Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Rp8Ij7Csy0Nx64byf07g35fsvEY.roa
File: Rp8Ij7Csy0Nx64byf07g35fsvEY.roa (raw, json)
Hash identifier: Q4lKf7WBJ9Gfn557DCz6Zts7NAezEm48J7Dzys2cAio=
Subject key identifier: 46:9F:08:8F:B0:AC:CB:43:71:EB:86:F2:7F:4E:E0:DF:97:EC:BC:46
Certificate issuer: /CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Certificate serial: 0890E2EE
Authority key identifier: 9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Rp8Ij7Csy0Nx64byf07g35fsvEY.roa
Signing time: Sat 01 Jan 2022 05:04:36 +0000
ROA not before: Sat 01 Jan 2022 05:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204386
IP address blocks: 185.250.159.0/24 maxlen: 24
185.250.156.0/24 maxlen: 24
185.250.157.0/24 maxlen: 24
185.250.158.0/24 maxlen: 24
185.250.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143713006 (0x890e2ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c52b6a051471bec51db74d7256e7a30a55ecf1a
Validity
Not Before: Jan 1 05:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=469f088fb0accb4371eb86f27f4ee0df97ecbc46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:6a:7f:d9:85:a4:4d:07:67:dc:56:da:af:
60:08:66:32:7b:92:05:c2:55:e2:5d:18:a6:bd:6f:
d6:2d:0f:08:2a:3c:12:09:08:94:19:db:ab:94:36:
90:8d:9c:ba:9f:a5:46:4e:f8:54:95:ef:88:50:66:
89:b2:1b:11:ef:2d:9d:a3:ad:49:e7:73:07:e3:49:
34:c5:57:d6:0a:15:ad:2b:02:cb:fa:d1:4e:12:1a:
1f:2e:5f:dd:d5:50:9f:9c:f1:25:8f:c6:3e:87:3c:
4e:be:80:43:84:74:29:3f:36:ab:a1:14:4b:12:47:
e0:e1:79:a8:d0:96:0c:f3:24:77:41:65:24:dd:05:
79:d9:3f:06:fa:bf:c0:e2:34:87:42:bd:11:d0:78:
c4:8e:db:b5:46:c5:65:2e:83:17:3d:9d:6c:76:1d:
da:82:e0:47:a1:4b:3d:c1:71:da:64:7a:2e:c2:81:
c0:bd:fa:f9:e4:4d:87:19:1f:aa:2f:df:06:29:d5:
dd:55:be:f8:30:fb:d6:14:89:13:7d:f0:2a:80:2e:
07:94:f2:6e:02:4f:a0:4a:04:f1:c1:b1:f8:a1:1e:
03:99:12:e4:3b:5d:03:35:f6:1b:78:0e:ce:f7:57:
f4:eb:9e:35:0e:bf:9d:c7:cb:e3:04:63:ee:49:06:
4f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:9F:08:8F:B0:AC:CB:43:71:EB:86:F2:7F:4E:E0:DF:97:EC:BC:46
X509v3 Authority Key Identifier:
keyid:9C:52:B6:A0:51:47:1B:EC:51:DB:74:D7:25:6E:7A:30:A5:5E:CF:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFK2oFFHG-xR23TXJW56MKVezxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/Rp8Ij7Csy0Nx64byf07g35fsvEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f8434c-0230-4adf-bd00-2829aa3df258/1/nFK2oFFHG-xR23TXJW56MKVezxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.156.0/22
Signature Algorithm: sha256WithRSAEncryption
28:e7:92:c5:84:f0:12:37:13:3f:4e:da:cb:51:a1:e5:e5:ee:
ef:29:b4:7a:7b:54:94:9c:af:43:1b:df:62:03:de:16:9f:d3:
eb:c8:78:96:82:70:75:f7:5a:3f:2a:5b:16:08:1d:ae:a5:d8:
17:16:a2:82:9c:de:56:b1:0a:5d:bd:03:43:a4:60:68:f2:59:
f0:b8:34:66:12:cb:6b:7f:14:38:9a:9c:04:bb:85:50:e5:5d:
14:5d:68:dd:cc:83:a4:5b:af:bf:29:85:25:49:bd:da:34:9b:
ec:26:c9:db:17:5e:e5:26:82:cd:ff:dc:d2:ef:16:cb:a2:d8:
5a:f9:7f:5d:c8:25:ee:20:8d:ae:8c:f3:f2:d6:87:f5:cb:cd:
e5:d7:f0:ea:1a:bf:82:9c:04:e3:27:0a:79:b5:b0:7d:25:95:
fa:c1:c1:70:e5:1a:dd:66:4c:e8:f8:5d:38:f5:ac:b1:a9:bd:
7b:bf:a9:86:b2:11:ea:cc:28:08:bb:9f:23:63:80:f1:51:77:
f2:81:f7:97:27:ba:88:28:8f:91:cf:4d:1c:cd:be:ca:50:ab:
ee:30:d0:7d:69:b0:8b:15:85:8c:47:90:90:d4:9d:eb:58:7a:
50:58:68:d0:8e:8e:c2:8b:d8:ba:ea:43:22:2c:05:4f:77:7f:
5a:ba:50:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECJDi7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzUyYjZhMDUxNDcxYmVjNTFkYjc0ZDcyNTZlN2EzMGE1NWVjZjFhMB4XDTIyMDEw
MTA1MDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY5ZjA4OGZiMGFj
Y2I0MzcxZWI4NmYyN2Y0ZWUwZGY5N2VjYmM0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwdan/ZhaRNB2fcVtqvYAhmMnuSBcJV4l0Ypr1v1i0PCCo8
EgkIlBnbq5Q2kI2cup+lRk74VJXviFBmibIbEe8tnaOtSedzB+NJNMVX1goVrSsC
y/rRThIaHy5f3dVQn5zxJY/GPoc8Tr6AQ4R0KT82q6EUSxJH4OF5qNCWDPMkd0Fl
JN0Fedk/Bvq/wOI0h0K9EdB4xI7btUbFZS6DFz2dbHYd2oLgR6FLPcFx2mR6LsKB
wL36+eRNhxkfqi/fBinV3VW++DD71hSJE33wKoAuB5TybgJPoEoE8cGx+KEeA5kS
5DtdAzX2G3gOzvdX9OueNQ6/ncfL4wRj7kkGT+0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGnwiPsKzLQ3HrhvJ/TuDfl+y8RjAfBgNVHSMEGDAWgBScUragUUcb7FHb
dNclbnowpV7PGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25GSzJvRkZIRy14UjIzVFhKVzU2TUtWZXp4by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZjg0MzRjLTAyMzAtNGFkZi1iZDAwLTI4MjlhYTNkZjI1OC8x
L1JwOElqN0NzeTBOeDY0YnlmMDdnMzVmc3ZFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
Zjg0MzRjLTAyMzAtNGFkZi1iZDAwLTI4MjlhYTNkZjI1OC8xL25GSzJvRkZIRy14
UjIzVFhKVzU2TUtWZXp4by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArn6nDANBgkqhkiG9w0BAQsFAAOC
AQEAKOeSxYTwEjcTP07ay1Gh5eXu7ym0entUlJyvQxvfYgPeFp/T68h4loJwdfda
PypbFggdrqXYFxaigpzeVrEKXb0DQ6RgaPJZ8Lg0ZhLLa38UOJqcBLuFUOVdFF1o
3cyDpFuvvymFJUm92jSb7CbJ2xde5SaCzf/c0u8Wy6LYWvl/Xcgl7iCNrozz8taH
9cvN5dfw6hq/gpwE4ycKebWwfSWV+sHBcOUa3WZM6PhdOPWssam9e7+phrIR6swo
CLufI2OA8VF38oH3lye6iCiPkc9NHM2+ylCr7jDQfWmwixWFjEeQkNSd61h6UFho
0I6OwovYuupDIiwFT3d/WrpQEw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:55:14 2025 by rpki-client