Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Zn3P6wGuyl_c5zbKuRmZ7ASs5wI.roa
File: Zn3P6wGuyl_c5zbKuRmZ7ASs5wI.roa (raw, json)
Hash identifier: mTAKeNRRnlX/GlGge16ZLU+DUDxR9jOUCye0f7as9JQ=
Subject key identifier: 66:7D:CF:EB:01:AE:CA:5F:DC:E7:36:CA:B9:19:99:EC:04:AC:E7:02
Certificate issuer: /CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Certificate serial: 01890B6BBEB422ABCD9C1D77740E584215F0
Authority key identifier: CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Zn3P6wGuyl_c5zbKuRmZ7ASs5wI.roa
Signing time: Fri 30 Jun 2023 08:29:17 +0000
ROA not before: Fri 30 Jun 2023 08:29:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60372
IP address blocks: 185.156.214.0/24 maxlen: 24
185.156.215.0/24 maxlen: 24
185.4.252.0/24 maxlen: 24
185.4.253.0/24 maxlen: 24
185.4.254.0/24 maxlen: 24
185.4.255.0/24 maxlen: 24
185.156.212.0/24 maxlen: 24
185.156.213.0/24 maxlen: 24
2a02:7740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:6b:be:b4:22:ab:cd:9c:1d:77:74:0e:58:42:15:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb10243f98636faa0fb6c5ae6bad9b0abad23438
Validity
Not Before: Jun 30 08:29:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=667dcfeb01aeca5fdce736cab91999ec04ace702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:92:a6:db:88:95:cf:41:2c:60:31:f3:83:ef:
95:57:5a:f7:ad:0f:a7:b2:cf:22:76:eb:b5:71:d2:
c3:9a:43:db:0a:4a:5b:6c:b0:a3:a1:69:22:de:fd:
29:90:91:37:b9:fa:53:19:ee:51:ab:b2:79:ff:52:
a7:a5:82:88:c7:e9:5f:53:87:a7:ec:e9:cd:d5:a9:
db:e3:e5:cf:1a:13:5f:1e:ee:95:a4:27:0c:74:0c:
c0:42:0a:28:0b:c5:91:12:8c:48:4e:82:f7:8f:a8:
54:16:5e:4a:24:45:2f:72:02:76:b0:f1:30:88:05:
f8:0b:7b:7a:92:32:36:49:24:71:7a:16:4d:f3:c9:
fb:d8:b9:da:0c:cc:17:e5:69:07:ab:a4:b6:c9:96:
ad:08:15:c2:42:54:aa:8d:12:1e:cc:db:7b:0d:1b:
d6:09:3a:6f:e1:3a:a0:45:49:62:f5:06:f6:80:b7:
35:74:37:84:7a:d8:d9:ba:75:9a:b3:6b:69:15:c4:
28:2d:14:98:30:92:86:f9:a1:48:74:ce:87:96:e8:
21:8b:8f:52:01:98:69:7a:13:4f:c8:ea:dc:58:37:
56:3e:a3:80:86:52:63:ba:9a:8a:cc:88:de:46:03:
6e:ef:43:16:67:f1:40:6f:09:09:dd:be:7d:e8:87:
12:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:CF:EB:01:AE:CA:5F:DC:E7:36:CA:B9:19:99:EC:04:AC:E7:02
X509v3 Authority Key Identifier:
keyid:CB:10:24:3F:98:63:6F:AA:0F:B6:C5:AE:6B:AD:9B:0A:BA:D2:34:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yxAkP5hjb6oPtsWua62bCrrSNDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/Zn3P6wGuyl_c5zbKuRmZ7ASs5wI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/f8eb9c-5b99-4cef-93f0-48f151b5231f/1/yxAkP5hjb6oPtsWua62bCrrSNDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.252.0/22
185.156.212.0/22
IPv6:
2a02:7740::/32
Signature Algorithm: sha256WithRSAEncryption
af:92:d7:58:ff:f3:1d:5b:51:1f:5d:4b:52:39:d7:ca:d1:15:
65:77:fe:01:98:01:02:4e:83:5b:2b:9a:7e:93:f0:1e:a1:7f:
20:c9:78:ee:60:0a:cf:e1:8d:6e:8c:c9:f1:58:b3:e8:92:64:
1c:ac:2f:c4:18:89:93:b4:3c:a5:51:aa:ff:da:e3:4a:60:7f:
c3:46:48:33:94:4e:aa:fb:da:36:de:07:17:ec:65:fb:04:a6:
a0:24:d3:d8:ea:bf:51:a0:a2:a6:a5:77:2e:3d:24:9f:4f:24:
c3:c2:bb:6c:37:0e:65:ab:ab:d0:ba:64:c9:6a:d5:2d:2d:da:
f9:b2:a7:ce:46:5e:74:1d:bd:e3:e7:49:6e:68:2d:45:ae:46:
87:fd:c6:2b:de:ee:40:04:72:17:83:ce:a2:73:4f:0b:95:6f:
b2:38:eb:29:45:76:f9:94:3f:fd:90:b0:88:39:57:ad:7a:b7:
b3:2f:6b:87:95:f2:46:de:ab:31:33:7b:d6:29:b5:85:8b:15:
d8:5c:74:2e:ff:b6:21:2e:7d:e1:aa:bd:08:23:f5:37:5a:18:
a2:5d:82:54:43:a6:b2:17:8e:c9:25:f9:06:08:a4:6e:c5:c6:
f7:ed:6d:00:f7:74:c9:57:16:c0:83:0b:64:1a:5b:cc:24:b3:
f1:4a:51:23
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYkLa760IqvNnB13dA5YQhXwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMTAyNDNmOTg2MzZmYWEwZmI2YzVhZTZiYWQ5YjBhYmFk
MjM0MzgwHhcNMjMwNjMwMDgyOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdkY2ZlYjAxYWVjYTVmZGNlNzM2Y2FiOTE5OTllYzA0YWNlNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5Km24iVz0EsYDHzg++VV1r3rQ+n
ss8iduu1cdLDmkPbCkpbbLCjoWki3v0pkJE3ufpTGe5Rq7J5/1KnpYKIx+lfU4en
7OnN1anb4+XPGhNfHu6VpCcMdAzAQgooC8WREoxIToL3j6hUFl5KJEUvcgJ2sPEw
iAX4C3t6kjI2SSRxehZN88n72LnaDMwX5WkHq6S2yZatCBXCQlSqjRIezNt7DRvW
CTpv4TqgRUli9Qb2gLc1dDeEetjZunWas2tpFcQoLRSYMJKG+aFIdM6Hlughi49S
AZhpehNPyOrcWDdWPqOAhlJjupqKzIjeRgNu70MWZ/FAbwkJ3b596IcSgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGZ9z+sBrspf3Oc2yrkZmewErOcCMB8GA1UdIwQY
MBaAFMsQJD+YY2+qD7bFrmutmwq60jQ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAt
NDhmMTUxYjUyMzFmLzEvWm4zUDZ3R3V5bF9jNXpiS3VSbVo3QVNzNXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9mOGViOWMtNWI5OS00Y2VmLTkzZjAtNDhmMTUxYjUyMzFm
LzEveXhBa1A1aGpiNm9QdHNXdWE2MmJDcnJTTkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQT8AwQC
uZzUMA0EAgACMAcDBQAqAndAMA0GCSqGSIb3DQEBCwUAA4IBAQCvktdY//MdW1Ef
XUtSOdfK0RVld/4BmAECToNbK5p+k/AeoX8gyXjuYArP4Y1ujMnxWLPokmQcrC/E
GImTtDylUar/2uNKYH/DRkgzlE6q+9o23gcX7GX7BKagJNPY6r9RoKKmpXcuPSSf
TyTDwrtsNw5lq6vQumTJatUtLdr5sqfORl50Hb3j50luaC1FrkaH/cYr3u5ABHIX
g86ic08LlW+yOOspRXb5lD/9kLCIOVeterezL2uHlfJG3qsxM3vWKbWFixXYXHQu
/7YhLn3hqr0II/U3WhiiXYJUQ6ayF47JJfkGCKRuxcb37W0A93TJVxbAgwtkGlvM
JLPxSlEj
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:32:21 2025 by rpki-client