Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/za1ugLjNx67rQPZ5TrHWeBuUxqc.roa
File: za1ugLjNx67rQPZ5TrHWeBuUxqc.roa (raw, json)
Hash identifier: 2G+CPr1RxGq/NBGFU7zMt6uvHMI/hwd9b+cRkQ7aQAo=
Subject key identifier: CD:AD:6E:80:B8:CD:C7:AE:EB:40:F6:79:4E:B1:D6:78:1B:94:C6:A7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018906B5FF798C533C6806C93A0CA72DDA27
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/za1ugLjNx67rQPZ5TrHWeBuUxqc.roa
Signing time: Thu 29 Jun 2023 10:32:17 +0000
ROA not before: Thu 29 Jun 2023 10:32:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 185.209.38.0/24 maxlen: 24
185.218.103.0/24 maxlen: 24
185.209.39.0/24 maxlen: 24
185.226.106.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:b5:ff:79:8c:53:3c:68:06:c9:3a:0c:a7:2d:da:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 29 10:32:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdad6e80b8cdc7aeeb40f6794eb1d6781b94c6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:f0:a1:ed:39:67:8b:a4:ce:a4:25:35:f9:
02:1a:72:05:1e:44:c3:23:86:8f:05:a5:77:c0:c1:
4d:b0:af:b4:b7:f0:f0:1d:d4:55:11:5d:c2:da:7e:
c9:66:d3:f6:b7:50:18:df:52:54:d6:d0:8e:20:a4:
88:60:08:4c:3e:0f:e0:6b:d1:eb:89:33:37:58:05:
fe:38:6d:17:83:5b:c9:fb:76:b0:32:89:1b:db:40:
09:70:2e:b7:61:ea:82:e1:9e:17:61:10:f1:2a:ff:
d1:4b:aa:ab:ba:66:cd:32:f0:7c:f4:a5:b9:b5:b3:
85:62:9c:30:ca:84:6d:7f:0c:5b:c7:b9:f0:39:30:
eb:02:bc:70:27:44:64:7f:93:8c:21:41:c8:e1:91:
90:dc:50:9c:1c:39:bd:32:79:c2:17:a0:88:a5:8a:
65:6f:51:95:58:a9:e9:d5:9c:2f:ac:41:a9:dd:92:
ba:82:1e:39:6e:19:1d:cf:3b:05:92:98:99:d2:28:
2d:c2:21:67:29:6a:38:eb:5d:eb:5f:35:fa:6d:b1:
6d:04:af:c1:91:5e:2f:aa:82:17:ed:5e:9f:e1:7f:
d8:55:0d:bb:da:01:97:69:1d:15:ac:85:fc:e0:3b:
40:48:89:35:b8:23:3b:88:41:e9:9b:9b:60:68:7d:
22:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AD:6E:80:B8:CD:C7:AE:EB:40:F6:79:4E:B1:D6:78:1B:94:C6:A7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/za1ugLjNx67rQPZ5TrHWeBuUxqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.38.0/23
185.214.100.0/24
185.214.102.0/24
185.218.103.0/24
185.226.106.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:57:f0:ca:0b:40:2b:a3:b5:c9:37:bd:b8:98:0c:b5:c4:55:
4a:c9:d6:da:18:b1:1f:d5:76:16:07:44:a3:19:df:9d:42:8f:
c1:29:01:9b:60:f8:a6:1c:28:58:6b:3d:db:9d:8b:d8:87:4b:
1c:65:b5:78:76:04:ea:e5:5d:85:88:65:89:1e:c1:66:83:6d:
a2:1b:c9:01:9f:30:ea:34:20:0a:10:dd:80:55:27:3f:84:74:
1a:b3:2e:cf:10:ab:95:30:5b:96:3d:d5:ff:d0:0c:4d:76:47:
1a:5f:22:57:ab:d0:9f:b6:66:ca:d0:d5:d4:82:ca:2a:2c:84:
df:50:68:5c:d6:74:40:5b:67:5c:a6:28:cd:be:f3:06:5c:c5:
40:bb:60:82:6f:b7:c7:37:c5:21:cd:81:c0:4a:b5:96:56:94:
32:13:70:23:ca:23:c0:ca:45:a8:91:a4:de:d4:ef:a9:8f:ec:
67:c6:ce:8d:ab:f9:de:0c:46:e6:db:01:4e:76:4e:68:cd:f8:
34:91:86:29:d3:b5:62:6a:5f:e4:74:3e:db:a2:86:0b:44:ba:
48:ac:10:0f:78:d0:94:28:8a:c3:fb:6f:99:23:bf:3f:6f:0f:
9f:ab:46:89:1d:ab:6d:ca:91:43:4a:34:da:77:40:21:20:c9:
1c:f0:d1:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkGtf95jFM8aAbJOgynLdonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjI5MTAzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFkNmU4MGI4Y2RjN2FlZWI0MGY2Nzk0ZWIxZDY3ODFiOTRjNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzizwoe05Z4ukzqQlNfkCGnIFHkTD
I4aPBaV3wMFNsK+0t/DwHdRVEV3C2n7JZtP2t1AY31JU1tCOIKSIYAhMPg/ga9Hr
iTM3WAX+OG0Xg1vJ+3awMokb20AJcC63YeqC4Z4XYRDxKv/RS6qrumbNMvB89KW5
tbOFYpwwyoRtfwxbx7nwOTDrArxwJ0Rkf5OMIUHI4ZGQ3FCcHDm9MnnCF6CIpYpl
b1GVWKnp1ZwvrEGp3ZK6gh45bhkdzzsFkpiZ0igtwiFnKWo4613rXzX6bbFtBK/B
kV4vqoIX7V6f4X/YVQ272gGXaR0VrIX84DtASIk1uCM7iEHpm5tgaH0imQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM2tboC4zceu60D2eU6x1ngblManMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvemExdWdMak54NjdyUVBaNVRySFdlQnVVeHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudEmAwQA
udZkAwQAudZmAwQAudpnAwQAueJqMA0GCSqGSIb3DQEBCwUAA4IBAQBOV/DKC0Ar
o7XJN724mAy1xFVKydbaGLEf1XYWB0SjGd+dQo/BKQGbYPimHChYaz3bnYvYh0sc
ZbV4dgTq5V2FiGWJHsFmg22iG8kBnzDqNCAKEN2AVSc/hHQasy7PEKuVMFuWPdX/
0AxNdkcaXyJXq9CftmbK0NXUgsoqLITfUGhc1nRAW2dcpijNvvMGXMVAu2CCb7fH
N8UhzYHASrWWVpQyE3AjyiPAykWokaTe1O+pj+xnxs6Nq/neDEbm2wFOdk5ozfg0
kYYp07Vial/kdD7booYLRLpIrBAPeNCUKIrD+2+ZI78/bw+fq0aJHattypFDSjTa
d0AhIMkc8NE6
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:38:58 2025 by rpki-client