Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/6RkWytzkKQsDlTkFakcYKiAasKY.roa
File: 6RkWytzkKQsDlTkFakcYKiAasKY.roa (raw, json)
Hash identifier: ++qQNn1fIJYv8cBlzhd0nwRgCAAXB3g4M8L9AdX1kdM=
Subject key identifier: E9:19:16:CA:DC:E4:29:0B:03:95:39:05:6A:47:18:2A:20:1A:B0:A6
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 02AFEEA0
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/6RkWytzkKQsDlTkFakcYKiAasKY.roa
Signing time: Sat 01 Jan 2022 14:04:12 +0000
ROA not before: Sat 01 Jan 2022 14:04:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 23
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 23
85.204.25.0/24 maxlen: 24
81.23.32.0/20 maxlen: 20
89.35.96.0/20 maxlen: 20
185.63.48.0/22 maxlen: 22
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 21
185.2.252.0/22 maxlen: 22
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45084320 (0x2afeea0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jan 1 14:04:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e91916cadce4290b039539056a47182a201ab0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:91:77:e8:08:57:d2:5c:0c:0d:1b:86:64:
f4:f6:91:c0:22:3d:cd:6c:7e:54:4e:9b:a0:be:99:
b1:7f:d9:79:3b:49:d1:dc:6e:4b:0a:12:8c:68:4f:
10:71:8b:ae:8a:1b:73:cc:ea:6b:01:d8:97:2a:c7:
56:1b:04:d4:6a:b6:ed:fe:9e:72:d5:92:6e:a8:1d:
b7:56:0e:01:d7:ec:1c:e1:d2:0f:55:96:14:5c:d9:
c6:20:6c:30:55:f2:f3:6e:9f:d8:30:97:b0:a9:af:
b3:a3:0f:9f:0c:bb:77:4d:8a:7b:46:eb:88:c4:cd:
15:39:9b:3f:4e:1b:8d:57:56:fb:79:ff:d3:41:69:
bc:98:e8:45:89:53:c4:ff:ff:c4:ec:97:53:8a:09:
ad:91:d1:22:bc:66:33:3e:b2:45:c7:21:a6:31:89:
da:31:ba:e1:3d:d0:0b:fa:77:08:54:13:b0:02:e6:
f9:ea:6f:26:b5:1d:df:aa:98:7d:26:20:a8:83:e4:
68:a1:62:f4:03:d5:68:75:d7:46:d4:da:49:c0:5b:
fb:e8:0c:3f:bb:20:d1:23:b7:4a:27:3d:5e:b1:f3:
d5:b6:eb:f9:3f:fe:5c:86:6a:94:17:23:1c:0c:5f:
e8:3f:05:1c:3f:17:93:8d:99:86:b2:a8:db:ce:01:
4c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:19:16:CA:DC:E4:29:0B:03:95:39:05:6A:47:18:2A:20:1A:B0:A6
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/6RkWytzkKQsDlTkFakcYKiAasKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
5d:1f:d0:3d:63:cd:60:5e:1c:36:af:e2:c5:1c:5d:9b:41:54:
70:8e:a2:47:c3:93:b7:2f:32:67:f3:c7:2e:07:10:f5:c6:dc:
82:b2:b2:5a:04:1d:c3:7a:9a:56:41:f0:b2:51:db:71:5a:da:
db:79:00:67:01:75:96:e7:05:ea:61:69:f9:23:52:ab:93:4f:
00:d4:9b:82:9a:0e:a5:bc:a8:67:f8:8b:13:b0:8e:f8:1e:6f:
6e:b5:60:5c:74:67:4b:e7:ac:79:ef:51:41:16:20:cd:47:0c:
02:81:d2:cd:1c:58:bb:f5:12:9e:ba:7f:16:9b:48:bb:17:b3:
51:0b:e4:23:54:82:2a:01:bd:07:18:27:ef:66:e0:c4:55:c9:
05:6f:b8:d0:1a:d4:30:7c:ca:18:00:3a:b5:65:2e:b7:e5:b5:
15:af:ed:b2:fd:f8:cb:64:8a:37:3a:1a:63:8b:28:73:32:b2:
9b:5f:49:fd:05:78:6f:4d:7f:ca:e5:c6:a4:84:f1:bb:08:f6:
10:83:37:17:4b:db:88:8c:a3:78:51:13:b4:15:3b:f3:7c:83:
b7:ab:67:3f:a9:8f:65:d9:6c:85:20:ce:44:92:82:28:2e:d4:
17:e6:16:14:92:b6:3d:2b:ad:33:35:9f:67:8f:d2:75:39:46:
60:27:79:1f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEAq/uoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjYzMzM4OGE3YTVjZmU5YTdjYTE5ZmQ3NGM5MjJkY2IxMjU2OWQzMB4XDTIyMDEw
MTE0MDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTkxOTE2Y2FkY2U0
MjkwYjAzOTUzOTA1NmE0NzE4MmEyMDFhYjBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJsgkXfoCFfSXAwNG4Zk9PaRwCI9zWx+VE6boL6ZsX/ZeTtJ
0dxuSwoSjGhPEHGLroobc8zqawHYlyrHVhsE1Gq27f6ectWSbqgdt1YOAdfsHOHS
D1WWFFzZxiBsMFXy826f2DCXsKmvs6MPnwy7d02Ke0briMTNFTmbP04bjVdW+3n/
00FpvJjoRYlTxP//xOyXU4oJrZHRIrxmMz6yRcchpjGJ2jG64T3QC/p3CFQTsALm
+epvJrUd36qYfSYgqIPkaKFi9APVaHXXRtTaScBb++gMP7sg0SO3Sic9XrHz1bbr
+T/+XIZqlBcjHAxf6D8FHD8Xk42ZhrKo284BTBUCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBTpGRbK3OQpCwOVOQVqRxgqIBqwpjAfBgNVHSMEGDAWgBRyYzOIp6XP6afK
Gf10ySLcsSVp0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NtTXppS2Vsei1tbnlobjlkTWtpM0xFbGFkTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvODIzM2YyLWQzYzAtNDUwMS1hOWM3LTEzOGM4NDE3YWU5My8x
LzZSa1d5dHprS1FzRGxUa0Zha2NZS2lBYXNLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
ODIzM2YyLWQzYzAtNDUwMS1hOWM3LTEzOGM4NDE3YWU5My8xL2NtTXppS2Vsei1t
bnlobjlkTWtpM0xFbGFkTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEAy7igAMEBFEXIAMEAVXMFAMEAVXM
GAMEBFkjYAMEArkC/AMEArk/MAMEALn8wwMEA7xeyDAUBAIAAjAOAwUAKgAPyAMF
ACoAeCAwDQYJKoZIhvcNAQELBQADggEBAF0f0D1jzWBeHDav4sUcXZtBVHCOokfD
k7cvMmfzxy4HEPXG3IKysloEHcN6mlZB8LJR23Fa2tt5AGcBdZbnBephafkjUquT
TwDUm4KaDqW8qGf4ixOwjvgeb261YFx0Z0vnrHnvUUEWIM1HDAKB0s0cWLv1Ep66
fxabSLsXs1EL5CNUgioBvQcYJ+9m4MRVyQVvuNAa1DB8yhgAOrVlLrfltRWv7bL9
+Mtkijc6GmOLKHMysptfSf0FeG9Nf8rlxqSE8bsI9hCDNxdL24iMo3hRE7QVO/N8
g7erZz+pj2XZbIUgzkSSgigu1BfmFhSStj0rrTM1n2eP0nU5RmAneR8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:20 2025 by rpki-client