Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vPXLizA9h6cQ9dz5TRIqHSRcMko.roa
File: vPXLizA9h6cQ9dz5TRIqHSRcMko.roa (raw, json)
Hash identifier: nQS/zZZSEG4TsrZ1zsdcNTL8Y4ZxUaRHM9+qjmkO1g4=
Subject key identifier: BC:F5:CB:8B:30:3D:87:A7:10:F5:DC:F9:4D:12:2A:1D:24:5C:32:4A
Certificate issuer: /CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Certificate serial: 01857067481742E27284046EFDBAD3EF38FC
Authority key identifier: 0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vPXLizA9h6cQ9dz5TRIqHSRcMko.roa
Signing time: Mon 02 Jan 2023 02:54:54 +0000
ROA not before: Mon 02 Jan 2023 02:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206360
IP address blocks: 185.220.136.0/24 maxlen: 24
185.220.139.0/24 maxlen: 24
185.220.138.0/24 maxlen: 24
185.220.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:48:17:42:e2:72:84:04:6e:fd:ba:d3:ef:38:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b42fb4831c1daf2d963c47638d703086eeca8de
Validity
Not Before: Jan 2 02:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bcf5cb8b303d87a710f5dcf94d122a1d245c324a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:41:d7:e0:86:a5:cd:f9:d5:62:9f:2b:18:
02:68:7a:eb:ac:dc:3c:ed:5b:8c:4c:e5:1f:17:d4:
e4:2e:02:55:82:67:dc:f9:c4:e3:5f:5d:c4:6f:5d:
6c:0c:ea:b5:3c:77:e3:a2:f5:ab:d3:b0:94:43:6c:
0b:c4:09:78:4a:77:d9:11:dc:b2:38:08:e9:3e:f5:
4f:a8:8e:e4:77:f0:9c:25:dd:3b:99:d8:cc:33:84:
61:51:a6:44:04:6f:68:e9:7e:30:46:ba:08:6d:7d:
fd:a1:a7:63:c8:19:21:76:e1:59:9c:d0:dc:91:7e:
47:ad:60:68:e2:a3:61:49:10:c3:45:89:99:d1:32:
4e:f5:f7:79:93:3b:10:b5:30:0b:f1:b8:10:6a:4a:
39:b0:f3:d8:9a:13:dd:22:ab:79:c9:f4:5f:1c:b6:
67:75:51:d6:65:fc:c2:94:64:0a:6f:1e:36:ed:02:
44:62:bb:8f:5a:6d:c8:8f:e0:4e:64:e7:bd:dd:f9:
50:82:fb:cf:93:e6:e2:dc:a5:0d:36:60:90:32:00:
59:fd:30:24:a6:e0:c0:7d:62:b9:e4:6b:b5:0b:f8:
8b:fa:8a:df:3c:cf:a3:5a:ab:18:eb:00:b0:b8:f6:
91:5c:f1:5b:4e:fd:56:4c:87:6a:b7:52:53:85:aa:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F5:CB:8B:30:3D:87:A7:10:F5:DC:F9:4D:12:2A:1D:24:5C:32:4A
X509v3 Authority Key Identifier:
keyid:0B:42:FB:48:31:C1:DA:F2:D9:63:C4:76:38:D7:03:08:6E:EC:A8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0L7SDHB2vLZY8R2ONcDCG7sqN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/vPXLizA9h6cQ9dz5TRIqHSRcMko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6f6743-0b22-4312-9c1a-b3663a345518/1/C0L7SDHB2vLZY8R2ONcDCG7sqN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.136.0/22
Signature Algorithm: sha256WithRSAEncryption
42:8a:7b:ba:0b:db:f1:a7:8b:65:a4:f5:8b:50:83:0d:4b:a8:
0b:27:0e:3d:aa:98:55:1b:c8:b1:bd:58:5d:90:69:2b:bc:a4:
71:00:95:2f:49:ae:f2:dc:74:a9:37:2e:77:63:7d:a3:fc:b8:
29:ea:ad:e2:90:e2:09:92:1d:a3:a7:5b:54:53:f0:ce:00:e0:
d9:9b:dc:45:1a:a5:7d:04:91:e4:97:84:ec:ed:f1:57:1f:f5:
16:77:a1:f4:e8:15:6d:07:c8:8b:c2:7a:ea:e3:8d:81:07:d1:
d0:3f:2a:5b:18:bb:c0:af:78:d0:d1:a0:f5:b4:40:bc:90:82:
85:1c:8d:c7:d6:3e:61:5e:13:69:63:e5:b4:81:87:4f:91:87:
11:98:8a:7f:9e:e1:02:78:27:54:ba:ce:ab:ac:7f:d8:a5:7e:
69:6c:05:7f:ad:0e:5e:0b:8e:23:bf:89:28:89:9d:c5:b9:f1:
00:de:63:f3:f2:b6:7d:ec:2a:f5:de:7f:26:a9:50:91:fd:64:
9c:87:93:31:47:98:d0:c4:58:9f:72:f7:63:d8:f0:fd:b5:43:
c3:d0:e2:bf:9f:7e:7c:29:98:a4:93:c5:d6:a8:2a:fe:b7:80:
e7:8c:f9:ac:b8:74:84:ed:cf:10:fd:29:0b:2a:5d:d8:ae:df:
90:32:57:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ0gXQuJyhARu/brT7zj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNDJmYjQ4MzFjMWRhZjJkOTYzYzQ3NjM4ZDcwMzA4NmVl
Y2E4ZGUwHhcNMjMwMTAyMDI1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2Y1Y2I4YjMwM2Q4N2E3MTBmNWRjZjk0ZDEyMmExZDI0NWMzMjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTNB1+CGpc351WKfKxgCaHrrrNw8
7VuMTOUfF9TkLgJVgmfc+cTjX13Eb11sDOq1PHfjovWr07CUQ2wLxAl4SnfZEdyy
OAjpPvVPqI7kd/CcJd07mdjMM4RhUaZEBG9o6X4wRroIbX39oadjyBkhduFZnNDc
kX5HrWBo4qNhSRDDRYmZ0TJO9fd5kzsQtTAL8bgQako5sPPYmhPdIqt5yfRfHLZn
dVHWZfzClGQKbx427QJEYruPWm3Ij+BOZOe93flQgvvPk+bi3KUNNmCQMgBZ/TAk
puDAfWK55Gu1C/iL+orfPM+jWqsY6wCwuPaRXPFbTv1WTIdqt1JThao1qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLz1y4swPYenEPXc+U0SKh0kXDJKMB8GA1UdIwQY
MBaAFAtC+0gxwdry2WPEdjjXAwhu7KjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEt
YjM2NjNhMzQ1NTE4LzEvdlBYTGl6QTloNmNROWR6NVRSSXFIU1JjTWtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82ZjY3NDMtMGIyMi00MzEyLTljMWEtYjM2NjNhMzQ1NTE4
LzEvQzBMN1NESEIydkxaWThSMk9OY0RDRzdzcU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudyIMA0G
CSqGSIb3DQEBCwUAA4IBAQBCinu6C9vxp4tlpPWLUIMNS6gLJw49qphVG8ixvVhd
kGkrvKRxAJUvSa7y3HSpNy53Y32j/Lgp6q3ikOIJkh2jp1tUU/DOAODZm9xFGqV9
BJHkl4Ts7fFXH/UWd6H06BVtB8iLwnrq442BB9HQPypbGLvAr3jQ0aD1tEC8kIKF
HI3H1j5hXhNpY+W0gYdPkYcRmIp/nuECeCdUus6rrH/YpX5pbAV/rQ5eC44jv4ko
iZ3FufEA3mPz8rZ97Cr13n8mqVCR/WSch5MxR5jQxFifcvdj2PD9tUPD0OK/n358
KZikk8XWqCr+t4DnjPmsuHSE7c8Q/SkLKl3Yrt+QMleO
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:52:09 2025 by rpki-client