg==
-----END CERTIFICATE-----
Generated at Mon May 5 20:27:51 2025 by rpki-client