Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FrfWhhf1HyoQ4rB4iB5LR9jpMbw.roa
File: FrfWhhf1HyoQ4rB4iB5LR9jpMbw.roa (raw, json)
Hash identifier: Qbb90hywvnRj4LWvqLoc5OdQ45+LnQwKMAdvU5ANFSk=
Subject key identifier: 16:B7:D6:86:17:F5:1F:2A:10:E2:B0:78:88:1E:4B:47:D8:E9:31:BC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018906BC857E694CF61836B5B919B32AB559
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FrfWhhf1HyoQ4rB4iB5LR9jpMbw.roa
Signing time: Thu 29 Jun 2023 10:39:25 +0000
ROA not before: Thu 29 Jun 2023 10:39:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.218.100.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.90.17.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:bc:85:7e:69:4c:f6:18:36:b5:b9:19:b3:2a:b5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 29 10:39:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16b7d68617f51f2a10e2b078881e4b47d8e931bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:95:a5:5f:57:28:be:b6:0e:b5:4d:5c:6b:
bd:c3:c0:ba:5f:fd:c4:0b:99:cf:0b:ac:17:99:fc:
32:56:8d:80:2e:2b:ce:65:e0:bc:88:28:53:eb:41:
dc:2e:6c:cb:04:95:60:6f:48:f0:3a:c1:8b:0e:47:
c8:f6:11:8c:e6:f1:1c:88:a3:f6:25:63:cc:e9:ac:
ed:83:a6:19:8d:f6:49:c0:62:ad:b8:fe:c5:c8:15:
64:e4:01:c4:78:2a:11:07:3e:fc:f2:dc:fd:34:14:
5c:0c:74:4a:ad:3f:c7:4d:f8:eb:69:e2:d6:90:10:
75:6f:a1:90:91:00:79:7a:13:fc:b9:94:5b:8e:08:
9b:13:b5:6d:b7:19:a6:6e:44:77:e5:0d:ff:8f:d1:
24:46:d6:50:f1:85:05:3c:74:94:a3:09:c5:23:13:
3d:68:a7:fe:cc:14:7c:03:3c:ca:ea:80:f8:c8:9c:
1e:85:a2:8c:c7:4d:35:cf:da:0b:7e:91:ae:c6:17:
dc:cd:06:15:cc:5e:87:4c:85:00:3f:6a:8e:b0:1a:
fe:c0:52:ca:99:e6:b2:3a:39:d1:c5:41:60:66:5a:
12:5b:ea:22:61:77:c9:b6:76:98:63:5c:dd:3e:38:
13:2f:9d:d5:35:7c:c9:68:a5:ed:58:df:59:c4:34:
95:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B7:D6:86:17:F5:1F:2A:10:E2:B0:78:88:1E:4B:47:D8:E9:31:BC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/FrfWhhf1HyoQ4rB4iB5LR9jpMbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.90.17.0/24
45.90.19.0/24
45.147.224.0/24
45.147.226.0/24
185.210.234.0/23
185.214.103.0/24
185.218.100.0/24
185.218.102.0/24
185.225.0.0/23
185.225.22.0/24
185.230.52.0/24
185.246.115.0/24
193.58.144.0/22
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
58:80:dd:5c:88:94:4c:67:0a:89:0f:74:fe:f9:34:76:f4:78:
7a:48:0c:b9:4d:19:3f:09:a3:b7:7f:81:e0:3f:74:8b:98:1b:
a3:76:18:36:ed:c1:62:f0:76:2e:26:c7:16:60:4c:91:37:7f:
43:6f:15:f5:5a:ba:94:ed:0c:aa:a2:de:31:bd:42:8a:bf:9a:
d0:54:47:4e:37:a3:3f:de:da:80:0c:6c:78:e7:42:98:ee:5d:
42:fb:54:dc:2d:fc:9c:8a:ad:b3:d9:b5:03:49:7d:26:53:85:
07:49:15:35:17:75:50:18:08:52:de:5e:e8:f2:c3:21:b2:1d:
9a:b5:1c:d9:44:c1:c2:e0:ba:d9:0b:56:76:4c:6d:43:c3:7c:
36:b1:4b:4c:ab:4b:91:9f:2f:33:bb:58:cf:75:84:f4:40:51:
36:e1:20:b7:bc:3f:4d:c8:f9:54:49:73:92:45:52:0e:67:89:
58:53:65:48:84:9a:7a:6e:fb:35:37:d3:ff:79:c3:22:1c:67:
bd:25:85:ba:ad:ed:02:d4:e9:60:76:87:f9:cf:dd:63:17:60:
20:a9:0d:2e:bf:2d:d2:b3:67:cd:53:c0:cb:9f:19:68:8b:52:
76:de:ab:3c:1b:0a:27:38:94:b6:5e:7d:9a:38:c1:92:22:3e:
63:b5:44:af
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYkGvIV+aUz2GDa1uRmzKrVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjI5MTAzOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI3ZDY4NjE3ZjUxZjJhMTBlMmIwNzg4ODFlNGI0N2Q4ZTkzMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR2VpV9XKL62DrVNXGu9w8C6X/3E
C5nPC6wXmfwyVo2ALivOZeC8iChT60HcLmzLBJVgb0jwOsGLDkfI9hGM5vEciKP2
JWPM6aztg6YZjfZJwGKtuP7FyBVk5AHEeCoRBz788tz9NBRcDHRKrT/HTfjraeLW
kBB1b6GQkQB5ehP8uZRbjgibE7VttxmmbkR35Q3/j9EkRtZQ8YUFPHSUownFIxM9
aKf+zBR8AzzK6oD4yJwehaKMx001z9oLfpGuxhfczQYVzF6HTIUAP2qOsBr+wFLK
meayOjnRxUFgZloSW+oiYXfJtnaYY1zdPjgTL53VNXzJaKXtWN9ZxDSV2wIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBa31oYX9R8qEOKweIgeS0fY6TG8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvRnJmV2hoZjFIeW9RNHJCNGlCNUxSOWpwTWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALQgVAwQA
LVoRAwQALVoTAwQALZPgAwQALZPiAwQBudLqAwQAudZnAwQAudpkAwQAudpmAwQB
ueEAAwQAueEWAwQAueY0AwQAufZzAwQCwTqQAwQAwpMQMA0GCSqGSIb3DQEBCwUA
A4IBAQBYgN1ciJRMZwqJD3T++TR29Hh6SAy5TRk/CaO3f4HgP3SLmBujdhg27cFi
8HYuJscWYEyRN39DbxX1WrqU7Qyqot4xvUKKv5rQVEdON6M/3tqADGx450KY7l1C
+1TcLfyciq2z2bUDSX0mU4UHSRU1F3VQGAhS3l7o8sMhsh2atRzZRMHC4LrZC1Z2
TG1Dw3w2sUtMq0uRny8zu1jPdYT0QFE24SC3vD9NyPlUSXOSRVIOZ4lYU2VIhJp6
bvs1N9P/ecMiHGe9JYW6re0C1Olgdof5z91jF2AgqQ0uvy3Ss2fNU8DLnxloi1J2
3qs8GwonOJS2Xn2aOMGSIj5jtUSv
-----END CERTIFICATE-----
Generated at Wed May 7 18:31:55 2025 by rpki-client