Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/_CB9K1xk7Fj7hOFK0tOUpzVfS-o.roa
File: _CB9K1xk7Fj7hOFK0tOUpzVfS-o.roa (raw, json)
Hash identifier: Y/21qLCatMJInPzt+f+FWglz5WXuAsM09jZ7k2iC3tY=
Subject key identifier: FC:20:7D:2B:5C:64:EC:58:FB:84:E1:4A:D2:D3:94:A7:35:5F:4B:EA
Certificate issuer: /CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
Certificate serial: 050DC1EB
Authority key identifier: A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/_CB9K1xk7Fj7hOFK0tOUpzVfS-o.roa
Signing time: Sat 01 Jan 2022 12:05:35 +0000
ROA not before: Sat 01 Jan 2022 12:05:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204260
IP address blocks: 194.34.0.0/24 maxlen: 24
194.34.0.0/22 maxlen: 22
194.34.0.0/21 maxlen: 21
194.34.1.0/24 maxlen: 24
194.34.2.0/24 maxlen: 24
194.34.3.0/24 maxlen: 24
194.34.4.0/22 maxlen: 22
194.34.4.0/24 maxlen: 24
194.34.7.0/24 maxlen: 24
194.34.5.0/24 maxlen: 24
194.34.6.0/24 maxlen: 24
185.109.8.0/22 maxlen: 22
185.109.8.0/24 maxlen: 24
185.109.9.0/24 maxlen: 24
185.109.10.0/23 maxlen: 23
185.109.10.0/24 maxlen: 24
185.109.11.0/24 maxlen: 24
2a02:e600::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84787691 (0x50dc1eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60d129401b2693a38d5b4373dc7607bf85b8a6e
Validity
Not Before: Jan 1 12:05:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc207d2b5c64ec58fb84e14ad2d394a7355f4bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1c:24:52:43:ab:72:f5:04:ae:d4:7e:2c:85:
c9:99:b6:c6:12:c4:d6:cb:ed:07:19:2e:ae:fa:50:
ff:80:87:82:11:aa:a5:3f:a8:1f:b5:3b:40:c8:7a:
12:62:f9:ec:d6:8a:a9:c0:c0:5a:5a:e8:8b:a3:62:
08:f6:9c:9c:86:43:04:bf:97:c8:b4:8c:2d:ee:ec:
65:ed:f4:91:0e:6a:44:62:0b:f6:17:fb:55:0e:0e:
d5:26:b9:74:87:38:83:7b:f8:b6:6d:1e:40:fa:4f:
db:1d:3d:a8:e2:12:10:8c:4a:65:c4:3b:c2:50:86:
6e:74:a1:68:88:b7:d9:8e:73:17:83:f4:78:d3:a2:
b1:b4:e4:6b:80:50:fa:09:ee:d3:22:6a:f2:41:19:
ab:11:ca:7a:13:d7:cb:fb:dd:e7:e9:42:b0:e5:dc:
ef:a5:e1:94:a0:af:a3:b4:a2:fd:15:a2:b8:cb:3f:
18:e3:7f:d6:07:8d:95:b2:08:3d:b8:88:b6:a8:50:
49:3e:83:17:02:3b:af:61:33:9f:f6:d9:96:3e:45:
f1:9c:55:2a:3a:bc:43:df:98:79:61:28:d6:73:3c:
52:e2:a9:7d:6e:b5:d3:a8:3d:ec:fb:31:d5:b6:b0:
fa:91:75:c9:07:51:e9:a8:1e:02:5c:87:65:c1:b8:
b7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:20:7D:2B:5C:64:EC:58:FB:84:E1:4A:D2:D3:94:A7:35:5F:4B:EA
X509v3 Authority Key Identifier:
keyid:A6:0D:12:94:01:B2:69:3A:38:D5:B4:37:3D:C7:60:7B:F8:5B:8A:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg0SlAGyaTo41bQ3Pcdge_hbim4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/_CB9K1xk7Fj7hOFK0tOUpzVfS-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3d11d8-fae0-4b97-afdf-9c2bbd8c9496/1/pg0SlAGyaTo41bQ3Pcdge_hbim4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.8.0/22
194.34.0.0/21
IPv6:
2a02:e600::/30
Signature Algorithm: sha256WithRSAEncryption
59:fd:6a:0b:80:bc:c1:d3:0e:8d:b2:56:4f:73:7b:8f:08:dc:
aa:f2:15:11:79:05:58:2c:44:9f:44:2f:81:3e:73:2a:2b:22:
ab:86:da:7e:68:b4:f0:66:39:df:4e:51:a4:58:b4:f6:06:ca:
9e:d2:c5:51:ae:b9:eb:65:ee:35:28:2f:39:8f:37:37:e1:f9:
05:17:06:b5:33:a2:9e:42:ce:c8:93:25:b9:ed:df:09:fe:c9:
e4:eb:a0:9f:72:14:94:13:2b:13:a4:c2:ec:e9:11:6b:64:4c:
51:79:74:df:72:d3:ee:03:64:4e:28:bf:4b:0f:e3:44:3f:07:
45:c4:57:8e:25:77:a9:e6:9e:71:ed:a8:c7:01:9c:55:db:59:
a6:b8:44:e8:d1:30:b5:69:fa:d9:b9:0e:1a:62:18:f6:1a:95:
88:2a:72:48:19:fd:45:4b:ab:53:be:50:b3:a1:16:d3:5c:c2:
a3:e2:30:dd:48:0b:e4:09:c5:4f:45:76:30:24:14:38:a6:ee:
7d:c3:51:cf:d0:df:b7:56:fe:ac:22:30:9c:d0:b1:2d:8b:57:
b5:2d:de:e2:de:e9:5c:42:8a:36:94:37:d6:0b:2f:a9:68:d4:
f4:e5:70:4c:c9:89:54:e3:ec:60:25:15:9e:05:21:0c:1d:74:
99:d0:57:94
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBQ3B6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjBkMTI5NDAxYjI2OTNhMzhkNWI0MzczZGM3NjA3YmY4NWI4YTZlMB4XDTIyMDEw
MTEyMDUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMyMDdkMmI1YzY0
ZWM1OGZiODRlMTRhZDJkMzk0YTczNTVmNGJlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPkcJFJDq3L1BK7UfiyFyZm2xhLE1svtBxkurvpQ/4CHghGq
pT+oH7U7QMh6EmL57NaKqcDAWlroi6NiCPacnIZDBL+XyLSMLe7sZe30kQ5qRGIL
9hf7VQ4O1Sa5dIc4g3v4tm0eQPpP2x09qOISEIxKZcQ7wlCGbnShaIi32Y5zF4P0
eNOisbTka4BQ+gnu0yJq8kEZqxHKehPXy/vd5+lCsOXc76XhlKCvo7Si/RWiuMs/
GON/1geNlbIIPbiItqhQST6DFwI7r2Ezn/bZlj5F8ZxVKjq8Q9+YeWEo1nM8UuKp
fW6106g97Psx1baw+pF1yQdR6ageAlyHZcG4t88CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT8IH0rXGTsWPuE4UrS05SnNV9L6jAfBgNVHSMEGDAWgBSmDRKUAbJpOjjV
tDc9x2B7+FuKbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BnMFNsQUd5YVRvNDFiUTNQY2RnZV9oYmltNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvM2QxMWQ4LWZhZTAtNGI5Ny1hZmRmLTljMmJiZDhjOTQ5Ni8x
L19DQjlLMXhrN0ZqN2hPRkswdE9VcHpWZlMtby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
M2QxMWQ4LWZhZTAtNGI5Ny1hZmRmLTljMmJiZDhjOTQ5Ni8xL3BnMFNsQUd5YVRv
NDFiUTNQY2RnZV9oYmltNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArltCAMEA8IiADANBAIAAjAHAwUC
KgLmADANBgkqhkiG9w0BAQsFAAOCAQEAWf1qC4C8wdMOjbJWT3N7jwjcqvIVEXkF
WCxEn0QvgT5zKisiq4bafmi08GY5305RpFi09gbKntLFUa6562XuNSgvOY83N+H5
BRcGtTOinkLOyJMlue3fCf7J5Ougn3IUlBMrE6TC7OkRa2RMUXl033LT7gNkTii/
Sw/jRD8HRcRXjiV3qeaece2oxwGcVdtZprhE6NEwtWn62bkOGmIY9hqViCpySBn9
RUurU75Qs6EW01zCo+Iw3UgL5AnFT0V2MCQUOKbufcNRz9Dft1b+rCIwnNCxLYtX
tS3e4t7pXEKKNpQ31gsvqWjU9OVwTMmJVOPsYCUVngUhDB10mdBXlA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:18 2025 by rpki-client