Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4Xk8XGeSDk1D1-N2N_TfmesRKfU.roa
File: 4Xk8XGeSDk1D1-N2N_TfmesRKfU.roa (raw, json)
Hash identifier: wqpb2rGVnpaimLOr4i9e5m31xDQoqX0SYo7E4o2wghI=
Subject key identifier: E1:79:3C:5C:67:92:0E:4D:43:D7:E3:76:37:F4:DF:99:EB:11:29:F5
Certificate issuer: /CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Certificate serial: 01856C7807967BDDA68410BA205C07C4DDFB
Authority key identifier: 7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4Xk8XGeSDk1D1-N2N_TfmesRKfU.roa
Signing time: Sun 01 Jan 2023 08:34:43 +0000
ROA not before: Sun 01 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60501
IP address blocks: 185.187.62.0/24 maxlen: 24
193.43.208.0/24 maxlen: 24
194.156.180.0/22 maxlen: 22
185.30.64.0/22 maxlen: 22
185.109.24.0/22 maxlen: 22
185.109.24.0/24 maxlen: 24
185.109.25.0/24 maxlen: 24
185.109.26.0/24 maxlen: 24
185.109.27.0/24 maxlen: 24
2a00:ae20::/32 maxlen: 32
2a06:4dc0::/29 maxlen: 29
2a04:f440::/29 maxlen: 29
2a0d:cc0::/29 maxlen: 29
2a0f:ccc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:07:96:7b:dd:a6:84:10:ba:20:5c:07:c4:dd:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Validity
Not Before: Jan 1 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1793c5c67920e4d43d7e37637f4df99eb1129f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:12:ef:f5:64:e2:7f:d5:eb:44:e5:65:e8:4d:
d8:c0:c1:c0:19:e6:cc:ab:d2:29:ea:17:5e:8e:c7:
85:78:7a:a9:c4:e7:36:fd:9f:c8:24:a3:f7:d6:0e:
fa:90:1e:a9:c1:f3:d1:39:8c:3a:a7:6d:63:84:25:
eb:ca:e9:67:12:13:d7:c4:9b:5a:2b:68:3d:0f:7c:
d6:4b:ad:a6:69:f9:51:dc:3e:8d:14:1b:5d:8e:94:
81:8d:9f:b7:90:13:ec:59:99:fa:12:49:bf:22:fb:
b9:d4:69:c4:b7:4b:eb:e3:22:b3:f9:af:b1:48:3f:
c6:89:d0:ef:7d:57:72:6e:3a:25:b3:f0:60:56:ad:
4f:63:3a:a0:b3:bd:58:fd:68:14:3b:9d:bd:ce:43:
c1:96:c7:cc:34:89:53:d2:50:85:1b:84:7a:95:64:
09:3c:e8:00:c2:07:c6:0a:25:11:6f:ca:d0:03:7e:
3c:78:ac:7a:31:e4:3f:1a:a6:aa:5b:91:2d:b5:27:
fc:8e:74:96:d9:1e:83:cb:53:e1:bf:cf:01:f3:fc:
f7:28:49:e7:eb:a3:63:8b:4e:ea:ff:42:0e:1a:ad:
2a:c2:1e:7f:e5:15:21:f0:da:75:bf:3f:05:a8:2f:
43:33:9a:39:d3:9f:b0:0a:e2:92:ac:15:88:9b:66:
48:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:79:3C:5C:67:92:0E:4D:43:D7:E3:76:37:F4:DF:99:EB:11:29:F5
X509v3 Authority Key Identifier:
keyid:7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/4Xk8XGeSDk1D1-N2N_TfmesRKfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/exSNtC-Q6WRHvX9j7dinzL7qqEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.64.0/22
185.109.24.0/22
185.187.62.0/24
193.43.208.0/24
194.156.180.0/22
IPv6:
2a00:ae20::/32
2a04:f440::/29
2a06:4dc0::/29
2a0d:cc0::/29
2a0f:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:1b:3d:6e:bf:d9:67:5e:4b:bd:4d:f8:0e:c3:13:4a:a8:49:
f2:33:c8:b6:7b:9a:52:b3:3e:5e:8e:22:e0:98:71:4d:4b:4a:
a8:36:f2:35:84:7e:3d:e0:bb:43:3d:be:bc:0a:6c:51:4f:be:
42:73:d1:4a:84:4d:bc:47:d1:64:32:04:5c:34:d2:d4:c7:dc:
61:bc:c2:6b:63:61:9a:39:5c:ce:79:a4:c2:b5:d2:23:4b:5c:
06:fd:a6:97:e6:55:ab:26:a3:d0:f8:bf:b1:f3:f2:0d:38:b8:
60:4a:09:e2:8e:b4:78:86:2d:11:99:b9:7e:5c:7d:15:89:05:
59:40:f7:4f:e1:70:39:92:a7:28:8d:b1:b0:3d:a2:b4:18:e4:
0e:00:1a:f1:6d:fb:9b:3c:87:8d:c0:6e:46:2e:f0:aa:0c:70:
b9:9a:fa:97:25:05:33:6e:4f:14:74:a2:4f:26:dc:06:0e:8d:
0e:bb:45:3d:13:e3:07:18:79:cc:db:0d:01:67:5b:56:b5:8a:
11:f5:b1:5c:01:91:61:95:de:10:c6:7c:ba:aa:7b:5c:ea:7a:
e6:62:ad:8b:45:27:c5:42:b7:35:d9:cf:22:f2:ba:f0:ba:45:
e3:bf:7d:da:d4:f3:25:67:2c:c2:1e:bf:2c:7c:d0:59:9c:e7:
0c:a4:78:38
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVseAeWe92mhBC6IFwHxN37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMTQ4ZGI0MmY5MGU5NjQ0N2JkN2Y2M2VkZDhhN2NjYmVl
YWE4NDIwHhcNMjMwMTAxMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTc5M2M1YzY3OTIwZTRkNDNkN2UzNzYzN2Y0ZGY5OWViMTEyOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixLv9WTif9XrROVl6E3YwMHAGebM
q9Ip6hdejseFeHqpxOc2/Z/IJKP31g76kB6pwfPROYw6p21jhCXryulnEhPXxJta
K2g9D3zWS62maflR3D6NFBtdjpSBjZ+3kBPsWZn6Ekm/Ivu51GnEt0vr4yKz+a+x
SD/GidDvfVdybjols/BgVq1PYzqgs71Y/WgUO529zkPBlsfMNIlT0lCFG4R6lWQJ
POgAwgfGCiURb8rQA348eKx6MeQ/GqaqW5EttSf8jnSW2R6Dy1Phv88B8/z3KEnn
66Nji07q/0IOGq0qwh5/5RUh8Np1vz8FqC9DM5o505+wCuKSrBWIm2ZI3QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFOF5PFxnkg5NQ9fjdjf035nrESn1MB8GA1UdIwQY
MBaAFHsUjbQvkOlkR71/Y+3Yp8y+6qhCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQt
ODZkNmMxMzA1MzU3LzEvNFhrOFhHZVNEazFEMS1OMk5fVGZtZXNSS2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQtODZkNmMxMzA1MzU3
LzEvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQCuR5AAwQC
uW0YAwQAubs+AwQAwSvQAwQCwpy0MCkEAgACMCMDBQAqAK4gAwUDKgT0QAMFAyoG
TcADBQMqDQzAAwUDKg/MwDANBgkqhkiG9w0BAQsFAAOCAQEAKxs9br/ZZ15LvU34
DsMTSqhJ8jPItnuaUrM+Xo4i4JhxTUtKqDbyNYR+PeC7Qz2+vApsUU++QnPRSoRN
vEfRZDIEXDTS1MfcYbzCa2NhmjlcznmkwrXSI0tcBv2ml+ZVqyaj0Pi/sfPyDTi4
YEoJ4o60eIYtEZm5flx9FYkFWUD3T+FwOZKnKI2xsD2itBjkDgAa8W37mzyHjcBu
Ri7wqgxwuZr6lyUFM25PFHSiTybcBg6NDrtFPRPjBxh5zNsNAWdbVrWKEfWxXAGR
YZXeEMZ8uqp7XOp65mKti0UnxUK3NdnPIvK68LpF47992tTzJWcswh6/LHzQWZzn
DKR4OA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:44 2025 by rpki-client