Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/cN8F8kvcq9Vb09mMrU44MJjLwsg.roa
File: cN8F8kvcq9Vb09mMrU44MJjLwsg.roa (raw, json)
Hash identifier: 90qJN2O/6rNOzmBnbZOiW45dEhKf0Op61ahg+yKuJC0=
Subject key identifier: 70:DF:05:F2:4B:DC:AB:D5:5B:D3:D9:8C:AD:4E:38:30:98:CB:C2:C8
Certificate issuer: /CN=21df245ead9980d2b39533782f65d7566d0462d1
Certificate serial: 010A9100
Authority key identifier: 21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/cN8F8kvcq9Vb09mMrU44MJjLwsg.roa
Signing time: Wed 19 Jan 2022 10:21:29 +0000
ROA not before: Wed 19 Jan 2022 10:21:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207003
IP address blocks: 185.218.192.0/22 maxlen: 22
185.218.195.0/24 maxlen: 24
185.218.194.0/24 maxlen: 24
193.163.5.0/24 maxlen: 24
2a10:f2c0::/29 maxlen: 29
2a0b:a700::/29 maxlen: 29
2a0b:dbc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17469696 (0x10a9100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21df245ead9980d2b39533782f65d7566d0462d1
Validity
Not Before: Jan 19 10:21:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70df05f24bdcabd55bd3d98cad4e383098cbc2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:87:94:df:d0:ea:5c:cf:67:40:18:c3:df:17:
8a:8d:30:69:93:2c:13:95:0d:0d:28:5b:62:0c:93:
ec:d3:b4:73:8f:88:20:05:b0:a1:f6:dc:37:18:ff:
c9:d3:d1:53:72:61:40:cf:28:e8:be:98:22:18:f0:
55:7d:7d:95:0b:14:a8:36:6a:ce:14:a2:e7:4d:2e:
90:9b:e5:c1:6f:ac:8b:2d:77:4b:b4:6e:a0:0d:bd:
8c:aa:00:a5:7a:b5:0a:d2:d4:16:e0:30:a7:f9:0f:
f9:74:3c:45:18:ee:13:05:80:43:c4:2e:3c:16:a4:
14:9f:45:06:46:32:21:1d:29:ba:05:66:84:ab:a6:
df:d6:23:8e:14:59:74:16:8b:34:42:17:86:f1:df:
d6:5c:0c:8d:49:b0:5d:ab:cd:16:84:20:3e:b8:09:
b0:33:d4:01:df:e9:28:b5:b5:5d:20:6e:00:ce:88:
5c:c4:5b:c1:4a:09:6c:32:25:8d:61:7e:38:60:0c:
f9:48:cf:ec:f9:22:31:2d:7c:aa:e9:c3:ce:39:00:
3b:bc:f8:8b:44:65:a9:ca:07:7d:ca:da:67:a2:c7:
66:5f:a3:2c:f3:d9:77:61:5e:76:fe:83:4f:7d:df:
41:3e:45:6f:2b:4b:2e:55:8d:6c:79:07:7f:9d:57:
35:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DF:05:F2:4B:DC:AB:D5:5B:D3:D9:8C:AD:4E:38:30:98:CB:C2:C8
X509v3 Authority Key Identifier:
keyid:21:DF:24:5E:AD:99:80:D2:B3:95:33:78:2F:65:D7:56:6D:04:62:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/cN8F8kvcq9Vb09mMrU44MJjLwsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/df7d6a-4592-400b-ade4-0ec5235d4e9f/1/Id8kXq2ZgNKzlTN4L2XXVm0EYtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.192.0/22
193.163.5.0/24
IPv6:
2a0b:a700::/29
2a0b:dbc0::/29
2a10:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
c2:1e:03:dd:50:02:c3:41:48:1d:c5:1f:e0:a6:85:d8:61:31:
75:a8:ec:86:b1:d5:63:d4:f4:b1:29:7a:5a:3a:e9:49:3c:76:
cb:96:f4:17:c0:01:0c:3d:f4:31:13:8d:59:bd:e2:45:5e:2e:
b9:6b:8f:35:ef:4e:a1:8c:18:76:97:f7:1d:7e:1d:99:6d:58:
a7:5e:f9:47:76:08:3b:9e:76:9f:0a:fa:b6:d7:21:8d:5f:46:
35:b7:24:14:2b:54:eb:82:fc:c9:76:92:97:de:79:71:53:17:
53:72:f5:67:82:1e:06:8d:29:22:ed:4a:20:7a:26:1e:75:5e:
09:ff:68:a1:75:0d:86:32:c1:d3:9c:3d:6f:c3:02:bd:a4:3f:
4e:fb:df:22:0c:61:fe:e7:bd:90:c3:79:bc:48:e5:ad:83:7e:
bd:67:5c:0a:76:22:16:ac:8f:ff:b7:1d:32:ff:00:b8:5a:28:
70:30:d5:eb:8e:c4:cb:5c:78:58:02:1b:15:ba:88:1f:a7:e2:
23:89:78:0a:8c:c1:f6:17:de:2b:05:df:88:9d:c4:f5:b2:27:
10:61:b8:fd:89:64:87:d8:37:ac:8b:01:46:ba:85:72:a9:e1:
6b:99:50:58:cb:b8:71:5b:c4:e5:fc:ae:66:3b:6d:bd:f5:cb:
f5:c0:96:5e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAQqRADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWRmMjQ1ZWFkOTk4MGQyYjM5NTMzNzgyZjY1ZDc1NjZkMDQ2MmQxMB4XDTIyMDEx
OTEwMjEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBkZjA1ZjI0YmRj
YWJkNTViZDNkOThjYWQ0ZTM4MzA5OGNiYzJjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6HlN/Q6lzPZ0AYw98Xio0waZMsE5UNDShbYgyT7NO0c4+I
IAWwofbcNxj/ydPRU3JhQM8o6L6YIhjwVX19lQsUqDZqzhSi500ukJvlwW+siy13
S7RuoA29jKoApXq1CtLUFuAwp/kP+XQ8RRjuEwWAQ8QuPBakFJ9FBkYyIR0pugVm
hKum39YjjhRZdBaLNEIXhvHf1lwMjUmwXavNFoQgPrgJsDPUAd/pKLW1XSBuAM6I
XMRbwUoJbDIljWF+OGAM+UjP7PkiMS18qunDzjkAO7z4i0RlqcoHfcraZ6LHZl+j
LPPZd2Fedv6DT33fQT5FbytLLlWNbHkHf51XNaUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRw3wXyS9yr1VvT2YytTjgwmMvCyDAfBgNVHSMEGDAWgBQh3yRerZmA0rOV
M3gvZddWbQRi0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lkOGtYcTJaZ05LemxUTjRMMlhYVm0wRVl0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZGY3ZDZhLTQ1OTItNDAwYi1hZGU0LTBlYzUyMzVkNGU5Zi8x
L2NOOEY4a3ZjcTlWYjA5bU1yVTQ0TUpqTHdzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZGY3ZDZhLTQ1OTItNDAwYi1hZGU0LTBlYzUyMzVkNGU5Zi8xL0lkOGtYcTJaZ05L
emxUTjRMMlhYVm0wRVl0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwEgQCAAEwDAMEArnawAMEAMGjBTAbBAIAAjAVAwUD
KgunAAMFAyoL28ADBQMqEPLAMA0GCSqGSIb3DQEBCwUAA4IBAQDCHgPdUALDQUgd
xR/gpoXYYTF1qOyGsdVj1PSxKXpaOulJPHbLlvQXwAEMPfQxE41ZveJFXi65a481
706hjBh2l/cdfh2ZbVinXvlHdgg7nnafCvq21yGNX0Y1tyQUK1TrgvzJdpKX3nlx
UxdTcvVngh4GjSki7UogeiYedV4J/2ihdQ2GMsHTnD1vwwK9pD9O+98iDGH+572Q
w3m8SOWtg369Z1wKdiIWrI//tx0y/wC4WihwMNXrjsTLXHhYAhsVuogfp+IjiXgK
jMH2F94rBd+IncT1sicQYbj9iWSH2DesiwFGuoVyqeFrmVBYy7hxW8Tl/K5mO229
9cv1wJZe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:32 2025 by rpki-client