Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/JFUSWsIjnvoe4tGBaIwF7CGuaKc.roa
File: JFUSWsIjnvoe4tGBaIwF7CGuaKc.roa (raw, json)
Hash identifier: GoRnAnamULInhYZajWJYHE4FBx+IY5sd4HJKz3g2X/w=
Subject key identifier: 24:55:12:5A:C2:23:9E:FA:1E:E2:D1:81:68:8C:05:EC:21:AE:68:A7
Certificate issuer: /CN=85db83a8365a604476f282d24d327ad1ef0fde52
Certificate serial: 018570FBB1524CE2C7C019340731F32245C5
Authority key identifier: 85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/JFUSWsIjnvoe4tGBaIwF7CGuaKc.roa
Signing time: Mon 02 Jan 2023 05:37:01 +0000
ROA not before: Mon 02 Jan 2023 05:37:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41960
IP address blocks: 185.199.232.0/22 maxlen: 24
46.226.236.0/22 maxlen: 24
213.5.232.0/22 maxlen: 24
185.25.80.0/22 maxlen: 24
185.199.188.0/22 maxlen: 24
2a00:c600::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b1:52:4c:e2:c7:c0:19:34:07:31:f3:22:45:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85db83a8365a604476f282d24d327ad1ef0fde52
Validity
Not Before: Jan 2 05:37:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2455125ac2239efa1ee2d181688c05ec21ae68a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b6:e5:b5:c8:92:e7:c4:7d:50:6c:96:cc:b1:
5e:8d:68:6c:e2:48:d3:bb:c8:5b:40:31:ee:29:c0:
f7:50:79:23:42:fa:9a:95:b5:2d:a6:e3:04:bf:dc:
6c:f4:93:31:86:03:4b:9f:1d:7a:0f:9e:cf:ff:d9:
b6:d3:8d:36:06:a6:d4:fd:41:ec:81:85:a8:2f:e8:
53:e5:58:86:e7:6a:96:c1:89:b0:16:d0:3e:17:aa:
60:31:07:b5:c6:79:89:e6:a3:fa:cb:bf:e3:fb:70:
4e:86:3d:1f:db:1e:6d:e2:12:74:b1:12:3b:0e:21:
6b:a5:24:28:58:d0:c0:2b:e3:4b:32:b0:6b:8f:ce:
5e:cf:99:e2:67:a5:e9:0f:1d:16:19:64:16:e5:2d:
5c:68:8b:20:ea:d3:d0:4b:ca:6a:94:f4:0c:1b:39:
2d:4b:2b:88:1d:77:39:5a:0a:8e:be:dc:2b:5c:72:
52:ad:e8:de:e7:ff:ef:a0:53:92:ee:d8:7e:a6:86:
0d:d5:03:34:cb:03:17:79:03:1d:67:84:31:a5:8c:
a6:84:36:93:6d:d4:56:96:3b:7c:82:85:fb:4c:ce:
04:a4:3c:61:c3:23:8c:f0:74:3c:91:6a:58:25:06:
bb:b1:86:2d:7b:a9:a6:15:01:13:6f:27:ad:8a:54:
4d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:55:12:5A:C2:23:9E:FA:1E:E2:D1:81:68:8C:05:EC:21:AE:68:A7
X509v3 Authority Key Identifier:
keyid:85:DB:83:A8:36:5A:60:44:76:F2:82:D2:4D:32:7A:D1:EF:0F:DE:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hduDqDZaYER28oLSTTJ60e8P3lI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/JFUSWsIjnvoe4tGBaIwF7CGuaKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/2c8f08-e599-44f3-bbc1-8cbef913e342/1/hduDqDZaYER28oLSTTJ60e8P3lI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.236.0/22
185.25.80.0/22
185.199.188.0/22
185.199.232.0/22
213.5.232.0/22
IPv6:
2a00:c600::/29
Signature Algorithm: sha256WithRSAEncryption
0d:12:ef:b3:74:bd:30:26:0e:a5:f2:76:88:e8:10:eb:51:e2:
31:eb:84:22:af:01:30:86:1d:78:e2:bd:36:04:03:7f:03:36:
5c:b1:e2:ab:c1:f7:00:1c:bc:90:c0:2e:8d:b9:29:27:c3:90:
22:c0:53:36:e9:8b:57:58:1d:0d:a1:c3:92:71:a3:4c:fe:58:
d4:1f:7d:94:c2:28:34:a2:d5:1e:2f:4a:c5:04:53:47:6f:85:
90:f7:47:10:a7:47:2d:51:3b:08:5f:0a:ae:32:d7:50:86:e9:
e6:d7:40:52:7f:cd:a5:6d:b1:1c:01:03:61:41:61:2d:60:e9:
de:ea:26:27:a8:01:34:39:dc:03:d6:f2:8a:a0:0e:bf:b0:39:
b0:b8:40:09:b7:d5:f2:c7:05:d5:81:da:2b:f2:b7:33:06:d3:
0c:cc:73:99:3b:f1:7c:98:c5:76:2a:ef:4e:16:85:e7:07:c0:
30:26:2f:0d:dc:c9:af:81:6c:54:0f:d0:59:ec:c7:b3:51:f9:
66:f5:b0:12:d7:95:10:35:0a:4b:51:77:32:af:9f:c7:a7:60:
64:5f:09:e1:bf:14:d4:d5:f8:fb:8f:ca:67:e1:8a:d4:f1:98:
71:11:6f:56:c3:de:ac:78:ad:31:fa:e5:7b:c1:15:30:c4:60:
65:15:ff:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw+7FSTOLHwBk0BzHzIkXFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGI4M2E4MzY1YTYwNDQ3NmYyODJkMjRkMzI3YWQxZWYw
ZmRlNTIwHhcNMjMwMTAyMDUzNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDU1MTI1YWMyMjM5ZWZhMWVlMmQxODE2ODhjMDVlYzIxYWU2OGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLbltciS58R9UGyWzLFejWhs4kjT
u8hbQDHuKcD3UHkjQvqalbUtpuMEv9xs9JMxhgNLnx16D57P/9m20402BqbU/UHs
gYWoL+hT5ViG52qWwYmwFtA+F6pgMQe1xnmJ5qP6y7/j+3BOhj0f2x5t4hJ0sRI7
DiFrpSQoWNDAK+NLMrBrj85ez5niZ6XpDx0WGWQW5S1caIsg6tPQS8pqlPQMGzkt
SyuIHXc5WgqOvtwrXHJSreje5//voFOS7th+poYN1QM0ywMXeQMdZ4QxpYymhDaT
bdRWljt8goX7TM4EpDxhwyOM8HQ8kWpYJQa7sYYte6mmFQETbyetilRNIQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCRVElrCI576HuLRgWiMBewhrminMB8GA1UdIwQY
MBaAFIXbg6g2WmBEdvKC0k0yetHvD95SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEt
OGNiZWY5MTNlMzQyLzEvSkZVU1dzSWpudm9lNHRHQmFJd0Y3Q0d1YUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yYzhmMDgtZTU5OS00NGYzLWJiYzEtOGNiZWY5MTNlMzQy
LzEvaGR1RHFEWmFZRVIyOG9MU1RUSjYwZThQM2xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLuLsAwQC
uRlQAwQCuce8AwQCucfoAwQC1QXoMA0EAgACMAcDBQMqAMYAMA0GCSqGSIb3DQEB
CwUAA4IBAQANEu+zdL0wJg6l8naI6BDrUeIx64QirwEwhh144r02BAN/AzZcseKr
wfcAHLyQwC6NuSknw5AiwFM26YtXWB0NocOScaNM/ljUH32Uwig0otUeL0rFBFNH
b4WQ90cQp0ctUTsIXwquMtdQhunm10BSf82lbbEcAQNhQWEtYOne6iYnqAE0OdwD
1vKKoA6/sDmwuEAJt9XyxwXVgdor8rczBtMMzHOZO/F8mMV2Ku9OFoXnB8AwJi8N
3MmvgWxUD9BZ7MezUflm9bAS15UQNQpLUXcyr5/Hp2BkXwnhvxTU1fj7j8pn4YrU
8ZhxEW9Ww96seK0x+uV7wRUwxGBlFf/y
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:56:42 2025 by rpki-client