Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/JhP8F6dnbLMyvDDxpzAMmhgVjAg.roa
File: JhP8F6dnbLMyvDDxpzAMmhgVjAg.roa (raw, json)
Hash identifier: 2x3baIUAxHMfb6N9Qz6cSLk5Pr+0k7kwJK7ZLulUzOE=
Subject key identifier: 26:13:FC:17:A7:67:6C:B3:32:BC:30:F1:A7:30:0C:9A:18:15:8C:08
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 0185CF595A6924A7E2CB181DE078254B8C8A
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/JhP8F6dnbLMyvDDxpzAMmhgVjAg.roa
Signing time: Fri 20 Jan 2023 13:23:37 +0000
ROA not before: Fri 20 Jan 2023 13:23:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204139
IP address blocks: 185.129.22.0/23 maxlen: 23
185.129.20.0/23 maxlen: 23
185.128.178.0/23 maxlen: 23
185.128.176.0/23 maxlen: 23
185.122.124.0/23 maxlen: 23
185.122.128.0/23 maxlen: 23
185.122.126.0/23 maxlen: 23
185.116.174.0/24 maxlen: 24
185.128.134.0/23 maxlen: 23
185.123.240.0/23 maxlen: 23
185.123.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:59:5a:69:24:a7:e2:cb:18:1d:e0:78:25:4b:8c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 20 13:23:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2613fc17a7676cb332bc30f1a7300c9a18158c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:10:92:e6:f9:0e:08:fd:21:b5:86:bf:41:2a:
2d:1b:68:7b:b0:c7:31:52:02:08:86:66:a5:26:6a:
cc:e5:ab:37:39:29:6c:3d:b6:6a:98:a8:29:1d:61:
81:89:1b:21:02:95:24:9c:e0:09:b8:df:89:87:cf:
21:46:6b:9e:b6:a4:6d:96:b5:73:34:83:5f:2a:f2:
0a:d0:d4:24:c6:34:7f:88:46:81:e1:d7:57:51:05:
c4:85:5c:96:ae:40:67:87:fa:ab:a1:a9:ce:34:45:
0f:d0:68:e3:b8:c1:66:04:9f:4c:8e:0c:b8:eb:ba:
1c:63:04:27:37:a2:e2:a1:88:5a:8e:af:64:ba:07:
4c:56:4a:b1:a1:e0:5e:bc:44:e6:68:d9:7d:98:fd:
b8:7f:af:38:32:40:63:e9:3f:2b:bc:4d:2d:8a:71:
91:59:ab:73:af:50:34:55:24:4f:c6:94:b3:2d:d4:
2d:eb:3d:aa:d1:61:22:d1:71:4e:1b:9f:39:77:e8:
f8:dc:a2:87:1e:70:3b:26:ab:9e:71:2b:ab:f3:f9:
b5:dc:ce:8a:55:c0:30:93:df:66:71:4b:03:48:0b:
d5:3d:07:bc:73:b9:55:f2:b9:76:14:f4:23:24:72:
be:2f:c8:12:19:06:26:f2:b6:d7:aa:3c:93:9c:57:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:13:FC:17:A7:67:6C:B3:32:BC:30:F1:A7:30:0C:9A:18:15:8C:08
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/JhP8F6dnbLMyvDDxpzAMmhgVjAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.174.0/24
185.122.124.0-185.122.129.255
185.123.240.0/22
185.128.134.0/23
185.128.176.0/22
185.129.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:2d:ab:e7:4f:15:b2:b0:0d:b4:af:16:2d:2f:89:d6:b5:54:
88:b8:24:7f:fd:50:23:6d:44:5d:37:01:b0:15:79:07:4b:46:
0c:62:45:60:00:f4:7a:14:2a:15:f2:22:af:b6:1e:0e:9d:a0:
ca:a3:03:ac:b3:4c:92:6b:ff:dc:6f:93:f0:81:3f:0e:d2:3c:
81:76:88:be:62:b9:2b:a6:89:9f:1b:ad:72:6c:b2:0a:64:e7:
aa:8d:02:08:89:61:75:1a:ee:ea:bd:c1:b7:3e:11:13:32:5e:
4f:1e:9f:06:7c:3e:86:b3:3b:de:a9:ef:4b:da:14:c8:91:26:
9a:1f:3b:7a:fe:77:c7:a5:64:6b:e0:22:6f:df:5d:a7:75:22:
fa:ae:21:ad:ed:0c:69:b6:e7:b8:7c:0d:7e:c3:01:04:68:b6:
bd:18:63:63:a2:34:75:2b:e5:aa:d2:98:a7:c7:3f:d9:b1:df:
2e:77:79:7e:31:d8:9d:fd:6a:d1:f2:68:32:bf:67:b6:8d:2f:
f2:d4:e8:d0:a7:a3:46:37:a7:4e:02:f7:4d:74:15:a4:9f:24:
14:c8:98:41:ed:17:b3:8e:ed:03:fa:84:47:a3:b3:b5:c4:5c:
fd:4a:4b:18:3b:f1:c0:31:e4:f8:9a:aa:bf:b0:16:45:2f:1a:
e6:11:20:2a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYXPWVppJKfiyxgd4HglS4yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwMTIwMTMyMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEzZmMxN2E3Njc2Y2IzMzJiYzMwZjFhNzMwMGM5YTE4MTU4YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBCS5vkOCP0htYa/QSotG2h7sMcx
UgIIhmalJmrM5as3OSlsPbZqmKgpHWGBiRshApUknOAJuN+Jh88hRmuetqRtlrVz
NINfKvIK0NQkxjR/iEaB4ddXUQXEhVyWrkBnh/qroanONEUP0GjjuMFmBJ9Mjgy4
67ocYwQnN6LioYhajq9kugdMVkqxoeBevETmaNl9mP24f684MkBj6T8rvE0tinGR
Watzr1A0VSRPxpSzLdQt6z2q0WEi0XFOG585d+j43KKHHnA7JquecSur8/m13M6K
VcAwk99mcUsDSAvVPQe8c7lV8rl2FPQjJHK+L8gSGQYm8rbXqjyTnFc4UQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCYT/BenZ2yzMrww8acwDJoYFYwIMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvSmhQOEY2ZG5iTE15dkREeHB6QU1taGdWakFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAuXSuMAwD
BAK5enwDBAG5eoADBAK5e/ADBAG5gIYDBAK5gLADBAK5gRQwDQYJKoZIhvcNAQEL
BQADggEBALYtq+dPFbKwDbSvFi0vida1VIi4JH/9UCNtRF03AbAVeQdLRgxiRWAA
9HoUKhXyIq+2Hg6doMqjA6yzTJJr/9xvk/CBPw7SPIF2iL5iuSumiZ8brXJssgpk
56qNAgiJYXUa7uq9wbc+ERMyXk8enwZ8PoazO96p70vaFMiRJpofO3r+d8elZGvg
Im/fXad1IvquIa3tDGm257h8DX7DAQRotr0YY2OiNHUr5arSmKfHP9mx3y53eX4x
2J39atHyaDK/Z7aNL/LU6NCno0Y3p04C9010FaSfJBTImEHtF7OO7QP6hEejs7XE
XP1KSxg78cAx5Piaqr+wFkUvGuYRICo=
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:04:34 2025 by rpki-client