Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/cCJj7YwldynPOLpZ3bZ3Sx1n1WU.roa
File: cCJj7YwldynPOLpZ3bZ3Sx1n1WU.roa (raw, json)
Hash identifier: e2sNmBIGYDUlOMjFwLFAEOOz7MeR928lOQcHJLvCI8M=
Subject key identifier: 70:22:63:ED:8C:25:77:29:CF:38:BA:59:DD:B6:77:4B:1D:67:D5:65
Certificate issuer: /CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Certificate serial: 0188A0810CB59BE80DF919A626C0C208A880
Authority key identifier: 62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/cCJj7YwldynPOLpZ3bZ3Sx1n1WU.roa
Signing time: Fri 09 Jun 2023 14:13:11 +0000
ROA not before: Fri 09 Jun 2023 14:13:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206163
IP address blocks: 194.156.236.0/24 maxlen: 24
194.156.237.0/24 maxlen: 24
194.156.238.0/24 maxlen: 24
194.156.239.0/24 maxlen: 24
185.194.172.0/24 maxlen: 24
185.194.173.0/24 maxlen: 24
185.194.174.0/24 maxlen: 24
185.194.175.0/24 maxlen: 24
2a0a:86c0:5::/48 maxlen: 48
2a0a:86c0::/48 maxlen: 48
2a0a:86c0:10::/48 maxlen: 48
2a0a:86c0:1000::/48 maxlen: 48
2a0a:86c0:6::/48 maxlen: 48
2a0a:86c0:9::/48 maxlen: 48
2a0a:86c0:4::/48 maxlen: 48
2a0a:86c0:8::/48 maxlen: 48
2a0a:86c0:3::/48 maxlen: 48
2a0a:86c0:1::/48 maxlen: 48
2a0a:86c0:1001::/48 maxlen: 48
2a0a:86c0:7::/48 maxlen: 48
2a0a:86c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a0:81:0c:b5:9b:e8:0d:f9:19:a6:26:c0:c2:08:a8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62f4b147ab0efebf3e46e6dea985d751877cbb4e
Validity
Not Before: Jun 9 14:13:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=702263ed8c257729cf38ba59ddb6774b1d67d565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:7d:9d:3e:19:44:49:91:81:04:3c:2c:9e:
3d:e3:ff:11:7d:96:07:a1:29:7d:81:55:91:93:58:
89:42:8d:60:4a:99:a2:85:fd:99:98:10:a3:41:b3:
ea:b0:08:8a:b3:83:b5:4a:47:6e:20:92:f1:a3:c9:
ac:b9:de:e8:33:aa:2d:22:7b:bd:82:a8:ac:66:04:
5c:7d:e0:d6:50:4d:e3:25:c8:6d:59:f0:e9:d1:a5:
1b:ec:ac:01:8d:e0:dc:cf:bd:ad:66:eb:e9:82:da:
e5:08:53:ef:3b:e5:97:71:29:ee:5e:52:29:6b:29:
df:5c:68:bb:83:b9:f7:c8:e0:a2:cf:c9:63:c9:d8:
34:ff:00:bb:99:62:f2:f3:cc:54:86:74:ab:92:14:
64:9a:d0:fe:2c:28:ea:c5:6f:ac:60:a7:62:d4:86:
84:c9:12:ca:5b:89:d9:8f:89:49:ce:3b:4b:a9:a7:
dc:60:a0:06:55:6c:16:27:73:a5:f9:4f:37:08:92:
8e:7c:33:ea:e7:16:93:3d:5f:72:8e:fd:1d:0e:dd:
46:3e:d4:f2:59:c6:11:bb:71:d9:39:ca:a2:08:ba:
c4:ce:c8:0b:76:d3:dd:d5:fa:60:e2:e4:c5:f2:3a:
51:0c:7c:56:bc:1b:81:d1:9e:e0:76:c3:f9:94:a3:
f7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:22:63:ED:8C:25:77:29:CF:38:BA:59:DD:B6:77:4B:1D:67:D5:65
X509v3 Authority Key Identifier:
keyid:62:F4:B1:47:AB:0E:FE:BF:3E:46:E6:DE:A9:85:D7:51:87:7C:BB:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvSxR6sO_r8-RubeqYXXUYd8u04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/cCJj7YwldynPOLpZ3bZ3Sx1n1WU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8e6e5a-aec0-40ad-a628-dab3a9f030dc/1/YvSxR6sO_r8-RubeqYXXUYd8u04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.172.0/22
194.156.236.0/22
IPv6:
2a0a:86c0::-2a0a:86c0:9:ffff:ffff:ffff:ffff:ffff
2a0a:86c0:10::/48
2a0a:86c0:1000::/47
Signature Algorithm: sha256WithRSAEncryption
11:b2:8c:a6:b3:bc:c3:0e:76:12:6b:24:3f:b6:18:48:63:ab:
48:35:db:f1:84:b2:79:2b:28:44:ac:d2:8a:3f:30:a2:e2:94:
58:52:ba:23:b5:f9:3a:18:60:09:d1:05:b8:1b:b4:5e:21:3d:
49:bd:50:bc:5a:9e:88:04:27:12:b6:f4:42:2f:b4:dd:14:db:
83:85:30:6a:d5:df:4a:a5:33:55:31:0b:4b:80:9f:40:a6:26:
64:e6:bf:75:93:ab:e9:c6:e9:05:d1:b0:95:70:e5:82:44:99:
1d:7d:f5:7b:89:42:c8:d9:44:f4:87:06:66:e3:f3:31:67:ce:
43:a2:9d:af:49:6d:09:c7:76:0e:0e:dd:1e:73:09:12:f2:99:
48:c9:d9:8e:1a:cf:1f:f3:02:27:18:a0:7c:63:49:e0:09:74:
6d:0c:54:4b:db:70:25:e9:36:36:1f:a0:85:45:c6:ec:b7:58:
c0:cd:9c:a5:7f:96:a3:92:f9:27:83:aa:72:8f:77:25:5f:25:
96:59:25:dd:fb:63:10:0b:7b:41:0c:68:8f:5d:35:92:77:b3:
f3:74:ff:d6:77:d3:02:b3:79:6e:cc:c0:77:2a:b0:78:61:47:
14:ef:4f:c0:ca:8e:4f:87:77:53:db:8b:41:45:24:5d:24:9c:
45:a3:61:02
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYiggQy1m+gN+RmmJsDCCKiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZjRiMTQ3YWIwZWZlYmYzZTQ2ZTZkZWE5ODVkNzUxODc3
Y2JiNGUwHhcNMjMwNjA5MTQxMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDIyNjNlZDhjMjU3NzI5Y2YzOGJhNTlkZGI2Nzc0YjFkNjdkNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOx9nT4ZREmRgQQ8LJ494/8RfZYH
oSl9gVWRk1iJQo1gSpmihf2ZmBCjQbPqsAiKs4O1SkduIJLxo8msud7oM6otInu9
gqisZgRcfeDWUE3jJchtWfDp0aUb7KwBjeDcz72tZuvpgtrlCFPvO+WXcSnuXlIp
aynfXGi7g7n3yOCiz8ljydg0/wC7mWLy88xUhnSrkhRkmtD+LCjqxW+sYKdi1IaE
yRLKW4nZj4lJzjtLqafcYKAGVWwWJ3Ol+U83CJKOfDPq5xaTPV9yjv0dDt1GPtTy
WcYRu3HZOcqiCLrEzsgLdtPd1fpg4uTF8jpRDHxWvBuB0Z7gdsP5lKP3HwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHAiY+2MJXcpzzi6Wd22d0sdZ9VlMB8GA1UdIwQY
MBaAFGL0sUerDv6/Pkbm3qmF11GHfLtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2Mjgt
ZGFiM2E5ZjAzMGRjLzEvY0NKajdZd2xkeW5QT0xwWjNiWjNTeDFuMVdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84ZTZlNWEtYWVjMC00MGFkLWE2MjgtZGFiM2E5ZjAzMGRj
LzEvWXZTeFI2c09fcjgtUnViZXFZWFhVWWQ4dTA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQCucKsAwQC
wpzsMCoEAgACMCQwEAMFBioKhsADBwEqCobAAAgDBwAqCobAABADBwEqCobAEAAw
DQYJKoZIhvcNAQELBQADggEBABGyjKazvMMOdhJrJD+2GEhjq0g12/GEsnkrKESs
0oo/MKLilFhSuiO1+ToYYAnRBbgbtF4hPUm9ULxanogEJxK29EIvtN0U24OFMGrV
30qlM1UxC0uAn0CmJmTmv3WTq+nG6QXRsJVw5YJEmR199XuJQsjZRPSHBmbj8zFn
zkOina9JbQnHdg4O3R5zCRLymUjJ2Y4azx/zAicYoHxjSeAJdG0MVEvbcCXpNjYf
oIVFxuy3WMDNnKV/lqOS+SeDqnKPdyVfJZZZJd37YxALe0EMaI9dNZJ3s/N0/9Z3
0wKzeW7MwHcqsHhhRxTvT8DKjk+Hd1Pbi0FFJF0knEWjYQI=
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:26:18 2025 by rpki-client