Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/Nu1H4tVHgkuvHxiNuiJa_DVbQxE.roa
File: Nu1H4tVHgkuvHxiNuiJa_DVbQxE.roa (raw, json)
Hash identifier: 8SEjscORiujde1WfEejjp7ZuJ+6Aen++90uQUBHvrfE=
Subject key identifier: 36:ED:47:E2:D5:47:82:4B:AF:1F:18:8D:BA:22:5A:FC:35:5B:43:11
Certificate issuer: /CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Certificate serial: 01856FF94C687FFDD96E0104AB56E0E34384
Authority key identifier: 77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/Nu1H4tVHgkuvHxiNuiJa_DVbQxE.roa
Signing time: Mon 02 Jan 2023 00:54:47 +0000
ROA not before: Mon 02 Jan 2023 00:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206893
IP address blocks: 185.172.230.0/24 maxlen: 24
185.172.229.0/24 maxlen: 24
185.172.231.0/24 maxlen: 24
185.172.228.0/24 maxlen: 24
2a0b:81c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:4c:68:7f:fd:d9:6e:01:04:ab:56:e0:e3:43:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c6fb655461d73fcf21e8612c318706a089a5c2
Validity
Not Before: Jan 2 00:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36ed47e2d547824baf1f188dba225afc355b4311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:83:3a:7a:c2:38:73:84:ec:a5:74:83:eb:dd:
de:f1:1b:d3:25:fd:5c:8d:a9:4e:3d:c7:18:f2:64:
56:9d:e9:01:61:62:22:ec:f8:05:2c:31:cf:ae:15:
d0:f5:2c:91:0c:f1:84:7a:0b:e9:b3:2a:5c:2c:85:
a9:db:0a:ea:c8:ec:df:91:49:6c:ac:b7:78:a8:c6:
17:3b:c2:82:6b:79:3a:b8:1f:20:e1:43:c3:a3:c2:
ef:06:36:a8:05:ef:ee:4f:68:bc:55:34:5b:95:0b:
eb:37:cc:6d:9c:bd:9d:65:ce:11:dd:58:18:fc:7b:
a6:f8:5e:84:bb:83:f1:b8:e6:31:db:50:96:ec:04:
3a:f7:c3:31:7e:de:84:2f:1e:e2:4a:d9:44:78:4a:
9f:0d:6f:84:da:26:6b:17:0b:5a:f2:0d:f0:d1:74:
28:61:8b:9d:f2:e7:8e:70:76:1c:6a:d4:4c:86:1b:
5d:95:9f:da:13:bc:f1:f7:22:e6:8f:54:c0:b2:7d:
1c:93:d3:25:07:5c:2d:55:c0:32:ac:ee:4f:8f:ff:
97:6a:56:4b:55:46:be:78:46:94:cb:d3:25:b8:45:
27:32:eb:9a:05:11:1f:d6:8c:31:24:66:9a:3a:f0:
32:1e:66:de:94:c9:4c:ac:29:da:98:06:68:00:3a:
7c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:ED:47:E2:D5:47:82:4B:AF:1F:18:8D:BA:22:5A:FC:35:5B:43:11
X509v3 Authority Key Identifier:
keyid:77:C6:FB:65:54:61:D7:3F:CF:21:E8:61:2C:31:87:06:A0:89:A5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8b7ZVRh1z_PIehhLDGHBqCJpcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/Nu1H4tVHgkuvHxiNuiJa_DVbQxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/df0e11-593a-4ee4-8dcf-ab3081b2aba4/1/d8b7ZVRh1z_PIehhLDGHBqCJpcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.228.0/22
IPv6:
2a0b:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:b9:a1:e2:ea:c2:09:de:1d:83:62:3c:c5:a7:7a:19:24:19:
9c:cc:f3:4d:61:f7:01:6a:9b:aa:da:74:af:2e:5a:31:23:ed:
6e:05:ec:c7:27:a0:81:66:2c:42:4e:4a:13:1d:ea:28:80:dc:
d3:27:84:e7:27:7a:9b:ad:14:84:d4:ce:23:41:53:47:1a:52:
63:81:70:07:fd:08:16:21:73:b8:c8:3c:84:7b:79:02:39:f1:
c4:7f:67:7a:2a:2c:a2:0d:04:5c:b4:20:fe:1e:2c:be:3b:98:
37:dc:35:65:5c:76:6a:cf:e8:36:1e:88:df:6d:e6:52:ac:be:
92:9b:a9:1f:f3:54:c2:62:02:07:5e:93:ff:d2:4d:e2:bc:7f:
79:28:04:ef:e2:9d:5f:da:c2:f2:44:0d:93:50:80:f3:79:c5:
74:24:22:56:9c:42:65:29:45:ab:3b:14:b5:f9:67:8e:ed:54:
1f:f0:05:f8:5a:ee:47:e4:ee:2e:9c:59:fc:56:4b:e6:d7:1d:
93:dc:06:71:13:88:30:51:f8:63:f1:73:4d:f0:5a:7c:bb:76:
67:ff:5b:36:47:31:ec:ae:40:05:e8:5d:ac:98:4d:21:d8:46:
d2:5d:54:07:73:09:80:6e:6d:24:e7:16:0a:b7:33:f2:a5:05:
1e:7e:9e:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv+Uxof/3ZbgEEq1bg40OEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzZmYjY1NTQ2MWQ3M2ZjZjIxZTg2MTJjMzE4NzA2YTA4
OWE1YzIwHhcNMjMwMTAyMDA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmVkNDdlMmQ1NDc4MjRiYWYxZjE4OGRiYTIyNWFmYzM1NWI0MzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoM6esI4c4TspXSD693e8RvTJf1c
jalOPccY8mRWnekBYWIi7PgFLDHPrhXQ9SyRDPGEegvpsypcLIWp2wrqyOzfkUls
rLd4qMYXO8KCa3k6uB8g4UPDo8LvBjaoBe/uT2i8VTRblQvrN8xtnL2dZc4R3VgY
/Hum+F6Eu4PxuOYx21CW7AQ698Mxft6ELx7iStlEeEqfDW+E2iZrFwta8g3w0XQo
YYud8ueOcHYcatRMhhtdlZ/aE7zx9yLmj1TAsn0ck9MlB1wtVcAyrO5Pj/+XalZL
VUa+eEaUy9MluEUnMuuaBREf1owxJGaaOvAyHmbelMlMrCnamAZoADp8gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDbtR+LVR4JLrx8YjboiWvw1W0MRMB8GA1UdIwQY
MBaAFHfG+2VUYdc/zyHoYSwxhwagiaXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2Yt
YWIzMDgxYjJhYmE0LzEvTnUxSDR0Vkhna3V2SHhpTnVpSmFfRFZiUXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kZjBlMTEtNTkzYS00ZWU0LThkY2YtYWIzMDgxYjJhYmE0
LzEvZDhiN1pWUmgxel9QSWVoaExER0hCcUNKcGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuazkMA0E
AgACMAcDBQMqC4HAMA0GCSqGSIb3DQEBCwUAA4IBAQBJuaHi6sIJ3h2DYjzFp3oZ
JBmczPNNYfcBapuq2nSvLloxI+1uBezHJ6CBZixCTkoTHeoogNzTJ4TnJ3qbrRSE
1M4jQVNHGlJjgXAH/QgWIXO4yDyEe3kCOfHEf2d6KiyiDQRctCD+Hiy+O5g33DVl
XHZqz+g2HojfbeZSrL6Sm6kf81TCYgIHXpP/0k3ivH95KATv4p1f2sLyRA2TUIDz
ecV0JCJWnEJlKUWrOxS1+WeO7VQf8AX4Wu5H5O4unFn8Vkvm1x2T3AZxE4gwUfhj
8XNN8Fp8u3Zn/1s2RzHsrkAF6F2smE0h2EbSXVQHcwmAbm0k5xYKtzPypQUefp6j
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:52 2025 by rpki-client