Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/7YQZrTYWtT0XL1Ac3NApm9na210.roa
File: 7YQZrTYWtT0XL1Ac3NApm9na210.roa (raw, json)
Hash identifier: i8glOP0Y1/JEZn4pNc6KvryXkyqDxAi+W4+90QtxAoc=
Subject key identifier: ED:84:19:AD:36:16:B5:3D:17:2F:50:1C:DC:D0:29:9B:D9:DA:DB:5D
Certificate issuer: /CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Certificate serial: 02878D07
Authority key identifier: 78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/7YQZrTYWtT0XL1Ac3NApm9na210.roa
Signing time: Sat 01 Jan 2022 07:59:37 +0000
ROA not before: Sat 01 Jan 2022 07:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200485
IP address blocks: 185.104.156.0/24 maxlen: 24
185.104.159.0/24 maxlen: 24
185.104.158.0/24 maxlen: 24
185.104.157.0/24 maxlen: 24
2a06:4200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42437895 (0x2878d07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Validity
Not Before: Jan 1 07:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed8419ad3616b53d172f501cdcd0299bd9dadb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9e:cf:4e:84:37:42:f9:c1:26:17:b6:57:2c:
80:8c:70:68:3e:cc:83:0a:20:f6:c5:33:16:1b:4d:
45:0c:12:8c:b4:75:b0:5f:c8:31:d2:9a:be:24:0d:
91:e5:26:16:00:c1:a1:f5:53:d1:fa:08:0d:00:d4:
91:1e:28:8e:d2:9f:40:4f:da:4a:7c:71:bf:e6:27:
00:ab:9e:c3:52:af:27:af:3b:50:5f:df:b3:60:64:
ce:a1:16:0d:ab:ce:34:f9:0a:aa:3c:49:cf:8f:44:
fe:72:1b:ba:e1:4e:f7:5a:43:4f:8c:08:bb:ca:e9:
d5:6e:db:c9:2b:8e:08:1b:72:55:ba:56:4f:cf:5d:
3c:53:a1:cc:bf:9f:cd:ca:ae:6c:ed:f4:cd:3b:d5:
4c:89:86:bb:46:6b:93:6e:39:92:43:4a:59:f4:bd:
ab:c8:9f:99:90:b3:15:94:93:bc:07:9b:43:11:57:
f5:94:38:ff:66:1a:bb:4f:e2:19:1f:27:35:a0:a6:
de:eb:64:fc:ac:20:e2:22:0a:d1:17:7f:95:4b:7f:
1e:29:8f:74:e3:70:a3:3e:19:8e:92:0e:b5:ce:50:
7d:9c:64:bf:37:46:59:e2:6c:0d:09:a2:52:b1:a9:
be:43:af:c4:64:8e:50:81:13:9e:d9:a0:62:3e:de:
46:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:84:19:AD:36:16:B5:3D:17:2F:50:1C:DC:D0:29:9B:D9:DA:DB:5D
X509v3 Authority Key Identifier:
keyid:78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/7YQZrTYWtT0XL1Ac3NApm9na210.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/eEOlOB3OKHe7w1GmhO_OzdYT46o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.156.0/22
IPv6:
2a06:4200::/29
Signature Algorithm: sha256WithRSAEncryption
78:c8:b7:86:01:d4:90:29:d4:94:9d:23:3f:eb:e4:a5:8f:aa:
cf:39:4a:16:b5:91:88:db:8b:69:a9:e9:5b:86:6a:f3:a0:5b:
c5:c6:a8:6f:ae:07:b1:72:86:a1:14:71:01:68:11:66:bf:53:
f0:ea:1c:77:12:40:19:80:19:ac:0d:51:15:53:70:b6:35:b8:
34:97:75:06:2a:e7:f5:83:b4:02:d0:5d:4e:d2:0b:75:e0:1b:
96:ed:0b:eb:e2:d2:bd:03:d7:2b:2c:7e:c0:c3:55:19:d7:5b:
59:7c:bd:43:8c:c7:8f:50:07:36:ba:7d:a1:28:63:e2:37:60:
51:98:0d:78:1f:90:c7:04:94:25:e8:93:6e:72:47:6d:1f:05:
39:44:6b:2f:ff:8d:5f:1d:71:43:13:31:0d:9e:78:35:bf:de:
b1:60:f3:c1:91:5e:9b:ab:51:94:3f:45:e3:d3:33:9c:66:45:
8d:88:58:e6:32:bb:09:3b:c8:74:01:3e:9b:75:a7:52:a8:98:
d7:98:63:67:9e:c0:c7:c8:b0:a9:fa:7e:4a:a4:26:ac:09:90:
2e:5b:ba:10:2a:33:5a:ea:7f:7b:1a:19:f6:b6:23:67:95:64:
32:ec:d2:4b:78:37:9d:ac:05:7c:e8:6c:60:57:b7:2d:f2:68:
b3:d4:da:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAoeNBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODQzYTUzODFkY2UyODc3YmJjMzUxYTY4NGVmY2VjZGQ2MTNlM2FhMB4XDTIyMDEw
MTA3NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ4NDE5YWQzNjE2
YjUzZDE3MmY1MDFjZGNkMDI5OWJkOWRhZGI1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyez06EN0L5wSYXtlcsgIxwaD7Mgwog9sUzFhtNRQwSjLR1
sF/IMdKaviQNkeUmFgDBofVT0foIDQDUkR4ojtKfQE/aSnxxv+YnAKuew1KvJ687
UF/fs2BkzqEWDavONPkKqjxJz49E/nIbuuFO91pDT4wIu8rp1W7bySuOCBtyVbpW
T89dPFOhzL+fzcqubO30zTvVTImGu0Zrk245kkNKWfS9q8ifmZCzFZSTvAebQxFX
9ZQ4/2Yau0/iGR8nNaCm3utk/Kwg4iIK0Rd/lUt/HimPdONwoz4ZjpIOtc5QfZxk
vzdGWeJsDQmiUrGpvkOvxGSOUIETntmgYj7eRmMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTthBmtNha1PRcvUBzc0Cmb2drbXTAfBgNVHSMEGDAWgBR4Q6U4Hc4od7vD
UaaE787N1hPjqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VFT2xPQjNPS0hlN3cxR21oT19PemRZVDQ2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTkvZGU0ZDBmLTdmOGUtNGQ3ZS1iYmIwLTA3MzE5YzcyOGNhMi8x
LzdZUVpyVFlXdFQwWEwxQWMzTkFwbTluYTIxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTkv
ZGU0ZDBmLTdmOGUtNGQ3ZS1iYmIwLTA3MzE5YzcyOGNhMi8xL2VFT2xPQjNPS0hl
N3cxR21oT19PemRZVDQ2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlonDANBAIAAjAHAwUDKgZCADAN
BgkqhkiG9w0BAQsFAAOCAQEAeMi3hgHUkCnUlJ0jP+vkpY+qzzlKFrWRiNuLaanp
W4Zq86Bbxcaob64HsXKGoRRxAWgRZr9T8OocdxJAGYAZrA1RFVNwtjW4NJd1Birn
9YO0AtBdTtILdeAblu0L6+LSvQPXKyx+wMNVGddbWXy9Q4zHj1AHNrp9oShj4jdg
UZgNeB+QxwSUJeiTbnJHbR8FOURrL/+NXx1xQxMxDZ54Nb/esWDzwZFem6tRlD9F
49MznGZFjYhY5jK7CTvIdAE+m3WnUqiY15hjZ57Ax8iwqfp+SqQmrAmQLlu6ECoz
Wup/exoZ9rYjZ5VkMuzSS3g3nawFfOhsYFe3LfJos9TaGQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:19 2025 by rpki-client