Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/bZbgLmByTbgjRMwR7Fv13-wj78A.roa
File: bZbgLmByTbgjRMwR7Fv13-wj78A.roa (raw, json)
Hash identifier: 9SvR09dApN4mj3l9vbfKLodfUaz2mH3qCt8Bp/VFJwY=
Subject key identifier: 6D:96:E0:2E:60:72:4D:B8:23:44:CC:11:EC:5B:F5:DF:EC:23:EF:C0
Certificate issuer: /CN=3fac69adaf000dd77a4b001877c258a21d1ff6a0
Certificate serial: 0185725596D264040197A9BAAE53A48A7B70
Authority key identifier: 3F:AC:69:AD:AF:00:0D:D7:7A:4B:00:18:77:C2:58:A2:1D:1F:F6:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6xpra8ADdd6SwAYd8JYoh0f9qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/bZbgLmByTbgjRMwR7Fv13-wj78A.roa
Signing time: Mon 02 Jan 2023 11:54:49 +0000
ROA not before: Mon 02 Jan 2023 11:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205556
IP address blocks: 185.213.180.0/22 maxlen: 22
185.213.180.0/24 maxlen: 24
185.213.181.0/24 maxlen: 24
185.213.182.0/24 maxlen: 24
185.213.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:96:d2:64:04:01:97:a9:ba:ae:53:a4:8a:7b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fac69adaf000dd77a4b001877c258a21d1ff6a0
Validity
Not Before: Jan 2 11:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d96e02e60724db82344cc11ec5bf5dfec23efc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9c:43:73:96:1e:8a:38:ec:fe:ab:d7:28:51:
0e:9c:08:46:dc:a3:3a:0d:f7:8c:13:cd:ac:c3:ff:
a8:22:16:43:b7:4c:3f:62:3b:af:c9:d4:4c:5e:a8:
64:4a:90:5d:1f:f6:15:26:32:42:e7:21:68:54:6b:
c2:8f:7a:a4:47:a2:25:e3:c8:05:7a:7b:61:4c:4b:
5f:52:25:09:6e:e5:d8:8b:ca:6c:f8:fe:17:9d:3a:
c9:ad:88:c9:96:14:01:d1:69:91:30:df:10:ce:03:
d1:d1:03:41:3e:77:fa:9c:2c:46:19:d3:f0:82:f3:
13:26:bc:88:39:ef:56:76:d1:80:d9:29:53:40:1d:
93:34:b5:2a:9a:88:65:b2:be:38:3d:60:73:65:8c:
53:6f:2c:4f:6a:53:43:ce:17:8f:2e:35:8e:bb:79:
1e:36:3a:eb:56:fd:4c:84:d5:40:7f:74:b8:e8:b0:
f7:3a:0c:71:ad:b9:e2:56:03:38:e7:4f:bf:cb:be:
db:99:c4:be:e8:ba:3d:4e:b1:64:e5:a6:fb:4a:2c:
56:83:20:9c:5d:f1:4e:d1:55:00:29:f3:ad:22:15:
3c:a3:0c:d9:d5:7e:ec:ae:6f:31:b4:69:17:2e:e3:
5c:06:89:07:cb:c0:50:21:d2:63:34:b8:2f:2f:49:
99:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:96:E0:2E:60:72:4D:B8:23:44:CC:11:EC:5B:F5:DF:EC:23:EF:C0
X509v3 Authority Key Identifier:
keyid:3F:AC:69:AD:AF:00:0D:D7:7A:4B:00:18:77:C2:58:A2:1D:1F:F6:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6xpra8ADdd6SwAYd8JYoh0f9qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/bZbgLmByTbgjRMwR7Fv13-wj78A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d503fd-9d4b-4563-9cdf-b6e0f3e95cad/1/P6xpra8ADdd6SwAYd8JYoh0f9qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.180.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:5b:db:d9:d4:2d:ea:47:1e:1f:18:ef:3f:94:97:91:9c:b0:
66:08:9a:9f:31:4b:a2:8c:69:a0:50:2e:51:63:82:02:b4:6c:
d4:a1:7b:a3:76:5f:08:ea:d7:bf:c9:b8:15:93:94:87:94:29:
fc:98:51:61:5a:8e:71:e5:92:82:1e:1c:18:c6:cc:ca:aa:03:
0a:ca:24:34:0c:3c:0b:49:50:f2:fb:db:32:d7:3f:b3:d3:d9:
ed:8f:2c:82:4f:95:0f:19:c1:0e:3e:f6:0e:1c:27:96:80:a3:
7d:c7:6b:61:a4:d2:5f:41:c1:4e:a2:e8:dc:a8:f7:4d:d4:f4:
63:04:e5:bb:71:91:b1:a2:84:93:33:ce:63:cb:5f:ef:0b:7a:
bd:7f:49:e6:c3:07:0b:41:dc:ae:03:5b:88:e6:3f:4a:a8:4f:
ea:a0:15:52:6b:64:9e:10:79:c6:0e:83:93:af:4d:23:17:b2:
19:cc:4b:f6:bd:f1:74:78:61:23:89:9c:82:f1:7c:57:b6:58:
e1:08:b4:13:46:d9:70:96:f1:ab:d2:0d:1a:b9:02:38:0e:a9:
14:8a:b2:4d:ad:00:75:62:25:f0:e1:a9:10:a7:a8:d6:2a:22:
39:12:f8:39:6d:4d:83:09:15:b4:da:49:42:fb:a2:7b:6e:24:
5d:70:cd:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVZbSZAQBl6m6rlOkintwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYWM2OWFkYWYwMDBkZDc3YTRiMDAxODc3YzI1OGEyMWQx
ZmY2YTAwHhcNMjMwMTAyMTE1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk2ZTAyZTYwNzI0ZGI4MjM0NGNjMTFlYzViZjVkZmVjMjNlZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpxDc5Yeijjs/qvXKFEOnAhG3KM6
DfeME82sw/+oIhZDt0w/YjuvydRMXqhkSpBdH/YVJjJC5yFoVGvCj3qkR6Il48gF
enthTEtfUiUJbuXYi8ps+P4XnTrJrYjJlhQB0WmRMN8QzgPR0QNBPnf6nCxGGdPw
gvMTJryIOe9WdtGA2SlTQB2TNLUqmohlsr44PWBzZYxTbyxPalNDzhePLjWOu3ke
NjrrVv1MhNVAf3S46LD3OgxxrbniVgM450+/y77bmcS+6Lo9TrFk5ab7SixWgyCc
XfFO0VUAKfOtIhU8owzZ1X7srm8xtGkXLuNcBokHy8BQIdJjNLgvL0mZ2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2W4C5gck24I0TMEexb9d/sI+/AMB8GA1UdIwQY
MBaAFD+saa2vAA3XeksAGHfCWKIdH/agMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZ4cHJhOEFEZGQ2U3dBWWQ4SllvaDBmOXFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kNTAzZmQtOWQ0Yi00NTYzLTljZGYt
YjZlMGYzZTk1Y2FkLzEvYlpiZ0xtQnlUYmdqUk13UjdGdjEzLXdqNzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kNTAzZmQtOWQ0Yi00NTYzLTljZGYtYjZlMGYzZTk1Y2Fk
LzEvUDZ4cHJhOEFEZGQ2U3dBWWQ4SllvaDBmOXFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudW0MA0G
CSqGSIb3DQEBCwUAA4IBAQBqW9vZ1C3qRx4fGO8/lJeRnLBmCJqfMUuijGmgUC5R
Y4ICtGzUoXujdl8I6te/ybgVk5SHlCn8mFFhWo5x5ZKCHhwYxszKqgMKyiQ0DDwL
SVDy+9sy1z+z09ntjyyCT5UPGcEOPvYOHCeWgKN9x2thpNJfQcFOoujcqPdN1PRj
BOW7cZGxooSTM85jy1/vC3q9f0nmwwcLQdyuA1uI5j9KqE/qoBVSa2SeEHnGDoOT
r00jF7IZzEv2vfF0eGEjiZyC8XxXtljhCLQTRtlwlvGr0g0auQI4DqkUirJNrQB1
YiXw4akQp6jWKiI5Evg5bU2DCRW02klC+6J7biRdcM3p
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:43:47 2025 by rpki-client