Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/6OewQU4KUJXKFFbvm7EwGZ-XEZM.roa
File: 6OewQU4KUJXKFFbvm7EwGZ-XEZM.roa (raw, json)
Hash identifier: lLfEVQqk2xlXheOScClRjN6wi2VIOzfTy698Xs0PJgo=
Subject key identifier: E8:E7:B0:41:4E:0A:50:95:CA:14:56:EF:9B:B1:30:19:9F:97:11:93
Certificate issuer: /CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Certificate serial: 01867DA344348C8669EA16AFFB9CCD86DE85
Authority key identifier: F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/6OewQU4KUJXKFFbvm7EwGZ-XEZM.roa
Signing time: Thu 23 Feb 2023 09:38:17 +0000
ROA not before: Thu 23 Feb 2023 09:38:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6895
IP address blocks: 193.149.0.0/24 maxlen: 24
193.149.0.0/23 maxlen: 24
195.95.153.0/24 maxlen: 24
185.79.172.0/22 maxlen: 23
185.79.172.0/23 maxlen: 23
185.79.174.0/24 maxlen: 24
2001:7f8:f::/48 maxlen: 48
2a03:5e60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:a3:44:34:8c:86:69:ea:16:af:fb:9c:cd:86:de:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Validity
Not Before: Feb 23 09:38:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8e7b0414e0a5095ca1456ef9bb130199f971193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:6d:b2:61:bc:8d:9f:0a:1c:7f:8f:20:39:
7f:49:6f:ae:5a:42:56:6a:0c:ef:9a:c4:60:55:bd:
ef:44:36:05:8f:82:1e:56:68:52:ac:66:ca:ac:ae:
61:14:31:71:ca:d9:3c:f5:c3:ac:22:29:61:03:a8:
45:21:76:00:0c:24:30:2e:1c:64:47:12:04:cc:ee:
64:cf:7a:e7:df:c2:47:c4:02:3f:55:a7:ae:d8:de:
93:45:7c:3c:6d:d3:70:11:d7:8d:9d:d7:f6:1c:7f:
70:88:e7:b8:f7:cd:37:52:bc:e6:ce:95:0d:4d:48:
6e:f1:1a:68:25:02:58:16:59:22:e2:92:ac:c9:40:
52:16:c0:24:f6:53:97:4e:fb:de:a5:af:c7:8d:01:
a0:2a:10:41:a1:cf:51:f2:a6:02:a9:fc:b2:d2:3d:
88:cc:9b:0c:73:5a:7a:f7:25:a4:b1:30:d9:d6:88:
58:79:ce:70:21:fd:cc:f9:a4:a7:0e:68:8d:00:e4:
28:11:a2:61:86:4b:be:e8:a0:76:69:4e:34:e1:98:
52:1d:22:a4:e6:98:2c:83:b8:06:2c:bb:38:03:1e:
af:c5:6d:76:25:4d:0f:d7:35:28:f9:0f:f5:0b:fe:
45:85:8f:8e:a6:fa:96:c5:7b:9e:96:d6:c5:4f:42:
6a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E7:B0:41:4E:0A:50:95:CA:14:56:EF:9B:B1:30:19:9F:97:11:93
X509v3 Authority Key Identifier:
keyid:F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/6OewQU4KUJXKFFbvm7EwGZ-XEZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.172.0/22
193.149.0.0/23
195.95.153.0/24
IPv6:
2001:7f8:f::/48
2a03:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
24:13:cf:2c:a2:5e:84:fc:df:ba:e8:e7:1d:28:4c:84:28:f1:
68:9d:1d:f5:8e:00:04:55:5f:df:d3:91:16:69:3e:89:7b:75:
a6:43:0a:78:40:4a:d1:34:26:99:04:5b:57:1d:5d:d5:c2:5d:
1c:eb:01:35:86:57:30:98:72:73:fb:0d:68:ce:08:27:61:72:
1f:77:57:a8:73:4d:21:f6:74:4c:d2:07:aa:dd:ed:69:9e:af:
09:8c:1d:ca:7a:99:9e:4d:7a:5e:57:b4:a7:52:d7:aa:67:ea:
3a:55:3c:af:15:6e:0c:24:22:82:ef:e9:d6:e2:f6:44:a7:ee:
02:9d:14:35:17:16:e5:67:13:44:5a:77:3b:4d:1b:68:ec:02:
22:43:6f:b6:6d:3c:47:47:bf:34:f4:cd:30:ca:18:35:fb:ec:
82:42:6b:0c:36:d7:59:95:c0:ff:c1:4d:f1:11:67:d6:5c:b2:
23:b0:7d:be:8c:94:81:ca:fe:a1:92:11:90:02:74:a2:2a:e4:
23:d8:15:1a:b6:f5:dd:3f:3b:10:e5:d7:b9:e6:fa:de:dd:2b:
78:d9:7b:ef:be:09:cb:f8:e0:4b:58:c2:1b:11:72:1c:1e:1b:
7e:a4:0b:f7:db:ec:4b:b8:45:b0:63:57:41:cb:c5:5d:c9:3d:
3f:25:22:c6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZ9o0Q0jIZp6hav+5zNht6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDMyZTc1Mjk0MTg3ZDQ2ZThlYWUwZjhmZTcyYjVmZDdh
YmY4ODYwHhcNMjMwMjIzMDkzODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGU3YjA0MTRlMGE1MDk1Y2ExNDU2ZWY5YmIxMzAxOTlmOTcxMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGltsmG8jZ8KHH+PIDl/SW+uWkJW
agzvmsRgVb3vRDYFj4IeVmhSrGbKrK5hFDFxytk89cOsIilhA6hFIXYADCQwLhxk
RxIEzO5kz3rn38JHxAI/Vaeu2N6TRXw8bdNwEdeNndf2HH9wiOe49803UrzmzpUN
TUhu8RpoJQJYFlki4pKsyUBSFsAk9lOXTvvepa/HjQGgKhBBoc9R8qYCqfyy0j2I
zJsMc1p69yWksTDZ1ohYec5wIf3M+aSnDmiNAOQoEaJhhku+6KB2aU404ZhSHSKk
5pgsg7gGLLs4Ax6vxW12JU0P1zUo+Q/1C/5FhY+OpvqWxXueltbFT0JqAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOjnsEFOClCVyhRW75uxMBmflxGTMB8GA1UdIwQY
MBaAFPfTLnUpQYfUbo6uD4/nK1/Xq/iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAt
ZDFhNDU5OWNiMGU1LzEvNk9ld1FVNEtVSlhLRkZidm03RXdHWi1YRVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAtZDFhNDU5OWNiMGU1
LzEvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuU+sAwQB
wZUAAwQAw1+ZMBYEAgACMBADBwAgAQf4AA8DBQAqA15gMA0GCSqGSIb3DQEBCwUA
A4IBAQAkE88sol6E/N+66OcdKEyEKPFonR31jgAEVV/f05EWaT6Je3WmQwp4QErR
NCaZBFtXHV3Vwl0c6wE1hlcwmHJz+w1ozggnYXIfd1eoc00h9nRM0geq3e1pnq8J
jB3KepmeTXpeV7SnUteqZ+o6VTyvFW4MJCKC7+nW4vZEp+4CnRQ1FxblZxNEWnc7
TRto7AIiQ2+2bTxHR7809M0wyhg1++yCQmsMNtdZlcD/wU3xEWfWXLIjsH2+jJSB
yv6hkhGQAnSiKuQj2BUatvXdPzsQ5de55vre3St42XvvvgnL+OBLWMIbEXIcHht+
pAv32+xLuEWwY1dBy8VdyT0/JSLG
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:47 2025 by rpki-client