Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/0MPzp0ItWHZlhfCVLrWvek0gddI.roa
File: 0MPzp0ItWHZlhfCVLrWvek0gddI.roa (raw, json)
Hash identifier: Tt0joSpaNr2mpAEFiRa7b5rQTpNzk+eexbIi5N7B54M=
Subject key identifier: D0:C3:F3:A7:42:2D:58:76:65:85:F0:95:2E:B5:AF:7A:4D:20:75:D2
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 0188101D82D86B1B12170F9B455C960CA1EE
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/0MPzp0ItWHZlhfCVLrWvek0gddI.roa
Signing time: Fri 12 May 2023 13:19:09 +0000
ROA not before: Fri 12 May 2023 13:19:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205192
IP address blocks: 185.106.22.0/24 maxlen: 24
185.106.21.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.103.199.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:1d:82:d8:6b:1b:12:17:0f:9b:45:5c:96:0c:a1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: May 12 13:19:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0c3f3a7422d58766585f0952eb5af7a4d2075d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:59:42:a4:5a:b0:86:6c:29:e3:de:81:84:
0e:a3:7a:e8:a7:9b:30:32:aa:74:e5:d1:ea:ce:40:
0a:51:04:a8:1e:08:af:e9:e7:95:a5:65:73:45:33:
6d:f1:8b:61:30:e9:43:df:ea:d8:2b:76:ed:c9:55:
48:56:48:57:9f:df:8c:dd:db:1f:0a:d7:0b:1e:69:
cc:97:96:fd:1d:78:53:8d:9c:2e:75:68:30:bb:b5:
1d:4c:bd:3d:51:59:c8:7b:ef:89:a3:c6:73:81:34:
4a:be:25:8c:41:c5:af:ea:ba:ef:ad:01:2e:97:39:
4c:a6:89:df:f5:0d:95:4d:82:c3:05:be:45:28:45:
48:c6:a4:10:73:35:42:14:6a:72:e8:95:98:49:64:
24:16:4a:6d:b9:85:93:85:53:d0:4a:63:d2:2d:63:
59:d9:d2:b7:fe:96:81:b1:da:9a:cb:1b:0a:d6:7c:
d7:3c:70:47:34:60:dd:87:98:0c:4f:48:80:a5:81:
6b:9b:24:f8:d4:e5:65:7c:72:e3:6a:5d:56:41:36:
2b:87:62:61:6d:1e:cb:73:2c:35:be:81:26:63:c9:
6d:d2:f6:82:ff:b3:e6:65:f5:34:2f:ba:8a:f1:67:
5f:fe:c4:3e:ff:0b:d0:d9:06:e4:52:06:d0:c2:f5:
ff:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:C3:F3:A7:42:2D:58:76:65:85:F0:95:2E:B5:AF:7A:4D:20:75:D2
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/0MPzp0ItWHZlhfCVLrWvek0gddI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/24
185.28.63.0/24
185.103.196.0/22
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
95:e0:23:08:8d:66:bd:df:a1:03:2e:d3:fa:1c:7e:91:69:a0:
d6:44:fb:90:a5:4c:2b:cc:d5:bf:d8:34:1b:4b:ac:cd:04:68:
a2:c0:e2:fa:4e:b9:5e:2f:5a:31:cd:02:54:b5:17:20:47:52:
52:aa:56:8d:d9:47:09:32:a1:17:0f:ab:1a:2a:eb:30:a4:aa:
ae:ca:6d:eb:de:a6:87:d0:19:e1:7f:79:f6:7a:90:e0:8f:5a:
bd:cd:e7:2c:a8:d0:ea:3d:f7:33:79:00:46:9a:db:b2:d7:d5:
48:5d:49:d0:48:45:0e:58:60:dd:df:a1:49:6f:15:34:41:42:
43:2a:d5:d1:eb:ad:43:88:70:81:4c:10:da:0f:e5:68:e6:d6:
59:51:63:58:e9:f6:15:11:16:ee:f7:6b:b1:53:90:dd:10:48:
22:1c:89:63:13:29:d8:cb:f4:11:3f:c5:b8:3f:3d:7c:e6:96:
ed:ca:3e:e7:de:f8:4a:c6:fd:84:d0:e4:bd:3e:6e:84:13:1e:
19:b9:94:4e:01:cf:f1:ce:50:3c:91:a3:ff:b0:6d:bf:55:48:
fc:99:01:89:49:69:b7:5b:f8:9f:1b:72:e1:be:c1:4b:ae:cd:
18:93:3b:52:ac:a4:3a:c9:98:af:d1:c8:0e:a3:4c:e1:d9:76:
49:43:16:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgQHYLYaxsSFw+bRVyWDKHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwNTEyMTMxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGMzZjNhNzQyMmQ1ODc2NjU4NWYwOTUyZWI1YWY3YTRkMjA3NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllBZQqRasIZsKePegYQOo3rop5sw
Mqp05dHqzkAKUQSoHgiv6eeVpWVzRTNt8YthMOlD3+rYK3btyVVIVkhXn9+M3dsf
CtcLHmnMl5b9HXhTjZwudWgwu7UdTL09UVnIe++Jo8ZzgTRKviWMQcWv6rrvrQEu
lzlMponf9Q2VTYLDBb5FKEVIxqQQczVCFGpy6JWYSWQkFkptuYWThVPQSmPSLWNZ
2dK3/paBsdqayxsK1nzXPHBHNGDdh5gMT0iApYFrmyT41OVlfHLjal1WQTYrh2Jh
bR7Lcyw1voEmY8lt0vaC/7PmZfU0L7qK8Wdf/sQ+/wvQ2QbkUgbQwvX/9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNDD86dCLVh2ZYXwlS61r3pNIHXSMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvME1QenAwSXRXSFpsaGZDVkxyV3ZlazBnZGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuRw8AwQA
uRw/AwQCuWfEAwQCuWoUMA0GCSqGSIb3DQEBCwUAA4IBAQCV4CMIjWa936EDLtP6
HH6RaaDWRPuQpUwrzNW/2DQbS6zNBGiiwOL6TrleL1oxzQJUtRcgR1JSqlaN2UcJ
MqEXD6saKuswpKquym3r3qaH0Bnhf3n2epDgj1q9zecsqNDqPfczeQBGmtuy19VI
XUnQSEUOWGDd36FJbxU0QUJDKtXR661DiHCBTBDaD+Vo5tZZUWNY6fYVERbu92ux
U5DdEEgiHIljEynYy/QRP8W4Pz185pbtyj7n3vhKxv2E0OS9Pm6EEx4ZuZROAc/x
zlA8kaP/sG2/VUj8mQGJSWm3W/ifG3LhvsFLrs0YkztSrKQ6yZiv0cgOo0zh2XZJ
Qxa0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:59 2025 by rpki-client