Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/D7jNXhrcvy1LaeaGU05ytjjmDko.roa
File: D7jNXhrcvy1LaeaGU05ytjjmDko.roa (raw, json)
Hash identifier: 2W3T9fa3IsomGcfpbHQ2+SHUTls2PIQVxDKy8yVGKig=
Subject key identifier: 0F:B8:CD:5E:1A:DC:BF:2D:4B:69:E6:86:53:4E:72:B6:38:E6:0E:4A
Certificate issuer: /CN=68799b772b551db784eeba8b0e115a0c433cd3ba
Certificate serial: 095372CE
Authority key identifier: 68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/D7jNXhrcvy1LaeaGU05ytjjmDko.roa
Signing time: Sat 01 Jan 2022 01:59:30 +0000
ROA not before: Sat 01 Jan 2022 01:59:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39691
IP address blocks: 185.234.224.0/23 maxlen: 23
185.234.224.0/24 maxlen: 24
185.234.225.0/24 maxlen: 24
185.234.226.0/24 maxlen: 24
185.234.227.0/24 maxlen: 24
2a0d:2f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156463822 (0x95372ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68799b772b551db784eeba8b0e115a0c433cd3ba
Validity
Not Before: Jan 1 01:59:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fb8cd5e1adcbf2d4b69e686534e72b638e60e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:92:f6:ae:f6:e4:ba:6b:6b:7a:05:4b:5d:cb:
cd:6d:e5:ee:9b:ef:7a:1b:63:4c:55:fd:5b:5d:78:
ef:e4:3c:26:81:2d:7f:93:7a:79:59:8e:c5:a3:8c:
70:a1:16:e1:9c:ec:66:86:51:77:d9:83:ba:c4:69:
f0:ca:8e:14:50:80:c0:d0:59:75:a5:81:17:b7:11:
ee:28:02:ec:75:1e:0d:36:d2:43:34:1f:bc:55:50:
37:56:44:b4:ab:89:95:d9:2e:f2:9e:d9:e8:d0:0b:
20:bb:b9:f6:ef:00:fa:96:ab:78:07:c4:4b:43:17:
40:98:ae:1c:ec:10:20:26:af:df:a6:e1:5e:54:81:
18:94:59:b5:97:8e:dd:99:cd:04:a2:2b:cd:48:2d:
bb:44:f8:5b:96:ff:9b:65:aa:3d:dc:42:6d:d2:4d:
fb:77:7e:b1:4f:7d:a9:b5:1a:04:83:d6:34:24:53:
98:48:bc:47:14:3c:a9:8e:0f:4d:ed:18:59:31:50:
d9:ef:19:ed:91:d7:fe:bd:42:7e:f6:7d:2e:48:d6:
4b:57:86:19:d2:5a:1f:c5:77:49:ff:2b:b7:d6:ea:
5f:cf:75:c8:36:6f:af:41:e8:3d:c0:e0:9e:c9:e1:
fb:f0:43:a4:0d:bb:3a:24:28:f1:bd:89:40:12:7c:
d9:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B8:CD:5E:1A:DC:BF:2D:4B:69:E6:86:53:4E:72:B6:38:E6:0E:4A
X509v3 Authority Key Identifier:
keyid:68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/D7jNXhrcvy1LaeaGU05ytjjmDko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.224.0/22
IPv6:
2a0d:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
7e:13:5d:2c:00:f2:9c:fb:f8:4f:f7:42:1e:2b:a1:9f:dc:2e:
66:44:ae:a8:04:c2:0a:c0:61:62:3e:a5:bd:87:fb:13:d6:88:
a4:24:2f:b0:17:6f:8c:ea:52:6f:26:3b:c2:5b:17:a0:42:2f:
f6:01:00:53:fb:f8:22:43:1f:b5:b2:1a:26:bd:e1:29:d8:f3:
0a:d4:53:67:1c:f2:98:1d:42:06:76:b7:16:aa:33:0b:76:54:
aa:26:4e:9b:aa:b0:4f:3c:e1:b3:be:e3:7e:ec:6c:26:37:aa:
c5:42:a5:64:ad:34:69:30:01:1c:82:65:83:ef:44:d4:dd:bd:
fd:12:a8:fa:1e:2d:de:8c:e8:c2:a9:ac:b8:de:b3:e1:20:ed:
17:64:1e:b7:ec:80:07:7b:81:d5:2d:88:d4:97:c2:84:9d:d0:
5f:95:5d:5b:2c:1f:d0:45:24:60:f1:70:78:51:09:57:24:03:
65:9b:35:98:f2:c0:4f:da:cf:48:5e:20:dd:3d:8c:27:7b:af:
98:c6:2d:d6:cc:29:c2:19:60:fd:31:d9:2d:09:69:25:01:e2:
3d:3e:73:3e:f5:d3:d3:51:5a:5b:27:a5:fa:1b:65:da:bb:a6:
57:96:2a:74:95:c0:07:a3:f7:b6:45:19:98:9b:66:f7:13:7a:
17:63:d9:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECVNyzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODc5OWI3NzJiNTUxZGI3ODRlZWJhOGIwZTExNWEwYzQzM2NkM2JhMB4XDTIyMDEw
MTAxNTkzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZiOGNkNWUxYWRj
YmYyZDRiNjllNjg2NTM0ZTcyYjYzOGU2MGU0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+S9q725Lpra3oFS13LzW3l7pvvehtjTFX9W1147+Q8JoEt
f5N6eVmOxaOMcKEW4ZzsZoZRd9mDusRp8MqOFFCAwNBZdaWBF7cR7igC7HUeDTbS
QzQfvFVQN1ZEtKuJldku8p7Z6NALILu59u8A+pareAfES0MXQJiuHOwQICav36bh
XlSBGJRZtZeO3ZnNBKIrzUgtu0T4W5b/m2WqPdxCbdJN+3d+sU99qbUaBIPWNCRT
mEi8RxQ8qY4PTe0YWTFQ2e8Z7ZHX/r1CfvZ9LkjWS1eGGdJaH8V3Sf8rt9bqX891
yDZvr0HoPcDgnsnh+/BDpA27OiQo8b2JQBJ82a8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQPuM1eGty/LUtp5oZTTnK2OOYOSjAfBgNVHSMEGDAWgBRoeZt3K1Udt4Tu
uosOEVoMQzzTujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FIbWJkeXRWSGJlRTdycUxEaEZhREVNODA3by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvOTYyZjJkLTcyODItNDIxZS1hNjMxLTBjNzZhMzE2YjUyZS8x
L0Q3ak5YaHJjdnkxTGFlYUdVMDV5dGpqbURrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
OTYyZjJkLTcyODItNDIxZS1hNjMxLTBjNzZhMzE2YjUyZS8xL2FIbWJkeXRWSGJl
RTdycUxEaEZhREVNODA3by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArnq4DAPBAIAAjAJAwcAKg0vAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB+E10sAPKc+/hP90IeK6Gf3C5mRK6oBMIKwGFi
PqW9h/sT1oikJC+wF2+M6lJvJjvCWxegQi/2AQBT+/giQx+1shomveEp2PMK1FNn
HPKYHUIGdrcWqjMLdlSqJk6bqrBPPOGzvuN+7GwmN6rFQqVkrTRpMAEcgmWD70TU
3b39Eqj6Hi3ejOjCqay43rPhIO0XZB637IAHe4HVLYjUl8KEndBflV1bLB/QRSRg
8XB4UQlXJANlmzWY8sBP2s9IXiDdPYwne6+Yxi3WzCnCGWD9MdktCWklAeI9PnM+
9dPTUVpbJ6X6G2Xau6ZXlip0lcAHo/e2RRmYm2b3E3oXY9nq
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:04 2025 by rpki-client