Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/zS0RwkW9wY_hYyXzo675A_hPA1o.roa
File: zS0RwkW9wY_hYyXzo675A_hPA1o.roa (raw, json)
Hash identifier: djxB3KGYu/nftUZrtUogU98M+Mnc6JNeYt/XN26B3/E=
Subject key identifier: CD:2D:11:C2:45:BD:C1:8F:E1:63:25:F3:A3:AE:F9:03:F8:4F:03:5A
Certificate issuer: /CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Certificate serial: 018570675C16448B1E5C963DF9DC2177381C
Authority key identifier: 9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/zS0RwkW9wY_hYyXzo675A_hPA1o.roa
Signing time: Mon 02 Jan 2023 02:54:59 +0000
ROA not before: Mon 02 Jan 2023 02:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204903
IP address blocks: 185.236.106.0/24 maxlen: 24
185.236.107.0/24 maxlen: 24
185.236.105.0/24 maxlen: 24
185.236.104.0/24 maxlen: 24
185.236.104.0/22 maxlen: 22
2a12:7bc0:104::/48 maxlen: 48
2a12:7bc0:105::/48 maxlen: 48
2a12:7bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:5c:16:44:8b:1e:5c:96:3d:f9:dc:21:77:38:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Validity
Not Before: Jan 2 02:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd2d11c245bdc18fe16325f3a3aef903f84f035a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bf:96:ec:c8:18:79:92:e1:6b:5a:20:98:83:
e9:64:be:3f:fd:d1:d2:53:65:ba:f4:26:02:58:6a:
49:f7:ca:ef:51:75:8a:a7:eb:9f:e2:7c:62:0a:bd:
ef:d2:86:16:3a:64:8a:43:02:95:cb:03:80:3e:27:
2e:42:fd:70:21:9b:c0:8d:c3:44:fc:e2:0a:4f:0f:
f9:ec:ac:82:21:27:4b:fd:65:89:13:75:f3:b3:1f:
62:cd:62:2c:7e:95:7e:74:f3:a5:f5:66:69:63:90:
85:82:92:9b:b8:85:f4:ee:8c:ed:a5:e7:7e:6b:eb:
f8:c7:a2:a0:7d:02:a9:ac:1b:da:6a:d4:cc:32:ab:
d4:7b:d0:45:04:58:5a:cc:6f:86:48:14:8a:02:98:
98:d5:c1:6a:14:48:84:4d:0e:b8:e4:66:52:46:42:
9f:8d:3d:a8:f9:17:5e:9d:3e:c9:3c:d9:6f:0d:6c:
dc:a3:81:37:a5:62:e1:4c:1e:83:38:af:25:da:78:
1a:c9:01:7b:cb:ef:23:b4:a7:40:54:43:fd:0f:a1:
1f:50:69:6e:d7:1c:82:9f:6f:18:9a:02:9f:ec:9e:
03:a3:35:14:fe:81:ea:b4:43:40:d7:b5:b0:ce:cc:
ea:47:1e:51:ce:12:d8:ba:58:3d:ad:c3:69:b5:d8:
d4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:11:C2:45:BD:C1:8F:E1:63:25:F3:A3:AE:F9:03:F8:4F:03:5A
X509v3 Authority Key Identifier:
keyid:9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/zS0RwkW9wY_hYyXzo675A_hPA1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.104.0/22
IPv6:
2a12:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:68:52:23:3e:ac:8d:30:80:e0:fb:9e:11:2a:f2:36:ba:7c:
71:f0:d7:51:26:80:ba:0f:4d:d9:ea:e9:0f:08:1b:be:a3:68:
02:63:63:e1:30:83:92:76:1e:f2:b6:a9:3a:5a:e1:93:68:1d:
e7:70:a5:0c:bc:ba:1d:78:e2:45:ad:9a:c7:e1:f2:1b:78:04:
a4:27:bb:a8:41:7b:aa:0f:80:26:bc:81:75:2d:92:46:e0:ba:
e8:b7:b4:b6:15:d0:8f:ac:1a:86:ed:29:d8:e1:73:37:8c:cd:
29:d8:00:5e:64:de:d1:94:4c:98:aa:69:f5:70:ac:76:5d:01:
a3:da:e0:61:02:41:04:d9:dc:c3:a0:f0:ce:25:2e:f2:54:68:
50:bf:02:99:c7:ab:8a:08:d3:ca:ec:f8:ce:90:f2:11:29:11:
a3:ef:25:27:ab:4f:21:8e:64:b6:52:d0:73:6d:7a:e9:91:2d:
02:39:da:60:57:93:f4:e2:a3:c1:77:e0:9d:44:05:cc:0e:98:
0d:1f:1d:c2:99:26:28:bf:69:15:f4:84:7f:c0:25:35:c0:08:
c9:c0:de:ce:df:7c:cd:ee:0e:35:a2:ac:0a:bd:79:b4:a9:44:
03:02:2b:e3:a3:f0:a8:c2:dd:90:25:dd:e9:4e:e2:83:ea:9d:
e3:cb:ca:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwZ1wWRIseXJY9+dwhdzgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWEwODY5MmYyMjhkYTBjNDFiMzE3YzZmYTdjYzVjM2Jl
YzUxZTEwHhcNMjMwMTAyMDI1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJkMTFjMjQ1YmRjMThmZTE2MzI1ZjNhM2FlZjkwM2Y4NGYwMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb+W7MgYeZLha1ogmIPpZL4//dHS
U2W69CYCWGpJ98rvUXWKp+uf4nxiCr3v0oYWOmSKQwKVywOAPicuQv1wIZvAjcNE
/OIKTw/57KyCISdL/WWJE3Xzsx9izWIsfpV+dPOl9WZpY5CFgpKbuIX07oztped+
a+v4x6KgfQKprBvaatTMMqvUe9BFBFhazG+GSBSKApiY1cFqFEiETQ645GZSRkKf
jT2o+RdenT7JPNlvDWzco4E3pWLhTB6DOK8l2ngayQF7y+8jtKdAVEP9D6EfUGlu
1xyCn28YmgKf7J4DozUU/oHqtENA17WwzszqRx5RzhLYulg9rcNptdjUFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM0tEcJFvcGP4WMl86Ou+QP4TwNaMB8GA1UdIwQY
MBaAFJoaCGkvIo2gxBsxfG+nzFw77FHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2Yt
MDJlZGYwOGY3Y2Y4LzEvelMwUndrVzl3WV9oWXlYem82NzVBX2hQQTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2YtMDJlZGYwOGY3Y2Y4
LzEvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuexoMA0E
AgACMAcDBQAqEnvAMA0GCSqGSIb3DQEBCwUAA4IBAQALaFIjPqyNMIDg+54RKvI2
unxx8NdRJoC6D03Z6ukPCBu+o2gCY2PhMIOSdh7ytqk6WuGTaB3ncKUMvLodeOJF
rZrH4fIbeASkJ7uoQXuqD4AmvIF1LZJG4Lrot7S2FdCPrBqG7SnY4XM3jM0p2ABe
ZN7RlEyYqmn1cKx2XQGj2uBhAkEE2dzDoPDOJS7yVGhQvwKZx6uKCNPK7PjOkPIR
KRGj7yUnq08hjmS2UtBzbXrpkS0COdpgV5P04qPBd+CdRAXMDpgNHx3CmSYov2kV
9IR/wCU1wAjJwN7O33zN7g41oqwKvXm0qUQDAivjo/Cowt2QJd3pTuKD6p3jy8qM
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:05:02 2025 by rpki-client