Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa
File: ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa (raw, json)
Hash identifier: Veu5YSHSRcZPbq4g2GN3zgvGZj0sML/N5i5Q4YxoeQc=
Subject key identifier: 6A:11:20:1B:5F:C7:96:97:86:1F:0D:1C:E2:7F:0F:6B:87:18:C6:E6
Certificate issuer: /CN=351353429e72eb286cc18ecbeb8fa71a31c08190
Certificate serial: 018570153EB9902CC8D0A945DDBB2E277450
Authority key identifier: 35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa
Signing time: Mon 02 Jan 2023 01:25:18 +0000
ROA not before: Mon 02 Jan 2023 01:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62284
IP address blocks: 185.110.28.0/24 maxlen: 24
185.110.28.0/22 maxlen: 22
185.110.29.0/24 maxlen: 24
185.110.30.0/24 maxlen: 24
185.110.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:3e:b9:90:2c:c8:d0:a9:45:dd:bb:2e:27:74:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351353429e72eb286cc18ecbeb8fa71a31c08190
Validity
Not Before: Jan 2 01:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a11201b5fc79697861f0d1ce27f0f6b8718c6e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:da:9c:4a:0c:a1:92:53:f7:7b:17:b9:2f:1d:
4e:f3:92:f5:9a:39:00:b1:82:04:49:6d:c8:e0:91:
f8:b6:b4:9d:51:84:44:84:bc:c2:6a:6a:7a:55:b7:
09:0b:3a:b0:cd:0a:15:e0:05:75:df:f7:89:10:dd:
6e:5a:76:0e:16:3e:43:a3:52:8a:27:d6:b4:d6:97:
3a:ef:ab:03:61:d2:8c:73:ab:c2:dd:37:57:17:1c:
3f:84:0c:29:27:92:5b:20:7a:6a:7f:3f:5d:28:04:
d2:ee:69:9f:f0:fa:4d:50:7c:dc:6c:76:09:84:c5:
a8:05:4f:83:0d:7a:69:3f:7d:d4:78:81:dc:30:7e:
40:32:4d:92:7f:16:29:b8:ee:04:6d:0a:33:df:46:
6f:98:10:e4:2a:cd:52:69:d7:22:39:b4:bc:da:79:
66:c8:3c:3f:41:2a:f7:29:be:ac:66:6c:4f:0f:db:
3e:ad:bd:b5:72:fc:ce:64:0e:f5:9e:a5:08:39:58:
2f:ba:71:54:39:f7:ad:ee:23:89:58:54:87:a1:e8:
08:e5:db:25:c0:fb:2a:a2:c4:3a:e0:f9:e9:b6:38:
2a:97:51:cc:fb:0b:26:91:ef:c6:80:49:95:4a:f9:
3f:92:59:74:07:34:ea:5b:06:cd:ec:94:0d:a5:63:
ea:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:11:20:1B:5F:C7:96:97:86:1F:0D:1C:E2:7F:0F:6B:87:18:C6:E6
X509v3 Authority Key Identifier:
keyid:35:13:53:42:9E:72:EB:28:6C:C1:8E:CB:EB:8F:A7:1A:31:C0:81:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRNTQp5y6yhswY7L64-nGjHAgZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/ahEgG1_HlpeGHw0c4n8Pa4cYxuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6a2302-85c5-4ebc-9641-39369689f27e/1/NRNTQp5y6yhswY7L64-nGjHAgZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.28.0/22
Signature Algorithm: sha256WithRSAEncryption
17:74:95:1c:c5:fa:c6:b0:60:17:17:b5:e6:e7:ca:2b:89:5d:
73:0f:e6:7c:8a:b6:3f:ac:ce:86:39:7b:1a:9e:4a:57:e5:36:
fa:49:e8:d7:a6:76:03:11:3f:00:96:c7:ae:06:5a:5e:87:1d:
f0:5e:c9:5a:d9:16:14:16:26:e9:90:a1:68:e1:c8:a6:be:00:
7e:28:b7:cc:e5:9c:25:80:9f:ad:9c:27:6a:22:12:8c:d7:81:
92:3c:e1:1f:9f:ac:50:8c:56:02:31:62:93:59:c0:4f:f4:4a:
cd:38:52:28:9a:f7:7e:aa:f6:ec:7e:38:46:90:5b:91:f0:3f:
82:87:3d:d0:8b:27:c3:c7:ef:e8:a4:1b:ca:e1:69:48:42:13:
5d:5e:0f:ce:bb:91:09:a0:bc:98:e3:30:53:8c:47:b6:d5:62:
79:4a:60:82:28:9c:ad:30:fa:b8:7a:2f:86:48:1d:af:f7:7c:
44:80:12:15:53:e5:51:38:ce:73:86:73:92:95:cf:c0:16:7d:
40:eb:06:6b:45:43:e6:f0:94:3b:4a:34:5b:28:e2:aa:5a:5a:
b3:e4:ea:fb:65:41:c7:62:78:4f:a8:c0:25:fb:52:c7:23:be:
a7:55:0e:c3:bc:f4:2c:30:15:ae:ce:2e:a8:ed:54:d9:3a:79:
bf:d6:d8:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFT65kCzI0KlF3bsuJ3RQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTM1MzQyOWU3MmViMjg2Y2MxOGVjYmViOGZhNzFhMzFj
MDgxOTAwHhcNMjMwMTAyMDEyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTExMjAxYjVmYzc5Njk3ODYxZjBkMWNlMjdmMGY2Yjg3MThjNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtqcSgyhklP3exe5Lx1O85L1mjkA
sYIESW3I4JH4trSdUYREhLzCamp6VbcJCzqwzQoV4AV13/eJEN1uWnYOFj5Do1KK
J9a01pc676sDYdKMc6vC3TdXFxw/hAwpJ5JbIHpqfz9dKATS7mmf8PpNUHzcbHYJ
hMWoBU+DDXppP33UeIHcMH5AMk2SfxYpuO4EbQoz30ZvmBDkKs1SadciObS82nlm
yDw/QSr3Kb6sZmxPD9s+rb21cvzOZA71nqUIOVgvunFUOfet7iOJWFSHoegI5dsl
wPsqosQ64Pnptjgql1HM+wsmke/GgEmVSvk/kll0BzTqWwbN7JQNpWPqYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoRIBtfx5aXhh8NHOJ/D2uHGMbmMB8GA1UdIwQY
MBaAFDUTU0KecusobMGOy+uPpxoxwIGQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEt
MzkzNjk2ODlmMjdlLzEvYWhFZ0cxX0hscGVHSHcwYzRuOFBhNGNZeHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82YTIzMDItODVjNS00ZWJjLTk2NDEtMzkzNjk2ODlmMjdl
LzEvTlJOVFFwNXk2eWhzd1k3TDY0LW5HakhBZ1pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW4cMA0G
CSqGSIb3DQEBCwUAA4IBAQAXdJUcxfrGsGAXF7Xm58oriV1zD+Z8irY/rM6GOXsa
nkpX5Tb6SejXpnYDET8AlseuBlpehx3wXsla2RYUFibpkKFo4cimvgB+KLfM5Zwl
gJ+tnCdqIhKM14GSPOEfn6xQjFYCMWKTWcBP9ErNOFIomvd+qvbsfjhGkFuR8D+C
hz3QiyfDx+/opBvK4WlIQhNdXg/Ou5EJoLyY4zBTjEe21WJ5SmCCKJytMPq4ei+G
SB2v93xEgBIVU+VROM5zhnOSlc/AFn1A6wZrRUPm8JQ7SjRbKOKqWlqz5Or7ZUHH
YnhPqMAl+1LHI76nVQ7DvPQsMBWuzi6o7VTZOnm/1tgf
-----END CERTIFICATE-----
Generated at Wed Apr 16 14:18:44 2025 by rpki-client