Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/0nSLDhsMfTpCRyF_muxgE4XQ78U.roa
File: 0nSLDhsMfTpCRyF_muxgE4XQ78U.roa (raw, json)
Hash identifier: cB3JEgT3iXeJOZdL6xRVaUtJFDLWIXLGhBCz536dEpk=
Subject key identifier: D2:74:8B:0E:1B:0C:7D:3A:42:47:21:7F:9A:EC:60:13:85:D0:EF:C5
Certificate issuer: /CN=2a264605245af2019c293c3728f6a5e255d89f25
Certificate serial: 01856CAF0716E3FAC4BB81BF28D6CFFD1631
Authority key identifier: 2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/0nSLDhsMfTpCRyF_muxgE4XQ78U.roa
Signing time: Sun 01 Jan 2023 09:34:47 +0000
ROA not before: Sun 01 Jan 2023 09:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61205
IP address blocks: 185.213.176.0/22 maxlen: 24
185.120.112.0/22 maxlen: 24
94.198.200.0/21 maxlen: 24
188.213.56.0/21 maxlen: 21
188.213.56.0/22 maxlen: 22
185.117.56.0/22 maxlen: 24
2a03:c2c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:07:16:e3:fa:c4:bb:81:bf:28:d6:cf:fd:16:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a264605245af2019c293c3728f6a5e255d89f25
Validity
Not Before: Jan 1 09:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2748b0e1b0c7d3a4247217f9aec601385d0efc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:08:01:52:73:1d:b5:1c:65:8e:f2:ff:76:
a8:73:6f:93:42:70:65:80:a3:88:5a:98:07:26:b3:
62:9c:dd:9f:87:2c:bf:1e:aa:16:99:e2:7c:a5:7c:
e7:70:6d:af:43:c8:27:7e:c8:80:84:2b:eb:d7:37:
2a:2f:eb:93:95:4c:c6:6c:6d:b6:72:9a:3e:19:24:
2f:61:a2:cb:42:6e:6e:30:11:2e:fd:fe:26:81:9a:
05:c0:0a:82:70:26:e5:02:d9:31:79:42:10:e2:0a:
fc:7b:7d:48:88:55:8f:13:c4:a9:92:f1:45:3e:e3:
51:29:35:23:e5:0b:d6:9b:5e:47:97:df:d3:68:1e:
6b:eb:88:55:db:d8:49:eb:4c:50:89:f9:0f:d8:cc:
e6:f2:69:a0:99:2d:3d:21:ec:30:b2:3a:15:a2:33:
36:d0:f8:45:62:1f:5d:d0:fa:4a:4f:61:30:a2:e7:
fa:ec:30:f3:1f:34:fb:29:48:8b:ea:02:42:68:e0:
0c:81:92:6f:8c:cf:9e:33:15:41:62:8d:98:14:7f:
68:4f:99:0b:24:35:f4:41:20:13:a9:ee:98:77:79:
85:ed:a7:ca:73:25:33:22:cd:0e:f4:3e:ca:fb:ad:
f9:60:16:63:49:40:83:65:6d:2d:89:02:cb:eb:f5:
d9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:74:8B:0E:1B:0C:7D:3A:42:47:21:7F:9A:EC:60:13:85:D0:EF:C5
X509v3 Authority Key Identifier:
keyid:2A:26:46:05:24:5A:F2:01:9C:29:3C:37:28:F6:A5:E2:55:D8:9F:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiZGBSRa8gGcKTw3KPal4lXYnyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/0nSLDhsMfTpCRyF_muxgE4XQ78U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2d11bb-5e2e-4085-a34b-359b64d709b9/1/KiZGBSRa8gGcKTw3KPal4lXYnyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.200.0/21
185.117.56.0/22
185.120.112.0/22
185.213.176.0/22
188.213.56.0/21
IPv6:
2a03:c2c0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:fd:50:ab:52:0e:11:79:b0:7c:bf:8f:bf:d0:cf:73:1c:07:
d1:7e:69:6b:29:1b:1f:90:7e:25:e7:f5:1c:8f:e0:8c:90:f5:
eb:76:e4:5a:a6:b8:17:5f:7f:2c:03:58:5c:07:6c:cd:9f:5c:
0a:d3:18:f7:46:e2:ba:72:4a:5c:4b:dd:b3:24:9f:2b:4e:eb:
f0:3e:5e:e7:47:25:0d:b5:c1:5a:e9:6c:c8:93:7c:9b:f4:19:
b3:ce:1c:a9:8c:8d:63:ce:29:f1:bb:d6:4c:7c:59:4e:96:24:
8f:80:74:63:b3:37:00:2a:d9:f1:bd:90:3f:9f:88:67:9d:80:
f4:b9:fd:0e:f4:c0:fe:3d:0b:88:42:37:eb:c5:30:e1:99:fa:
21:25:f4:14:cf:43:93:b9:e1:63:52:fb:88:2f:c9:36:e5:50:
db:9b:c5:d6:12:fb:a6:5a:98:00:e2:fd:de:48:8b:e3:39:b5:
83:7f:48:1b:d0:46:c5:63:90:6d:95:83:34:96:f3:ae:c6:37:
fa:65:e3:3c:8a:e2:30:cb:4f:e8:e1:a3:7f:f1:1f:c8:a5:3f:
81:b1:91:f6:c8:ee:14:50:a9:f7:e0:b2:2d:e9:d1:f3:0d:2f:
59:81:32:13:10:01:0d:de:1c:a1:9a:56:ca:63:6d:bc:a3:a0:
e8:ff:69:d0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsrwcW4/rEu4G/KNbP/RYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMjY0NjA1MjQ1YWYyMDE5YzI5M2MzNzI4ZjZhNWUyNTVk
ODlmMjUwHhcNMjMwMTAxMDkzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc0OGIwZTFiMGM3ZDNhNDI0NzIxN2Y5YWVjNjAxMzg1ZDBlZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzQIAVJzHbUcZY7y/3aoc2+TQnBl
gKOIWpgHJrNinN2fhyy/HqoWmeJ8pXzncG2vQ8gnfsiAhCvr1zcqL+uTlUzGbG22
cpo+GSQvYaLLQm5uMBEu/f4mgZoFwAqCcCblAtkxeUIQ4gr8e31IiFWPE8SpkvFF
PuNRKTUj5QvWm15Hl9/TaB5r64hV29hJ60xQifkP2Mzm8mmgmS09IewwsjoVojM2
0PhFYh9d0PpKT2Ewouf67DDzHzT7KUiL6gJCaOAMgZJvjM+eMxVBYo2YFH9oT5kL
JDX0QSATqe6Yd3mF7afKcyUzIs0O9D7K+635YBZjSUCDZW0tiQLL6/XZKQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNJ0iw4bDH06Qkchf5rsYBOF0O/FMB8GA1UdIwQY
MBaAFComRgUkWvIBnCk8Nyj2peJV2J8lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGIt
MzU5YjY0ZDcwOWI5LzEvMG5TTERoc01mVHBDUnlGX211eGdFNFhRNzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yZDExYmItNWUyZS00MDg1LWEzNGItMzU5YjY0ZDcwOWI5
LzEvS2laR0JTUmE4Z0djS1R3M0tQYWw0bFhZbnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDXsbIAwQC
uXU4AwQCuXhwAwQCudWwAwQDvNU4MA0EAgACMAcDBQAqA8LAMA0GCSqGSIb3DQEB
CwUAA4IBAQBP/VCrUg4RebB8v4+/0M9zHAfRfmlrKRsfkH4l5/Ucj+CMkPXrduRa
prgXX38sA1hcB2zNn1wK0xj3RuK6ckpcS92zJJ8rTuvwPl7nRyUNtcFa6WzIk3yb
9BmzzhypjI1jzinxu9ZMfFlOliSPgHRjszcAKtnxvZA/n4hnnYD0uf0O9MD+PQuI
QjfrxTDhmfohJfQUz0OTueFjUvuIL8k25VDbm8XWEvumWpgA4v3eSIvjObWDf0gb
0EbFY5BtlYM0lvOuxjf6ZeM8iuIwy0/o4aN/8R/IpT+BsZH2yO4UUKn34LIt6dHz
DS9ZgTITEAEN3hyhmlbKY228o6Do/2nQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:20:20 2025 by rpki-client