Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/ESuy8ObjKP5IOVxp1b6yunM3P5M.roa
File: ESuy8ObjKP5IOVxp1b6yunM3P5M.roa (raw, json)
Hash identifier: MjV9hOJTgrxCZoKZReUSKJA5VXTEApqCuqrpqC1Kh+0=
Subject key identifier: 11:2B:B2:F0:E6:E3:28:FE:48:39:5C:69:D5:BE:B2:BA:73:37:3F:93
Certificate issuer: /CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Certificate serial: 0185704BAD1A919F4A2AD5B42F8097606A3B
Authority key identifier: 90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/ESuy8ObjKP5IOVxp1b6yunM3P5M.roa
Signing time: Mon 02 Jan 2023 02:24:45 +0000
ROA not before: Mon 02 Jan 2023 02:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203339
IP address blocks: 185.220.118.0/24 maxlen: 24
185.220.116.0/24 maxlen: 24
185.220.117.0/24 maxlen: 24
84.38.128.0/24 maxlen: 24
2a0b:f6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:ad:1a:91:9f:4a:2a:d5:b4:2f:80:97:60:6a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f273a63c51eaf3f9e5ae7b9faafdb2931340df
Validity
Not Before: Jan 2 02:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=112bb2f0e6e328fe48395c69d5beb2ba73373f93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3c:49:62:66:ee:a1:74:fb:7a:b5:2f:37:7c:
39:fe:c3:e9:10:e2:6e:27:71:aa:8c:26:80:dd:8f:
4c:59:a3:2e:fa:01:01:a2:57:6d:a2:3a:34:4e:8a:
8c:92:52:06:8a:f5:bc:b6:cc:a0:5e:66:3e:fd:e7:
92:84:b9:25:b8:a3:59:1a:3f:b1:f0:93:25:c3:ae:
eb:04:68:cc:c5:04:1e:79:8a:e8:81:dc:bf:c6:09:
89:d1:0c:5f:69:76:b3:0a:ce:e2:b5:4e:3b:6e:93:
26:1d:1f:3f:73:b5:84:9c:9d:ba:9d:4d:78:28:fe:
2e:2f:53:11:dd:01:8f:fa:f2:60:b4:bf:f7:a7:2c:
78:07:3b:76:9b:6f:6f:79:08:18:bb:e0:1b:07:c7:
e1:ac:28:95:20:4a:d3:29:7d:54:d8:cc:c7:5d:9b:
01:f8:dd:eb:f9:0f:bd:87:ed:b4:2d:28:9b:c1:57:
7b:d7:5b:3b:c4:04:0e:60:3c:89:e9:cf:c3:f9:3b:
71:a8:7e:bb:f6:3a:49:3b:7e:01:dc:bf:26:36:69:
43:23:ed:ba:13:ce:bb:65:58:19:0e:ba:26:ed:b5:
93:12:39:fe:ad:95:1d:af:63:e1:f3:17:ee:23:23:
71:e6:3c:14:d1:3b:e0:78:94:48:c8:2d:37:cc:cc:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2B:B2:F0:E6:E3:28:FE:48:39:5C:69:D5:BE:B2:BA:73:37:3F:93
X509v3 Authority Key Identifier:
keyid:90:F2:73:A6:3C:51:EA:F3:F9:E5:AE:7B:9F:AA:FD:B2:93:13:40:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJzpjxR6vP55a57n6r9spMTQN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/ESuy8ObjKP5IOVxp1b6yunM3P5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/bc676b-c0b6-4fbb-933f-5082c28b715f/1/kPJzpjxR6vP55a57n6r9spMTQN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.128.0/24
185.220.116.0-185.220.118.255
IPv6:
2a0b:f6c0::/48
Signature Algorithm: sha256WithRSAEncryption
30:1d:18:2e:e3:83:51:a0:ea:7f:22:98:63:3d:57:dc:16:42:
6e:62:77:b9:27:a2:6f:d8:35:b8:e3:82:dd:bc:7d:da:59:9a:
eb:35:5e:fa:88:8f:05:53:7e:bb:02:3e:c3:74:c7:95:1d:e3:
02:56:2e:84:2f:94:70:12:e5:24:2e:29:42:ff:3a:20:76:82:
1a:4b:73:20:21:24:62:3b:d6:f8:4a:5c:eb:b8:06:21:08:1f:
90:a2:17:a9:7f:6f:36:84:6d:6c:c0:bb:eb:92:7a:d4:70:d1:
89:50:da:90:09:ba:35:4a:59:ef:8b:ec:e4:cc:76:49:62:b7:
77:0c:1b:5c:08:34:a6:94:ae:c0:0f:42:1c:90:07:d0:4f:70:
a3:16:9a:fa:bb:76:87:19:d7:21:d6:13:8a:1f:d3:b8:81:8b:
d2:68:94:e3:7b:0e:73:96:36:a7:2b:af:ee:9c:31:45:6c:eb:
c5:00:69:22:23:98:a7:2e:35:f7:f7:3a:2c:94:87:4a:66:da:
70:1e:86:54:07:5f:49:92:cc:1d:1e:ac:66:a1:41:85:b7:fe:
8f:c1:0b:03:11:d3:76:f4:91:b3:2e:73:d6:cb:ba:98:02:d0:
a1:99:14:e1:ff:44:eb:57:8a:29:d0:0e:64:e3:5f:5d:15:3b:
9f:63:8d:66
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVwS60akZ9KKtW0L4CXYGo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI3M2E2M2M1MWVhZjNmOWU1YWU3YjlmYWFmZGIyOTMx
MzQwZGYwHhcNMjMwMTAyMDIyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJiYjJmMGU2ZTMyOGZlNDgzOTVjNjlkNWJlYjJiYTczMzczZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDxJYmbuoXT7erUvN3w5/sPpEOJu
J3GqjCaA3Y9MWaMu+gEBoldtojo0ToqMklIGivW8tsygXmY+/eeShLkluKNZGj+x
8JMlw67rBGjMxQQeeYrogdy/xgmJ0QxfaXazCs7itU47bpMmHR8/c7WEnJ26nU14
KP4uL1MR3QGP+vJgtL/3pyx4Bzt2m29veQgYu+AbB8fhrCiVIErTKX1U2MzHXZsB
+N3r+Q+9h+20LSibwVd711s7xAQOYDyJ6c/D+TtxqH679jpJO34B3L8mNmlDI+26
E867ZVgZDrom7bWTEjn+rZUdr2Ph8xfuIyNx5jwU0TvgeJRIyC03zMyH8wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFBErsvDm4yj+SDlcadW+srpzNz+TMB8GA1UdIwQY
MBaAFJDyc6Y8Uerz+eWue5+q/bKTE0DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2Yt
NTA4MmMyOGI3MTVmLzEvRVN1eThPYmpLUDVJT1Z4cDFiNnl1bk0zUDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iYzY3NmItYzBiNi00ZmJiLTkzM2YtNTA4MmMyOGI3MTVm
LzEva1BKenBqeFI2dlA1NWE1N242cjlzcE1UUU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAVCaAMAwD
BAK53HQDBAC53HYwDwQCAAIwCQMHACoL9sAAADANBgkqhkiG9w0BAQsFAAOCAQEA
MB0YLuODUaDqfyKYYz1X3BZCbmJ3uSeib9g1uOOC3bx92lma6zVe+oiPBVN+uwI+
w3THlR3jAlYuhC+UcBLlJC4pQv86IHaCGktzICEkYjvW+Epc67gGIQgfkKIXqX9v
NoRtbMC765J61HDRiVDakAm6NUpZ74vs5Mx2SWK3dwwbXAg0ppSuwA9CHJAH0E9w
oxaa+rt2hxnXIdYTih/TuIGL0miU43sOc5Y2pyuv7pwxRWzrxQBpIiOYpy419/c6
LJSHSmbacB6GVAdfSZLMHR6sZqFBhbf+j8ELAxHTdvSRsy5z1su6mALQoZkU4f9E
61eKKdAOZONfXRU7n2ONZg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:19 2025 by rpki-client