Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/a8ivDXeMheJvATVXbSUy9pf2TnQ.roa
File: a8ivDXeMheJvATVXbSUy9pf2TnQ.roa (raw, json)
Hash identifier: c4b2s92FOs9OnXS7ogsEbhPwikqfhKropCOS/oushrQ=
Subject key identifier: 6B:C8:AF:0D:77:8C:85:E2:6F:01:35:57:6D:25:32:F6:97:F6:4E:74
Certificate issuer: /CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Certificate serial: 0188C31D66C6F41275BDEBD87C5066424480
Authority key identifier: 66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/a8ivDXeMheJvATVXbSUy9pf2TnQ.roa
Signing time: Fri 16 Jun 2023 07:31:03 +0000
ROA not before: Fri 16 Jun 2023 07:31:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200435
IP address blocks: 185.63.172.0/22 maxlen: 24
185.63.172.0/24 maxlen: 24
185.63.175.0/24 maxlen: 24
185.63.173.0/24 maxlen: 24
185.63.174.0/24 maxlen: 24
2a04:f600:4454::/48 maxlen: 48
2a04:f600::/29 maxlen: 48
2a04:f600:4455::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:1d:66:c6:f4:12:75:bd:eb:d8:7c:50:66:42:44:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d0580e1725f45de106b97f77d9cd76bc4df806
Validity
Not Before: Jun 16 07:31:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bc8af0d778c85e26f0135576d2532f697f64e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1f:51:b7:d4:20:90:b2:7e:37:e3:36:11:4f:
7f:91:2a:63:66:b5:19:ee:e0:7d:27:df:65:dd:3b:
98:18:3f:01:b0:41:68:61:b6:b9:6d:d0:6c:7c:d5:
ad:c2:ef:3a:65:e2:f3:25:31:2a:b1:c4:75:f3:36:
cd:9d:64:b5:04:98:a3:31:ce:2f:cf:77:ad:1f:29:
a6:43:39:13:e6:e6:11:65:ae:ae:46:fb:89:f7:53:
0e:37:7d:ba:9c:4a:69:7d:f2:12:e0:54:33:26:2d:
49:ad:95:be:20:ed:e3:ba:67:d8:21:39:71:1f:75:
03:7c:52:ce:ee:f7:38:6c:04:10:91:bc:12:3d:cc:
52:9b:4e:5c:31:f4:03:08:99:f6:18:5b:5a:a9:77:
40:73:70:e3:b8:9a:8f:3c:81:6b:10:92:c3:83:41:
be:b3:6c:cd:45:23:a0:cc:0b:86:6a:b6:34:b0:a7:
f0:c2:72:5c:f1:c3:24:f8:b2:67:e1:4e:1e:1d:a7:
10:5c:f5:c0:36:a4:cb:fd:b4:78:8d:1a:bc:45:56:
54:c8:e9:a0:e5:4e:f2:07:76:e0:4e:25:21:88:28:
57:44:45:7e:9b:3c:9c:1b:2a:a8:6d:39:6c:ed:b0:
20:ed:ba:a1:b8:63:17:87:21:2c:f5:32:f9:28:25:
02:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C8:AF:0D:77:8C:85:E2:6F:01:35:57:6D:25:32:F6:97:F6:4E:74
X509v3 Authority Key Identifier:
keyid:66:D0:58:0E:17:25:F4:5D:E1:06:B9:7F:77:D9:CD:76:BC:4D:F8:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/a8ivDXeMheJvATVXbSUy9pf2TnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/6e9c07-33ed-4ee4-83ec-95d95ace8281/1/ZtBYDhcl9F3hBrl_d9nNdrxN-AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.172.0/22
IPv6:
2a04:f600::/29
Signature Algorithm: sha256WithRSAEncryption
55:ca:67:45:d5:03:c0:e7:02:57:9d:36:22:39:4c:94:c5:2f:
94:a4:55:96:d8:1b:2a:19:38:19:4e:a1:8a:e1:75:d6:c7:93:
1b:50:94:40:2a:ec:b3:b3:07:20:19:d3:7a:09:a9:83:a2:92:
72:53:0e:4b:47:a4:98:af:08:8b:8e:61:c6:b6:c9:13:1a:76:
2d:ad:25:b1:3e:50:95:81:3c:ef:f2:6f:57:b2:95:43:e9:20:
2b:c1:ed:21:e0:6a:a8:35:fb:a1:5a:91:63:a3:cd:53:ee:52:
54:83:ca:7b:dc:d4:8b:d3:1c:1e:5e:b8:dd:6c:20:ff:39:b2:
a0:c1:f6:48:1a:77:ee:72:cc:d1:81:e5:45:6e:33:b4:52:0a:
9c:2e:09:e5:07:92:a9:50:03:a8:be:11:89:95:48:e8:17:60:
c7:7e:63:4d:05:85:be:a1:32:61:69:5f:cc:72:4e:9e:6e:5a:
c5:81:46:78:01:1f:b9:90:3c:c1:90:5b:9f:6b:59:b8:c8:e8:
f0:86:6d:5b:e2:54:36:0d:1b:62:ea:dd:68:cf:d4:2f:7b:97:
1a:e4:b5:32:1e:ac:4e:b6:7d:7c:f3:d6:a2:5f:b3:d6:88:26:
d8:74:41:89:16:a2:8d:2a:7b:ee:9c:53:cf:18:ba:81:dc:5f:
4b:93:40:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjDHWbG9BJ1vevYfFBmQkSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDA1ODBlMTcyNWY0NWRlMTA2Yjk3Zjc3ZDljZDc2YmM0
ZGY4MDYwHhcNMjMwNjE2MDczMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM4YWYwZDc3OGM4NWUyNmYwMTM1NTc2ZDI1MzJmNjk3ZjY0ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR9Rt9QgkLJ+N+M2EU9/kSpjZrUZ
7uB9J99l3TuYGD8BsEFoYba5bdBsfNWtwu86ZeLzJTEqscR18zbNnWS1BJijMc4v
z3etHymmQzkT5uYRZa6uRvuJ91MON326nEppffIS4FQzJi1JrZW+IO3jumfYITlx
H3UDfFLO7vc4bAQQkbwSPcxSm05cMfQDCJn2GFtaqXdAc3DjuJqPPIFrEJLDg0G+
s2zNRSOgzAuGarY0sKfwwnJc8cMk+LJn4U4eHacQXPXANqTL/bR4jRq8RVZUyOmg
5U7yB3bgTiUhiChXREV+mzycGyqobTls7bAg7bqhuGMXhyEs9TL5KCUCVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGvIrw13jIXibwE1V20lMvaX9k50MB8GA1UdIwQY
MBaAFGbQWA4XJfRd4Qa5f3fZzXa8TfgGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMt
OTVkOTVhY2U4MjgxLzEvYThpdkRYZU1oZUp2QVRWWGJTVXk5cGYyVG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS82ZTljMDctMzNlZC00ZWU0LTgzZWMtOTVkOTVhY2U4Mjgx
LzEvWnRCWURoY2w5RjNoQnJsX2Q5bk5kcnhOLUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+sMA0E
AgACMAcDBQMqBPYAMA0GCSqGSIb3DQEBCwUAA4IBAQBVymdF1QPA5wJXnTYiOUyU
xS+UpFWW2BsqGTgZTqGK4XXWx5MbUJRAKuyzswcgGdN6CamDopJyUw5LR6SYrwiL
jmHGtskTGnYtrSWxPlCVgTzv8m9XspVD6SArwe0h4GqoNfuhWpFjo81T7lJUg8p7
3NSL0xweXrjdbCD/ObKgwfZIGnfucszRgeVFbjO0UgqcLgnlB5KpUAOovhGJlUjo
F2DHfmNNBYW+oTJhaV/Mck6eblrFgUZ4AR+5kDzBkFufa1m4yOjwhm1b4lQ2DRti
6t1oz9Qve5ca5LUyHqxOtn1889aiX7PWiCbYdEGJFqKNKnvunFPPGLqB3F9Lk0AL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:16 2025 by rpki-client