Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/52d75c-e8a0-4ec8-b00f-03586523b133/1/c0Bl7adm-LGqKII7IN5MEdbBya8.roa
File: c0Bl7adm-LGqKII7IN5MEdbBya8.roa (raw, json)
Hash identifier: J473FLzys0Hju/g/zswCZwf+u17YmH6GGb1lukZKhW0=
Subject key identifier: 73:40:65:ED:A7:66:F8:B1:AA:28:82:3B:20:DE:4C:11:D6:C1:C9:AF
Certificate issuer: /CN=c87474ceb85af31122ede586d4d65b0f5b4d97f0
Certificate serial: 0184796FD95FBDBC7055C271A685670D03C3
Authority key identifier: C8:74:74:CE:B8:5A:F3:11:22:ED:E5:86:D4:D6:5B:0F:5B:4D:97:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHR0zrha8xEi7eWG1NZbD1tNl_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/52d75c-e8a0-4ec8-b00f-03586523b133/1/c0Bl7adm-LGqKII7IN5MEdbBya8.roa
Signing time: Tue 15 Nov 2022 03:58:03 +0000
ROA not before: Tue 15 Nov 2022 03:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51661
IP address blocks: 94.124.106.192/29 maxlen: 29
185.160.20.0/25 maxlen: 25
185.160.20.0/24 maxlen: 24
185.160.23.0/24 maxlen: 24
185.160.21.0/24 maxlen: 24
2a02:1d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:79:6f:d9:5f:bd:bc:70:55:c2:71:a6:85:67:0d:03:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87474ceb85af31122ede586d4d65b0f5b4d97f0
Validity
Not Before: Nov 15 03:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=734065eda766f8b1aa28823b20de4c11d6c1c9af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4e:ee:99:c9:02:ba:63:b5:de:d0:2a:ba:7c:
8a:51:f3:88:2f:7e:17:d0:6f:f6:b4:d9:17:3f:0d:
64:0f:7e:91:44:84:87:50:a6:d7:ce:1b:d3:a0:02:
94:13:96:f2:57:6e:ae:32:f8:07:8c:49:4f:d4:23:
e0:d5:bc:89:d7:a9:47:56:4c:23:3f:74:0e:92:21:
73:48:6a:77:df:d0:d6:25:82:20:cd:a4:63:4f:34:
81:66:68:47:cb:25:27:db:af:af:80:b4:5d:15:78:
86:73:bc:e2:4d:a0:af:a2:fe:7d:af:a7:ae:c0:18:
13:be:b5:ae:d4:2a:95:ac:e6:ca:f7:c6:9c:6d:fd:
ea:e4:17:b9:d4:d2:ed:64:fc:5f:dc:63:fb:5d:4c:
56:34:b3:a3:69:e0:6c:54:f7:78:10:08:91:02:c6:
d9:d8:f4:2a:c3:81:07:3b:95:86:c4:7d:7a:c1:aa:
75:a7:b3:50:c1:02:ce:3a:39:97:5b:e7:c4:d3:c1:
38:b7:45:67:0f:bc:35:2c:81:b5:d5:67:d9:0c:a1:
65:fb:71:46:74:0f:73:ab:b1:12:5c:01:f3:c2:d3:
e0:91:9f:e0:0e:36:b2:04:ec:02:44:32:1f:aa:a0:
44:76:e9:ae:ce:35:6d:89:0c:41:be:95:ed:bb:02:
f6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:40:65:ED:A7:66:F8:B1:AA:28:82:3B:20:DE:4C:11:D6:C1:C9:AF
X509v3 Authority Key Identifier:
keyid:C8:74:74:CE:B8:5A:F3:11:22:ED:E5:86:D4:D6:5B:0F:5B:4D:97:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHR0zrha8xEi7eWG1NZbD1tNl_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/52d75c-e8a0-4ec8-b00f-03586523b133/1/c0Bl7adm-LGqKII7IN5MEdbBya8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/52d75c-e8a0-4ec8-b00f-03586523b133/1/yHR0zrha8xEi7eWG1NZbD1tNl_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.106.192/29
185.160.20.0/23
185.160.23.0/24
IPv6:
2a02:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:40:9b:c3:fc:e6:d7:45:d1:d8:da:f4:3b:9d:03:f5:6f:42:
eb:56:8d:55:54:db:72:46:bd:8d:9c:ee:0f:b1:42:7e:a3:0e:
d7:b8:88:11:71:ff:88:fc:06:f1:0a:be:6c:03:cf:90:26:da:
37:86:a5:f9:80:77:30:82:04:b1:98:cf:2d:c9:4b:90:bc:13:
8e:92:0f:5a:48:1a:a2:11:01:af:e3:f2:80:57:7c:f2:97:c8:
57:be:17:40:96:2f:75:e1:d9:d5:d9:2e:59:93:be:b8:3f:b5:
c2:f3:6b:49:3d:fb:f4:66:23:03:8e:59:9d:c4:eb:ab:26:67:
57:d4:f2:ed:bc:41:d7:5a:5f:04:2c:ad:29:e6:62:fc:2e:98:
79:b9:90:42:29:55:d0:7c:63:0b:7a:81:80:ff:da:6d:0d:68:
aa:3c:96:1a:17:c7:a9:c5:f4:5f:59:a8:aa:e6:91:35:ff:53:
20:8d:74:83:13:b6:33:e9:9f:39:64:18:2d:4a:ad:01:64:2c:
ac:4d:7a:66:78:cb:76:0a:55:50:a4:d6:12:e4:db:11:8c:0c:
af:a0:10:38:a6:74:3a:cb:ea:36:0e:a5:8c:a1:90:7f:e5:4d:
90:e0:9e:5d:1d:e9:cf:f5:b7:fe:3b:1d:3f:d6:c4:29:d6:cc:
c5:88:be:02
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYR5b9lfvbxwVcJxpoVnDQPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzQ3NGNlYjg1YWYzMTEyMmVkZTU4NmQ0ZDY1YjBmNWI0
ZDk3ZjAwHhcNMjIxMTE1MDM1ODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQwNjVlZGE3NjZmOGIxYWEyODgyM2IyMGRlNGMxMWQ2YzFjOWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU7umckCumO13tAqunyKUfOIL34X
0G/2tNkXPw1kD36RRISHUKbXzhvToAKUE5byV26uMvgHjElP1CPg1byJ16lHVkwj
P3QOkiFzSGp339DWJYIgzaRjTzSBZmhHyyUn26+vgLRdFXiGc7ziTaCvov59r6eu
wBgTvrWu1CqVrObK98acbf3q5Be51NLtZPxf3GP7XUxWNLOjaeBsVPd4EAiRAsbZ
2PQqw4EHO5WGxH16wap1p7NQwQLOOjmXW+fE08E4t0VnD7w1LIG11WfZDKFl+3FG
dA9zq7ESXAHzwtPgkZ/gDjayBOwCRDIfqqBEdumuzjVtiQxBvpXtuwL2ywIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHNAZe2nZvixqiiCOyDeTBHWwcmvMB8GA1UdIwQY
MBaAFMh0dM64WvMRIu3lhtTWWw9bTZfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhSMHpyaGE4eEVpN2VXRzFOWmJEMXRObF9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MmQ3NWMtZThhMC00ZWM4LWIwMGYt
MDM1ODY1MjNiMTMzLzEvYzBCbDdhZG0tTEdxS0lJN0lONU1FZGJCeWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MmQ3NWMtZThhMC00ZWM4LWIwMGYtMDM1ODY1MjNiMTMz
LzEveUhSMHpyaGE4eEVpN2VXRzFOWmJEMXRObF9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwUDXnxqwAME
AbmgFAMEALmgFzANBAIAAjAHAwUAKgIB0DANBgkqhkiG9w0BAQsFAAOCAQEAsUCb
w/zm10XR2Nr0O50D9W9C61aNVVTbcka9jZzuD7FCfqMO17iIEXH/iPwG8Qq+bAPP
kCbaN4al+YB3MIIEsZjPLclLkLwTjpIPWkgaohEBr+PygFd88pfIV74XQJYvdeHZ
1dkuWZO+uD+1wvNrST379GYjA45ZncTrqyZnV9Ty7bxB11pfBCytKeZi/C6YebmQ
QilV0HxjC3qBgP/abQ1oqjyWGhfHqcX0X1moquaRNf9TII10gxO2M+mfOWQYLUqt
AWQsrE16ZnjLdgpVUKTWEuTbEYwMr6AQOKZ0OsvqNg6ljKGQf+VNkOCeXR3pz/W3
/jsdP9bEKdbMxYi+Ag==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:11:52 2025 by rpki-client