Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/SgxaV-hZyps-5Ci0PpifCBb_kiU.roa
File: SgxaV-hZyps-5Ci0PpifCBb_kiU.roa (raw, json)
Hash identifier: WX/A0LH51C0QL2v1EMbp54rVASkwB2xJ39XRIEYtQPk=
Subject key identifier: 4A:0C:5A:57:E8:59:CA:9B:3E:E4:28:B4:3E:98:9F:08:16:FF:92:25
Certificate issuer: /CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Certificate serial: 01856E38E8DC1FD8765F2288F9A6DB516A0D
Authority key identifier: 68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/SgxaV-hZyps-5Ci0PpifCBb_kiU.roa
Signing time: Sun 01 Jan 2023 16:45:01 +0000
ROA not before: Sun 01 Jan 2023 16:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204348
IP address blocks: 185.252.112.0/24 maxlen: 24
185.252.115.0/24 maxlen: 24
185.252.113.0/24 maxlen: 24
2a0e:e7c3::/32 maxlen: 32
2a04:b804::/32 maxlen: 32
2a04:b800::/32 maxlen: 32
2a0e:e7c7::/32 maxlen: 32
2a04:b803::/32 maxlen: 32
2a0e:e7c0::/32 maxlen: 32
2a04:b805::/32 maxlen: 32
2a10:a6c0::/29 maxlen: 29
2a0e:e7c6::/32 maxlen: 32
2a04:b802::/32 maxlen: 32
2a0e:e7c1::/32 maxlen: 32
2a0e:e7c5::/32 maxlen: 32
2a04:b806::/32 maxlen: 32
2a0e:e7c4::/32 maxlen: 32
2a0e:e7c2::/32 maxlen: 32
2a04:b807::/32 maxlen: 32
2a04:b801::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:e8:dc:1f:d8:76:5f:22:88:f9:a6:db:51:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68b22eea4a4a3b81654a227eda94e0e75937b015
Validity
Not Before: Jan 1 16:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a0c5a57e859ca9b3ee428b43e989f0816ff9225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:1d:70:80:12:c7:98:47:8e:8b:60:da:66:
dd:4d:53:14:d6:eb:76:e0:74:79:de:60:4d:80:37:
b8:3b:0f:39:b9:1d:e9:24:17:ee:ea:63:df:56:6f:
ae:be:3d:49:cf:01:5a:3e:aa:65:11:51:9c:9d:95:
39:61:e2:fa:b7:80:55:97:03:23:45:71:74:42:f5:
5a:fc:fd:dc:2a:99:ec:bd:d2:0f:64:92:ba:34:73:
a3:7e:9d:0b:48:e4:48:35:2f:17:25:ef:b7:e5:ea:
8d:60:20:35:8d:77:a1:76:21:9a:24:ff:5e:ee:52:
53:c4:21:c9:09:86:b1:9e:7f:73:23:a2:17:3b:c4:
a5:30:bb:0f:35:01:59:1a:18:94:a7:fb:1d:a9:0d:
e0:a0:d4:bb:35:a4:36:ef:0e:e7:f9:fb:66:f7:2c:
3d:77:9d:04:21:51:26:5b:93:f1:7c:64:7a:4f:5d:
55:25:d0:14:a3:60:41:20:52:f0:7c:51:57:67:5d:
a5:e8:16:37:fe:25:52:d5:50:d8:4d:e4:2d:e5:60:
2b:5b:c0:4b:fd:50:0c:16:94:6f:6f:ce:f5:91:a1:
1d:25:e7:00:f3:c4:77:39:8c:e2:2a:02:1d:58:31:
50:68:7f:e7:cd:56:3c:54:94:08:3a:9a:c6:b6:06:
9f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:0C:5A:57:E8:59:CA:9B:3E:E4:28:B4:3E:98:9F:08:16:FF:92:25
X509v3 Authority Key Identifier:
keyid:68:B2:2E:EA:4A:4A:3B:81:65:4A:22:7E:DA:94:E0:E7:59:37:B0:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aLIu6kpKO4FlSiJ-2pTg51k3sBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/SgxaV-hZyps-5Ci0PpifCBb_kiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/69cbc0-b6c5-4e67-a73b-2b65a7a8be8c/1/aLIu6kpKO4FlSiJ-2pTg51k3sBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.112.0/23
185.252.115.0/24
IPv6:
2a04:b800::/29
2a0e:e7c0::/29
2a10:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
84:4a:c2:e1:33:ef:5d:57:4f:7f:ff:b5:73:fc:d9:b3:82:48:
f4:00:d3:f9:9c:a7:2f:d4:9b:8b:06:49:20:72:31:db:8c:1d:
fd:c8:84:a8:30:9d:5a:db:d0:5f:50:06:2a:d1:a6:03:3a:26:
15:0b:1b:6b:06:67:94:2e:ce:ed:a3:95:d7:d6:7c:17:13:58:
bd:1e:5b:af:c1:96:3d:55:46:d2:08:2a:8f:af:26:63:da:af:
74:19:ad:38:f0:a2:d7:6a:79:a4:a0:46:b8:71:75:ed:af:1d:
75:bc:c7:35:ad:fc:c1:ab:77:7e:24:80:f6:3e:8e:2b:9e:5b:
ac:eb:15:3f:8d:f0:ee:4d:46:3c:07:67:e6:45:a1:e6:4b:eb:
b1:b6:58:72:b6:f4:3c:ba:5a:6a:b1:b1:7a:a3:29:32:6c:f0:
1f:2f:da:2c:38:75:f4:c4:b0:f2:38:ea:7a:05:a5:6e:fa:7f:
0d:66:6a:84:33:c2:08:f3:bc:6f:2a:cd:7e:d3:f5:3b:02:b9:
f7:74:e0:26:69:29:7d:7c:54:dd:c1:ba:a3:8d:e3:7a:78:5c:
16:73:f1:dc:d5:1d:b2:47:1a:39:f2:61:f7:a9:e1:c7:7b:f8:
8b:d3:f7:27:6a:df:5a:98:68:c5:39:77:ff:f6:bc:76:26:2a:
10:0b:83:03
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVuOOjcH9h2XyKI+abbUWoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YjIyZWVhNGE0YTNiODE2NTRhMjI3ZWRhOTRlMGU3NTkz
N2IwMTUwHhcNMjMwMTAxMTY0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTBjNWE1N2U4NTljYTliM2VlNDI4YjQzZTk4OWYwODE2ZmY5MjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/AdcIASx5hHjotg2mbdTVMU1ut2
4HR53mBNgDe4Ow85uR3pJBfu6mPfVm+uvj1JzwFaPqplEVGcnZU5YeL6t4BVlwMj
RXF0QvVa/P3cKpnsvdIPZJK6NHOjfp0LSORINS8XJe+35eqNYCA1jXehdiGaJP9e
7lJTxCHJCYaxnn9zI6IXO8SlMLsPNQFZGhiUp/sdqQ3goNS7NaQ27w7n+ftm9yw9
d50EIVEmW5PxfGR6T11VJdAUo2BBIFLwfFFXZ12l6BY3/iVS1VDYTeQt5WArW8BL
/VAMFpRvb871kaEdJecA88R3OYziKgIdWDFQaH/nzVY8VJQIOprGtgaffQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEoMWlfoWcqbPuQotD6YnwgW/5IlMB8GA1UdIwQY
MBaAFGiyLupKSjuBZUoiftqU4OdZN7AVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUxJdTZrcEtPNEZsU2lKLTJwVGc1MWszc0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82OWNiYzAtYjZjNS00ZTY3LWE3M2It
MmI2NWE3YThiZThjLzEvU2d4YVYtaFp5cHMtNUNpMFBwaWZDQmJfa2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82OWNiYzAtYjZjNS00ZTY3LWE3M2ItMmI2NWE3YThiZThj
LzEvYUxJdTZrcEtPNEZsU2lKLTJwVGc1MWszc0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQBufxwAwQA
ufxzMBsEAgACMBUDBQMqBLgAAwUDKg7nwAMFAyoQpsAwDQYJKoZIhvcNAQELBQAD
ggEBAIRKwuEz711XT3//tXP82bOCSPQA0/mcpy/Um4sGSSByMduMHf3IhKgwnVrb
0F9QBirRpgM6JhULG2sGZ5Quzu2jldfWfBcTWL0eW6/Blj1VRtIIKo+vJmPar3QZ
rTjwotdqeaSgRrhxde2vHXW8xzWt/MGrd34kgPY+jiueW6zrFT+N8O5NRjwHZ+ZF
oeZL67G2WHK29Dy6WmqxsXqjKTJs8B8v2iw4dfTEsPI46noFpW76fw1maoQzwgjz
vG8qzX7T9TsCufd04CZpKX18VN3BuqON43p4XBZz8dzVHbJHGjnyYfep4cd7+IvT
9ydq31qYaMU5d//2vHYmKhALgwM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:31 2025 by rpki-client