Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTw0Yy35PL6yuo1GhctaxFGGyuQ.roa
File: MTw0Yy35PL6yuo1GhctaxFGGyuQ.roa (raw, json)
Hash identifier: Q8beFVYvauL3aEuG3Hl9Ju+BNs8nHXf4mhWgyIVujt8=
Subject key identifier: 31:3C:34:63:2D:F9:3C:BE:B2:BA:8D:46:85:CB:5A:C4:51:86:CA:E4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189AD1E8BCC0DAB6B3D4DDA2A47988D042D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTw0Yy35PL6yuo1GhctaxFGGyuQ.roa
Signing time: Mon 31 Jul 2023 18:03:27 +0000
ROA not before: Mon 31 Jul 2023 18:03:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.222.28.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.147.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:1e:8b:cc:0d:ab:6b:3d:4d:da:2a:47:98:8d:04:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 31 18:03:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=313c34632df93cbeb2ba8d4685cb5ac45186cae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:66:13:4f:2e:b0:eb:a5:91:45:e2:ee:b5:
35:1d:53:ba:7b:40:50:e4:8b:bf:e8:3f:2d:9a:63:
32:71:c9:27:46:a7:e9:2d:65:59:f5:9e:e5:7e:5f:
98:a8:a5:f8:a5:dd:b3:64:2d:a0:9d:3d:a3:05:2e:
26:53:4c:dd:d3:49:65:e9:59:d7:b9:68:42:b2:52:
4d:f1:65:62:37:dc:d0:bd:f9:d9:96:3c:d0:43:41:
f4:ca:a7:a0:15:0e:e1:62:06:9f:af:e7:53:cb:ad:
db:e1:ef:ce:4e:f4:9a:68:8b:79:0e:f1:25:5f:fb:
b1:cc:87:c4:50:8f:74:aa:76:c5:d7:d8:fc:21:3d:
6e:ab:ad:b7:98:56:42:7a:b3:e9:b6:cf:18:4f:15:
9e:5a:70:9e:a6:9e:b9:9e:e2:80:ee:19:28:42:4a:
85:35:6a:65:c6:36:21:b7:1c:e2:27:b3:61:cc:f0:
2a:10:aa:7c:a6:e4:44:6e:14:06:f7:5b:21:23:6b:
e2:ff:2e:7d:89:36:b5:44:40:18:59:c1:2f:f5:5f:
c5:7f:ce:40:dd:1b:e4:a3:03:89:e8:ca:1e:13:6f:
65:e4:79:01:b2:ff:67:e8:00:aa:11:7b:d2:53:e3:
15:b8:3f:bc:f3:ef:8e:02:5b:f8:0a:e0:ec:db:92:
bd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3C:34:63:2D:F9:3C:BE:B2:BA:8D:46:85:CB:5A:C4:51:86:CA:E4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTw0Yy35PL6yuo1GhctaxFGGyuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.220.248.0/24
185.222.28.0/24
185.225.0.0/23
185.226.106.0/24
185.230.52.0/24
185.246.112.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
93:da:d5:77:7c:8c:2a:f3:e4:8e:ea:ec:1a:91:a6:22:51:61:
e8:62:26:4b:f6:1f:f8:b3:36:1d:0a:3f:02:0d:7e:57:b9:7d:
22:9c:35:0b:78:9f:6d:be:ca:8a:ea:27:c6:c9:71:22:a4:1d:
bb:b2:3f:af:03:01:20:5d:03:0a:7a:20:86:ba:3d:8f:eb:33:
ce:4b:28:c4:d1:9e:8f:e3:65:fd:f2:ff:65:fe:44:0e:d0:a8:
1c:d2:66:f9:e5:5e:01:0f:c6:ff:5e:e2:25:d2:b2:71:9e:8a:
6b:e1:d4:55:9d:ca:d5:27:bd:97:5b:09:be:98:a3:55:08:44:
f2:08:c7:ed:7a:13:50:24:e6:5d:25:5d:82:80:4c:0d:eb:9f:
64:fe:b4:df:be:ed:fa:db:13:ec:75:3c:dd:ab:74:4e:a3:0c:
e5:ee:ae:8f:66:67:cd:b0:2b:9f:4a:e2:30:d4:8b:6c:d2:62:
c9:82:30:25:ba:a6:93:a4:08:34:21:11:14:2d:d8:c2:0c:2e:
4b:4d:35:1c:c3:b6:ed:72:9e:ee:4f:18:f9:41:70:07:ad:d5:
fc:c7:76:8a:d1:bc:e6:93:9a:e6:47:3b:22:81:3d:ff:f2:11:
f9:e4:8e:db:06:85:13:57:5b:06:1d:be:cb:1f:6c:4b:19:8d:
bc:4d:5a:d8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYmtHovMDatrPU3aKkeYjQQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzMxMTgwMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNjMzQ2MzJkZjkzY2JlYjJiYThkNDY4NWNiNWFjNDUxODZjYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWBmE08usOulkUXi7rU1HVO6e0BQ
5Iu/6D8tmmMyccknRqfpLWVZ9Z7lfl+YqKX4pd2zZC2gnT2jBS4mU0zd00ll6VnX
uWhCslJN8WViN9zQvfnZljzQQ0H0yqegFQ7hYgafr+dTy63b4e/OTvSaaIt5DvEl
X/uxzIfEUI90qnbF19j8IT1uq623mFZCerPpts8YTxWeWnCepp65nuKA7hkoQkqF
NWplxjYhtxziJ7NhzPAqEKp8puREbhQG91shI2vi/y59iTa1REAYWcEv9V/Ff85A
3RvkowOJ6MoeE29l5HkBsv9n6ACqEXvSU+MVuD+88++OAlv4CuDs25K9hQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDE8NGMt+Ty+srqNRoXLWsRRhsrkMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTVR3MFl5MzVQTDZ5dW8xR2hjdGF4RkdHeXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQgVAwQA
LZPgAwQAudz4AwQAud4cAwQBueEAAwQAueJqAwQAueY0AwQAufZwAwQAufvlAwQB
wTqSMA0GCSqGSIb3DQEBCwUAA4IBAQCT2tV3fIwq8+SO6uwakaYiUWHoYiZL9h/4
szYdCj8CDX5XuX0inDULeJ9tvsqK6ifGyXEipB27sj+vAwEgXQMKeiCGuj2P6zPO
SyjE0Z6P42X98v9l/kQO0Kgc0mb55V4BD8b/XuIl0rJxnopr4dRVncrVJ72XWwm+
mKNVCETyCMftehNQJOZdJV2CgEwN659k/rTfvu362xPsdTzdq3ROowzl7q6PZmfN
sCufSuIw1Its0mLJgjAluqaTpAg0IREULdjCDC5LTTUcw7btcp7uTxj5QXAHrdX8
x3aK0bzmk5rmRzsigT3/8hH55I7bBoUTV1sGHb7LH2xLGY28TVrY
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:28:07 2025 by rpki-client