
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/4ARJqaqAc-Ty_g7WhKhwnaGvNG4.roa
File: 4ARJqaqAc-Ty_g7WhKhwnaGvNG4.roa (raw, json)
Hash identifier: Lcs6X6VRCDOMQhgEZJJxzjIVZyl4dNuxiPUTt9C9T9E=
Subject key identifier: E0:04:49:A9:AA:80:73:E4:F2:FE:0E:D6:84:A8:70:9D:A1:AF:34:6E
Certificate issuer: /CN=21df245ead9980d2b39533782f65d7566d0462d1
Certificate serial: 01856FE6ED4A1481BB57E9650B2DEC7D1F7D
Authority key identifier: 21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/4ARJqaqAc-Ty_g7WhKhwnaGvNG4.roa
Signing time: Mon 02 Jan 2023 00:34:43 +0000
ROA not before: Mon 02 Jan 2023 00:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207003
IP address blocks: 185.218.192.0/22 maxlen: 22
185.218.195.0/24 maxlen: 24
185.218.194.0/24 maxlen: 24
193.163.5.0/24 maxlen: 24
2a10:f2c0::/29 maxlen: 29
2a0b:a700::/29 maxlen: 29
2a0b:dbc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e6:ed:4a:14:81:bb:57:e9:65:0b:2d:ec:7d:1f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21df245ead9980d2b39533782f65d7566d0462d1
Validity
Not Before: Jan 2 00:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e00449a9aa8073e4f2fe0ed684a8709da1af346e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:49:97:a0:7e:e6:b4:27:f7:d7:e5:a2:10:71:
cc:6a:b4:e6:9c:c3:43:be:4d:4e:f3:75:5b:9a:4d:
0f:92:89:db:00:0c:8c:01:08:dd:2b:73:f5:8e:87:
60:ca:97:05:67:21:30:56:a8:98:1b:7e:b9:ad:3c:
98:ff:3d:2a:89:63:bd:d9:43:64:42:ec:d0:0e:27:
01:48:d0:55:ef:04:af:59:a1:c5:4d:de:ee:cd:2e:
55:c8:3d:06:5f:fb:74:76:53:c9:92:5d:b5:8b:85:
34:86:4a:be:b7:7d:98:6a:82:39:55:e6:61:ca:03:
0b:cc:34:79:55:51:97:e3:d8:18:cc:f6:ef:a8:9d:
11:a7:7f:24:e5:67:2c:d1:81:68:08:53:e4:ce:b8:
dc:40:d8:6f:ad:fb:c2:b5:77:7e:a3:1b:82:21:b0:
51:7e:54:98:07:02:57:28:38:a4:7e:02:f3:84:8e:
40:1d:f3:26:fb:b8:16:c1:bb:e1:ed:82:fe:2f:3e:
27:5b:4c:92:63:58:2f:2a:87:11:de:50:c4:82:93:
1d:e2:ef:52:ca:df:ba:c9:19:49:af:80:16:52:4a:
d7:81:62:30:1c:4d:ca:c4:21:8b:8d:01:39:ba:c7:
9a:2a:24:49:19:95:ae:d0:56:69:93:d7:c6:2a:b1:
f8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:04:49:A9:AA:80:73:E4:F2:FE:0E:D6:84:A8:70:9D:A1:AF:34:6E
X509v3 Authority Key Identifier:
keyid:21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/4ARJqaqAc-Ty_g7WhKhwnaGvNG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.192.0/22
193.163.5.0/24
IPv6:
2a0b:a700::/29
2a0b:dbc0::/29
2a10:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:c8:71:cd:9e:6b:7f:01:b5:67:43:90:dd:b8:f3:3d:02:d7:
d2:e7:35:1e:de:5f:47:7d:a3:bd:64:5c:e7:ef:be:62:78:ab:
f8:ff:45:b1:cc:49:54:e9:64:ac:ac:92:38:3d:73:48:08:1d:
2b:0e:b0:bb:40:54:20:6b:93:28:f7:f7:79:b4:ad:db:ae:3b:
b7:52:f8:68:95:36:64:02:f9:34:39:ef:9a:13:1e:40:ba:ea:
69:39:82:0c:be:3c:b9:09:f2:97:5c:81:d5:da:40:8b:4a:87:
6e:5f:e9:ac:b6:fd:37:58:91:67:66:c9:c7:00:27:63:19:2d:
68:75:2b:62:81:8c:7d:19:b2:be:b4:7d:ac:16:bd:01:65:cd:
69:0e:ce:82:f9:95:65:cf:00:48:b0:9e:db:cd:b2:83:53:be:
92:3a:ac:ac:2b:01:da:6c:a2:f6:50:23:74:83:6d:90:c3:dc:
c4:4a:41:48:ee:4e:a5:11:e0:3d:bc:41:76:88:4c:db:c9:2e:
b7:44:ee:97:e4:09:cf:cc:da:7d:3f:eb:5e:2e:a6:65:fc:3e:
40:5d:f5:c2:90:62:b4:d0:a5:65:96:f1:43:db:4d:54:7d:9a:
6c:b1:d6:96:e3:59:8a:3d:77:9d:a5:c1:e6:b6:8e:7c:3e:7f:
86:38:73:82
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVv5u1KFIG7V+llCy3sfR99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZGYyNDVlYWQ5OTgwZDJiMzk1MzM3ODJmNjVkNzU2NmQw
NDYyZDEwHhcNMjMwMTAyMDAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA0NDlhOWFhODA3M2U0ZjJmZTBlZDY4NGE4NzA5ZGExYWYzNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkmXoH7mtCf31+WiEHHMarTmnMND
vk1O83Vbmk0PkonbAAyMAQjdK3P1jodgypcFZyEwVqiYG365rTyY/z0qiWO92UNk
QuzQDicBSNBV7wSvWaHFTd7uzS5VyD0GX/t0dlPJkl21i4U0hkq+t32YaoI5VeZh
ygMLzDR5VVGX49gYzPbvqJ0Rp38k5Wcs0YFoCFPkzrjcQNhvrfvCtXd+oxuCIbBR
flSYBwJXKDikfgLzhI5AHfMm+7gWwbvh7YL+Lz4nW0ySY1gvKocR3lDEgpMd4u9S
yt+6yRlJr4AWUkrXgWIwHE3KxCGLjQE5useaKiRJGZWu0FZpk9fGKrH44wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOAESamqgHPk8v4O1oSocJ2hrzRuMB8GA1UdIwQY
MBaAFCHfJF6tmYDSs5UzeC9l11ZtBGLRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWQ4a1hxMlpnTkt6bFRONEwyWFhWbTBFWXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9kZjdkNmEtNDU5Mi00MDBiLWFkZTQt
MGVjNTIzNWQ0ZTlmLzEvNEFSSnFhcUFjLVR5X2c3V2hLaHduYUd2Tkc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9kZjdkNmEtNDU5Mi00MDBiLWFkZTQtMGVjNTIzNWQ0ZTlm
LzEvSWQ4a1hxMlpnTkt6bFRONEwyWFhWbTBFWXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCudrAAwQA
waMFMBsEAgACMBUDBQMqC6cAAwUDKgvbwAMFAyoQ8sAwDQYJKoZIhvcNAQELBQAD
ggEBAB3Icc2ea38BtWdDkN248z0C19LnNR7eX0d9o71kXOfvvmJ4q/j/RbHMSVTp
ZKyskjg9c0gIHSsOsLtAVCBrkyj393m0rduuO7dS+GiVNmQC+TQ575oTHkC66mk5
ggy+PLkJ8pdcgdXaQItKh25f6ay2/TdYkWdmyccAJ2MZLWh1K2KBjH0Zsr60fawW
vQFlzWkOzoL5lWXPAEiwntvNsoNTvpI6rKwrAdpsovZQI3SDbZDD3MRKQUjuTqUR
4D28QXaITNvJLrdE7pfkCc/M2n0/614upmX8PkBd9cKQYrTQpWWW8UPbTVR9mmyx
1pbjWYo9d52lwea2jnw+f4Y4c4I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:41:56 2025 by rpki-client