Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/l2InxGj5Y7IKiSXr0-BWvNWKE3Y.roa
File: l2InxGj5Y7IKiSXr0-BWvNWKE3Y.roa (raw, json)
Hash identifier: 1wLnxmem4NdU1Pgc71jo1XWCscdxOr1VrmXPZJLYy6E=
Subject key identifier: 97:62:27:C4:68:F9:63:B2:0A:89:25:EB:D3:E0:56:BC:D5:8A:13:76
Certificate issuer: /CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Certificate serial: 0A3E57F7
Authority key identifier: D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/l2InxGj5Y7IKiSXr0-BWvNWKE3Y.roa
Signing time: Sat 01 Jan 2022 04:01:38 +0000
ROA not before: Sat 01 Jan 2022 04:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205694
IP address blocks: 185.208.186.0/24 maxlen: 24
185.208.186.0/23 maxlen: 23
185.208.184.0/22 maxlen: 22
185.208.185.0/24 maxlen: 24
185.208.184.0/23 maxlen: 23
185.208.184.0/24 maxlen: 24
185.208.187.0/24 maxlen: 24
185.160.152.0/24 maxlen: 24
185.160.152.0/23 maxlen: 23
185.160.155.0/24 maxlen: 24
185.160.154.0/23 maxlen: 23
185.160.154.0/24 maxlen: 24
185.160.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171857911 (0xa3e57f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d181d0c40951a4f900e4d9dd9c20e4856350920e
Validity
Not Before: Jan 1 04:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=976227c468f963b20a8925ebd3e056bcd58a1376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cb:11:75:7d:b1:75:a8:93:96:73:09:db:62:
c3:16:61:c3:fb:de:3c:1f:2b:1f:f8:5d:c0:4c:c6:
00:27:e4:65:79:23:64:c3:d3:4b:ac:87:69:c9:fb:
e3:d6:9d:20:51:c1:20:7b:53:05:82:0e:19:6f:9b:
26:fe:90:ca:f2:4d:0e:57:8f:cd:1f:ac:8c:f4:05:
43:6a:d3:c2:56:cf:73:94:9c:91:c6:78:1f:81:2d:
75:53:ac:f5:4a:ea:28:36:33:35:f0:3d:9b:9a:54:
b9:33:ab:fd:c1:f6:c7:64:c5:06:44:f2:f3:a8:fb:
ad:16:fe:a2:d1:51:89:4c:a1:af:4d:75:f8:01:bb:
af:7c:be:9a:36:d9:4e:c0:ae:fe:95:0e:aa:8a:bd:
0e:ac:63:e1:a5:bf:19:8a:4c:46:34:e2:27:4f:1d:
86:71:c8:69:3a:c2:6c:fb:24:19:13:57:30:4b:82:
e5:59:a4:4f:aa:21:2f:98:17:4d:32:a5:62:28:9d:
e5:6e:00:27:7a:fa:e7:4b:34:68:56:55:2f:b9:8e:
70:dd:cf:b5:17:78:4d:40:83:e3:0b:b5:71:d5:84:
06:74:e5:fc:3f:b5:d4:c9:26:ac:63:1b:cb:2a:5d:
8f:10:1b:22:68:71:27:c2:2d:14:d4:40:d5:54:5f:
37:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:62:27:C4:68:F9:63:B2:0A:89:25:EB:D3:E0:56:BC:D5:8A:13:76
X509v3 Authority Key Identifier:
keyid:D1:81:D0:C4:09:51:A4:F9:00:E4:D9:DD:9C:20:E4:85:63:50:92:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YHQxAlRpPkA5NndnCDkhWNQkg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/l2InxGj5Y7IKiSXr0-BWvNWKE3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/a9d79e-b282-43c1-8b8a-388b81c0c90c/1/0YHQxAlRpPkA5NndnCDkhWNQkg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.152.0/22
185.208.184.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:70:bf:d0:45:0f:f7:ca:58:1b:5e:d7:e6:ae:34:bb:f3:e9:
2f:f9:62:b8:b2:7b:86:88:da:e8:01:eb:56:d4:8f:4d:6a:9e:
d8:72:17:f2:49:2d:e6:5d:8d:10:fd:50:06:68:7f:c2:a8:d7:
ee:e6:11:19:9b:10:9e:2c:d3:50:5d:d3:56:04:a9:c3:4d:8f:
c3:fe:8b:63:eb:60:a8:d7:60:07:5d:31:94:ca:14:18:ee:88:
6f:1b:61:d5:23:27:bd:49:b5:4b:04:cd:e7:3d:b6:70:c8:12:
e0:29:71:83:30:b0:90:0a:bb:19:d7:65:16:b1:57:1e:70:00:
95:48:a5:d9:42:90:f7:49:2a:df:62:8a:5b:e6:5f:74:d1:3c:
2d:c7:4e:7f:2a:b6:9f:65:dd:2e:f4:a7:2b:af:ef:39:e0:a6:
6a:8b:f6:a4:55:21:a5:5d:5b:4a:85:ac:80:d3:2c:aa:67:27:
af:05:3a:84:85:bd:b3:20:59:2a:b4:9d:1a:a9:05:c1:d6:26:
a0:3d:e3:a1:8e:4d:89:0b:ad:47:49:6d:40:94:2c:4a:cc:8b:
6a:a4:63:20:5c:1b:0a:2f:a2:90:9a:db:b0:74:48:ee:93:0f:
9b:07:27:f0:f0:57:5b:fb:29:f5:d6:95:44:06:93:32:7f:e7:
04:c2:5e:42
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECj5X9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTgxZDBjNDA5NTFhNGY5MDBlNGQ5ZGQ5YzIwZTQ4NTYzNTA5MjBlMB4XDTIyMDEw
MTA0MDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2MjI3YzQ2OGY5
NjNiMjBhODkyNWViZDNlMDU2YmNkNThhMTM3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDLEXV9sXWok5ZzCdtiwxZhw/vePB8rH/hdwEzGACfkZXkj
ZMPTS6yHacn749adIFHBIHtTBYIOGW+bJv6QyvJNDlePzR+sjPQFQ2rTwlbPc5Sc
kcZ4H4EtdVOs9UrqKDYzNfA9m5pUuTOr/cH2x2TFBkTy86j7rRb+otFRiUyhr011
+AG7r3y+mjbZTsCu/pUOqoq9Dqxj4aW/GYpMRjTiJ08dhnHIaTrCbPskGRNXMEuC
5VmkT6ohL5gXTTKlYiid5W4AJ3r650s0aFZVL7mOcN3PtRd4TUCD4wu1cdWEBnTl
/D+11MkmrGMbyypdjxAbImhxJ8ItFNRA1VRfN4cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSXYifEaPljsgqJJevT4Fa81YoTdjAfBgNVHSMEGDAWgBTRgdDECVGk+QDk
2d2cIOSFY1CSDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBZSFF4QWxScFBrQTVObmRuQ0RraFdOUWtnNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvYTlkNzllLWIyODItNDNjMS04YjhhLTM4OGI4MWMwYzkwYy8x
L2wySW54R2o1WTdJS2lTWHIwLUJXdk5XS0UzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
YTlkNzllLWIyODItNDNjMS04YjhhLTM4OGI4MWMwYzkwYy8xLzBZSFF4QWxScFBr
QTVObmRuQ0RraFdOUWtnNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArmgmAMEArnQuDANBgkqhkiG9w0B
AQsFAAOCAQEA03C/0EUP98pYG17X5q40u/PpL/liuLJ7hoja6AHrVtSPTWqe2HIX
8kkt5l2NEP1QBmh/wqjX7uYRGZsQnizTUF3TVgSpw02Pw/6LY+tgqNdgB10xlMoU
GO6Ibxth1SMnvUm1SwTN5z22cMgS4ClxgzCwkAq7GddlFrFXHnAAlUil2UKQ90kq
32KKW+ZfdNE8LcdOfyq2n2XdLvSnK6/vOeCmaov2pFUhpV1bSoWsgNMsqmcnrwU6
hIW9syBZKrSdGqkFwdYmoD3joY5NiQutR0ltQJQsSsyLaqRjIFwbCi+ikJrbsHRI
7pMPmwcn8PBXW/sp9daVRAaTMn/nBMJeQg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:14:38 2025 by rpki-client