Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/414DrQvQdQLCRQO2yLDJ6pqcXEI.roa
File: 414DrQvQdQLCRQO2yLDJ6pqcXEI.roa (raw, json)
Hash identifier: hLuavL3H0t7Ydzl81UsfZaccIOZossF6ZSWj3Uk895c=
Subject key identifier: E3:5E:03:AD:0B:D0:75:02:C2:45:03:B6:C8:B0:C9:EA:9A:9C:5C:42
Certificate issuer: /CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Certificate serial: 0184EBEBA81975F0F5CAB68E9BD5B144E016
Authority key identifier: E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/414DrQvQdQLCRQO2yLDJ6pqcXEI.roa
Signing time: Wed 07 Dec 2022 09:30:00 +0000
ROA not before: Wed 07 Dec 2022 09:30:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200148
IP address blocks: 185.52.112.0/22 maxlen: 24
185.36.128.0/22 maxlen: 24
85.115.196.0/22 maxlen: 22
194.55.148.0/22 maxlen: 24
188.94.80.0/22 maxlen: 24
2.59.16.0/22 maxlen: 24
185.53.192.0/22 maxlen: 24
5.180.236.0/22 maxlen: 24
185.138.216.0/22 maxlen: 24
185.127.36.0/22 maxlen: 24
185.100.176.0/22 maxlen: 24
212.102.110.0/24 maxlen: 24
185.251.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:eb:a8:19:75:f0:f5:ca:b6:8e:9b:d5:b1:44:e0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Validity
Not Before: Dec 7 09:30:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e35e03ad0bd07502c24503b6c8b0c9ea9a9c5c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:4c:a3:2d:4c:b8:6e:2b:4a:72:40:29:31:
71:fb:34:5f:c0:38:b2:20:a8:3c:34:1b:2a:08:ec:
3f:d4:5d:8f:3c:f7:00:4e:06:58:40:21:28:ac:bb:
38:f8:5c:29:f7:d4:93:90:d6:e6:d3:a6:66:67:c0:
c0:77:59:d9:d4:16:4e:45:0c:56:5c:36:5b:8e:a2:
eb:51:d7:29:c5:87:ff:e1:51:8d:80:2b:b6:ab:5c:
e8:57:99:53:f4:db:59:cb:f6:22:20:b1:49:87:9a:
65:86:b8:0c:07:a8:10:3c:ce:53:28:5e:1e:8d:e2:
c7:ab:c5:ea:fe:e0:75:ea:5b:f8:ae:3f:0d:78:30:
36:cb:55:c8:82:df:ed:61:f3:15:7b:ea:10:42:d5:
2b:04:d1:c8:e3:d6:7f:3c:69:6c:67:29:13:d0:36:
6a:ff:68:a7:37:2d:ad:da:f1:31:b0:79:e6:72:a1:
68:20:f5:2d:af:ec:05:61:47:d7:ad:e3:82:9b:f0:
e4:b6:16:ff:9b:64:71:a9:2f:5c:33:cb:e6:4a:d2:
fe:9f:a4:d5:71:49:17:b7:39:cf:d5:c7:79:b4:c4:
53:ea:14:23:42:17:6d:87:ee:bc:ca:cf:5c:0e:e1:
d0:db:71:81:3e:71:b9:23:ee:88:77:56:af:f7:02:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5E:03:AD:0B:D0:75:02:C2:45:03:B6:C8:B0:C9:EA:9A:9C:5C:42
X509v3 Authority Key Identifier:
keyid:E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/414DrQvQdQLCRQO2yLDJ6pqcXEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.16.0/22
5.180.236.0/22
85.115.196.0/22
185.36.128.0/22
185.52.112.0/22
185.53.192.0/22
185.100.176.0/22
185.127.36.0/22
185.138.216.0/22
185.251.136.0/22
188.94.80.0/22
194.55.148.0/22
212.102.110.0/24
Signature Algorithm: sha256WithRSAEncryption
53:91:9f:56:dc:a8:9f:a8:81:71:83:28:ef:25:b8:d5:41:ff:
75:84:99:d1:53:15:10:29:cf:92:fb:4b:04:ce:65:42:01:3b:
57:a3:88:51:c4:f3:38:81:ce:80:2e:18:0f:c9:2e:ca:3a:c0:
f2:29:f8:af:92:a3:3a:d2:e3:0a:3a:a4:98:a8:47:d8:5b:ef:
fa:94:96:ab:91:be:68:27:01:3a:1c:f6:d4:64:17:f4:8b:fd:
2c:f2:7f:21:9e:0e:3d:0e:43:b7:02:56:f3:9e:9a:74:16:55:
56:b7:11:4c:39:34:20:9a:69:b3:41:5a:af:85:91:31:f1:26:
13:db:51:75:22:54:31:5f:70:59:6e:ed:25:b9:b3:25:20:ef:
7a:8c:54:18:4b:4e:1d:ab:23:cd:b8:76:d0:04:d0:f0:c1:be:
db:31:3e:8c:7c:d1:76:d0:51:d5:19:55:e0:2d:45:c5:a9:6c:
cf:cb:45:93:5f:fe:ae:15:62:83:11:ef:c6:72:a3:14:22:fe:
45:2b:bf:75:16:d6:b1:b5:57:7a:74:15:f6:cd:d3:4b:3d:72:
ed:c9:a2:4b:b0:97:7d:3b:38:d0:bd:0f:16:b3:45:d0:7e:f0:
a6:4e:77:f0:18:3e:d1:7e:b0:60:d1:b4:75:77:41:f0:33:6f:
4e:0b:fc:20
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYTr66gZdfD1yraOm9WxROAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDJhNDY2NThjMWQwMWJhYzhkNDM5NjFjNmI0OWU3ODhl
M2NjYzMwHhcNMjIxMjA3MDkzMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzVlMDNhZDBiZDA3NTAyYzI0NTAzYjZjOGIwYzllYTlhOWM1YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5NMoy1MuG4rSnJAKTFx+zRfwDiy
IKg8NBsqCOw/1F2PPPcATgZYQCEorLs4+Fwp99STkNbm06ZmZ8DAd1nZ1BZORQxW
XDZbjqLrUdcpxYf/4VGNgCu2q1zoV5lT9NtZy/YiILFJh5plhrgMB6gQPM5TKF4e
jeLHq8Xq/uB16lv4rj8NeDA2y1XIgt/tYfMVe+oQQtUrBNHI49Z/PGlsZykT0DZq
/2inNy2t2vExsHnmcqFoIPUtr+wFYUfXreOCm/Dkthb/m2RxqS9cM8vmStL+n6TV
cUkXtznP1cd5tMRT6hQjQhdth+68ys9cDuHQ23GBPnG5I+6Id1av9wIE+wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFONeA60L0HUCwkUDtsiwyeqanFxCMB8GA1UdIwQY
MBaAFOhCpGZYwdAbrI1DlhxrSeeI48zDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVLa1psakIwQnVzalVPV0hHdEo1NGpqek1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9jZDA5MmUtNmJlYi00MDM3LThhNWEt
ZmFlOGQ0MmFlNWU1LzEvNDE0RHJRdlFkUUxDUlFPMnlMREo2cHFjWEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9jZDA5MmUtNmJlYi00MDM3LThhNWEtZmFlOGQ0MmFlNWU1
LzEvNkVLa1psakIwQnVzalVPV0hHdEo1NGpqek1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCAjsQAwQC
BbTsAwQCVXPEAwQCuSSAAwQCuTRwAwQCuTXAAwQCuWSwAwQCuX8kAwQCuYrYAwQC
ufuIAwQCvF5QAwQCwjeUAwQA1GZuMA0GCSqGSIb3DQEBCwUAA4IBAQBTkZ9W3Kif
qIFxgyjvJbjVQf91hJnRUxUQKc+S+0sEzmVCATtXo4hRxPM4gc6ALhgPyS7KOsDy
KfivkqM60uMKOqSYqEfYW+/6lJarkb5oJwE6HPbUZBf0i/0s8n8hng49DkO3Albz
npp0FlVWtxFMOTQgmmmzQVqvhZEx8SYT21F1IlQxX3BZbu0lubMlIO96jFQYS04d
qyPNuHbQBNDwwb7bMT6MfNF20FHVGVXgLUXFqWzPy0WTX/6uFWKDEe/GcqMUIv5F
K791FtaxtVd6dBX2zdNLPXLtyaJLsJd9OzjQvQ8Ws0XQfvCmTnfwGD7RfrBg0bR1
d0HwM29OC/wg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:27 2025 by rpki-client