Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a3b560-b9b5-4052-a862-940c8a0fc770/1/L8ZwP6GYfMNhaUW0tc3kpgHT4to.roa
File: L8ZwP6GYfMNhaUW0tc3kpgHT4to.roa (raw, json)
Hash identifier: VyUxhDnSyZa19XkqCVf4li5wxVHeiYFAgluPsRNhHsM=
Subject key identifier: 2F:C6:70:3F:A1:98:7C:C3:61:69:45:B4:B5:CD:E4:A6:01:D3:E2:DA
Certificate issuer: /CN=f4e1805f847e00afd63179e4c252a367e945b26a
Certificate serial: 018572E80C84840A38D0A667831D25B4E53F
Authority key identifier: F4:E1:80:5F:84:7E:00:AF:D6:31:79:E4:C2:52:A3:67:E9:45:B2:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OGAX4R-AK_WMXnkwlKjZ-lFsmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b560-b9b5-4052-a862-940c8a0fc770/1/L8ZwP6GYfMNhaUW0tc3kpgHT4to.roa
Signing time: Mon 02 Jan 2023 14:34:48 +0000
ROA not before: Mon 02 Jan 2023 14:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200700
IP address blocks: 185.93.31.0/24 maxlen: 24
185.93.28.0/24 maxlen: 24
185.93.28.0/23 maxlen: 24
185.93.28.0/22 maxlen: 24
185.93.29.0/24 maxlen: 24
185.93.30.0/24 maxlen: 24
185.93.30.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:0c:84:84:0a:38:d0:a6:67:83:1d:25:b4:e5:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e1805f847e00afd63179e4c252a367e945b26a
Validity
Not Before: Jan 2 14:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fc6703fa1987cc3616945b4b5cde4a601d3e2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:86:8e:54:7f:76:ac:43:77:bd:78:45:27:ea:
c0:21:da:15:a6:e9:d7:f6:b1:c9:69:88:86:d7:b9:
0b:65:dc:f9:6f:c9:38:61:df:ca:9f:b9:c7:39:5a:
f8:6b:f5:d9:a8:ec:9b:b6:db:e6:0a:9f:ba:ee:4a:
e1:53:f1:91:ab:38:90:5f:20:85:54:d7:f1:67:af:
df:7d:c8:52:ba:5d:40:05:1b:9b:fc:39:dc:61:d6:
66:1a:6b:02:22:ec:af:23:87:ea:25:3e:f4:03:6e:
16:6b:cb:df:b8:2b:55:92:e9:4e:12:df:a6:63:a6:
4e:56:60:7c:44:bd:5d:d1:0a:8f:61:07:cb:ba:44:
93:3e:4a:82:38:b2:3e:3b:3b:0b:b2:d3:f6:a4:ef:
5b:55:84:c1:97:55:94:0a:34:08:08:ac:13:ff:9b:
e0:82:33:0a:3f:0e:2e:f2:f2:1e:5c:2d:08:34:0e:
08:94:0c:12:7c:ae:83:ac:42:32:8c:e9:0f:d5:48:
71:8a:11:e3:95:08:f0:27:51:f5:39:4a:8b:e3:99:
20:a4:a7:0f:56:a7:3c:29:2b:db:1e:98:1c:2a:9c:
bb:b5:62:9f:86:ba:c1:94:98:de:ef:f9:77:4f:5e:
da:03:9d:f0:50:63:ad:5b:2b:0a:94:d3:7d:31:33:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C6:70:3F:A1:98:7C:C3:61:69:45:B4:B5:CD:E4:A6:01:D3:E2:DA
X509v3 Authority Key Identifier:
keyid:F4:E1:80:5F:84:7E:00:AF:D6:31:79:E4:C2:52:A3:67:E9:45:B2:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OGAX4R-AK_WMXnkwlKjZ-lFsmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b560-b9b5-4052-a862-940c8a0fc770/1/L8ZwP6GYfMNhaUW0tc3kpgHT4to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b560-b9b5-4052-a862-940c8a0fc770/1/9OGAX4R-AK_WMXnkwlKjZ-lFsmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.28.0/22
Signature Algorithm: sha256WithRSAEncryption
79:96:fe:74:22:7f:1a:b0:0a:a8:eb:23:76:d7:2a:a8:a7:2f:
ee:58:8c:ef:60:cc:c3:a1:fd:91:6d:79:89:49:19:d9:3e:e2:
20:26:32:a9:ac:da:f9:ed:ff:16:b1:66:01:06:7d:50:3c:7c:
c8:45:f0:c7:fd:5a:09:65:85:e4:ef:da:ea:74:78:ed:8b:a6:
71:8f:a4:ef:2b:1e:0c:cd:d7:a4:48:ca:65:cd:c3:eb:56:69:
0b:3c:0a:32:ce:eb:b0:9c:46:d9:97:55:b4:20:5b:36:4b:02:
15:08:79:c5:85:b8:78:48:51:82:a5:41:75:85:68:99:fb:a1:
26:58:68:03:05:25:24:74:64:68:f3:a7:33:75:1a:6d:41:f7:
77:46:85:a2:ca:27:a6:17:b4:12:05:9c:b4:47:ac:46:8e:93:
fb:1a:38:ec:1f:fb:01:cb:18:e9:22:c5:f6:99:e4:1f:60:40:
ec:eb:f4:52:2d:f1:31:f7:17:0a:05:bd:9b:5f:77:5d:3c:1f:
32:32:a1:e8:92:e4:f6:6d:1e:81:e9:b2:c6:f2:47:de:25:27:
82:90:9d:ce:88:ec:5e:ec:93:16:52:99:bf:3e:ee:1f:43:6c:
e9:4b:37:04:84:00:7b:9a:93:c3:92:85:d4:3e:3e:a5:48:c0:
00:65:a2:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy6AyEhAo40KZngx0ltOU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZTE4MDVmODQ3ZTAwYWZkNjMxNzllNGMyNTJhMzY3ZTk0
NWIyNmEwHhcNMjMwMTAyMTQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmM2NzAzZmExOTg3Y2MzNjE2OTQ1YjRiNWNkZTRhNjAxZDNlMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYaOVH92rEN3vXhFJ+rAIdoVpunX
9rHJaYiG17kLZdz5b8k4Yd/Kn7nHOVr4a/XZqOybttvmCp+67krhU/GRqziQXyCF
VNfxZ6/ffchSul1ABRub/DncYdZmGmsCIuyvI4fqJT70A24Wa8vfuCtVkulOEt+m
Y6ZOVmB8RL1d0QqPYQfLukSTPkqCOLI+OzsLstP2pO9bVYTBl1WUCjQICKwT/5vg
gjMKPw4u8vIeXC0INA4IlAwSfK6DrEIyjOkP1UhxihHjlQjwJ1H1OUqL45kgpKcP
Vqc8KSvbHpgcKpy7tWKfhrrBlJje7/l3T17aA53wUGOtWysKlNN9MTPemwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/GcD+hmHzDYWlFtLXN5KYB0+LaMB8GA1UdIwQY
MBaAFPThgF+EfgCv1jF55MJSo2fpRbJqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU9HQVg0Ui1BS19XTVhua3dsS2paLWxGc21vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hM2I1NjAtYjliNS00MDUyLWE4NjIt
OTQwYzhhMGZjNzcwLzEvTDhad1A2R1lmTU5oYVVXMHRjM2twZ0hUNHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hM2I1NjAtYjliNS00MDUyLWE4NjItOTQwYzhhMGZjNzcw
LzEvOU9HQVg0Ui1BS19XTVhua3dsS2paLWxGc21vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV0cMA0G
CSqGSIb3DQEBCwUAA4IBAQB5lv50In8asAqo6yN21yqopy/uWIzvYMzDof2RbXmJ
SRnZPuIgJjKprNr57f8WsWYBBn1QPHzIRfDH/VoJZYXk79rqdHjti6Zxj6TvKx4M
zdekSMplzcPrVmkLPAoyzuuwnEbZl1W0IFs2SwIVCHnFhbh4SFGCpUF1hWiZ+6Em
WGgDBSUkdGRo86czdRptQfd3RoWiyiemF7QSBZy0R6xGjpP7GjjsH/sByxjpIsX2
meQfYEDs6/RSLfEx9xcKBb2bX3ddPB8yMqHokuT2bR6B6bLG8kfeJSeCkJ3OiOxe
7JMWUpm/Pu4fQ2zpSzcEhAB7mpPDkoXUPj6lSMAAZaLy
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:17:38 2025 by rpki-client