Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/1PTObnnPuiky2KG5h8PFIv-Jb68.roa
File: 1PTObnnPuiky2KG5h8PFIv-Jb68.roa (raw, json)
Hash identifier: h4bPGbFlCbcOCUXB2/Ptob7Wjz28Wl3aUMCXZ2v9+h4=
Subject key identifier: D4:F4:CE:6E:79:CF:BA:29:32:D8:A1:B9:87:C3:C5:22:FF:89:6F:AF
Certificate issuer: /CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Certificate serial: 01856F5DDB8DB6A69F27CC52BB54576BBA3E
Authority key identifier: DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/1PTObnnPuiky2KG5h8PFIv-Jb68.roa
Signing time: Sun 01 Jan 2023 22:04:59 +0000
ROA not before: Sun 01 Jan 2023 22:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.106.21.0/24 maxlen: 24
185.106.22.0/24 maxlen: 24
185.106.20.0/24 maxlen: 24
185.106.23.0/24 maxlen: 24
185.28.62.0/24 maxlen: 24
185.28.63.0/24 maxlen: 24
185.28.60.0/24 maxlen: 24
185.28.61.0/24 maxlen: 24
185.103.198.0/24 maxlen: 24
185.103.196.0/24 maxlen: 24
185.103.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:db:8d:b6:a6:9f:27:cc:52:bb:54:57:6b:ba:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd524a05d477b82fbca93e7a504aa31a3ad6863
Validity
Not Before: Jan 1 22:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4f4ce6e79cfba2932d8a1b987c3c522ff896faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:62:99:02:4b:56:bb:fe:92:f8:ae:ab:e6:
10:9c:16:5d:93:1c:19:88:5e:58:ca:dd:7b:e7:82:
d2:af:9f:2e:bd:56:d2:09:6b:26:47:04:6f:cd:a2:
95:04:2d:ec:1c:b6:99:c2:6d:69:0c:e3:9d:b7:2b:
1b:63:4f:4a:11:26:4c:ba:d9:c0:55:1a:d6:03:58:
44:20:fa:d7:ce:9f:46:f8:a7:19:78:25:ae:7b:c1:
b9:88:34:82:bf:b8:f6:83:9f:ba:ad:70:b4:92:a8:
2a:bb:27:e8:ff:12:59:ed:6b:77:a9:19:e4:25:fe:
67:09:1a:6b:62:de:86:d2:0a:09:a3:5f:64:65:f7:
06:f4:c8:ec:ad:fd:e4:83:53:bf:8d:df:24:88:f7:
13:18:60:0c:2a:dd:1d:34:e5:66:31:db:0a:1c:ff:
5d:1d:be:5a:d3:ea:f5:3a:1d:0a:d7:4d:cb:a4:b3:
9f:22:e0:6e:eb:0f:48:37:ad:60:b8:f8:ee:c5:a4:
67:5e:d3:e5:e1:01:a1:38:ca:12:45:8c:61:06:fa:
d5:1b:ea:98:66:33:59:c0:42:22:0b:0f:ca:e0:dd:
1f:de:04:6b:70:c4:d2:e1:83:cb:29:96:06:41:f6:
50:ca:33:6c:df:1c:78:ee:65:78:e3:85:d9:c9:3a:
44:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F4:CE:6E:79:CF:BA:29:32:D8:A1:B9:87:C3:C5:22:FF:89:6F:AF
X509v3 Authority Key Identifier:
keyid:DF:D5:24:A0:5D:47:7B:82:FB:CA:93:E7:A5:04:AA:31:A3:AD:68:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39UkoF1He4L7ypPnpQSqMaOtaGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/1PTObnnPuiky2KG5h8PFIv-Jb68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/20c187-00fd-459e-aae4-467f4f7f5ded/1/39UkoF1He4L7ypPnpQSqMaOtaGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.60.0/22
185.103.196.0-185.103.198.255
185.106.20.0/22
Signature Algorithm: sha256WithRSAEncryption
61:bb:38:be:70:99:0f:f1:d1:eb:9a:7c:c8:1e:1f:ef:aa:af:
63:a8:8e:90:bd:df:dd:7b:13:27:cf:f5:fb:7f:d7:ef:7b:41:
c4:c2:c5:65:a0:a2:45:a1:68:72:71:af:20:ea:59:40:0c:ac:
a5:84:18:ff:aa:26:58:1c:67:06:be:85:4a:af:32:38:3c:30:
76:8c:58:09:ce:03:4c:4a:ba:c7:1d:c1:83:99:e0:8c:75:d6:
35:df:57:90:f7:59:8f:e7:15:d8:63:28:d8:5e:a6:34:c6:cd:
08:1a:f9:7f:92:c4:dd:cd:8c:f0:1b:02:ac:8d:9f:96:de:c1:
0f:8e:c5:fe:bc:d0:84:60:07:c3:1e:9f:7b:99:51:1a:e5:74:
aa:83:48:53:68:d4:4b:df:5e:b3:a0:fb:cb:b2:14:71:3e:27:
9f:c3:25:80:46:f7:8f:da:82:0d:12:bd:15:9c:02:e4:f5:cf:
d1:7f:e0:05:66:e4:47:82:53:9d:4e:21:d5:e7:c4:4b:61:f2:
52:95:2b:a0:ed:ea:bf:c6:e0:ad:a9:7a:97:d4:dd:18:ec:1d:
3e:0d:e3:28:19:99:9d:e0:f2:81:6a:95:2f:32:cf:ec:9e:f1:
95:ba:f8:45:9b:76:60:f8:b9:9e:a9:64:cc:26:d2:25:f8:92:
f9:46:a9:c8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvXduNtqafJ8xSu1RXa7o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDUyNGEwNWQ0NzdiODJmYmNhOTNlN2E1MDRhYTMxYTNh
ZDY4NjMwHhcNMjMwMTAxMjIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGY0Y2U2ZTc5Y2ZiYTI5MzJkOGExYjk4N2MzYzUyMmZmODk2ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmspimQJLVrv+kviuq+YQnBZdkxwZ
iF5Yyt1754LSr58uvVbSCWsmRwRvzaKVBC3sHLaZwm1pDOOdtysbY09KESZMutnA
VRrWA1hEIPrXzp9G+KcZeCWue8G5iDSCv7j2g5+6rXC0kqgquyfo/xJZ7Wt3qRnk
Jf5nCRprYt6G0goJo19kZfcG9Mjsrf3kg1O/jd8kiPcTGGAMKt0dNOVmMdsKHP9d
Hb5a0+r1Oh0K103LpLOfIuBu6w9IN61guPjuxaRnXtPl4QGhOMoSRYxhBvrVG+qY
ZjNZwEIiCw/K4N0f3gRrcMTS4YPLKZYGQfZQyjNs3xx47mV444XZyTpEsQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNT0zm55z7opMtihuYfDxSL/iW+vMB8GA1UdIwQY
MBaAFN/VJKBdR3uC+8qT56UEqjGjrWhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQt
NDY3ZjRmN2Y1ZGVkLzEvMVBUT2JublB1aWt5MktHNWg4UEZJdi1KYjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yMGMxODctMDBmZC00NTllLWFhZTQtNDY3ZjRmN2Y1ZGVk
LzEvMzlVa29GMUhlNEw3eXBQbnBRU3FNYU90YUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuRw8MAwD
BAK5Z8QDBAC5Z8YDBAK5ahQwDQYJKoZIhvcNAQELBQADggEBAGG7OL5wmQ/x0eua
fMgeH++qr2OojpC93917EyfP9ft/1+97QcTCxWWgokWhaHJxryDqWUAMrKWEGP+q
JlgcZwa+hUqvMjg8MHaMWAnOA0xKuscdwYOZ4Ix11jXfV5D3WY/nFdhjKNhepjTG
zQga+X+SxN3NjPAbAqyNn5bewQ+Oxf680IRgB8Men3uZURrldKqDSFNo1EvfXrOg
+8uyFHE+J5/DJYBG94/agg0SvRWcAuT1z9F/4AVm5EeCU51OIdXnxEth8lKVK6Dt
6r/G4K2pepfU3RjsHT4N4ygZmZ3g8oFqlS8yz+ye8ZW6+EWbdmD4uZ6pZMwm0iX4
kvlGqcg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:42 2025 by rpki-client