Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/EhX-vaSbbyT0Zi8hGTY8yOwbh_0.roa
File: EhX-vaSbbyT0Zi8hGTY8yOwbh_0.roa (raw, json)
Hash identifier: +DGOvngCdXXCO5AsNfpH2xCoAJU15yD6CAkaR54cgz4=
Subject key identifier: 12:15:FE:BD:A4:9B:6F:24:F4:66:2F:21:19:36:3C:C8:EC:1B:87:FD
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 02F60D0A
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/EhX-vaSbbyT0Zi8hGTY8yOwbh_0.roa
Signing time: Sat 01 Jan 2022 07:53:21 +0000
ROA not before: Sat 01 Jan 2022 07:53:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3339
IP address blocks: 185.209.120.0/22 maxlen: 22
185.255.104.0/22 maxlen: 22
185.177.168.0/22 maxlen: 22
185.233.76.0/22 maxlen: 22
185.73.188.0/22 maxlen: 22
185.72.12.0/24 maxlen: 24
185.72.12.0/22 maxlen: 22
185.95.56.0/22 maxlen: 22
91.200.244.0/22 maxlen: 22
176.97.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 49679626 (0x2f60d0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Jan 1 07:53:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1215febda49b6f24f4662f2119363cc8ec1b87fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:63:29:21:e5:bd:3c:80:26:a1:d9:0f:ce:39:
66:5e:b1:67:67:ef:aa:d7:ff:ff:fa:af:45:e7:dc:
17:04:91:25:c8:32:e3:3c:87:1f:43:72:9e:6a:46:
c8:ec:85:f2:de:6e:e1:fd:76:c5:19:2e:64:87:ac:
4c:5d:f6:bb:27:89:55:c6:b2:11:54:92:9a:2f:59:
1b:25:58:81:f0:8b:f9:6a:46:b0:8d:2b:26:f0:d8:
17:9f:23:c7:dd:07:4d:25:3b:34:97:a1:17:e7:99:
c9:66:f0:67:99:20:8b:4c:98:6a:7b:a2:8c:ef:b5:
de:02:27:33:20:f9:c8:44:b2:be:20:6b:43:d1:f7:
61:2d:ae:71:95:ab:f6:20:98:15:d6:ce:02:df:c5:
37:19:a7:7f:67:66:6a:4f:42:3a:8b:b8:f6:3d:c6:
95:93:3b:9b:a7:0f:09:77:30:fc:18:d9:5d:ad:4e:
5b:81:b6:57:26:ef:10:f7:24:4f:23:c3:7a:ce:55:
2f:db:dc:03:66:6f:4d:75:f6:00:a5:39:68:04:98:
43:bd:20:0b:19:43:f2:de:32:9b:7a:ee:50:f9:70:
73:71:97:11:61:7a:5c:2c:4c:be:c3:e4:aa:b4:f9:
a1:ea:e4:aa:c6:83:77:49:e0:da:66:03:70:37:c3:
a8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:15:FE:BD:A4:9B:6F:24:F4:66:2F:21:19:36:3C:C8:EC:1B:87:FD
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/EhX-vaSbbyT0Zi8hGTY8yOwbh_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.244.0/22
176.97.224.0/22
185.72.12.0/22
185.73.188.0/22
185.95.56.0/22
185.177.168.0/22
185.209.120.0/22
185.233.76.0/22
185.255.104.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:1f:a7:63:91:a5:41:65:e7:14:f1:b6:c8:a4:ff:96:ca:68:
df:26:18:58:2e:97:92:67:df:b4:b0:36:85:41:ba:49:3a:2a:
b8:2c:26:0a:00:fe:1c:4f:4f:46:db:dd:ed:10:0c:3d:83:36:
11:65:b1:64:d7:e6:12:33:d5:0e:1c:6b:12:ac:eb:83:e3:b4:
8b:ef:31:ff:c2:df:b4:46:ad:6b:a4:f3:6f:ad:9e:8b:86:f5:
ff:7d:19:74:80:91:f6:8f:81:56:11:d3:67:89:4c:e9:0e:c8:
96:6d:90:f3:d8:1a:5b:45:01:c2:25:0b:e5:9b:46:e1:3c:09:
75:30:d9:ac:e0:e9:7d:81:23:11:6a:d5:50:98:63:d3:4e:a3:
ca:0c:80:20:99:85:4f:87:50:b0:1e:45:6d:8d:b6:5a:4e:7c:
22:62:8c:17:94:34:c6:da:1f:72:5e:3c:19:3d:d9:e4:f0:67:
f9:a8:ae:f1:36:9e:5b:6f:de:44:4a:39:65:85:2f:f6:6e:27:
a9:75:b4:67:0e:f3:ea:17:eb:84:f1:8d:8d:b7:a9:e4:e1:a6:
cb:f6:07:11:a5:39:ef:4b:63:a2:3d:01:05:f8:7f:36:b5:35:
86:b0:60:b1:9a:5e:8d:b3:62:08:1b:59:ad:a0:54:7c:28:8e:
d6:fc:47:f7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEAvYNCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDk0YTQyNTU5NWU5MjNjNGI1M2I5YzAwMGFhOGYxOWFkOTIzZjIwMB4XDTIyMDEw
MTA3NTMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTIxNWZlYmRhNDli
NmYyNGY0NjYyZjIxMTkzNjNjYzhlYzFiODdmZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtjKSHlvTyAJqHZD845Zl6xZ2fvqtf///qvRefcFwSRJcgy
4zyHH0NynmpGyOyF8t5u4f12xRkuZIesTF32uyeJVcayEVSSmi9ZGyVYgfCL+WpG
sI0rJvDYF58jx90HTSU7NJehF+eZyWbwZ5kgi0yYanuijO+13gInMyD5yESyviBr
Q9H3YS2ucZWr9iCYFdbOAt/FNxmnf2dmak9COou49j3GlZM7m6cPCXcw/BjZXa1O
W4G2VybvEPckTyPDes5VL9vcA2ZvTXX2AKU5aASYQ70gCxlD8t4ym3ruUPlwc3GX
EWF6XCxMvsPkqrT5oerkqsaDd0ng2mYDcDfDqM0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQSFf69pJtvJPRmLyEZNjzI7BuH/TAfBgNVHSMEGDAWgBRwlKQlWV6SPEtT
ucAAqo8ZrZI/IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NKU2tKVmxla2p4TFU3bkFBS3FQR2EyU1B5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8x
L0VoWC12YVNiYnlUMFppOGhHVFk4eU93YmhfMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8xL2NKU2tKVmxla2p4
TFU3bkFBS3FQR2EyU1B5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAlvI9AMEArBh4AMEArlIDAMEArlJ
vAMEArlfOAMEArmxqAMEArnReAMEArnpTAMEArn/aDANBgkqhkiG9w0BAQsFAAOC
AQEAjx+nY5GlQWXnFPG2yKT/lspo3yYYWC6XkmfftLA2hUG6SToquCwmCgD+HE9P
Rtvd7RAMPYM2EWWxZNfmEjPVDhxrEqzrg+O0i+8x/8LftEata6Tzb62ei4b1/30Z
dICR9o+BVhHTZ4lM6Q7Ilm2Q89gaW0UBwiUL5ZtG4TwJdTDZrODpfYEjEWrVUJhj
006jygyAIJmFT4dQsB5FbY22Wk58ImKMF5Q0xtofcl48GT3Z5PBn+aiu8TaeW2/e
REo5ZYUv9m4nqXW0Zw7z6hfrhPGNjbep5OGmy/YHEaU570tjoj0BBfh/NrU1hrBg
sZpejbNiCBtZraBUfCiO1vxH9w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:40:51 2025 by rpki-client