Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RedaJuD6g45rbMvhQcK0oOlqlEw.roa
File: RedaJuD6g45rbMvhQcK0oOlqlEw.roa (raw, json)
Hash identifier: /uR5pCgf4oqo/8Oa6yQ3fdol+/36zDG0hZQmjDFq7Mc=
Subject key identifier: 45:E7:5A:26:E0:FA:83:8E:6B:6C:CB:E1:41:C2:B4:A0:E9:6A:94:4C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189161E18296CD7E799A1335283A39291B2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RedaJuD6g45rbMvhQcK0oOlqlEw.roa
Signing time: Sun 02 Jul 2023 10:20:18 +0000
ROA not before: Sun 02 Jul 2023 10:20:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.218.100.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
193.58.144.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:16:1e:18:29:6c:d7:e7:99:a1:33:52:83:a3:92:91:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 2 10:20:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45e75a26e0fa838e6b6ccbe141c2b4a0e96a944c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b1:44:1d:6d:1a:85:10:f2:ed:06:88:f0:05:
47:4b:14:2d:ee:a3:ea:f9:a5:14:c0:09:d5:21:5f:
3e:fe:d0:5f:72:55:32:3d:ef:c5:e8:08:f8:fd:c2:
08:b2:52:21:c7:73:c7:ce:bd:c0:72:f0:1e:c4:7d:
97:72:69:4e:26:da:58:41:5a:6a:d0:b5:aa:86:57:
76:d8:f9:ee:aa:f4:1d:f6:ba:c2:fa:03:c3:2c:5f:
bb:a2:cb:ee:81:e5:6f:7a:0a:ef:dc:d8:00:a9:de:
c0:e0:a8:97:38:26:4d:0b:85:69:b3:de:a7:b6:6a:
c6:b8:49:85:79:6b:aa:5f:a7:a9:ca:e2:b7:06:57:
f6:40:72:1d:5c:c4:20:ba:84:9b:59:50:a2:59:ea:
c5:47:39:07:93:fe:66:0a:8c:b3:9c:d9:dd:73:16:
3c:01:c9:d5:c9:79:4e:83:14:71:93:fb:3e:fa:cc:
05:e0:38:dc:dd:b9:a9:e8:0f:14:6a:3e:f6:b8:d2:
b2:36:db:de:18:11:98:97:82:8b:c6:2d:cb:88:c8:
db:87:a5:0c:6c:2c:90:8b:a9:3f:ab:ce:43:d1:ef:
fc:f0:51:9f:4d:f3:d8:4a:bc:ae:3a:1c:00:dd:9f:
a3:6f:39:07:dd:c3:03:ec:97:16:d5:5d:4b:d0:03:
d3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E7:5A:26:E0:FA:83:8E:6B:6C:CB:E1:41:C2:B4:A0:E9:6A:94:4C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/RedaJuD6g45rbMvhQcK0oOlqlEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.210.235.0/24
185.214.103.0/24
185.218.100.0/24
185.218.102.0/24
185.225.0.0/23
185.225.22.0/24
185.230.52.0/24
185.246.115.0/24
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:a4:cb:44:5a:ba:13:16:7e:0d:1b:18:3c:33:86:48:7b:f4:
78:b0:d8:87:5b:6d:84:1c:82:34:3f:3f:25:0e:07:79:13:2c:
ba:65:50:e0:70:64:3c:ed:1f:8c:82:0e:6f:4b:80:3f:5c:b0:
da:51:9a:cc:2d:c2:fa:95:3a:fc:38:86:25:58:97:e6:af:54:
c2:01:6e:14:47:31:b6:ca:29:33:e3:ae:d6:0f:82:72:cb:d0:
72:f4:18:d8:b5:ec:ef:ce:7a:b1:5e:e7:56:b8:ce:74:f3:7e:
67:de:5e:c2:a8:bf:81:04:fd:f5:a0:a5:8c:5c:87:c0:af:5d:
bb:2c:e3:26:2e:82:09:e6:5f:42:66:8b:72:e4:2a:de:25:8a:
24:03:e1:b7:f2:53:41:b4:3e:95:e5:27:42:ef:25:d6:ee:36:
8f:7c:cb:b2:9c:60:7f:b5:af:b0:59:20:78:83:b7:7c:04:79:
c9:eb:9f:90:14:2b:46:da:b8:f4:e4:9a:8a:95:6f:14:5e:32:
dc:50:2b:2c:55:83:cc:14:92:0a:1b:6f:da:99:c0:a1:7e:8e:
b3:5f:3b:93:f6:d5:09:d3:df:63:99:19:7b:3f:2d:8c:f4:90:
74:df:f9:d2:87:1c:dc:c0:3f:ea:ee:67:9f:ee:bc:9b:e3:21:
0e:67:dd:a9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYkWHhgpbNfnmaEzUoOjkpGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzAyMTAyMDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU3NWEyNmUwZmE4MzhlNmI2Y2NiZTE0MWMyYjRhMGU5NmE5NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubFEHW0ahRDy7QaI8AVHSxQt7qPq
+aUUwAnVIV8+/tBfclUyPe/F6Aj4/cIIslIhx3PHzr3AcvAexH2XcmlOJtpYQVpq
0LWqhld22PnuqvQd9rrC+gPDLF+7osvugeVvegrv3NgAqd7A4KiXOCZNC4Vps96n
tmrGuEmFeWuqX6epyuK3Blf2QHIdXMQguoSbWVCiWerFRzkHk/5mCoyznNndcxY8
AcnVyXlOgxRxk/s++swF4Djc3bmp6A8Uaj72uNKyNtveGBGYl4KLxi3LiMjbh6UM
bCyQi6k/q85D0e/88FGfTfPYSryuOhwA3Z+jbzkH3cMD7JcW1V1L0APTFwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEXnWibg+oOOa2zL4UHCtKDpapRMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUmVkYUp1RDZnNDVyYk12aFFjSzBvT2xxbEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LZPgAwQAudLrAwQAudZnAwQAudpkAwQAudpmAwQBueEAAwQAueEWAwQAueY0AwQA
ufZzAwQCwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQB6pMtEWroTFn4NGxg8M4ZIe/R4
sNiHW22EHII0Pz8lDgd5Eyy6ZVDgcGQ87R+Mgg5vS4A/XLDaUZrMLcL6lTr8OIYl
WJfmr1TCAW4URzG2yikz467WD4Jyy9By9BjYtezvznqxXudWuM50835n3l7CqL+B
BP31oKWMXIfAr127LOMmLoIJ5l9CZoty5CreJYokA+G38lNBtD6V5SdC7yXW7jaP
fMuynGB/ta+wWSB4g7d8BHnJ65+QFCtG2rj05JqKlW8UXjLcUCssVYPMFJIKG2/a
mcChfo6zXzuT9tUJ099jmRl7Py2M9JB03/nShxzcwD/q7mef7ryb4yEOZ92p
-----END CERTIFICATE-----
Generated at Thu May 8 14:44:50 2025 by rpki-client