Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A6VaCXb2wGUxorXYgfA8wNbuuLo.roa
File: A6VaCXb2wGUxorXYgfA8wNbuuLo.roa (raw, json)
Hash identifier: XB1Dw8OxinITy+9NHbBJae8ADCdqhTLhMCmo68QZgMM=
Subject key identifier: 03:A5:5A:09:76:F6:C0:65:31:A2:B5:D8:81:F0:3C:C0:D6:EE:B8:BA
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 09A0F3A4
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A6VaCXb2wGUxorXYgfA8wNbuuLo.roa
Signing time: Sat 01 Jan 2022 05:04:14 +0000
ROA not before: Sat 01 Jan 2022 05:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203600
IP address blocks: 178.156.106.0/24 maxlen: 24
178.156.24.0/24 maxlen: 24
5.154.114.0/24 maxlen: 24
37.230.86.0/24 maxlen: 24
84.236.191.0/24 maxlen: 24
84.236.200.0/22 maxlen: 22
84.236.202.0/24 maxlen: 24
84.236.200.0/23 maxlen: 23
84.236.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161543076 (0x9a0f3a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03a55a0976f6c06531a2b5d881f03cc0d6eeb8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3c:cb:d6:84:fb:d6:02:88:d0:f0:f6:fe:24:
b2:28:4e:63:ef:2d:dd:63:b6:f6:0c:2e:0b:38:01:
55:95:91:f7:3f:7d:45:dc:56:68:bd:34:96:9a:0c:
4b:51:ab:e9:d1:b5:91:e4:94:aa:ab:58:5b:79:54:
af:83:cc:fa:68:b5:58:7f:fe:0f:74:1d:6e:1c:4c:
07:da:08:76:ce:4b:2e:91:b3:fd:06:0e:b2:f1:65:
b2:61:bc:96:69:ac:a1:ea:2c:dd:83:e1:6f:2b:17:
32:b3:0c:c8:e7:ce:3c:83:46:1b:67:52:3f:d2:6e:
8e:6c:79:fd:57:9b:71:91:f1:74:ef:f5:1b:25:d2:
24:9f:27:d0:1c:e1:a5:de:f6:6f:3b:61:25:34:79:
70:69:a4:b6:10:90:c2:b9:b4:b1:89:71:2b:d4:8e:
c4:2f:d2:31:82:1c:ed:94:86:31:29:16:4a:44:57:
df:e8:70:4c:db:d8:3e:53:8b:b2:f3:20:d7:94:2e:
27:fe:1f:b4:68:61:a4:84:8d:7d:51:5d:58:05:f7:
57:7a:61:7d:4d:87:4a:d6:d3:ca:8f:fe:63:e7:b9:
ce:83:31:55:3f:a0:03:bd:69:53:ed:ba:0c:50:df:
38:61:2a:80:58:1b:13:cc:60:46:b5:c5:56:ea:cc:
f0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A5:5A:09:76:F6:C0:65:31:A2:B5:D8:81:F0:3C:C0:D6:EE:B8:BA
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A6VaCXb2wGUxorXYgfA8wNbuuLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.114.0/24
37.230.86.0/24
84.236.191.0/24
84.236.200.0/22
178.156.24.0/24
178.156.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:6d:42:90:4b:3f:30:01:e2:3e:df:31:ed:de:ad:c2:f2:5b:
6c:15:53:ed:47:07:40:82:f8:3f:a9:fb:ab:45:78:03:ea:ce:
df:a5:5f:25:e8:5d:55:b9:d7:84:02:aa:fd:1a:e7:eb:c7:63:
57:12:69:ef:a0:ea:a7:23:2d:4d:44:73:40:e3:71:a8:fe:04:
20:36:6a:19:08:31:88:62:4d:7d:f6:bb:28:d9:cd:87:97:06:
f5:57:89:cf:f2:b5:7d:6c:40:6d:e8:40:60:8e:9b:e6:d3:f5:
75:fe:8d:90:e7:09:25:db:ff:ee:4e:a0:25:fe:6a:08:97:cf:
e9:88:f6:55:5c:b9:6d:79:fd:8a:8e:b0:e6:73:2a:87:c1:16:
1a:90:29:6a:6c:ff:93:51:c8:29:32:e3:29:f6:3c:13:04:cd:
f2:03:b6:26:ce:fb:29:42:8f:86:8d:06:01:b4:1c:62:43:80:
14:c8:90:7a:b4:5f:74:8b:cc:70:b6:53:56:69:26:1b:10:29:
2f:d7:37:1c:5d:2d:c6:c4:b8:5f:d7:4f:c6:f5:01:01:00:6c:
52:ec:3a:3e:db:e6:97:8b:f6:c0:fb:54:f0:b7:b3:b9:92:5d:
25:db:d4:be:79:c8:f9:51:7b:1d:39:8c:80:c4:2c:53:85:8e:
69:87:85:82
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECaDzpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNhNTVhMDk3NmY2
YzA2NTMxYTJiNWQ4ODFmMDNjYzBkNmVlYjhiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc8y9aE+9YCiNDw9v4ksihOY+8t3WO29gwuCzgBVZWR9z99
RdxWaL00lpoMS1Gr6dG1keSUqqtYW3lUr4PM+mi1WH/+D3QdbhxMB9oIds5LLpGz
/QYOsvFlsmG8lmmsoeos3YPhbysXMrMMyOfOPINGG2dSP9Jujmx5/VebcZHxdO/1
GyXSJJ8n0Bzhpd72bzthJTR5cGmkthCQwrm0sYlxK9SOxC/SMYIc7ZSGMSkWSkRX
3+hwTNvYPlOLsvMg15QuJ/4ftGhhpISNfVFdWAX3V3phfU2HStbTyo/+Y+e5zoMx
VT+gA71pU+26DFDfOGEqgFgbE8xgRrXFVurM8O0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQDpVoJdvbAZTGitdiB8DzA1u64ujAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L0E2VmFDWGIyd0dVeG9yWFlnZkE4d05idXVMby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAAWacgMEACXmVgMEAFTsvwMEAlTs
yAMEALKcGAMEALKcajANBgkqhkiG9w0BAQsFAAOCAQEAp21CkEs/MAHiPt8x7d6t
wvJbbBVT7UcHQIL4P6n7q0V4A+rO36VfJehdVbnXhAKq/Rrn68djVxJp76DqpyMt
TURzQONxqP4EIDZqGQgxiGJNffa7KNnNh5cG9VeJz/K1fWxAbehAYI6b5tP1df6N
kOcJJdv/7k6gJf5qCJfP6Yj2VVy5bXn9io6w5nMqh8EWGpApamz/k1HIKTLjKfY8
EwTN8gO2Js77KUKPho0GAbQcYkOAFMiQerRfdIvMcLZTVmkmGxApL9c3HF0txsS4
X9dPxvUBAQBsUuw6Ptvml4v2wPtU8LezuZJdJdvUvnnI+VF7HTmMgMQsU4WOaYeF
gg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:22:29 2025 by rpki-client