Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FCw9yny17S7NgmVmSTWllzdzgUw.roa
File: FCw9yny17S7NgmVmSTWllzdzgUw.roa (raw, json)
Hash identifier: /7dc6LU5Y4Pg4mkEZTqsdjrbXFymHZb0Ly9T4uXI56Q=
Subject key identifier: 14:2C:3D:CA:7C:B5:ED:2E:CD:82:65:66:49:35:A5:97:37:73:81:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01893B5A26099864D30A08B7350706F83FE8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FCw9yny17S7NgmVmSTWllzdzgUw.roa
Signing time: Sun 09 Jul 2023 15:51:51 +0000
ROA not before: Sun 09 Jul 2023 15:51:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.209.38.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.223.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3b:5a:26:09:98:64:d3:0a:08:b7:35:07:06:f8:3f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 9 15:51:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=142c3dca7cb5ed2ecd8265664935a5973773814c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:de:24:ec:ee:14:de:a9:7d:aa:8f:18:b1:f6:
a8:4e:bf:45:84:db:f2:25:eb:94:2b:99:bb:b5:e8:
df:47:6a:74:b8:d8:bf:1a:da:2e:62:de:0d:c0:f5:
8f:3d:70:b8:9e:29:76:72:6e:e0:24:db:c0:cf:72:
69:2c:f5:d1:23:2f:c8:7e:7a:7d:87:82:3e:a8:9e:
10:7a:2d:ee:a0:32:0b:2e:ba:32:95:5e:15:62:08:
f0:1d:a1:99:9e:7a:90:4d:8c:06:e4:fa:35:1d:8c:
0c:00:0f:55:3a:49:84:b4:15:c4:43:ed:6b:75:f6:
7d:60:e2:69:15:04:f2:44:6d:d7:ce:5a:d5:26:fe:
d4:2b:c1:28:3b:30:bb:46:be:36:03:ce:79:bb:47:
3e:68:f5:f5:ae:f0:c3:24:8b:c6:48:13:8b:58:98:
64:d1:86:af:5e:86:8c:49:03:04:17:14:fd:f6:f3:
75:73:6c:42:2c:6d:db:b1:95:c8:6e:92:f9:3d:ad:
37:0f:dd:bb:7b:b2:75:3a:c3:3b:da:47:7b:5e:31:
1e:f1:cd:00:64:00:0c:ab:31:eb:f6:ac:78:9f:0e:
fa:a8:c6:ad:33:e8:4d:00:00:55:20:0d:82:a6:e4:
4b:86:af:af:b1:7b:1e:05:d0:6a:c8:b9:23:21:73:
fe:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2C:3D:CA:7C:B5:ED:2E:CD:82:65:66:49:35:A5:97:37:73:81:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FCw9yny17S7NgmVmSTWllzdzgUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.209.74.0/24
185.210.233.0/24
185.214.108.0/24
185.223.80.0/24
185.225.0.0/23
185.230.52.0/24
193.58.145.0-193.58.147.255
Signature Algorithm: sha256WithRSAEncryption
0e:09:77:e8:88:c7:d2:66:94:51:e7:3c:10:4f:79:e8:30:a3:
7e:77:7d:94:aa:4c:5b:ee:77:be:a2:0c:71:d5:9e:28:e7:1d:
ed:6a:fc:b5:2c:a3:4d:02:f0:78:8b:12:6f:9e:7e:1b:27:83:
6a:70:68:d1:10:2e:40:6d:d4:90:b9:46:1d:2f:7b:48:41:03:
e3:fa:7a:f0:01:f1:09:f2:0a:c3:aa:0c:3c:57:54:ff:88:f3:
3c:6c:4a:03:0a:5b:58:35:60:1e:aa:68:07:d5:b2:8f:82:6d:
92:01:ee:de:ea:7d:e7:0d:27:15:39:34:a2:90:80:b4:69:f5:
54:f2:97:9d:4a:a9:a2:2e:c8:81:16:93:d1:7a:0b:d6:f9:91:
a2:6b:cd:b9:61:7c:c0:e5:62:cf:45:cf:17:35:49:bf:db:6f:
9e:f7:a2:21:63:e0:7d:cf:e2:db:77:58:19:a9:80:f0:ad:7f:
f5:34:a1:d9:0f:4d:1d:ad:de:98:a5:a4:4f:e0:39:69:bc:58:
41:15:65:7b:71:53:86:d4:30:46:30:4e:69:5e:81:96:c9:e2:
4f:d9:9c:35:58:71:dd:49:e9:45:1f:1d:34:d4:20:3b:aa:51:
75:2c:5c:b0:27:6e:1b:5a:a9:b7:ba:48:c3:5b:0f:22:d8:7a:
b0:23:d5:87
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYk7WiYJmGTTCgi3NQcG+D/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA5MTU1MTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJjM2RjYTdjYjVlZDJlY2Q4MjY1NjY0OTM1YTU5NzM3NzM4MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid4k7O4U3ql9qo8YsfaoTr9FhNvy
JeuUK5m7tejfR2p0uNi/GtouYt4NwPWPPXC4nil2cm7gJNvAz3JpLPXRIy/Ifnp9
h4I+qJ4Qei3uoDILLroylV4VYgjwHaGZnnqQTYwG5Po1HYwMAA9VOkmEtBXEQ+1r
dfZ9YOJpFQTyRG3XzlrVJv7UK8EoOzC7Rr42A855u0c+aPX1rvDDJIvGSBOLWJhk
0YavXoaMSQMEFxT99vN1c2xCLG3bsZXIbpL5Pa03D927e7J1OsM72kd7XjEe8c0A
ZAAMqzHr9qx4nw76qMatM+hNAABVIA2CpuRLhq+vsXseBdBqyLkjIXP+UwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBQsPcp8te0uzYJlZkk1pZc3c4FMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRkN3OXlueTE3UzdOZ21WbVNUV2xsemR6Z1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQALQgVAwQA
LZPgAwQAudEmAwQAudFKAwQAudLpAwQAudZsAwQAud9QAwQBueEAAwQAueY0MAwD
BADBOpEDBALBOpAwDQYJKoZIhvcNAQELBQADggEBAA4Jd+iIx9JmlFHnPBBPeegw
o353fZSqTFvud76iDHHVnijnHe1q/LUso00C8HiLEm+efhsng2pwaNEQLkBt1JC5
Rh0ve0hBA+P6evAB8QnyCsOqDDxXVP+I8zxsSgMKW1g1YB6qaAfVso+CbZIB7t7q
fecNJxU5NKKQgLRp9VTyl51KqaIuyIEWk9F6C9b5kaJrzblhfMDlYs9Fzxc1Sb/b
b573oiFj4H3P4tt3WBmpgPCtf/U0odkPTR2t3pilpE/gOWm8WEEVZXtxU4bUMEYw
TmlegZbJ4k/ZnDVYcd1J6UUfHTTUIDuqUXUsXLAnbhtaqbe6SMNbDyLYerAj1Yc=
-----END CERTIFICATE-----
Generated at Fri May 9 07:12:38 2025 by rpki-client