Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/G8gApdtxz_DDNSqm9tvOhRJU-4s.roa
File: G8gApdtxz_DDNSqm9tvOhRJU-4s.roa (raw, json)
Hash identifier: iNNZzb5V61NBWOnVXNbAjB4XI7cOOYK1LClva/MI5D8=
Subject key identifier: 1B:C8:00:A5:DB:71:CF:F0:C3:35:2A:A6:F6:DB:CE:85:12:54:FB:8B
Certificate issuer: /CN=e3b35956a4038a0938ccda85592ad531e4a883ad
Certificate serial: 0184E6EAD5CC5A91900B7A1C9B1F94C8E9C5
Authority key identifier: E3:B3:59:56:A4:03:8A:09:38:CC:DA:85:59:2A:D5:31:E4:A8:83:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/47NZVqQDigk4zNqFWSrVMeSog60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/G8gApdtxz_DDNSqm9tvOhRJU-4s.roa
Signing time: Tue 06 Dec 2022 10:11:00 +0000
ROA not before: Tue 06 Dec 2022 10:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204741
IP address blocks: 185.242.24.0/22 maxlen: 22
185.242.24.0/23 maxlen: 23
185.242.24.0/24 maxlen: 24
185.242.27.0/24 maxlen: 24
185.242.26.0/23 maxlen: 23
185.242.25.0/24 maxlen: 24
2a0c:ba80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:ea:d5:cc:5a:91:90:0b:7a:1c:9b:1f:94:c8:e9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3b35956a4038a0938ccda85592ad531e4a883ad
Validity
Not Before: Dec 6 10:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bc800a5db71cff0c3352aa6f6dbce851254fb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ea:d3:9b:49:c6:c5:01:7c:4d:3b:e2:3e:02:
d2:69:18:e9:8f:1e:76:5d:de:7b:83:53:f0:5c:2f:
f0:bf:a0:ce:f7:e1:2b:d8:35:de:fb:45:a6:93:26:
67:de:ff:c0:a7:83:68:a2:1d:91:9e:56:85:d5:9f:
04:d7:c7:a5:2b:a0:19:db:ce:e7:1e:84:ba:18:d6:
4e:58:26:ed:ce:6f:e0:a2:f4:c1:ed:76:fe:0e:79:
56:a6:f8:83:3c:28:0b:4d:99:07:c5:42:9d:7e:95:
b1:12:7c:dc:e0:ed:b6:73:98:7f:b3:fc:16:c6:30:
a4:c6:a1:bf:99:fe:c3:9e:e2:6b:25:2b:bd:6a:7a:
6c:de:da:0f:d6:6f:19:f1:e0:65:f6:b7:c0:6f:c1:
12:68:b9:48:d1:d7:e4:60:17:28:52:03:95:83:35:
a6:34:c7:02:cb:46:91:e3:64:bd:01:97:2a:61:fe:
34:2c:7c:a9:08:2e:13:29:e8:ac:ca:72:be:eb:9a:
34:d2:d2:42:2d:1a:1c:54:ce:5d:5d:bf:0b:07:b1:
01:8c:25:00:7b:03:8a:d7:f5:74:4c:65:44:c0:99:
73:70:85:cb:8f:23:fd:49:c9:0b:44:ed:9f:f0:1e:
ed:c6:e2:63:af:61:be:41:e2:8e:d8:94:4b:b5:d9:
8e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C8:00:A5:DB:71:CF:F0:C3:35:2A:A6:F6:DB:CE:85:12:54:FB:8B
X509v3 Authority Key Identifier:
keyid:E3:B3:59:56:A4:03:8A:09:38:CC:DA:85:59:2A:D5:31:E4:A8:83:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/47NZVqQDigk4zNqFWSrVMeSog60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/G8gApdtxz_DDNSqm9tvOhRJU-4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/47NZVqQDigk4zNqFWSrVMeSog60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.24.0/22
IPv6:
2a0c:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
cd:57:d4:a1:2e:1d:a0:90:69:71:25:94:5b:09:92:b8:ac:61:
92:2c:ff:bd:71:c6:dd:d6:45:a7:0b:9f:65:69:45:69:c5:4c:
4c:b3:52:44:c5:02:15:2e:f2:73:bb:94:7c:a9:70:61:78:6b:
b9:7f:7a:dd:6f:d3:61:bd:d2:27:05:5a:fd:fc:a9:b6:4b:d8:
50:33:cf:b1:37:04:2c:7a:fd:bc:c9:b0:ec:d7:36:ae:a3:f2:
00:d9:bc:89:a6:75:29:1a:34:84:ac:3e:ac:e1:21:0a:89:63:
cf:67:4a:fd:9e:ea:32:46:a1:c2:d8:48:d0:6b:c6:2d:17:fd:
5f:80:bd:98:0a:1a:95:65:dd:13:35:0c:7d:8a:f1:a0:ed:a1:
63:4a:75:13:46:b7:a9:c7:6a:f9:ae:9e:ee:29:f5:f5:3a:c8:
c2:2c:1a:f4:33:09:a2:39:aa:5c:2b:1a:f9:29:e1:05:ab:09:
73:c6:8e:a7:3a:a7:c1:71:4d:0a:b8:62:0e:78:34:8f:88:04:
90:cb:aa:be:64:44:a4:3b:c0:f6:29:27:01:c5:4c:fd:25:68:
11:c9:44:c4:bd:93:5b:63:6e:41:48:b4:9b:fb:76:1b:da:c1:
c4:7b:68:bd:df:9f:01:64:04:b6:94:44:ef:fb:40:66:10:5d:
e1:42:7b:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTm6tXMWpGQC3ocmx+UyOnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYjM1OTU2YTQwMzhhMDkzOGNjZGE4NTU5MmFkNTMxZTRh
ODgzYWQwHhcNMjIxMjA2MTAxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmM4MDBhNWRiNzFjZmYwYzMzNTJhYTZmNmRiY2U4NTEyNTRmYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkurTm0nGxQF8TTviPgLSaRjpjx52
Xd57g1PwXC/wv6DO9+Er2DXe+0WmkyZn3v/Ap4Nooh2RnlaF1Z8E18elK6AZ287n
HoS6GNZOWCbtzm/govTB7Xb+DnlWpviDPCgLTZkHxUKdfpWxEnzc4O22c5h/s/wW
xjCkxqG/mf7DnuJrJSu9anps3toP1m8Z8eBl9rfAb8ESaLlI0dfkYBcoUgOVgzWm
NMcCy0aR42S9AZcqYf40LHypCC4TKeisynK+65o00tJCLRocVM5dXb8LB7EBjCUA
ewOK1/V0TGVEwJlzcIXLjyP9SckLRO2f8B7txuJjr2G+QeKO2JRLtdmOJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBvIAKXbcc/wwzUqpvbbzoUSVPuLMB8GA1UdIwQY
MBaAFOOzWVakA4oJOMzahVkq1THkqIOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDdOWlZxUURpZ2s0ek5xRldTclZNZVNvZzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2JmODUtZTJjMC00NmY5LWIwZmIt
MDdhZTY4MmMxMjYyLzEvRzhnQXBkdHh6X0RETlNxbTl0dk9oUkpVLTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2JmODUtZTJjMC00NmY5LWIwZmItMDdhZTY4MmMxMjYy
LzEvNDdOWlZxUURpZ2s0ek5xRldTclZNZVNvZzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufIYMA0E
AgACMAcDBQMqDLqAMA0GCSqGSIb3DQEBCwUAA4IBAQDNV9ShLh2gkGlxJZRbCZK4
rGGSLP+9ccbd1kWnC59laUVpxUxMs1JExQIVLvJzu5R8qXBheGu5f3rdb9NhvdIn
BVr9/Km2S9hQM8+xNwQsev28ybDs1zauo/IA2byJpnUpGjSErD6s4SEKiWPPZ0r9
nuoyRqHC2EjQa8YtF/1fgL2YChqVZd0TNQx9ivGg7aFjSnUTRrepx2r5rp7uKfX1
OsjCLBr0MwmiOapcKxr5KeEFqwlzxo6nOqfBcU0KuGIOeDSPiASQy6q+ZESkO8D2
KScBxUz9JWgRyUTEvZNbY25BSLSb+3Yb2sHEe2i9358BZAS2lETv+0BmEF3hQnsZ
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:40:03 2025 by rpki-client