Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/d6DYYNjZx4lKbdXmFgQNUdv_dkI.roa
File: d6DYYNjZx4lKbdXmFgQNUdv_dkI.roa (raw, json)
Hash identifier: gRcP3Oj4MPbZni5gVxyUquIZjixEqQmS5sNdZTc8Dd8=
Subject key identifier: 77:A0:D8:60:D8:D9:C7:89:4A:6D:D5:E6:16:04:0D:51:DB:FF:76:42
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 018A8DC0FEB1F7FCEE783D8693240460EA5D
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/d6DYYNjZx4lKbdXmFgQNUdv_dkI.roa
Signing time: Wed 13 Sep 2023 08:55:50 +0000
ROA not before: Wed 13 Sep 2023 08:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
185.220.136.4/30 maxlen: 30
185.220.137.4/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:c0:fe:b1:f7:fc:ee:78:3d:86:93:24:04:60:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Sep 13 08:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77a0d860d8d9c7894a6dd5e616040d51dbff7642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:67:25:a5:e0:ae:0c:28:38:3b:db:48:4b:
46:22:31:33:87:3c:8b:33:c8:d1:26:4d:24:8d:df:
d3:d7:57:32:10:c9:ec:25:a8:b4:7e:13:b5:79:42:
53:9c:8c:4d:f9:2e:80:a8:27:74:95:91:54:ef:20:
9f:6f:49:2c:a0:9b:12:3a:02:04:6b:d0:ba:4c:3a:
20:85:0e:d0:5a:60:bf:db:ca:87:24:f3:17:3f:7e:
79:18:c6:ca:79:c1:48:9c:b2:b1:a7:6c:40:c5:3a:
bb:53:34:9a:c2:bb:75:c2:23:ad:f7:c0:05:ec:2a:
82:38:75:8a:58:bb:af:5d:af:be:4a:a6:03:51:4e:
8d:15:94:9f:44:bc:eb:63:3e:1e:13:74:45:57:99:
83:6c:ec:fd:8a:ef:9e:d1:eb:c2:f2:0c:39:c5:26:
a7:99:34:e5:af:5d:f9:d7:9d:28:3a:d3:ab:0e:85:
ab:29:ea:bd:95:0b:81:84:bc:72:e1:3c:36:ef:c9:
c7:71:16:db:5a:05:cb:b7:83:ca:4e:ca:6b:38:f5:
44:82:06:e5:f5:85:42:64:bb:6f:82:06:4f:71:40:
54:cf:aa:ab:f9:a8:8c:7b:80:e8:cb:b1:52:4a:03:
54:7c:1b:ec:1a:1c:45:17:f9:c6:61:74:11:16:c0:
a4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A0:D8:60:D8:D9:C7:89:4A:6D:D5:E6:16:04:0D:51:DB:FF:76:42
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/d6DYYNjZx4lKbdXmFgQNUdv_dkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:54:98:98:a7:46:b3:2b:b3:92:44:d7:a3:2f:53:79:e0:47:
7b:75:82:ae:97:4d:76:6e:04:69:db:35:ca:39:99:50:bb:87:
c6:c2:95:6e:6c:34:35:b9:60:4e:ed:ff:f5:cf:36:8a:ee:3a:
d3:0a:57:dc:c9:b4:05:61:46:ce:00:e8:3d:c2:10:95:97:d5:
59:34:8a:5a:f4:c7:54:98:0e:b6:be:2d:34:b2:fe:5f:19:0f:
7d:51:3f:ce:7c:13:c1:06:82:7c:19:38:ea:3a:c8:ba:dc:dd:
e5:e7:b2:02:fe:2b:09:49:ec:78:70:bd:b0:9b:03:91:de:8d:
de:dd:b1:67:c5:86:2d:a2:f0:1b:7a:f4:6f:59:39:d0:64:e8:
9a:b1:fb:87:67:0d:25:1e:03:86:fa:49:61:09:10:09:1c:9f:
86:fd:f4:94:15:1b:10:fa:63:29:2e:9d:d6:e7:80:0f:7c:55:
98:97:4c:83:d3:21:7c:55:b1:00:8e:cb:8b:f5:8d:ec:5c:f7:
d6:f1:26:30:55:5a:11:4f:64:4e:37:69:42:09:1e:69:df:d3:
5d:27:ae:6b:10:00:ec:20:12:dd:58:fa:f2:e0:87:7b:e9:26:
17:5c:7e:9d:51:90:98:a6:be:77:00:fb:57:03:7e:2c:5d:1b:
d6:2c:0e:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqNwP6x9/zueD2GkyQEYOpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwOTEzMDg1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2EwZDg2MGQ4ZDljNzg5NGE2ZGQ1ZTYxNjA0MGQ1MWRiZmY3NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJVnJaXgrgwoODvbSEtGIjEzhzyL
M8jRJk0kjd/T11cyEMnsJai0fhO1eUJTnIxN+S6AqCd0lZFU7yCfb0ksoJsSOgIE
a9C6TDoghQ7QWmC/28qHJPMXP355GMbKecFInLKxp2xAxTq7UzSawrt1wiOt98AF
7CqCOHWKWLuvXa++SqYDUU6NFZSfRLzrYz4eE3RFV5mDbOz9iu+e0evC8gw5xSan
mTTlr135150oOtOrDoWrKeq9lQuBhLxy4Tw278nHcRbbWgXLt4PKTsprOPVEggbl
9YVCZLtvggZPcUBUz6qr+aiMe4Doy7FSSgNUfBvsGhxFF/nGYXQRFsCkIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHeg2GDY2ceJSm3V5hYEDVHb/3ZCMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvZDZEWVlOalp4NGxLYmRYbUZnUU5VZHZfZGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQCMVJiYp0azK7OSRNejL1N54Ed7dYKul012bgRp2zXK
OZlQu4fGwpVubDQ1uWBO7f/1zzaK7jrTClfcybQFYUbOAOg9whCVl9VZNIpa9MdU
mA62vi00sv5fGQ99UT/OfBPBBoJ8GTjqOsi63N3l57IC/isJSex4cL2wmwOR3o3e
3bFnxYYtovAbevRvWTnQZOiasfuHZw0lHgOG+klhCRAJHJ+G/fSUFRsQ+mMpLp3W
54APfFWYl0yD0yF8VbEAjsuL9Y3sXPfW8SYwVVoRT2RON2lCCR5p39NdJ65rEADs
IBLdWPry4Id76SYXXH6dUZCYpr53APtXA34sXRvWLA5N
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:22:57 2025 by rpki-client