Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4ar73HMbE4hrLz9a57CFxPrBPc.roa
File: A4ar73HMbE4hrLz9a57CFxPrBPc.roa (raw, json)
Hash identifier: 0ry0OPBcaa9ulzVf0GzPMcweo7xyB2TXkDAu2Ez6cJg=
Subject key identifier: 03:86:AB:EF:71:CC:6C:4E:21:AC:BC:FD:6B:9E:C2:17:13:EB:04:F7
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018906BB84FF07581B1C002CFA0670A51FDE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4ar73HMbE4hrLz9a57CFxPrBPc.roa
Signing time: Thu 29 Jun 2023 10:38:19 +0000
ROA not before: Thu 29 Jun 2023 10:38:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 185.225.20.0/24 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.250.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.221.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:bb:84:ff:07:58:1b:1c:00:2c:fa:06:70:a5:1f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 29 10:38:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0386abef71cc6c4e21acbcfd6b9ec21713eb04f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:56:7c:15:9a:57:2b:f3:0e:2b:3b:ca:32:
b4:31:3b:7b:1d:79:53:ec:c7:3f:d7:c1:96:41:40:
38:03:85:34:c4:ce:34:fa:99:96:a5:58:82:d5:68:
bd:dd:72:81:47:0b:93:11:4d:1f:d7:a5:88:36:68:
c2:3f:bc:6d:c8:11:d7:f9:ad:d7:74:cc:d7:9c:7a:
ac:eb:ca:19:3d:f5:9c:08:c0:f5:0e:5f:f2:43:8b:
4c:ce:7d:47:49:82:2f:79:68:45:68:40:1c:bc:ea:
30:f0:4f:66:58:3c:8a:c7:87:c0:4d:2c:b5:ff:5e:
14:f3:cd:ba:fb:8b:28:27:ce:89:9c:80:77:4c:2c:
11:40:12:e0:ed:d2:c4:e1:d8:06:8c:50:49:3d:39:
fb:0a:86:76:c0:c7:d8:10:34:67:1a:60:00:63:20:
e5:5e:53:64:fe:48:d0:9b:41:65:3e:a3:3a:9b:c0:
f4:91:ef:e4:06:b0:9d:7a:a0:75:9f:a5:d8:6e:42:
72:37:5e:f3:4f:98:a8:c5:cc:01:e6:f4:d2:43:63:
be:57:1b:84:f7:b0:1b:cc:9d:af:91:23:08:d2:aa:
33:06:16:14:4f:86:11:d2:06:51:33:69:49:30:a1:
86:d9:cd:e8:ff:60:48:99:f1:11:e3:e0:3c:d8:4b:
4b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:86:AB:EF:71:CC:6C:4E:21:AC:BC:FD:6B:9E:C2:17:13:EB:04:F7
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/A4ar73HMbE4hrLz9a57CFxPrBPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.250.0/23
185.221.20.0/23
185.225.20.0/24
Signature Algorithm: sha256WithRSAEncryption
98:92:07:f6:f5:e0:fc:a1:85:be:5b:d0:62:d4:fb:89:7b:54:
09:2a:39:a1:7b:61:68:b8:0d:1d:03:52:5d:73:f8:a9:1d:72:
f6:81:82:b5:f3:59:67:e0:9c:d4:31:48:7e:33:50:97:c1:b9:
a5:61:22:3e:e4:0c:db:73:ea:3b:cb:18:ba:aa:ee:08:5a:58:
d7:73:8f:d9:a2:af:84:1e:a3:88:ee:61:bb:cd:8c:c1:38:db:
15:a9:a6:e1:91:09:e6:9d:d6:00:6a:24:3c:f7:08:58:bb:bf:
3c:eb:00:de:5d:00:85:ef:b4:2b:5b:ba:69:ed:9a:7d:ff:75:
69:0b:61:47:06:72:16:6c:0a:00:6f:a5:7d:3b:43:5a:a9:f0:
29:dc:03:81:f7:15:e4:b7:dc:e1:55:88:0c:22:ce:5e:c2:ba:
64:bd:5f:d0:32:0f:80:07:1b:31:fe:3c:66:31:75:8c:2e:a7:
86:83:01:ec:33:92:18:96:5c:03:ab:f2:f5:fb:85:c9:1a:1c:
2f:92:f7:cb:fa:60:14:ae:6c:9b:87:d6:78:f3:5b:52:90:1b:
f7:f5:47:73:7b:a2:77:8f:db:a0:4a:62:c7:8b:70:d4:c4:85:
14:cd:c2:bf:39:42:84:45:83:64:78:2a:6b:98:c8:88:11:57:
1f:4d:c5:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYkGu4T/B1gbHAAs+gZwpR/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjI5MTAzODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzg2YWJlZjcxY2M2YzRlMjFhY2JjZmQ2YjllYzIxNzEzZWIwNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlRWfBWaVyvzDis7yjK0MTt7HXlT
7Mc/18GWQUA4A4U0xM40+pmWpViC1Wi93XKBRwuTEU0f16WINmjCP7xtyBHX+a3X
dMzXnHqs68oZPfWcCMD1Dl/yQ4tMzn1HSYIveWhFaEAcvOow8E9mWDyKx4fATSy1
/14U8826+4soJ86JnIB3TCwRQBLg7dLE4dgGjFBJPTn7CoZ2wMfYEDRnGmAAYyDl
XlNk/kjQm0FlPqM6m8D0ke/kBrCdeqB1n6XYbkJyN17zT5ioxcwB5vTSQ2O+VxuE
97AbzJ2vkSMI0qozBhYUT4YR0gZRM2lJMKGG2c3o/2BImfER4+A82EtLewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAOGq+9xzGxOIay8/WuewhcT6wT3MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQTRhcjczSE1iRTRockx6OWE1N0NGeFByQlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBudz6AwQB
ud0UAwQAueEUMA0GCSqGSIb3DQEBCwUAA4IBAQCYkgf29eD8oYW+W9Bi1PuJe1QJ
Kjmhe2FouA0dA1Jdc/ipHXL2gYK181ln4JzUMUh+M1CXwbmlYSI+5Azbc+o7yxi6
qu4IWljXc4/Zoq+EHqOI7mG7zYzBONsVqabhkQnmndYAaiQ89whYu7886wDeXQCF
77QrW7pp7Zp9/3VpC2FHBnIWbAoAb6V9O0NaqfAp3AOB9xXkt9zhVYgMIs5ewrpk
vV/QMg+ABxsx/jxmMXWMLqeGgwHsM5IYllwDq/L1+4XJGhwvkvfL+mAUrmybh9Z4
81tSkBv39Udze6J3j9ugSmLHi3DUxIUUzcK/OUKERYNkeCprmMiIEVcfTcUa
-----END CERTIFICATE-----
Generated at Thu May 8 04:02:48 2025 by rpki-client