Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/C4ZVXfLuLlCh7JKkV3j9aYtkPzA.roa
File: C4ZVXfLuLlCh7JKkV3j9aYtkPzA.roa (raw, json)
Hash identifier: 1uGW3eFFsjbeWYQxvHUutA27RUAvaRR/Hz4VFI8RayY=
Subject key identifier: 0B:86:55:5D:F2:EE:2E:50:A1:EC:92:A4:57:78:FD:69:8B:64:3F:30
Certificate issuer: /CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Certificate serial: 01856FC27598715B41F1C50156D612F64EB6
Authority key identifier: 1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/C4ZVXfLuLlCh7JKkV3j9aYtkPzA.roa
Signing time: Sun 01 Jan 2023 23:54:53 +0000
ROA not before: Sun 01 Jan 2023 23:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34724
IP address blocks: 62.182.152.0/22 maxlen: 22
139.28.12.0/22 maxlen: 22
185.31.32.0/22 maxlen: 22
185.68.60.0/22 maxlen: 22
95.214.204.0/22 maxlen: 22
193.34.64.0/22 maxlen: 22
2a05:9300::/29 maxlen: 29
2a00:b720::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:75:98:71:5b:41:f1:c5:01:56:d6:12:f6:4e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf31e958a6fa85dfd517ea5a2167a359ce02691
Validity
Not Before: Jan 1 23:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b86555df2ee2e50a1ec92a45778fd698b643f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5f:49:ab:cc:5b:74:ef:22:b7:65:29:f4:92:
22:d0:c0:f2:31:ed:94:d4:86:d4:a7:7e:b9:9c:de:
c0:2d:e4:e7:5d:af:90:9a:30:a5:1c:d8:54:94:06:
13:a9:1a:75:c2:09:3a:98:bc:cc:5a:d8:7a:0a:60:
09:a2:4f:0f:9d:6d:78:17:1d:95:7b:0f:8b:e3:7e:
13:34:c5:48:74:4a:82:e6:65:aa:f8:0f:f7:e0:a0:
4a:1b:d8:9b:5a:c6:34:63:ec:f6:e7:f0:e9:8d:98:
dc:d6:2b:65:33:96:e8:35:d5:51:2a:e6:79:7b:dd:
1e:74:d2:56:68:cd:db:10:b8:d9:b0:45:d7:b9:05:
81:b7:44:88:e4:49:11:8d:35:7a:12:db:8e:61:2f:
6c:af:5c:32:4c:02:70:19:a9:8f:9c:fe:f3:56:d5:
8b:aa:a9:6c:58:1a:90:17:65:12:5c:3c:6d:29:a5:
ed:be:4b:65:ed:17:ce:16:9d:51:b7:7f:07:6e:37:
c4:0c:e7:db:a2:5c:6c:60:9a:a5:43:e8:cb:c3:d2:
6f:56:64:52:ec:a7:41:b6:f1:5e:49:19:98:30:f3:
1c:2c:39:bb:3f:5f:d6:dd:21:c4:3e:28:fe:d5:c9:
00:57:5e:98:21:78:ba:d3:22:7a:4c:f4:6f:62:d7:
cc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:86:55:5D:F2:EE:2E:50:A1:EC:92:A4:57:78:FD:69:8B:64:3F:30
X509v3 Authority Key Identifier:
keyid:1C:F3:1E:95:8A:6F:A8:5D:FD:51:7E:A5:A2:16:7A:35:9C:E0:26:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPMelYpvqF39UX6lohZ6NZzgJpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/C4ZVXfLuLlCh7JKkV3j9aYtkPzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/95cd2d-0d52-4b07-b76b-d853e7842b3a/1/HPMelYpvqF39UX6lohZ6NZzgJpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.152.0/22
95.214.204.0/22
139.28.12.0/22
185.31.32.0/22
185.68.60.0/22
193.34.64.0/22
IPv6:
2a00:b720::/29
2a05:9300::/29
Signature Algorithm: sha256WithRSAEncryption
92:e6:ec:44:24:8a:c5:e2:9f:be:ea:70:20:39:17:06:6b:cf:
b8:32:22:4f:05:7b:a2:c5:c5:98:c7:6f:69:4e:e3:80:42:06:
3f:93:d6:56:be:79:1b:a7:5b:96:ad:24:6e:50:50:b4:e1:7a:
43:81:4c:e0:20:b6:80:e2:db:a4:a5:2f:50:c6:fc:db:08:3b:
ca:94:c1:9a:61:14:24:da:3b:66:6e:dd:27:3c:ec:67:df:e2:
92:98:79:0b:15:c7:d9:6f:5c:b3:b8:2e:b4:4f:24:f1:cc:36:
ea:6f:cc:01:65:b8:55:92:e6:30:ad:69:e9:a4:c0:e9:bf:ed:
2c:0a:1f:d4:05:23:de:b7:1f:71:0d:bf:64:bc:a3:9a:f8:6f:
5f:0a:46:36:86:d7:53:c2:d2:e4:5c:ae:72:75:06:50:1c:ba:
7d:13:e0:e9:0e:78:b8:ac:d4:e5:20:a4:46:55:57:09:fc:03:
96:f7:71:06:6e:74:ed:df:1a:1f:e6:cc:37:29:63:e3:f6:d2:
9a:40:1f:67:97:4d:83:11:01:3e:d4:db:24:fa:10:b8:67:f1:
08:b3:01:c8:08:7b:be:a5:88:23:4d:2d:53:fa:dd:5a:03:80:
b0:fb:15:90:42:0e:3d:b7:f8:29:50:84:ae:a9:01:81:4b:d4:
88:a5:6f:23
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVvwnWYcVtB8cUBVtYS9k62MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjMxZTk1OGE2ZmE4NWRmZDUxN2VhNWEyMTY3YTM1OWNl
MDI2OTEwHhcNMjMwMTAxMjM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjg2NTU1ZGYyZWUyZTUwYTFlYzkyYTQ1Nzc4ZmQ2OThiNjQzZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh19Jq8xbdO8it2Up9JIi0MDyMe2U
1IbUp365nN7ALeTnXa+QmjClHNhUlAYTqRp1wgk6mLzMWth6CmAJok8PnW14Fx2V
ew+L434TNMVIdEqC5mWq+A/34KBKG9ibWsY0Y+z25/DpjZjc1itlM5boNdVRKuZ5
e90edNJWaM3bELjZsEXXuQWBt0SI5EkRjTV6EtuOYS9sr1wyTAJwGamPnP7zVtWL
qqlsWBqQF2USXDxtKaXtvktl7RfOFp1Rt38HbjfEDOfbolxsYJqlQ+jLw9JvVmRS
7KdBtvFeSRmYMPMcLDm7P1/W3SHEPij+1ckAV16YIXi60yJ6TPRvYtfMtQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAuGVV3y7i5QoeySpFd4/WmLZD8wMB8GA1UdIwQY
MBaAFBzzHpWKb6hd/VF+paIWejWc4CaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmIt
ZDg1M2U3ODQyYjNhLzEvQzRaVlhmTHVMbENoN0pLa1YzajlhWXRrUHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NWNkMmQtMGQ1Mi00YjA3LWI3NmItZDg1M2U3ODQyYjNh
LzEvSFBNZWxZcHZxRjM5VVg2bG9oWjZOWnpnSnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCPraYAwQC
X9bMAwQCixwMAwQCuR8gAwQCuUQ8AwQCwSJAMBQEAgACMA4DBQMqALcgAwUDKgWT
ADANBgkqhkiG9w0BAQsFAAOCAQEAkubsRCSKxeKfvupwIDkXBmvPuDIiTwV7osXF
mMdvaU7jgEIGP5PWVr55G6dblq0kblBQtOF6Q4FM4CC2gOLbpKUvUMb82wg7ypTB
mmEUJNo7Zm7dJzzsZ9/ikph5CxXH2W9cs7gutE8k8cw26m/MAWW4VZLmMK1p6aTA
6b/tLAof1AUj3rcfcQ2/ZLyjmvhvXwpGNobXU8LS5FyucnUGUBy6fRPg6Q54uKzU
5SCkRlVXCfwDlvdxBm507d8aH+bMNylj4/bSmkAfZ5dNgxEBPtTbJPoQuGfxCLMB
yAh7vqWII00tU/rdWgOAsPsVkEIOPbf4KVCErqkBgUvUiKVvIw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:40 2025 by rpki-client