Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/8SZJpgf1SJiL0hZEYEDkscCYtio.roa
File: 8SZJpgf1SJiL0hZEYEDkscCYtio.roa (raw, json)
Hash identifier: kbguB/hpt3byUMZyzsdmkO2bFiVcWEl5Yvu7z+/okK4=
Subject key identifier: F1:26:49:A6:07:F5:48:98:8B:D2:16:44:60:40:E4:B1:C0:98:B6:2A
Certificate issuer: /CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Certificate serial: 0188BAD5F2A9FDD60F8B0B9C25BE4C90A5D6
Authority key identifier: 66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/8SZJpgf1SJiL0hZEYEDkscCYtio.roa
Signing time: Wed 14 Jun 2023 16:56:03 +0000
ROA not before: Wed 14 Jun 2023 16:56:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200435
IP address blocks: 185.63.172.0/24 maxlen: 24
185.63.172.0/22 maxlen: 24
185.63.175.0/24 maxlen: 24
185.63.173.0/24 maxlen: 24
185.63.174.0/24 maxlen: 24
2a04:f600::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ba:d5:f2:a9:fd:d6:0f:8b:0b:9c:25:be:4c:90:a5:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Validity
Not Before: Jun 14 16:56:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f12649a607f548988bd216446040e4b1c098b62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:64:e2:a0:cf:e9:21:22:6f:9b:54:5f:0f:
0c:91:3b:74:c9:40:f7:be:55:bb:53:27:76:bf:62:
f8:8e:3f:f4:d7:5b:57:78:d9:8f:d3:4d:93:c3:af:
62:3e:96:f9:91:ab:c9:70:31:d6:05:b8:0f:9f:12:
0f:70:6e:4b:26:7c:85:2e:9e:14:78:93:7b:15:43:
94:e8:f0:24:42:36:13:05:3d:26:44:49:d0:a5:c9:
58:6e:2d:12:77:d8:b1:16:06:97:2d:20:73:bb:d3:
06:21:7e:02:01:80:cb:17:f9:a3:6b:8a:eb:14:e1:
b4:07:a8:56:ef:80:02:5e:ab:89:e3:3e:fa:68:cc:
a3:ac:7d:0c:81:bd:f2:33:62:f9:05:80:e6:69:fd:
9e:72:0b:ff:fe:58:8c:d5:97:4e:2a:3e:36:ee:d9:
5a:c4:a4:5a:f1:10:f2:f9:99:13:a2:40:01:e1:b1:
cd:0d:ad:99:c7:1d:0e:c4:0c:85:de:9b:3d:5b:b8:
ab:d2:63:27:1d:18:0b:bc:b8:2c:98:c0:42:a9:c4:
f6:8f:39:02:52:d3:8b:ac:71:3c:91:ab:30:3d:ea:
ee:36:d0:80:fd:f3:9a:d9:7a:85:bf:b2:11:d5:71:
37:ae:4b:8c:a3:2a:2e:73:ce:62:f7:06:7b:d4:dd:
40:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:26:49:A6:07:F5:48:98:8B:D2:16:44:60:40:E4:B1:C0:98:B6:2A
X509v3 Authority Key Identifier:
keyid:66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/8SZJpgf1SJiL0hZEYEDkscCYtio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.172.0/22
IPv6:
2a04:f600::/29
Signature Algorithm: sha256WithRSAEncryption
63:98:8f:54:9b:d4:e4:9a:96:d4:b6:b4:c4:d1:9a:ce:da:19:
42:9e:8e:c5:37:6d:e3:64:43:d1:77:fc:c3:0e:ed:dd:f7:95:
63:df:ba:4f:25:ce:47:05:4a:b5:ab:f6:e4:77:b3:e8:69:04:
38:08:74:b3:3a:ed:68:e8:15:72:29:f5:c9:e7:b2:63:e3:45:
43:da:f5:aa:94:55:ec:0c:1a:74:09:af:ea:53:7e:30:ab:e4:
1d:3a:1a:65:70:f1:1e:c2:e3:14:af:f4:19:39:e2:45:26:1d:
93:c0:71:d0:eb:6d:c8:0c:94:c4:6a:1a:e5:d7:09:80:c0:a8:
e1:51:83:02:18:42:72:a4:d9:8c:dc:b6:e9:f7:c4:55:44:4a:
35:9e:5b:a9:a7:d1:04:3c:3e:07:c2:93:39:10:41:7c:04:5d:
ac:9c:97:ac:d2:ae:d4:17:3f:ec:fc:2b:cc:a5:0c:1e:d4:77:
cb:11:0c:da:02:7b:ba:df:4a:5e:5c:5a:44:bc:75:4f:c4:dc:
ab:f8:5b:17:d5:8d:15:61:22:e2:c3:31:7f:73:d1:5d:17:16:
86:d0:a1:62:9a:05:0d:bd:5f:9c:56:d6:31:4c:25:bf:98:ab:
cd:38:a7:da:67:a2:75:f0:59:1f:90:29:88:8f:16:07:63:a3:
d4:b6:42:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYi61fKp/dYPiwucJb5MkKXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDA1ODBlMTcyNWY0NWRlMTA2Yjk3Zjc3ZDljZDc2YmM0
ZGY4MDYwHhcNMjMwNjE0MTY1NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI2NDlhNjA3ZjU0ODk4OGJkMjE2NDQ2MDQwZTRiMWMwOThiNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDhk4qDP6SEib5tUXw8MkTt0yUD3
vlW7Uyd2v2L4jj/011tXeNmP002Tw69iPpb5kavJcDHWBbgPnxIPcG5LJnyFLp4U
eJN7FUOU6PAkQjYTBT0mREnQpclYbi0Sd9ixFgaXLSBzu9MGIX4CAYDLF/mja4rr
FOG0B6hW74ACXquJ4z76aMyjrH0Mgb3yM2L5BYDmaf2ecgv//liM1ZdOKj427tla
xKRa8RDy+ZkTokAB4bHNDa2Zxx0OxAyF3ps9W7ir0mMnHRgLvLgsmMBCqcT2jzkC
UtOLrHE8kaswPeruNtCA/fOa2XqFv7IR1XE3rkuMoyouc85i9wZ71N1AMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPEmSaYH9UiYi9IWRGBA5LHAmLYqMB8GA1UdIwQY
MBaAFGbQWA4XJfRd4Qa5f3fZzXa8TfgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMt
OTVkOTVhY2U4MjgxLzEvOFNaSnBnZjFTSmlMMGhaRVlFRGtzY0NZdGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMtOTVkOTVhY2U4Mjgx
LzEvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+sMA0E
AgACMAcDBQMqBPYAMA0GCSqGSIb3DQEBCwUAA4IBAQBjmI9Um9TkmpbUtrTE0ZrO
2hlCno7FN23jZEPRd/zDDu3d95Vj37pPJc5HBUq1q/bkd7PoaQQ4CHSzOu1o6BVy
KfXJ57Jj40VD2vWqlFXsDBp0Ca/qU34wq+QdOhplcPEewuMUr/QZOeJFJh2TwHHQ
623IDJTEahrl1wmAwKjhUYMCGEJypNmM3Lbp98RVREo1nlupp9EEPD4HwpM5EEF8
BF2snJes0q7UFz/s/CvMpQwe1HfLEQzaAnu630peXFpEvHVPxNyr+FsX1Y0VYSLi
wzF/c9FdFxaG0KFimgUNvV+cVtYxTCW/mKvNOKfaZ6J18FkfkCmIjxYHY6PUtkLx
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:54 2025 by rpki-client