Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/k6MeU5ZfQSGxxm739A-fofn-wAo.roa
File: k6MeU5ZfQSGxxm739A-fofn-wAo.roa (raw, json)
Hash identifier: 6yhwoWiwxI94IYvMbTkFWXMrAOuSv7JNDZWf/3C3EDs=
Subject key identifier: 93:A3:1E:53:96:5F:41:21:B1:C6:6E:F7:F4:0F:9F:A1:F9:FE:C0:0A
Certificate issuer: /CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Certificate serial: 01854FB8FE3E5F8C51D3A6B8EB16F7FE9D98
Authority key identifier: 09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/k6MeU5ZfQSGxxm739A-fofn-wAo.roa
Signing time: Mon 26 Dec 2022 18:36:41 +0000
ROA not before: Mon 26 Dec 2022 18:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 194.110.170.0/24 maxlen: 24
194.110.168.0/24 maxlen: 24
185.84.182.0/24 maxlen: 24
185.84.181.0/24 maxlen: 24
185.84.180.0/24 maxlen: 24
185.84.183.0/24 maxlen: 24
2a05:a740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:b8:fe:3e:5f:8c:51:d3:a6:b8:eb:16:f7:fe:9d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09253886a0250a04ec69be00bbf8433c2f014b7c
Validity
Not Before: Dec 26 18:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93a31e53965f4121b1c66ef7f40f9fa1f9fec00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:30:f8:b3:46:39:9c:62:b9:5e:9e:74:e0:2e:
c3:1b:b2:0f:2c:81:8c:1e:9b:cc:3a:2c:37:0c:fe:
62:a6:e0:17:df:bd:20:8a:e7:33:cd:a0:75:1e:ac:
50:92:fc:aa:b6:db:74:83:47:91:ff:89:d1:54:30:
3e:fc:f0:e7:f5:50:77:2e:11:ec:0a:44:f2:a3:c6:
57:3e:20:8a:77:11:2e:aa:8e:6f:fb:50:15:74:e6:
11:21:b1:87:7d:e2:96:e8:88:83:a8:96:cf:bb:a9:
ef:f3:d5:75:a8:11:d5:bc:81:b9:7d:63:c3:93:5c:
49:ee:8f:9d:c9:f0:6d:54:42:ba:74:3b:da:23:79:
3f:2a:7a:44:7f:aa:ce:97:f0:7f:5e:3c:32:5c:e2:
e0:7c:70:3d:bb:74:12:ee:e7:13:b9:4e:a9:e0:f1:
3b:84:f7:cd:81:dd:5b:52:a8:38:d1:3d:b9:fa:9f:
30:c1:0d:75:fd:94:12:b3:24:d5:35:8e:8e:c0:9c:
a5:67:5a:82:9b:88:9e:83:70:6f:92:fe:f3:48:4d:
85:e9:07:8d:ce:44:45:93:6e:e7:b1:38:86:fb:73:
0d:a3:d1:74:17:ff:84:6b:fc:a2:97:ee:bc:64:ab:
91:a3:68:ae:29:a3:75:ba:eb:7e:80:0c:c9:71:24:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:A3:1E:53:96:5F:41:21:B1:C6:6E:F7:F4:0F:9F:A1:F9:FE:C0:0A
X509v3 Authority Key Identifier:
keyid:09:25:38:86:A0:25:0A:04:EC:69:BE:00:BB:F8:43:3C:2F:01:4B:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CSU4hqAlCgTsab4Au_hDPC8BS3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/k6MeU5ZfQSGxxm739A-fofn-wAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/36f83e-6be6-42c5-8380-114ad41cf331/1/CSU4hqAlCgTsab4Au_hDPC8BS3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.180.0/22
194.110.168.0/24
194.110.170.0/24
IPv6:
2a05:a740::/29
Signature Algorithm: sha256WithRSAEncryption
7a:20:74:73:6d:a1:19:6f:ee:81:cc:63:37:e5:21:6d:c2:3f:
f7:25:cb:e7:32:09:a7:c7:31:fd:1f:b8:9d:ef:b5:94:7c:57:
e2:55:56:9d:bb:01:74:81:cc:18:7b:da:5b:70:a2:27:a5:bf:
b7:9c:f3:d8:d9:68:35:b6:1e:78:b4:60:0f:af:76:61:b6:2d:
95:1e:30:fe:97:b8:f7:72:9f:0b:e6:bf:d9:de:e4:81:58:5e:
32:0b:18:c6:9f:be:0d:9a:89:4c:56:73:9a:11:08:ba:d6:8f:
2c:9f:72:3a:d7:88:a1:2a:ca:66:e2:a1:95:b0:62:13:13:46:
0b:6b:95:21:d0:55:ad:e0:4d:60:28:fa:9a:04:ee:89:1f:b5:
75:9f:67:ba:3e:bf:4d:2e:14:43:e1:4b:6d:d2:ae:e8:16:93:
57:88:ab:44:c9:75:23:94:ad:e2:a2:51:6b:73:72:11:e7:cd:
9d:7a:a4:0f:b0:92:04:c2:84:5f:83:2a:bb:67:d5:6a:56:ab:
20:ab:9f:26:06:40:cd:c7:df:20:38:e3:85:a3:e5:6a:4d:ab:
53:6e:a3:c5:12:e0:bf:c5:3b:56:09:6d:4d:94:f7:cb:69:59:
0e:bb:f6:13:44:39:1e:a5:1a:2e:ca:8a:3e:a7:1b:7d:17:42:
cb:e0:cb:c6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVPuP4+X4xR06a46xb3/p2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MjUzODg2YTAyNTBhMDRlYzY5YmUwMGJiZjg0MzNjMmYw
MTRiN2MwHhcNMjIxMjI2MTgzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2EzMWU1Mzk2NWY0MTIxYjFjNjZlZjdmNDBmOWZhMWY5ZmVjMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzD4s0Y5nGK5Xp504C7DG7IPLIGM
HpvMOiw3DP5ipuAX370giuczzaB1HqxQkvyqttt0g0eR/4nRVDA+/PDn9VB3LhHs
CkTyo8ZXPiCKdxEuqo5v+1AVdOYRIbGHfeKW6IiDqJbPu6nv89V1qBHVvIG5fWPD
k1xJ7o+dyfBtVEK6dDvaI3k/KnpEf6rOl/B/XjwyXOLgfHA9u3QS7ucTuU6p4PE7
hPfNgd1bUqg40T25+p8wwQ11/ZQSsyTVNY6OwJylZ1qCm4ieg3Bvkv7zSE2F6QeN
zkRFk27nsTiG+3MNo9F0F/+Ea/yil+68ZKuRo2iuKaN1uut+gAzJcSRaQwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJOjHlOWX0EhscZu9/QPn6H5/sAKMB8GA1UdIwQY
MBaAFAklOIagJQoE7Gm+ALv4QzwvAUt8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAt
MTE0YWQ0MWNmMzMxLzEvazZNZVU1WmZRU0d4eG03MzlBLWZvZm4td0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zNmY4M2UtNmJlNi00MmM1LTgzODAtMTE0YWQ0MWNmMzMx
LzEvQ1NVNGhxQWxDZ1RzYWI0QXVfaERQQzhCUzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuVS0AwQA
wm6oAwQAwm6qMA0EAgACMAcDBQMqBadAMA0GCSqGSIb3DQEBCwUAA4IBAQB6IHRz
baEZb+6BzGM35SFtwj/3JcvnMgmnxzH9H7id77WUfFfiVVaduwF0gcwYe9pbcKIn
pb+3nPPY2Wg1th54tGAPr3Zhti2VHjD+l7j3cp8L5r/Z3uSBWF4yCxjGn74NmolM
VnOaEQi61o8sn3I614ihKspm4qGVsGITE0YLa5Uh0FWt4E1gKPqaBO6JH7V1n2e6
Pr9NLhRD4Utt0q7oFpNXiKtEyXUjlK3iolFrc3IR582deqQPsJIEwoRfgyq7Z9Vq
Vqsgq58mBkDNx98gOOOFo+VqTatTbqPFEuC/xTtWCW1NlPfLaVkOu/YTRDkepRou
yoo+pxt9F0LL4MvG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:35 2025 by rpki-client