Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/Szl6Ha4gBX1EwRuWICkoxClbdXc.roa
File: Szl6Ha4gBX1EwRuWICkoxClbdXc.roa (raw, json)
Hash identifier: lC1o20bubdbqWG3AUFx12VUBe+SbtrpU5Gl2xZZGabQ=
Subject key identifier: 4B:39:7A:1D:AE:20:05:7D:44:C1:1B:96:20:29:28:C4:29:5B:75:77
Certificate issuer: /CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Certificate serial: 0185727A1F480EF2945AE21CD30415BFE59E
Authority key identifier: 7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/Szl6Ha4gBX1EwRuWICkoxClbdXc.roa
Signing time: Mon 02 Jan 2023 12:34:43 +0000
ROA not before: Mon 02 Jan 2023 12:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43930
IP address blocks: 185.108.34.0/24 maxlen: 24
185.108.32.0/24 maxlen: 24
185.108.33.0/24 maxlen: 24
185.194.165.0/24 maxlen: 24
185.194.164.0/24 maxlen: 24
2a02:c800::/32 maxlen: 32
2a02:c800:42::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:1f:48:0e:f2:94:5a:e2:1c:d3:04:15:bf:e5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Validity
Not Before: Jan 2 12:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b397a1dae20057d44c11b96202928c4295b7577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dd:31:78:80:91:f9:14:fd:c7:e6:ab:4a:90:
09:5a:bb:19:69:3d:00:77:5f:0f:ca:0b:64:28:bf:
5d:53:c2:71:2f:7c:18:6d:06:2d:b3:d6:f8:31:33:
21:d3:16:f2:54:44:83:24:7b:b1:ed:33:d0:25:35:
b3:a4:f3:5d:99:22:4a:a9:80:04:a2:a7:17:ef:df:
2e:af:06:1c:c6:55:6a:a3:0d:3e:67:5c:2c:9b:db:
33:00:0f:87:1c:b8:6a:be:41:39:87:65:4e:6d:30:
ad:34:bd:c9:b3:ed:be:d3:c8:72:87:a5:e8:4d:3d:
b3:e6:61:84:94:d7:0e:12:fc:7f:bc:af:c8:0b:be:
ea:4e:0d:bf:d3:0a:2a:b9:52:a7:a8:36:97:35:08:
13:f5:97:32:ff:a7:d4:ca:e4:89:3c:33:a4:10:cb:
e9:7d:ca:ff:98:5d:f9:1d:92:d8:cb:04:d0:5e:2c:
61:40:aa:11:39:8f:c5:a7:be:4d:a9:dc:ca:ae:02:
32:9d:a2:c0:8b:d2:04:65:b6:6d:3b:92:4a:5d:57:
40:4b:2f:a1:32:ed:71:61:9c:7e:ea:c3:7a:78:3a:
56:45:92:62:6e:3d:17:16:f3:47:2a:e7:79:9e:51:
05:8d:fc:20:ce:cd:fd:c4:b9:3d:4e:8a:72:09:55:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:39:7A:1D:AE:20:05:7D:44:C1:1B:96:20:29:28:C4:29:5B:75:77
X509v3 Authority Key Identifier:
keyid:7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/Szl6Ha4gBX1EwRuWICkoxClbdXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/e_OebrMTHs883c0MnjeMNS2kH8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.32.0-185.108.34.255
185.194.164.0/23
IPv6:
2a02:c800::/32
Signature Algorithm: sha256WithRSAEncryption
5e:b3:55:56:f7:5a:f9:67:37:2a:1d:0a:9c:4d:1c:7c:6e:76:
50:cf:d9:35:8e:b3:f0:11:bd:0b:fe:1f:d1:f9:01:11:cd:65:
26:8e:cf:ba:47:c7:c7:cc:2b:0d:79:44:40:69:ab:89:19:35:
7c:6a:20:44:30:f7:b4:03:6e:db:3a:bb:a3:5c:f4:b3:c8:cd:
67:5b:e6:51:88:37:a8:bc:fa:ea:06:94:d6:ff:41:cb:e7:af:
56:a3:e1:7c:8a:a6:5f:4d:04:e7:e5:79:32:17:33:2f:aa:71:
93:1b:b0:1b:3c:b1:04:99:ba:16:51:a6:90:3d:10:c6:eb:57:
8c:80:08:5b:35:b9:35:e6:0a:9c:c6:0c:e0:ee:e2:c1:89:b7:
d1:44:00:a6:a6:56:d6:69:08:c2:8b:47:c3:c3:c3:77:d7:ff:
b0:90:71:5f:60:dd:99:3b:24:2c:7e:33:d4:46:8a:b7:24:01:
5e:6e:3e:91:27:3e:2d:a8:56:c6:af:39:5c:af:7e:2b:a2:df:
c0:42:6f:27:81:5f:22:9f:a6:a6:a2:eb:8c:ab:05:05:2e:76:
bb:c4:56:7b:ed:98:24:fe:60:63:3b:1a:8e:71:28:a1:8f:4e:
9f:12:e5:10:bc:58:df:9e:b9:1c:d7:e5:ad:24:68:eb:7e:3e:
27:40:86:a0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVyeh9IDvKUWuIc0wQVv+WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZjM5ZTZlYjMxMzFlY2YzY2RkY2QwYzllMzc4YzM1MmRh
NDFmYzIwHhcNMjMwMTAyMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM5N2ExZGFlMjAwNTdkNDRjMTFiOTYyMDI5MjhjNDI5NWI3NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd0xeICR+RT9x+arSpAJWrsZaT0A
d18PygtkKL9dU8JxL3wYbQYts9b4MTMh0xbyVESDJHux7TPQJTWzpPNdmSJKqYAE
oqcX798urwYcxlVqow0+Z1wsm9szAA+HHLhqvkE5h2VObTCtNL3Js+2+08hyh6Xo
TT2z5mGElNcOEvx/vK/IC77qTg2/0woquVKnqDaXNQgT9Zcy/6fUyuSJPDOkEMvp
fcr/mF35HZLYywTQXixhQKoROY/Fp75NqdzKrgIynaLAi9IEZbZtO5JKXVdASy+h
Mu1xYZx+6sN6eDpWRZJibj0XFvNHKud5nlEFjfwgzs39xLk9TopyCVUPjQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEs5eh2uIAV9RMEbliApKMQpW3V3MB8GA1UdIwQY
MBaAFHvznm6zEx7PPN3NDJ43jDUtpB/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYt
Yzk2N2M5ZGI1NzUyLzEvU3psNkhhNGdCWDFFd1J1V0lDa294Q2xiZFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYtYzk2N2M5ZGI1NzUy
LzEvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAW5bCAD
BAC5bCIDBAG5wqQwDQQCAAIwBwMFACoCyAAwDQYJKoZIhvcNAQELBQADggEBAF6z
VVb3WvlnNyodCpxNHHxudlDP2TWOs/ARvQv+H9H5ARHNZSaOz7pHx8fMKw15REBp
q4kZNXxqIEQw97QDbts6u6Nc9LPIzWdb5lGIN6i8+uoGlNb/Qcvnr1aj4XyKpl9N
BOfleTIXMy+qcZMbsBs8sQSZuhZRppA9EMbrV4yACFs1uTXmCpzGDODu4sGJt9FE
AKamVtZpCMKLR8PDw3fX/7CQcV9g3Zk7JCx+M9RGirckAV5uPpEnPi2oVsavOVyv
fiui38BCbyeBXyKfpqai64yrBQUudrvEVnvtmCT+YGM7Go5xKKGPTp8S5RC8WN+e
uRzX5a0kaOt+PidAhqA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:19:38 2025 by rpki-client