Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/R3pAejf0luSs7rTqR28Y0G-ENLA.roa
File: R3pAejf0luSs7rTqR28Y0G-ENLA.roa (raw, json)
Hash identifier: yWMqJy0mgCcwmZN6DSP0Wmysv6v1ILvcloPEEeJz8pw=
Subject key identifier: 47:7A:40:7A:37:F4:96:E4:AC:EE:B4:EA:47:6F:18:D0:6F:84:34:B0
Certificate issuer: /CN=286687fb64a77f0100baf23d4f341ece775950e5
Certificate serial: 01856F796EE14A9DCA8E5E76A7CBA628C617
Authority key identifier: 28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/R3pAejf0luSs7rTqR28Y0G-ENLA.roa
Signing time: Sun 01 Jan 2023 22:35:07 +0000
ROA not before: Sun 01 Jan 2023 22:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206737
IP address blocks: 185.177.213.0/24 maxlen: 24
185.177.212.0/22 maxlen: 22
185.177.212.0/24 maxlen: 24
185.177.214.0/24 maxlen: 24
185.177.215.0/24 maxlen: 24
2a0a:4680::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:6e:e1:4a:9d:ca:8e:5e:76:a7:cb:a6:28:c6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=286687fb64a77f0100baf23d4f341ece775950e5
Validity
Not Before: Jan 1 22:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=477a407a37f496e4aceeb4ea476f18d06f8434b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e5:cb:c0:91:e6:ab:3c:f7:9a:84:f6:78:37:
67:a2:2a:8a:e5:7d:c6:c1:0e:b9:0b:43:18:c1:00:
1e:a0:a7:a3:ab:04:c2:ab:3b:71:d8:f2:e0:21:d0:
51:63:4a:37:5c:36:b1:cd:e8:31:22:d5:f0:40:83:
4c:d7:fb:b1:b5:aa:5d:f2:d7:5b:48:c7:ae:d4:d6:
25:d3:19:73:e5:ed:7d:f6:a3:3f:d9:02:23:b4:00:
95:d0:ff:67:38:ae:85:0d:8b:95:83:73:ea:ac:37:
ef:8b:d8:76:55:c8:68:22:bc:10:b6:b9:29:c3:b3:
42:dc:96:c2:43:d8:a3:10:e5:81:00:bb:b7:11:47:
8a:bd:66:33:81:41:5c:fe:af:c3:ca:3c:01:7c:85:
6c:35:13:d0:89:ee:65:3d:8d:b0:d3:9f:9d:9a:22:
1c:ca:da:ba:71:6e:cc:f7:cf:71:5e:bf:ad:11:da:
21:ec:22:79:9f:41:93:65:93:d7:78:dc:b2:8a:04:
ed:3e:1d:da:5c:10:61:d4:b8:35:0a:7a:86:fa:dd:
39:3e:44:7d:c9:bc:62:4a:50:41:68:4c:a2:1f:2e:
f5:97:07:90:d9:73:2e:1b:4b:a8:04:f7:2e:7d:ef:
29:6a:07:ec:13:74:07:2c:f2:2d:aa:62:d5:18:a0:
fb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7A:40:7A:37:F4:96:E4:AC:EE:B4:EA:47:6F:18:D0:6F:84:34:B0
X509v3 Authority Key Identifier:
keyid:28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/R3pAejf0luSs7rTqR28Y0G-ENLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/KGaH-2SnfwEAuvI9TzQezndZUOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.212.0/22
IPv6:
2a0a:4680::/29
Signature Algorithm: sha256WithRSAEncryption
b1:94:07:3d:32:62:09:e4:a3:5e:88:7f:54:b7:e1:c8:95:c9:
d1:5a:a9:b4:96:a0:12:5d:c9:7c:7b:b4:3f:2a:22:8e:f5:62:
49:89:2b:bc:cc:a2:db:04:de:ec:e1:43:b9:76:9b:1b:81:f5:
2d:6a:8e:b9:7d:f4:31:fb:bc:17:de:7b:ab:ae:a0:ec:74:81:
d1:a6:a8:a2:92:37:fe:4f:26:e3:d3:ad:69:a9:d9:41:ba:d3:
b3:97:0c:b2:ff:a8:3d:fb:6b:4c:e8:4e:d6:0a:d2:38:88:82:
16:f7:66:6c:66:68:93:cf:22:1b:e7:bb:ad:89:f6:59:1d:a5:
e7:8a:a7:4b:5d:c9:75:ae:ea:55:5c:57:2d:b9:ec:54:60:0c:
ca:28:8d:e6:33:b1:a4:c3:a5:20:6b:a6:be:d3:93:42:ce:c3:
50:c3:dc:87:32:43:1a:b2:12:ec:b5:19:36:5d:a3:2e:c7:0b:
d0:9e:d8:4a:b5:da:2e:59:5f:57:8d:c4:82:c8:36:2a:af:35:
e2:95:6e:b6:23:a3:88:8a:3e:70:f9:99:49:1c:cf:86:0b:39:
1b:9f:21:b0:a5:52:20:73:d8:2f:75:50:26:cf:1d:52:3e:5f:
ab:36:52:d8:eb:35:29:98:ae:7d:c8:7c:d6:44:5c:f6:a4:64:
41:7a:d6:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVveW7hSp3Kjl52p8umKMYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NjY4N2ZiNjRhNzdmMDEwMGJhZjIzZDRmMzQxZWNlNzc1
OTUwZTUwHhcNMjMwMTAxMjIzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdhNDA3YTM3ZjQ5NmU0YWNlZWI0ZWE0NzZmMThkMDZmODQzNGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuXLwJHmqzz3moT2eDdnoiqK5X3G
wQ65C0MYwQAeoKejqwTCqztx2PLgIdBRY0o3XDaxzegxItXwQINM1/uxtapd8tdb
SMeu1NYl0xlz5e199qM/2QIjtACV0P9nOK6FDYuVg3PqrDfvi9h2VchoIrwQtrkp
w7NC3JbCQ9ijEOWBALu3EUeKvWYzgUFc/q/DyjwBfIVsNRPQie5lPY2w05+dmiIc
ytq6cW7M989xXr+tEdoh7CJ5n0GTZZPXeNyyigTtPh3aXBBh1Lg1CnqG+t05PkR9
ybxiSlBBaEyiHy71lweQ2XMuG0uoBPcufe8pagfsE3QHLPItqmLVGKD7rQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEd6QHo39JbkrO606kdvGNBvhDSwMB8GA1UdIwQY
MBaAFChmh/tkp38BALryPU80Hs53WVDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0dhSC0yU25md0VBdXZJOVR6UWV6bmRaVU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yMDUyYWQtM2Q0MS00NWRhLTg0NzQt
NjMzOWY2YjM2YmNiLzEvUjNwQWVqZjBsdVNzN3JUcVIyOFkwRy1FTkxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yMDUyYWQtM2Q0MS00NWRhLTg0NzQtNjMzOWY2YjM2YmNi
LzEvS0dhSC0yU25md0VBdXZJOVR6UWV6bmRaVU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubHUMA0E
AgACMAcDBQMqCkaAMA0GCSqGSIb3DQEBCwUAA4IBAQCxlAc9MmIJ5KNeiH9Ut+HI
lcnRWqm0lqASXcl8e7Q/KiKO9WJJiSu8zKLbBN7s4UO5dpsbgfUtao65ffQx+7wX
3nurrqDsdIHRpqiikjf+Tybj061pqdlButOzlwyy/6g9+2tM6E7WCtI4iIIW92Zs
ZmiTzyIb57utifZZHaXniqdLXcl1rupVXFctuexUYAzKKI3mM7Gkw6Uga6a+05NC
zsNQw9yHMkMashLstRk2XaMuxwvQnthKtdouWV9XjcSCyDYqrzXilW62I6OIij5w
+ZlJHM+GCzkbnyGwpVIgc9gvdVAmzx1SPl+rNlLY6zUpmK59yHzWRFz2pGRBetYg
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:14:20 2025 by rpki-client