Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/hoMAbGK15CSFdOh_p_ZbmhX3OjU.roa
File: hoMAbGK15CSFdOh_p_ZbmhX3OjU.roa (raw, json)
Hash identifier: Mc8ah275o+3eDyN2W1DWyXhP+LUAn4sPKSzsUl0n2Ck=
Subject key identifier: 86:83:00:6C:62:B5:E4:24:85:74:E8:7F:A7:F6:5B:9A:15:F7:3A:35
Certificate issuer: /CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Certificate serial: 0185714C1E0E1B5F8E884851D1550C734DB2
Authority key identifier: 95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/hoMAbGK15CSFdOh_p_ZbmhX3OjU.roa
Signing time: Mon 02 Jan 2023 07:04:51 +0000
ROA not before: Mon 02 Jan 2023 07:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204180
IP address blocks: 185.111.250.0/24 maxlen: 24
185.111.251.0/24 maxlen: 24
185.111.248.0/22 maxlen: 22
185.111.248.0/24 maxlen: 24
185.111.249.0/24 maxlen: 24
2a06:6080::/40 maxlen: 40
2a06:6080::/48 maxlen: 48
2a06:6080:1::/48 maxlen: 48
2a06:6080:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:1e:0e:1b:5f:8e:88:48:51:d1:55:0c:73:4d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Validity
Not Before: Jan 2 07:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8683006c62b5e4248574e87fa7f65b9a15f73a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:17:4f:f0:5f:0b:ff:6d:d8:90:38:6a:b8:d8:
4c:af:1f:b0:63:d4:03:b9:73:7c:e4:be:ca:a0:2a:
3f:66:43:b6:a3:56:28:a6:41:2c:09:46:37:b7:7a:
a4:54:55:c9:5f:ad:40:e4:c9:85:29:62:70:83:d3:
f2:55:33:ac:ca:30:28:9f:4c:cb:3b:b1:20:21:44:
18:42:29:ca:88:29:4e:4c:36:21:d2:31:c9:00:8e:
1b:e5:65:44:20:2e:1e:39:18:6b:3f:7d:d0:26:13:
94:6a:1d:ce:c5:53:39:e5:8e:f1:ec:52:02:85:9e:
62:6e:0c:8d:f8:98:52:5e:49:78:ec:16:9f:9e:13:
c6:3d:76:ee:15:e2:0a:9a:02:ab:95:0a:45:ac:6d:
8c:67:d0:80:59:68:8d:94:86:73:75:a9:7a:ea:39:
20:4d:25:1c:bd:8b:d0:24:4e:26:82:c7:c2:92:00:
92:b7:d4:f6:da:bc:9a:1f:79:2a:67:82:83:c4:b6:
c4:aa:23:3c:d6:55:e3:9a:e2:7f:b2:90:6b:a8:e4:
9f:88:38:a9:f4:b0:a7:94:4d:02:10:89:d2:b1:8f:
e2:17:dd:5e:1e:e9:46:d1:e6:41:2f:03:a1:8a:a4:
67:f5:8c:90:dc:ed:f7:61:9c:18:4d:63:20:2e:9f:
5b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:83:00:6C:62:B5:E4:24:85:74:E8:7F:A7:F6:5B:9A:15:F7:3A:35
X509v3 Authority Key Identifier:
keyid:95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/hoMAbGK15CSFdOh_p_ZbmhX3OjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/lR1JOxvAqMhS3RHPyTeJHaw_B8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.248.0/22
IPv6:
2a06:6080::/40
Signature Algorithm: sha256WithRSAEncryption
11:c9:8c:20:9c:87:b9:72:ad:c0:6d:d9:29:e6:5a:dd:14:c8:
4b:f6:17:fc:a2:b6:5e:14:14:1b:06:de:24:6b:eb:b8:5b:a1:
5e:67:7c:d1:76:bb:c3:c4:fc:3d:60:54:63:05:03:7e:e6:1f:
65:45:0c:75:c5:0c:43:c8:09:52:c0:3b:cd:c9:ef:46:c5:9d:
8a:19:a8:a0:d7:b3:2e:36:39:bc:7c:46:b2:be:15:a4:9a:56:
4e:4f:b5:a8:89:07:bc:b2:a5:32:60:86:af:bb:29:14:c9:23:
11:14:98:77:82:5a:1e:c0:20:d6:87:95:1c:c3:f4:f1:57:47:
7f:4b:20:dc:7a:bd:61:ca:43:1b:37:c9:b8:f2:f9:9e:1d:11:
cd:83:75:80:ab:f3:5a:e8:a8:e2:ff:76:bd:bd:68:cd:ea:72:
30:7a:87:14:9d:22:f6:96:c0:28:01:9a:ad:35:ea:17:51:df:
1b:a1:74:c3:ac:af:f9:ca:d1:d4:dc:20:45:c3:cf:72:3d:b6:
98:6b:41:ff:5f:18:7b:a9:9f:4c:dd:cb:88:b0:7d:aa:4b:b9:
7a:c6:5b:0a:0a:75:16:03:e7:09:18:ee:94:1f:50:31:f1:df:
29:b3:9b:ac:74:c3:69:58:15:21:2a:56:c2:a6:7c:72:26:07:
b6:82:00:d4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxTB4OG1+OiEhR0VUMc02yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWQ0OTNiMWJjMGE4Yzg1MmRkMTFjZmM5Mzc4OTFkYWMz
ZjA3YzIwHhcNMjMwMTAyMDcwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjgzMDA2YzYyYjVlNDI0ODU3NGU4N2ZhN2Y2NWI5YTE1ZjczYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhdP8F8L/23YkDhquNhMrx+wY9QD
uXN85L7KoCo/ZkO2o1YopkEsCUY3t3qkVFXJX61A5MmFKWJwg9PyVTOsyjAon0zL
O7EgIUQYQinKiClOTDYh0jHJAI4b5WVEIC4eORhrP33QJhOUah3OxVM55Y7x7FIC
hZ5ibgyN+JhSXkl47BafnhPGPXbuFeIKmgKrlQpFrG2MZ9CAWWiNlIZzdal66jkg
TSUcvYvQJE4mgsfCkgCSt9T22ryaH3kqZ4KDxLbEqiM81lXjmuJ/spBrqOSfiDip
9LCnlE0CEInSsY/iF91eHulG0eZBLwOhiqRn9YyQ3O33YZwYTWMgLp9bMQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIaDAGxiteQkhXTof6f2W5oV9zo1MB8GA1UdIwQY
MBaAFJUdSTsbwKjIUt0Rz8k3iR2sPwfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGIt
MjJlMjQ4ZWQyMDE0LzEvaG9NQWJHSzE1Q1NGZE9oX3BfWmJtaFgzT2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGItMjJlMjQ4ZWQyMDE0
LzEvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuW/4MA4E
AgACMAgDBgAqBmCAADANBgkqhkiG9w0BAQsFAAOCAQEAEcmMIJyHuXKtwG3ZKeZa
3RTIS/YX/KK2XhQUGwbeJGvruFuhXmd80Xa7w8T8PWBUYwUDfuYfZUUMdcUMQ8gJ
UsA7zcnvRsWdihmooNezLjY5vHxGsr4VpJpWTk+1qIkHvLKlMmCGr7spFMkjERSY
d4JaHsAg1oeVHMP08VdHf0sg3Hq9YcpDGzfJuPL5nh0RzYN1gKvzWuio4v92vb1o
zepyMHqHFJ0i9pbAKAGarTXqF1HfG6F0w6yv+crR1NwgRcPPcj22mGtB/18Ye6mf
TN3LiLB9qku5esZbCgp1FgPnCRjulB9QMfHfKbObrHTDaVgVISpWwqZ8ciYHtoIA
1A==
-----END CERTIFICATE-----
Generated at Sun May 11 23:24:55 2025 by rpki-client