Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/h8vadPyjUfjBt0LIifpVLqlyLGc.roa
File: h8vadPyjUfjBt0LIifpVLqlyLGc.roa (raw, json)
Hash identifier: nT7CZm9s3o6dV6DZ/uI9Rox+nThpat+tpnNE88tZxcY=
Subject key identifier: 87:CB:DA:74:FC:A3:51:F8:C1:B7:42:C8:89:FA:55:2E:A9:72:2C:67
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 018A74D3CD6D220D8529162BAD4C8181E230
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/h8vadPyjUfjBt0LIifpVLqlyLGc.roa
Signing time: Fri 08 Sep 2023 12:45:52 +0000
ROA not before: Fri 08 Sep 2023 12:45:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
185.220.136.4/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:d3:cd:6d:22:0d:85:29:16:2b:ad:4c:81:81:e2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Sep 8 12:45:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87cbda74fca351f8c1b742c889fa552ea9722c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ff:e2:60:d8:e6:ba:3e:bc:96:02:42:0c:68:
d5:1d:03:c6:9f:e2:d8:ca:5c:cd:1f:17:3e:1a:79:
38:e7:e9:94:11:79:e0:49:2d:94:de:07:61:43:33:
27:e1:15:88:1a:9c:e8:8a:95:fe:56:d7:a5:fb:e5:
09:53:a7:2f:20:12:d5:75:d2:0e:55:ef:6c:f5:34:
81:80:50:e2:c4:69:f8:db:5f:ca:e0:26:c2:67:8c:
80:20:59:3f:84:c2:24:fe:b4:c3:45:cc:3d:43:18:
d4:2c:a4:ef:99:f1:00:5e:12:ea:fe:17:4e:b3:40:
45:72:98:4d:01:3f:1a:61:86:d6:87:40:68:8f:50:
53:9f:b2:63:ee:37:67:4b:1e:1b:fc:80:70:ec:48:
31:99:12:1e:85:d9:80:75:cf:0f:f2:c5:25:3f:31:
54:13:1b:60:22:2a:32:56:09:e9:ce:43:5f:42:d2:
0f:1e:9a:b2:91:14:2a:b1:1c:aa:53:51:95:90:5e:
23:cb:0e:97:fc:b2:26:63:11:71:86:76:9f:ca:81:
50:8f:18:fe:7c:e3:88:18:27:90:3b:2a:c9:11:56:
ef:9c:9b:0b:e6:be:10:5f:70:42:21:a2:af:cc:35:
20:0e:5e:0d:cf:8d:1b:ee:67:54:2e:7c:67:f6:cc:
d5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CB:DA:74:FC:A3:51:F8:C1:B7:42:C8:89:FA:55:2E:A9:72:2C:67
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/h8vadPyjUfjBt0LIifpVLqlyLGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
74:0c:d8:ee:61:5f:ed:7f:ef:b2:f2:21:0d:24:68:86:07:bf:
07:de:74:af:a0:a1:b2:34:7c:53:2b:2e:b7:cc:29:b0:a9:fd:
a6:fb:a3:b6:d4:52:eb:26:5e:0a:8c:a7:eb:14:9f:da:17:82:
50:f5:28:07:05:da:3f:c7:06:7d:09:b9:41:35:d9:f5:69:73:
57:57:fe:ec:02:db:4e:cf:f5:14:15:f3:b7:11:8e:46:9a:c3:
c0:51:be:e7:23:a9:09:ed:e1:af:7f:e9:d1:be:fc:f2:d5:2f:
c4:b5:cb:7e:28:69:d1:6d:f8:ec:62:84:35:5f:b1:3c:88:dd:
bc:8e:b1:ad:c7:e4:44:b7:0a:f5:a3:e8:c0:ce:c5:16:5d:dd:
f6:b3:9a:3d:51:09:26:24:4e:e4:8f:dd:20:7d:ff:1e:86:14:
c4:cf:64:c1:7c:a0:c4:4a:5e:b6:7e:73:dc:1a:40:9f:67:5e:
5f:4b:dc:f1:50:94:f8:7f:e8:0c:8b:13:b5:78:d1:11:04:22:
51:69:9c:da:45:8c:77:c3:58:28:95:84:e8:f0:fa:38:0f:f8:
c3:76:8d:aa:02:52:b8:0e:14:8c:ec:09:97:3d:80:25:92:73:
e3:e6:7c:26:b3:63:ad:49:03:a6:01:a3:bb:d0:a6:ca:0c:36:
28:8b:9c:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYp0081tIg2FKRYrrUyBgeIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwOTA4MTI0NTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NiZGE3NGZjYTM1MWY4YzFiNzQyYzg4OWZhNTUyZWE5NzIyYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk//iYNjmuj68lgJCDGjVHQPGn+LY
ylzNHxc+Gnk45+mUEXngSS2U3gdhQzMn4RWIGpzoipX+Vtel++UJU6cvIBLVddIO
Ve9s9TSBgFDixGn421/K4CbCZ4yAIFk/hMIk/rTDRcw9QxjULKTvmfEAXhLq/hdO
s0BFcphNAT8aYYbWh0Boj1BTn7Jj7jdnSx4b/IBw7EgxmRIehdmAdc8P8sUlPzFU
ExtgIioyVgnpzkNfQtIPHpqykRQqsRyqU1GVkF4jyw6X/LImYxFxhnafyoFQjxj+
fOOIGCeQOyrJEVbvnJsL5r4QX3BCIaKvzDUgDl4Nz40b7mdULnxn9szV8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIfL2nT8o1H4wbdCyIn6VS6pcixnMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvaDh2YWRQeWpVZmpCdDBMSWlmcFZMcWx5TEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQB0DNjuYV/tf++y8iENJGiGB78H3nSvoKGyNHxTKy63
zCmwqf2m+6O21FLrJl4KjKfrFJ/aF4JQ9SgHBdo/xwZ9CblBNdn1aXNXV/7sAttO
z/UUFfO3EY5GmsPAUb7nI6kJ7eGvf+nRvvzy1S/Etct+KGnRbfjsYoQ1X7E8iN28
jrGtx+REtwr1o+jAzsUWXd32s5o9UQkmJE7kj90gff8ehhTEz2TBfKDESl62fnPc
GkCfZ15fS9zxUJT4f+gMixO1eNERBCJRaZzaRYx3w1golYTo8Po4D/jDdo2qAlK4
DhSM7AmXPYAlknPj5nwms2OtSQOmAaO70KbKDDYoi5yD
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:12 2025 by rpki-client