Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/fYQTPy8mHYdJRIog3kA3Hhexwdc.roa
File: fYQTPy8mHYdJRIog3kA3Hhexwdc.roa (raw, json)
Hash identifier: Hm8pOP63/eQx+k4oYXOyXbYmxi7yQQJ6+0WThNNsnFM=
Subject key identifier: 7D:84:13:3F:2F:26:1D:87:49:44:8A:20:DE:40:37:1E:17:B1:C1:D7
Certificate issuer: /CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Certificate serial: 18D06E57
Authority key identifier: B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/fYQTPy8mHYdJRIog3kA3Hhexwdc.roa
Signing time: Sat 01 Jan 2022 05:53:32 +0000
ROA not before: Sat 01 Jan 2022 05:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30893
IP address blocks: 185.84.241.0/24 maxlen: 24
185.9.166.0/23 maxlen: 23
2a03:4bc0:2300::/48 maxlen: 48
2a03:4bc0:2900::/48 maxlen: 48
2a03:4bc0:2200::/48 maxlen: 48
2a03:4bc0:2100::/48 maxlen: 48
2a03:4bc0:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416312919 (0x18d06e57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Validity
Not Before: Jan 1 05:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d84133f2f261d8749448a20de40371e17b1c1d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:89:ea:99:62:fd:34:a2:fb:3d:bd:33:79:06:
a3:d7:db:46:31:64:c7:fd:d5:4d:23:d7:cf:33:d5:
02:7b:e2:e5:fa:f6:84:bf:41:f5:36:17:4a:88:31:
9b:b5:c9:e9:27:9f:0f:a2:e3:1b:41:07:f6:3b:99:
91:55:59:cc:de:42:6d:5a:72:32:56:30:2f:ec:a6:
49:0a:72:49:c8:40:d7:91:25:88:ab:b9:dc:fd:db:
48:c3:3c:9a:39:7e:3e:58:4a:16:19:1e:69:c7:46:
ec:74:fe:ad:ba:44:1f:7b:ec:e5:9a:7d:44:b3:34:
c0:99:6f:89:46:45:4a:7a:66:76:60:ec:49:b4:e8:
0e:2b:28:86:85:c7:40:10:e3:8d:c1:a5:46:3d:9d:
0c:68:49:03:08:eb:fa:1f:f3:ce:31:34:a5:ef:48:
42:8e:2e:7d:42:2d:63:62:b7:81:87:74:a0:ae:81:
9b:ad:68:10:ce:2a:e5:44:37:e0:94:57:33:01:36:
65:d8:53:ce:b5:17:ec:e2:e1:23:56:16:eb:97:89:
07:00:4d:c1:06:cb:b4:0f:9f:4f:93:27:18:67:39:
62:e6:a8:1e:f6:47:87:36:6b:3b:d9:a6:85:38:3f:
c2:b5:bf:b4:ad:04:b5:eb:4c:62:96:52:3c:25:cd:
56:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:84:13:3F:2F:26:1D:87:49:44:8A:20:DE:40:37:1E:17:B1:C1:D7
X509v3 Authority Key Identifier:
keyid:B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/fYQTPy8mHYdJRIog3kA3Hhexwdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.166.0/23
185.84.241.0/24
IPv6:
2a03:4bc0:2000::/48
2a03:4bc0:2100::/48
2a03:4bc0:2200::/48
2a03:4bc0:2300::/48
2a03:4bc0:2900::/48
Signature Algorithm: sha256WithRSAEncryption
8d:94:c7:e3:d7:bc:a0:da:61:04:2a:79:1a:25:61:30:8f:70:
16:e1:9e:14:88:de:cf:ba:0b:9d:b5:9e:7b:41:f2:75:50:3b:
9c:31:55:b9:a2:ba:fd:38:36:46:2c:2f:59:7e:b1:96:27:95:
3a:59:c2:93:a4:74:48:21:b5:14:78:48:fe:1f:ee:be:00:f1:
38:49:21:29:1e:7f:ce:d3:d6:5d:59:1a:62:69:0d:9b:4b:17:
30:5f:f9:f9:90:70:05:c9:98:2e:f5:99:c4:e4:7e:fc:ff:77:
fc:35:b7:0e:ae:b7:d7:9c:a9:95:a1:a5:d2:39:ae:20:6a:32:
51:47:0e:c5:42:6a:04:37:a8:4c:1a:14:c4:16:10:c7:dd:d2:
f1:8b:d4:3e:78:98:7d:50:07:15:19:d1:89:f4:fe:a1:e9:b5:
5f:14:b9:0b:87:cd:ea:7a:43:80:b2:69:3c:1e:c6:ec:a2:21:
b8:21:d5:55:49:50:40:98:ed:96:07:da:d9:d4:9f:47:0a:e1:
f3:13:6a:36:33:74:0c:ab:cc:fa:22:08:8e:4c:89:49:24:b1:
6c:bb:c1:92:44:d4:c3:8d:2b:1b:cc:1e:15:50:28:25:ff:bd:
bc:e1:e2:71:d1:58:b0:97:c9:e4:6a:b4:89:59:14:d9:1a:d7:
89:07:69:3f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEGNBuVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjQwNzRhYTg0NDk4MzBkYTliMjBiM2FmYjA2ODJkM2MwMzJmOWZlMB4XDTIyMDEw
MTA1NTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q4NDEzM2YyZjI2
MWQ4NzQ5NDQ4YTIwZGU0MDM3MWUxN2IxYzFkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCJ6pli/TSi+z29M3kGo9fbRjFkx/3VTSPXzzPVAnvi5fr2
hL9B9TYXSogxm7XJ6SefD6LjG0EH9juZkVVZzN5CbVpyMlYwL+ymSQpySchA15El
iKu53P3bSMM8mjl+PlhKFhkeacdG7HT+rbpEH3vs5Zp9RLM0wJlviUZFSnpmdmDs
SbToDisohoXHQBDjjcGlRj2dDGhJAwjr+h/zzjE0pe9IQo4ufUItY2K3gYd0oK6B
m61oEM4q5UQ34JRXMwE2ZdhTzrUX7OLhI1YW65eJBwBNwQbLtA+fT5MnGGc5Yuao
HvZHhzZrO9mmhTg/wrW/tK0EtetMYpZSPCXNVukCAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBR9hBM/LyYdh0lEiiDeQDceF7HB1zAfBgNVHSMEGDAWgBS2QHSqhEmDDamy
Czr7BoLTwDL5/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RrQjBxb1JKZ3cycHNnczYtd2FDMDhBeS1mNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvZmM3YzgyLTMxNTktNGQ1NC1hMGExLTM1MTcxYWVkZDMxMy8x
L2ZZUVRQeThtSFlkSlJJb2cza0EzSGhleHdkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
ZmM3YzgyLTMxNTktNGQ1NC1hMGExLTM1MTcxYWVkZDMxMy8xL3RrQjBxb1JKZ3cy
cHNnczYtd2FDMDhBeS1mNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwEgQCAAEwDAMEAbkJpgMEALlU8TAzBAIAAjAtAwcA
KgNLwCAAAwcAKgNLwCEAAwcAKgNLwCIAAwcAKgNLwCMAAwcAKgNLwCkAMA0GCSqG
SIb3DQEBCwUAA4IBAQCNlMfj17yg2mEEKnkaJWEwj3AW4Z4UiN7PugudtZ57QfJ1
UDucMVW5orr9ODZGLC9ZfrGWJ5U6WcKTpHRIIbUUeEj+H+6+APE4SSEpHn/O09Zd
WRpiaQ2bSxcwX/n5kHAFyZgu9ZnE5H78/3f8NbcOrrfXnKmVoaXSOa4gajJRRw7F
QmoEN6hMGhTEFhDH3dLxi9Q+eJh9UAcVGdGJ9P6h6bVfFLkLh83qekOAsmk8Hsbs
oiG4IdVVSVBAmO2WB9rZ1J9HCuHzE2o2M3QMq8z6IgiOTIlJJLFsu8GSRNTDjSsb
zB4VUCgl/7284eJx0Viwl8nkarSJWRTZGteJB2k/
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:32:30 2025 by rpki-client