Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/6Vzp2GGWcSGW4-abPbZzYmusgCQ.roa
File: 6Vzp2GGWcSGW4-abPbZzYmusgCQ.roa (raw, json)
Hash identifier: Dqs8GZCTSyFI8WgEhYNTVFSSSRWvwu0JQcoxmKgBQ1k=
Subject key identifier: E9:5C:E9:D8:61:96:71:21:96:E3:E6:9B:3D:B6:73:62:6B:AC:80:24
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 018AA8509E7AB79F54E0E5791DCCEF61F4BA
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/6Vzp2GGWcSGW4-abPbZzYmusgCQ.roa
Signing time: Mon 18 Sep 2023 12:42:50 +0000
ROA not before: Mon 18 Sep 2023 12:42:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/30 maxlen: 30
185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
185.220.137.4/30 maxlen: 30
185.220.136.16/29 maxlen: 29
185.220.137.8/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a8:50:9e:7a:b7:9f:54:e0:e5:79:1d:cc:ef:61:f4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Sep 18 12:42:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e95ce9d86196712196e3e69b3db673626bac8024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:be:36:f9:9e:e1:f3:f7:26:2a:07:a7:df:4d:
6d:ec:f5:02:40:ae:52:ca:6c:22:48:ec:e0:1a:42:
0b:5a:d9:03:95:b8:97:0b:70:e7:68:1f:f6:91:1e:
4a:bd:24:14:f6:5c:a2:a6:c7:4d:a9:7c:a7:9b:56:
37:b0:c7:0d:92:d4:91:a7:a4:14:2e:eb:31:4c:8a:
97:09:95:11:a5:d6:70:8d:7c:85:e3:c6:ff:78:40:
a9:07:1e:81:b1:04:51:2b:b2:c6:82:c8:01:a6:f8:
4d:c8:11:be:0d:58:05:4e:f7:a2:db:5f:5c:5a:87:
3a:e0:da:3a:10:8a:ad:5e:ba:a5:ff:3c:d3:ab:58:
1f:ef:03:cf:f0:98:d4:46:72:ff:bf:c4:57:0f:d7:
99:ea:fe:5c:bf:2d:05:dd:f9:3d:1b:9c:ae:62:7a:
d7:6d:d7:2a:f4:c7:dc:ce:29:3e:5b:42:8e:16:7a:
af:ea:e5:5f:2c:86:d6:ea:39:27:ff:d6:f4:87:e3:
af:05:75:d4:18:7a:2c:ed:62:0d:cf:9d:29:f2:96:
7f:0c:70:c0:69:c1:cc:0b:04:ea:8f:b6:5d:ef:6f:
32:8b:f8:dc:5e:0f:b9:d5:d2:3d:18:44:12:38:57:
26:43:10:73:ce:94:2e:07:9a:32:16:18:58:32:e8:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5C:E9:D8:61:96:71:21:96:E3:E6:9B:3D:B6:73:62:6B:AC:80:24
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/6Vzp2GGWcSGW4-abPbZzYmusgCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:1f:5f:4e:fd:e4:60:5a:7b:8e:1c:c5:b1:9a:41:2d:f2:ec:
ec:65:80:76:80:ae:61:c5:36:b8:98:7d:5a:41:b4:0e:e8:c5:
62:10:e8:32:b4:89:73:58:95:85:00:92:ad:63:e9:2c:f6:22:
e1:26:20:f1:66:64:8f:36:70:e9:ad:0f:60:94:1f:45:48:42:
21:64:3a:07:80:8d:69:7b:7d:38:43:46:ee:b8:2a:70:9b:82:
bb:75:96:27:b2:f5:58:74:88:6b:1c:24:e7:a5:bc:76:95:a7:
26:7a:7d:62:90:b0:c2:75:bf:e1:c5:7d:ac:da:1a:76:ad:44:
a9:2f:40:52:0d:e2:4b:1c:7d:25:32:d7:7c:70:37:3a:0c:91:
01:d8:ca:9a:1e:56:46:59:d7:ef:30:4a:95:45:c0:84:5c:ef:
e9:d9:06:b9:d9:20:3f:0e:47:41:de:e4:9b:72:3d:2d:f5:f5:
79:8d:66:98:bd:5d:41:52:3c:57:9e:84:07:f2:99:32:4f:6f:
32:25:f1:7c:92:d6:72:c6:56:50:b7:90:8b:32:78:25:2b:2f:
a1:48:ca:d5:33:54:50:dc:37:fe:af:3c:6a:96:b0:ad:3a:bd:
c7:af:dc:08:41:3b:48:47:fa:b7:09:4b:a7:ba:14:26:c1:02:
49:17:39:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqoUJ56t59U4OV5HczvYfS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwOTE4MTI0MjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTVjZTlkODYxOTY3MTIxOTZlM2U2OWIzZGI2NzM2MjZiYWM4MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb42+Z7h8/cmKgen301t7PUCQK5S
ymwiSOzgGkILWtkDlbiXC3DnaB/2kR5KvSQU9lyipsdNqXynm1Y3sMcNktSRp6QU
LusxTIqXCZURpdZwjXyF48b/eECpBx6BsQRRK7LGgsgBpvhNyBG+DVgFTvei219c
Woc64No6EIqtXrql/zzTq1gf7wPP8JjURnL/v8RXD9eZ6v5cvy0F3fk9G5yuYnrX
bdcq9Mfczik+W0KOFnqv6uVfLIbW6jkn/9b0h+OvBXXUGHos7WINz50p8pZ/DHDA
acHMCwTqj7Zd728yi/jcXg+51dI9GEQSOFcmQxBzzpQuB5oyFhhYMujuKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOlc6dhhlnEhluPmmz22c2JrrIAkMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvNlZ6cDJHR1djU0dXNC1hYlBiWnpZbXVzZ0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQAdH19O/eRgWnuOHMWxmkEt8uzsZYB2gK5hxTa4mH1a
QbQO6MViEOgytIlzWJWFAJKtY+ks9iLhJiDxZmSPNnDprQ9glB9FSEIhZDoHgI1p
e304Q0buuCpwm4K7dZYnsvVYdIhrHCTnpbx2lacmen1ikLDCdb/hxX2s2hp2rUSp
L0BSDeJLHH0lMtd8cDc6DJEB2MqaHlZGWdfvMEqVRcCEXO/p2Qa52SA/DkdB3uSb
cj0t9fV5jWaYvV1BUjxXnoQH8pkyT28yJfF8ktZyxlZQt5CLMnglKy+hSMrVM1RQ
3Df+rzxqlrCtOr3Hr9wIQTtIR/q3CUunuhQmwQJJFzlr
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:57:52 2025 by rpki-client