Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/ZTruymJSHCr-RpVaGeiKG5igPvI.roa
File: ZTruymJSHCr-RpVaGeiKG5igPvI.roa (raw, json)
Hash identifier: e5O/6Vst9oAFvYTwV4M9NDBV3+CoNoHvtHG6SaWhhSg=
Subject key identifier: 65:3A:EE:CA:62:52:1C:2A:FE:46:95:5A:19:E8:8A:1B:98:A0:3E:F2
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 01823E35B9790EDEFFB60DAA4380ACEAEDA6
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/ZTruymJSHCr-RpVaGeiKG5igPvI.roa
Signing time: Wed 27 Jul 2022 05:51:24 +0000
ROA not before: Wed 27 Jul 2022 05:51:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51235
IP address blocks: 185.136.182.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
185.107.245.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.244.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
2a12:5440::/45 maxlen: 45
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:35:b9:79:0e:de:ff:b6:0d:aa:43:80:ac:ea:ed:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Jul 27 05:51:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=653aeeca62521c2afe46955a19e88a1b98a03ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:82:38:25:f6:c8:24:da:b2:9a:8e:bc:b9:3a:
13:26:69:28:a9:ff:b3:06:c1:96:09:55:3a:67:58:
f7:a9:13:96:fe:ce:d4:6e:47:2c:f0:9d:eb:a7:cd:
10:81:41:c4:c3:d3:9c:8a:ef:b0:7b:d3:cd:51:89:
08:fa:37:d1:b2:48:2d:ee:ac:53:5e:90:ef:83:e9:
84:ee:82:43:e5:ad:6f:e8:c1:58:ad:0b:dd:39:f4:
34:14:47:51:35:a9:79:7b:53:eb:d6:fe:b3:ab:1e:
f0:96:56:16:6a:70:70:c5:3e:2a:97:fb:76:0b:e2:
89:15:2b:e2:1e:e5:b1:ba:8c:ba:9b:35:8e:b0:4f:
7a:39:f4:31:a3:36:2f:7f:ca:95:06:be:b7:cc:12:
c7:c6:c1:0e:3f:7b:22:a2:16:4e:6d:d1:98:4e:03:
c3:48:33:21:2f:fe:e0:5f:fc:89:fa:27:c1:41:f1:
15:27:12:23:5e:1f:ca:bc:b0:2c:39:42:c1:15:db:
4f:0d:a8:54:91:88:ff:94:88:b8:b3:4a:2d:87:e5:
cd:d3:d6:8b:76:77:05:eb:70:ee:e3:1f:81:28:0b:
41:e1:0a:2a:65:93:b1:24:a6:ec:d9:62:d7:86:f0:
27:51:3c:bd:4b:eb:b3:9f:c0:71:5b:6e:6d:b9:c8:
ac:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3A:EE:CA:62:52:1C:2A:FE:46:95:5A:19:E8:8A:1B:98:A0:3E:F2
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/ZTruymJSHCr-RpVaGeiKG5igPvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/45
Signature Algorithm: sha256WithRSAEncryption
68:9a:26:a2:95:10:24:df:21:bd:c0:c1:cc:22:63:8f:a4:1c:
28:50:a2:dd:15:a4:4c:28:7a:61:9a:13:67:52:4f:4e:51:f8:
60:bc:6d:17:4e:4a:63:2b:e9:05:41:06:c5:74:31:7f:45:c7:
eb:8a:4d:b3:8d:15:4a:46:cc:17:9e:9b:1b:41:47:e8:2a:ae:
4f:ef:13:e9:1a:40:61:1b:a2:4d:31:e5:56:65:1d:3d:a5:91:
a4:31:59:58:e3:a2:eb:91:b5:12:da:c5:a4:42:20:20:d8:e7:
fb:11:e3:28:9d:93:2c:21:a1:dc:d1:8a:56:8b:da:be:8d:de:
7e:e6:b3:a5:91:5e:4e:c0:5a:73:4e:93:69:9b:12:4c:2c:3e:
96:59:54:48:56:41:75:fd:5d:6a:65:41:cd:2a:9d:b8:3d:7c:
6c:6e:97:b5:4c:39:96:46:98:dd:db:2a:05:57:69:50:e6:09:
3f:27:c4:f5:cd:ee:c5:62:9f:0e:38:b6:22:6a:08:95:b6:90:
61:ec:db:fc:89:a2:16:25:bc:fe:a4:80:56:a0:9e:2d:3c:cd:
a5:3d:da:19:ce:5e:aa:04:33:b3:74:0f:e1:46:f4:a5:39:8f:
17:1f:9f:ce:d6:d6:6c:f8:f7:49:45:f0:4a:da:bd:3e:e0:e7:
c0:29:67:f0
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYI+Nbl5Dt7/tg2qQ4Cs6u2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjIwNzI3MDU1MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNhZWVjYTYyNTIxYzJhZmU0Njk1NWExOWU4OGExYjk4YTAzZWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1oI4JfbIJNqymo68uToTJmkoqf+z
BsGWCVU6Z1j3qROW/s7Ubkcs8J3rp80QgUHEw9Ociu+we9PNUYkI+jfRskgt7qxT
XpDvg+mE7oJD5a1v6MFYrQvdOfQ0FEdRNal5e1Pr1v6zqx7wllYWanBwxT4ql/t2
C+KJFSviHuWxuoy6mzWOsE96OfQxozYvf8qVBr63zBLHxsEOP3siohZObdGYTgPD
SDMhL/7gX/yJ+ifBQfEVJxIjXh/KvLAsOULBFdtPDahUkYj/lIi4s0oth+XN09aL
dncF63Du4x+BKAtB4QoqZZOxJKbs2WLXhvAnUTy9S+uzn8BxW25tucisewIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGU67spiUhwq/kaVWhnoihuYoD7yMB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvWlRydXltSlNIQ3ItUnBWYUdlaUtHNWlnUHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwMqElRAAAAwDQYJKoZIhvcNAQELBQADggEBAGia
JqKVECTfIb3AwcwiY4+kHChQot0VpEwoemGaE2dST05R+GC8bRdOSmMr6QVBBsV0
MX9Fx+uKTbONFUpGzBeemxtBR+gqrk/vE+kaQGEbok0x5VZlHT2lkaQxWVjjouuR
tRLaxaRCICDY5/sR4yidkywhodzRilaL2r6N3n7ms6WRXk7AWnNOk2mbEkwsPpZZ
VEhWQXX9XWplQc0qnbg9fGxul7VMOZZGmN3bKgVXaVDmCT8nxPXN7sVinw44tiJq
CJW2kGHs2/yJohYlvP6kgFagni08zaU92hnOXqoEM7N0D+FG9KU5jxcfn87W1mz4
90lF8EravT7g58ApZ/A=
-----END CERTIFICATE-----
Generated at Thu May 8 04:25:32 2025 by rpki-client