Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/E7zpAKR_KlFXyXiuucTKcknNMgc.roa
File: E7zpAKR_KlFXyXiuucTKcknNMgc.roa (raw, json)
Hash identifier: /X+mip1FrU9ZRPUk+mpwPza3dUvSFaNiG+fYIUM46uQ=
Subject key identifier: 13:BC:E9:00:A4:7F:2A:51:57:C9:78:AE:B9:C4:CA:72:49:CD:32:07
Certificate issuer: /CN=61c5ed0ded8625b32b6533207229f2c467259848
Certificate serial: 018570D523BEB946288FD86B11EA86B4C1C9
Authority key identifier: 61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/E7zpAKR_KlFXyXiuucTKcknNMgc.roa
Signing time: Mon 02 Jan 2023 04:54:54 +0000
ROA not before: Mon 02 Jan 2023 04:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204400
IP address blocks: 185.234.204.0/24 maxlen: 24
185.234.204.0/22 maxlen: 22
185.234.206.0/24 maxlen: 24
185.234.205.0/24 maxlen: 24
185.234.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:23:be:b9:46:28:8f:d8:6b:11:ea:86:b4:c1:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c5ed0ded8625b32b6533207229f2c467259848
Validity
Not Before: Jan 2 04:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13bce900a47f2a5157c978aeb9c4ca7249cd3207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:3f:04:e3:5b:d6:fd:3d:ba:3c:dd:8b:04:
01:8e:d3:41:2a:55:27:b6:fb:e4:81:78:b8:6e:af:
3c:02:b2:59:0a:21:ce:37:98:56:e4:04:46:82:b9:
17:1e:02:d3:da:d4:4b:cc:00:c2:16:c4:9a:d3:76:
f3:a4:4d:40:0d:7a:37:db:cf:5c:d8:b0:78:33:67:
31:3e:d2:76:41:77:d3:75:69:92:6c:eb:88:58:e0:
08:f5:2c:2f:dc:6b:88:2c:13:fd:0f:b6:aa:63:54:
f7:2f:16:2c:b6:e7:d2:48:92:53:c7:44:b2:c4:d7:
dd:c4:d7:77:81:5b:b5:0c:7e:49:57:f8:5c:2f:d4:
bd:ed:6d:0d:1d:63:6c:4b:d9:21:b1:fc:0d:14:f0:
8c:77:bf:42:c9:80:9f:a8:fb:e6:b5:f1:9f:15:8a:
80:68:05:00:c6:8b:23:f5:25:31:02:fa:70:98:3a:
e8:6e:70:e3:3b:9b:43:b8:a2:54:f6:14:f9:83:e7:
ad:ec:32:61:d5:88:72:47:51:b4:7f:09:40:fb:4f:
67:6c:63:f9:9f:21:49:93:80:d0:8b:05:eb:49:28:
51:d1:f1:58:0e:01:e1:09:e7:88:0f:b9:3f:1a:99:
72:4b:91:e0:78:4a:e1:f1:5c:7a:19:cf:22:32:50:
25:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BC:E9:00:A4:7F:2A:51:57:C9:78:AE:B9:C4:CA:72:49:CD:32:07
X509v3 Authority Key Identifier:
keyid:61:C5:ED:0D:ED:86:25:B3:2B:65:33:20:72:29:F2:C4:67:25:98:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcXtDe2GJbMrZTMgcinyxGclmEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/E7zpAKR_KlFXyXiuucTKcknNMgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/6062af-53bc-435d-b5fb-a118498325f7/1/YcXtDe2GJbMrZTMgcinyxGclmEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.204.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:74:b8:49:fc:b2:0e:01:2c:8d:dc:8f:40:ab:32:a3:26:4f:
fe:5d:04:31:5f:ea:fc:f8:ef:b5:af:9b:a3:fb:09:f3:19:73:
02:12:7e:59:94:2f:23:9e:ce:9a:95:59:f2:e4:57:3a:b1:d7:
d6:c9:93:0f:d9:5c:7b:dc:cc:ca:e7:f5:38:bf:ad:c3:d6:07:
e5:f2:af:d8:2d:2c:ca:54:dd:33:dd:c7:62:b5:27:6a:c5:2d:
f3:70:3d:38:3e:3a:97:72:d6:0f:f2:f3:7f:78:8c:4c:d8:69:
eb:a2:ca:a4:e4:94:87:20:5a:6d:54:4f:e9:ff:53:6e:fe:09:
c3:6e:5f:76:aa:bd:64:9b:66:0d:42:04:39:f5:27:06:9b:9c:
d7:43:54:c4:d2:1c:4a:bb:6d:59:2c:29:6d:00:80:71:c5:bf:
eb:5b:e6:f8:18:49:b5:d5:38:0a:98:ed:0e:53:36:d7:4c:b6:
72:fc:78:9d:19:52:2a:d3:d9:29:d7:22:65:9d:6f:e6:49:28:
8b:9f:97:57:bf:0d:91:f0:a0:92:40:be:82:dc:25:2a:b0:bf:
98:3a:b2:75:ed:ca:09:56:d2:ec:40:2d:13:30:9b:6a:ac:b6:
99:90:dd:9f:75:e0:1e:53:6f:61:95:00:9f:1c:a1:d2:da:1f:
42:a7:4e:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1SO+uUYoj9hrEeqGtMHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzVlZDBkZWQ4NjI1YjMyYjY1MzMyMDcyMjlmMmM0Njcy
NTk4NDgwHhcNMjMwMTAyMDQ1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2JjZTkwMGE0N2YyYTUxNTdjOTc4YWViOWM0Y2E3MjQ5Y2QzMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAs/BONb1v09ujzdiwQBjtNBKlUn
tvvkgXi4bq88ArJZCiHON5hW5ARGgrkXHgLT2tRLzADCFsSa03bzpE1ADXo3289c
2LB4M2cxPtJ2QXfTdWmSbOuIWOAI9Swv3GuILBP9D7aqY1T3LxYstufSSJJTx0Sy
xNfdxNd3gVu1DH5JV/hcL9S97W0NHWNsS9khsfwNFPCMd79CyYCfqPvmtfGfFYqA
aAUAxosj9SUxAvpwmDrobnDjO5tDuKJU9hT5g+et7DJh1YhyR1G0fwlA+09nbGP5
nyFJk4DQiwXrSShR0fFYDgHhCeeID7k/GplyS5HgeErh8Vx6Gc8iMlAlZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBO86QCkfypRV8l4rrnEynJJzTIHMB8GA1UdIwQY
MBaAFGHF7Q3thiWzK2UzIHIp8sRnJZhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmIt
YTExODQ5ODMyNWY3LzEvRTd6cEFLUl9LbEZYeVhpdXVjVEtja25OTWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MDYyYWYtNTNiYy00MzVkLWI1ZmItYTExODQ5ODMyNWY3
LzEvWWNYdERlMkdKYk1yWlRNZ2Npbnl4R2NsbUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuerMMA0G
CSqGSIb3DQEBCwUAA4IBAQC0dLhJ/LIOASyN3I9AqzKjJk/+XQQxX+r8+O+1r5uj
+wnzGXMCEn5ZlC8jns6alVny5Fc6sdfWyZMP2Vx73MzK5/U4v63D1gfl8q/YLSzK
VN0z3cditSdqxS3zcD04PjqXctYP8vN/eIxM2Gnrosqk5JSHIFptVE/p/1Nu/gnD
bl92qr1km2YNQgQ59ScGm5zXQ1TE0hxKu21ZLCltAIBxxb/rW+b4GEm11TgKmO0O
UzbXTLZy/HidGVIq09kp1yJlnW/mSSiLn5dXvw2R8KCSQL6C3CUqsL+YOrJ17coJ
VtLsQC0TMJtqrLaZkN2fdeAeU29hlQCfHKHS2h9Cp04b
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:25:02 2025 by rpki-client