Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/yHMvAnBzVwDUSo4Ib_xLnoOpNRA.roa
File: yHMvAnBzVwDUSo4Ib_xLnoOpNRA.roa (raw, json)
Hash identifier: IGI/CDSYPj4xbERC3hnuxh41vIq3sHTICgL3+lT6+PQ=
Subject key identifier: C8:73:2F:02:70:73:57:00:D4:4A:8E:08:6F:FC:4B:9E:83:A9:35:10
Certificate issuer: /CN=286687fb64a77f0100baf23d4f341ece775950e5
Certificate serial: 0B5DFE4C
Authority key identifier: 28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/yHMvAnBzVwDUSo4Ib_xLnoOpNRA.roa
Signing time: Sat 01 Jan 2022 10:58:44 +0000
ROA not before: Sat 01 Jan 2022 10:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206737
IP address blocks: 185.177.213.0/24 maxlen: 24
185.177.212.0/22 maxlen: 22
185.177.212.0/24 maxlen: 24
185.177.214.0/24 maxlen: 24
185.177.215.0/24 maxlen: 24
2a0a:4680::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190709324 (0xb5dfe4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=286687fb64a77f0100baf23d4f341ece775950e5
Validity
Not Before: Jan 1 10:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8732f0270735700d44a8e086ffc4b9e83a93510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fb:12:dc:21:bd:11:c4:ed:a3:6a:2d:b0:73:
40:3a:79:4e:24:7d:80:82:2c:54:31:21:24:20:7d:
ea:e2:88:b9:7e:94:8b:e7:1f:09:40:df:b6:05:ca:
d7:a0:fb:3f:b9:d9:26:41:15:ea:6b:2d:f6:aa:fd:
23:b8:21:8e:0c:ee:3e:90:71:c9:96:53:e5:bb:9d:
65:e2:f7:cf:84:f4:c4:8f:5b:22:21:37:e1:3e:1d:
60:aa:55:10:c8:ec:63:6f:6b:26:42:47:fa:35:1a:
84:a8:d3:b7:5c:5e:18:02:3f:e1:bc:96:c2:c9:3f:
ce:bb:d5:6f:89:25:8b:26:67:44:6f:42:e0:56:3d:
f0:b0:4f:01:63:ed:3d:25:98:38:39:bd:94:b2:23:
d1:55:c9:df:13:03:40:15:8f:7c:2f:eb:74:43:60:
f2:54:c7:a3:93:e1:11:0d:01:aa:0b:26:9b:33:02:
94:aa:00:74:40:50:54:f1:d3:b5:ae:b7:93:1d:12:
14:24:02:c6:f6:51:0f:2b:cb:4a:37:d7:61:c5:93:
2c:0a:f9:09:c8:32:f1:41:6c:7e:db:13:bf:d8:99:
30:ea:b4:fc:eb:f0:dc:58:9f:fb:d9:c9:08:24:94:
3b:32:68:3c:18:1f:f0:0a:bd:54:08:2e:19:05:16:
58:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:73:2F:02:70:73:57:00:D4:4A:8E:08:6F:FC:4B:9E:83:A9:35:10
X509v3 Authority Key Identifier:
keyid:28:66:87:FB:64:A7:7F:01:00:BA:F2:3D:4F:34:1E:CE:77:59:50:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGaH-2SnfwEAuvI9TzQezndZUOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/yHMvAnBzVwDUSo4Ib_xLnoOpNRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2052ad-3d41-45da-8474-6339f6b36bcb/1/KGaH-2SnfwEAuvI9TzQezndZUOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.212.0/22
IPv6:
2a0a:4680::/29
Signature Algorithm: sha256WithRSAEncryption
ab:6a:9a:9a:18:d7:7c:82:0b:db:d9:81:75:0d:6d:de:65:4b:
bf:3a:63:4c:9b:de:a6:ae:c1:f8:67:53:e2:1c:54:d9:8e:29:
e7:f0:51:e7:d1:a8:0c:aa:b3:c1:9e:89:75:7c:5c:af:3a:cc:
0c:6a:c8:f2:dd:4b:71:8c:36:8e:25:34:9f:af:90:3a:3c:c2:
f2:a1:da:01:cf:04:c4:fc:bb:73:0d:d0:5e:26:bd:94:d8:46:
f5:27:63:a5:89:0b:44:9f:e6:2d:31:a4:2d:fc:b2:a8:f6:cc:
72:97:0e:05:24:bd:da:c2:33:d5:07:46:d9:b2:07:b8:04:56:
df:29:aa:a2:49:c8:e0:68:13:46:6a:09:27:1a:ab:31:76:45:
a5:bd:78:2e:85:94:30:c0:a3:e5:20:71:9b:84:26:d6:e9:4d:
bb:24:99:ca:25:7d:25:a5:57:dd:7a:03:8f:2c:1e:44:09:eb:
87:89:c9:1a:d6:ce:c3:64:24:08:20:06:f8:bd:69:46:cb:90:
ec:72:28:a9:f7:d4:5f:0f:08:f5:a8:b2:f1:10:c1:80:86:9a:
f2:25:40:87:05:b0:91:dd:c0:27:ee:73:c9:38:55:d2:d7:bf:
76:c8:0d:d9:ba:55:f5:18:64:9c:4f:56:45:40:fb:78:60:38:
83:10:86:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEC13+TDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODY2ODdmYjY0YTc3ZjAxMDBiYWYyM2Q0ZjM0MWVjZTc3NTk1MGU1MB4XDTIyMDEw
MTEwNTg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzg3MzJmMDI3MDcz
NTcwMGQ0NGE4ZTA4NmZmYzRiOWU4M2E5MzUxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANb7EtwhvRHE7aNqLbBzQDp5TiR9gIIsVDEhJCB96uKIuX6U
i+cfCUDftgXK16D7P7nZJkEV6mst9qr9I7ghjgzuPpBxyZZT5budZeL3z4T0xI9b
IiE34T4dYKpVEMjsY29rJkJH+jUahKjTt1xeGAI/4byWwsk/zrvVb4kliyZnRG9C
4FY98LBPAWPtPSWYODm9lLIj0VXJ3xMDQBWPfC/rdENg8lTHo5PhEQ0BqgsmmzMC
lKoAdEBQVPHTta63kx0SFCQCxvZRDyvLSjfXYcWTLAr5Ccgy8UFsftsTv9iZMOq0
/Ovw3Fif+9nJCCSUOzJoPBgf8Aq9VAguGQUWWPECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTIcy8CcHNXANRKjghv/Eueg6k1EDAfBgNVHSMEGDAWgBQoZof7ZKd/AQC6
8j1PNB7Od1lQ5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tHYUgtMlNuZndFQXV2STlUelFlem5kWlVPVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvMjA1MmFkLTNkNDEtNDVkYS04NDc0LTYzMzlmNmIzNmJjYi8x
L3lITXZBbkJ6VndEVVNvNEliX3hMbm9PcE5SQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
MjA1MmFkLTNkNDEtNDVkYS04NDc0LTYzMzlmNmIzNmJjYi8xL0tHYUgtMlNuZndF
QXV2STlUelFlem5kWlVPVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmx1DANBAIAAjAHAwUDKgpGgDAN
BgkqhkiG9w0BAQsFAAOCAQEAq2qamhjXfIIL29mBdQ1t3mVLvzpjTJvepq7B+GdT
4hxU2Y4p5/BR59GoDKqzwZ6JdXxcrzrMDGrI8t1LcYw2jiU0n6+QOjzC8qHaAc8E
xPy7cw3QXia9lNhG9SdjpYkLRJ/mLTGkLfyyqPbMcpcOBSS92sIz1QdG2bIHuARW
3ymqoknI4GgTRmoJJxqrMXZFpb14LoWUMMCj5SBxm4Qm1ulNuySZyiV9JaVX3XoD
jyweRAnrh4nJGtbOw2QkCCAG+L1pRsuQ7HIoqffUXw8I9aiy8RDBgIaa8iVAhwWw
kd3AJ+5zyThV0te/dsgN2bpV9RhknE9WRUD7eGA4gxCG6g==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:34 2025 by rpki-client