Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/6vI2vqbjmJsLMjLPuzy1aHGeoJU.roa
File: 6vI2vqbjmJsLMjLPuzy1aHGeoJU.roa (raw, json)
Hash identifier: J3OGoYjSfvxefW+Wb3NtoreLoRB6GtePYhBWzLRVAaA=
Subject key identifier: EA:F2:36:BE:A6:E3:98:9B:0B:32:32:CF:BB:3C:B5:68:71:9E:A0:95
Certificate issuer: /CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Certificate serial: 1C6A2108
Authority key identifier: 15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/6vI2vqbjmJsLMjLPuzy1aHGeoJU.roa
Signing time: Sat 01 Jan 2022 07:56:56 +0000
ROA not before: Sat 01 Jan 2022 07:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61221
IP address blocks: 185.14.246.0/24 maxlen: 24
185.14.245.0/24 maxlen: 24
185.14.246.0/23 maxlen: 23
185.14.244.0/24 maxlen: 24
185.14.244.0/23 maxlen: 23
185.14.247.0/24 maxlen: 24
2a03:b840:12::/48 maxlen: 48
2a03:b840:2::/48 maxlen: 48
2a03:b840:100::/48 maxlen: 48
2a03:b840:13::/48 maxlen: 48
2a03:b840:3::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 476717320 (0x1c6a2108)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Validity
Not Before: Jan 1 07:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eaf236bea6e3989b0b3232cfbb3cb568719ea095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:16:4a:7f:3c:95:3b:33:cc:c7:87:11:43:
13:5f:83:81:1d:d1:cc:8b:83:79:6c:9a:9c:12:92:
15:ce:73:28:55:02:49:a4:85:4a:d2:c9:1b:9f:97:
c2:d8:5c:e0:be:9a:a1:46:99:bc:b9:22:d0:48:95:
80:e0:de:57:c3:49:db:54:15:3e:cc:49:8b:53:28:
d6:66:30:f2:fa:e4:0c:7e:fd:49:05:bb:1f:d9:77:
bd:a5:0b:15:13:02:0c:b4:47:f6:af:91:e7:32:74:
3f:bb:94:a1:76:11:d6:88:2e:57:62:70:52:00:fc:
82:2d:bb:e4:32:60:ea:43:5e:79:8f:d3:81:70:25:
83:da:f9:95:7c:41:70:2a:25:a5:cc:75:07:03:01:
40:4f:f7:4d:be:a0:f2:8e:37:91:6f:cf:1f:6f:a5:
cd:16:a8:fa:bf:4f:f5:c9:c2:b1:80:c0:bb:74:fc:
98:15:cb:cc:f4:a2:fd:bc:d5:e2:e0:19:9d:3a:9b:
34:52:74:19:f8:1e:ec:70:eb:ea:53:54:c7:4d:d2:
e2:09:2d:9d:be:35:10:80:fa:fb:46:af:8e:3b:54:
a2:ea:df:0f:5b:10:59:f1:20:a7:6b:df:e0:9f:57:
6e:f5:47:7b:c0:d6:c0:88:65:bb:fc:48:40:45:d3:
5f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:F2:36:BE:A6:E3:98:9B:0B:32:32:CF:BB:3C:B5:68:71:9E:A0:95
X509v3 Authority Key Identifier:
keyid:15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/6vI2vqbjmJsLMjLPuzy1aHGeoJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/FVCvriuu-2uI-XUbsyGOs5uUtXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.244.0/22
IPv6:
2a03:b840:2::/47
2a03:b840:12::/47
2a03:b840:100::/48
Signature Algorithm: sha256WithRSAEncryption
84:ac:2d:c7:18:fe:2e:9d:32:fa:ea:ea:fc:48:34:65:2b:75:
78:92:39:36:7e:ac:95:dd:d0:ca:ea:a6:cb:8a:c2:15:8f:15:
76:e2:ba:c0:2d:c3:db:d1:86:24:ad:58:6a:fe:91:c1:47:42:
07:16:5f:4b:b6:54:bf:13:df:08:6f:38:56:cd:62:c8:a4:da:
77:1e:ed:43:31:eb:95:16:15:5e:4d:d8:3f:3b:2b:96:c5:47:
0f:73:7e:f9:4f:ce:fd:42:32:0c:63:6e:05:94:25:1d:76:20:
6d:cc:a4:da:16:9d:ac:8a:ea:e2:28:ce:1c:33:dc:17:cf:bf:
c3:7c:b2:dd:a5:57:f2:54:a5:78:c0:7c:db:38:e9:fc:62:d3:
ed:0a:f7:df:3e:b6:87:e6:12:52:98:61:67:41:b1:01:7e:85:
85:6d:56:48:8b:71:a3:86:40:1f:62:a9:69:29:6b:d9:a9:9e:
a9:3c:2f:31:01:a8:ce:c8:b2:b4:49:1b:b7:7f:e5:30:a8:a9:
d4:62:d5:65:54:dc:03:b4:e4:db:f6:56:03:89:ff:55:7f:16:
5c:19:d6:a1:fa:6b:7c:1c:0b:86:e3:ee:6f:4c:94:c2:41:1e:
37:c5:e5:4d:a3:f1:bb:21:c4:fe:f0:1a:25:28:19:03:25:c1:
49:c4:74:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEHGohCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTUwYWZhZTJiYWVmYjZiODhmOTc1MWJiMzIxOGViMzliOTRiNTc2MB4XDTIyMDEw
MTA3NTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWFmMjM2YmVhNmUz
OTg5YjBiMzIzMmNmYmIzY2I1Njg3MTllYTA5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKzXFkp/PJU7M8zHhxFDE1+DgR3RzIuDeWyanBKSFc5zKFUC
SaSFStLJG5+Xwthc4L6aoUaZvLki0EiVgODeV8NJ21QVPsxJi1Mo1mYw8vrkDH79
SQW7H9l3vaULFRMCDLRH9q+R5zJ0P7uUoXYR1oguV2JwUgD8gi275DJg6kNeeY/T
gXAlg9r5lXxBcColpcx1BwMBQE/3Tb6g8o43kW/PH2+lzRao+r9P9cnCsYDAu3T8
mBXLzPSi/bzV4uAZnTqbNFJ0Gfge7HDr6lNUx03S4gktnb41EID6+0avjjtUourf
D1sQWfEgp2vf4J9XbvVHe8DWwIhlu/xIQEXTX6UCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTq8ja+puOYmwsyMs+7PLVocZ6glTAfBgNVHSMEGDAWgBQVUK+uK677a4j5
dRuzIY6zm5S1djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZWQ3ZyaXV1LTJ1SS1YVWJzeUdPczV1VXRYWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvNjI3OGM2LWMyMDEtNDc0MC1hNWYxLTY2ZDY3MWY4NDJiMy8x
LzZ2STJ2cWJqbUpzTE1qTFB1enkxYUhHZW9KVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
NjI3OGM2LWMyMDEtNDc0MC1hNWYxLTY2ZDY3MWY4NDJiMy8xL0ZWQ3ZyaXV1LTJ1
SS1YVWJzeUdPczV1VXRYWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEArkO9DAhBAIAAjAbAwcBKgO4QAAC
AwcBKgO4QAASAwcAKgO4QAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCErC3HGP4unTL6
6ur8SDRlK3V4kjk2fqyV3dDK6qbLisIVjxV24rrALcPb0YYkrVhq/pHBR0IHFl9L
tlS/E98IbzhWzWLIpNp3Hu1DMeuVFhVeTdg/OyuWxUcPc375T879QjIMY24FlCUd
diBtzKTaFp2siuriKM4cM9wXz7/DfLLdpVfyVKV4wHzbOOn8YtPtCvffPraH5hJS
mGFnQbEBfoWFbVZIi3GjhkAfYqlpKWvZqZ6pPC8xAajOyLK0SRu3f+UwqKnUYtVl
VNwDtOTb9lYDif9VfxZcGdah+mt8HAuG4+5vTJTCQR43xeVNo/G7IcT+8BolKBkD
JcFJxHSY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:50 2025 by rpki-client