Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/6zLT3x3RIZu2_DkAmstO3vRmEK4.roa
File: 6zLT3x3RIZu2_DkAmstO3vRmEK4.roa (raw, json)
Hash identifier: nEdAmddUytGZqspSLYZbhhqHPCMvWd0LONEAQj+JtJg=
Subject key identifier: EB:32:D3:DF:1D:D1:21:9B:B6:FC:39:00:9A:CB:4E:DE:F4:66:10:AE
Certificate issuer: /CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Certificate serial: 01856C37EEF4AEC05D72D4DBD1106ADFC7B4
Authority key identifier: 1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/6zLT3x3RIZu2_DkAmstO3vRmEK4.roa
Signing time: Sun 01 Jan 2023 07:24:42 +0000
ROA not before: Sun 01 Jan 2023 07:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198539
IP address blocks: 185.228.112.0/23 maxlen: 23
185.228.114.0/24 maxlen: 24
185.228.115.0/24 maxlen: 24
194.50.142.0/24 maxlen: 24
194.50.143.0/24 maxlen: 24
194.50.141.0/24 maxlen: 24
2a0d:e00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:37:ee:f4:ae:c0:5d:72:d4:db:d1:10:6a:df:c7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6
Validity
Not Before: Jan 1 07:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb32d3df1dd1219bb6fc39009acb4edef46610ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2d:b8:d7:41:a4:4d:9d:fa:c3:44:fd:8f:dc:
95:cd:28:ee:fe:85:5b:38:22:cf:b6:e8:c2:1c:e6:
10:40:85:29:56:d6:f3:b8:bd:41:f3:46:ad:5d:9a:
01:d9:dc:1f:6a:e1:73:6b:52:fd:f4:a1:78:0f:d3:
85:ec:a6:d6:62:73:8f:64:56:e3:c2:ad:f2:c9:b3:
30:e2:3c:c7:51:5a:e0:05:e7:2d:31:81:11:7b:87:
17:4a:47:6b:53:59:3a:92:87:33:81:1a:06:f4:e8:
c0:13:08:f7:b7:ea:95:5c:6a:30:ee:db:81:5f:85:
4f:73:c4:07:86:c7:56:79:47:e3:57:52:a9:b7:fc:
0c:a8:e0:f9:a9:98:9b:c5:9b:66:8b:b9:bb:fb:4f:
16:ca:6f:7a:99:6d:66:c5:d0:ec:38:83:d6:90:e9:
18:02:60:07:24:38:ec:b7:55:c5:ec:8d:7d:89:4b:
79:8d:4d:7d:a7:0f:2f:91:18:2c:1a:a1:eb:0d:ba:
e1:5e:76:0d:79:c9:92:c6:e7:5e:37:60:3a:6e:bf:
43:72:86:f3:0b:12:d1:02:90:86:9d:96:02:68:9e:
f8:a7:99:8e:99:08:59:e4:84:04:38:e3:43:9f:c2:
a3:02:68:76:48:99:4d:29:12:1d:00:39:b7:3a:dc:
9c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:32:D3:DF:1D:D1:21:9B:B6:FC:39:00:9A:CB:4E:DE:F4:66:10:AE
X509v3 Authority Key Identifier:
keyid:1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/6zLT3x3RIZu2_DkAmstO3vRmEK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.112.0/22
194.50.141.0-194.50.143.255
IPv6:
2a0d:e00::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b6:e8:bb:dc:3f:0b:e8:57:0a:43:c3:74:be:1b:1a:09:c6:
0e:25:da:f7:f6:54:48:45:cd:aa:c1:8f:e8:59:1a:c6:54:e2:
3c:43:f5:4a:1c:c8:25:28:d5:8c:42:e5:58:31:6c:ca:6d:02:
09:a6:e6:a8:57:89:62:46:5f:90:52:f9:8e:d7:cf:f3:8f:d6:
0f:9f:8a:a9:8a:f7:2c:73:28:18:81:20:25:b0:65:21:ca:55:
ac:c2:85:27:f1:32:67:e1:06:23:4e:00:56:d1:48:c5:97:c9:
e7:05:92:1d:04:de:c2:32:ad:36:8a:77:f3:6b:7c:c5:01:a1:
f0:95:9c:63:d4:6f:e3:31:e4:27:ab:06:7d:32:a8:37:a0:db:
0e:76:36:a3:86:86:3a:ee:26:53:ec:82:c2:94:67:71:7e:e9:
5e:c3:73:ff:51:cf:2b:34:6a:8a:e3:b8:b2:ad:6f:2b:9c:a6:
42:3a:bb:d4:87:55:08:2b:6f:34:99:79:17:20:93:32:fc:e6:
15:cf:3d:cc:4b:b3:27:f6:9d:d2:0c:4d:7c:79:be:ec:4c:da:
aa:03:d4:f5:02:7d:52:b0:30:68:d7:8c:62:97:c0:2e:46:40:
a3:db:85:30:bc:de:96:1b:51:80:5c:e5:61:70:35:1d:41:8f:
39:5f:5b:0b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVsN+70rsBdctTb0RBq38e0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzE0MmI0NWI1Y2UzOTAxNmUyNWUwOWIyZmVkNTc5YTli
ZDc3ZDYwHhcNMjMwMTAxMDcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjMyZDNkZjFkZDEyMTliYjZmYzM5MDA5YWNiNGVkZWY0NjYxMGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy2410GkTZ36w0T9j9yVzSju/oVb
OCLPtujCHOYQQIUpVtbzuL1B80atXZoB2dwfauFza1L99KF4D9OF7KbWYnOPZFbj
wq3yybMw4jzHUVrgBectMYERe4cXSkdrU1k6koczgRoG9OjAEwj3t+qVXGow7tuB
X4VPc8QHhsdWeUfjV1Kpt/wMqOD5qZibxZtmi7m7+08Wym96mW1mxdDsOIPWkOkY
AmAHJDjst1XF7I19iUt5jU19pw8vkRgsGqHrDbrhXnYNecmSxudeN2A6br9Dcobz
CxLRApCGnZYCaJ74p5mOmQhZ5IQEOONDn8KjAmh2SJlNKRIdADm3OtycLwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOsy098d0SGbtvw5AJrLTt70ZhCuMB8GA1UdIwQY
MBaAFB9xQrRbXOOQFuJeCbL+1XmpvXfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTkt
ZGZlNDVmNjcyZjgxLzEvNnpMVDN4M1JJWnUyX0RrQW1zdE8zdlJtRUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTktZGZlNDVmNjcyZjgx
LzEvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCueRwMAwD
BADCMo0DBATCMoAwDQQCAAIwBwMFAyoNDgAwDQYJKoZIhvcNAQELBQADggEBAFu2
6LvcPwvoVwpDw3S+GxoJxg4l2vf2VEhFzarBj+hZGsZU4jxD9UocyCUo1YxC5Vgx
bMptAgmm5qhXiWJGX5BS+Y7Xz/OP1g+fiqmK9yxzKBiBICWwZSHKVazChSfxMmfh
BiNOAFbRSMWXyecFkh0E3sIyrTaKd/NrfMUBofCVnGPUb+Mx5CerBn0yqDeg2w52
NqOGhjruJlPsgsKUZ3F+6V7Dc/9Rzys0aorjuLKtbyucpkI6u9SHVQgrbzSZeRcg
kzL85hXPPcxLsyf2ndIMTXx5vuxM2qoD1PUCfVKwMGjXjGKXwC5GQKPbhTC83pYb
UYBc5WFwNR1BjzlfWws=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:04 2025 by rpki-client