Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/byLUOnjbt-nKJJKLirvpatLBbv0.roa
File: byLUOnjbt-nKJJKLirvpatLBbv0.roa (raw, json)
Hash identifier: AXz1+ktXYziPsxTuGAFzTlsylX2BUsKZnCUsHd3mviQ=
Subject key identifier: 6F:22:D4:3A:78:DB:B7:E9:CA:24:92:8B:8A:BB:E9:6A:D2:C1:6E:FD
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018926D8D17BA25EBF32273D483E33B6840F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/byLUOnjbt-nKJJKLirvpatLBbv0.roa
Signing time: Wed 05 Jul 2023 16:18:10 +0000
ROA not before: Wed 05 Jul 2023 16:18:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200385
IP address blocks: 185.210.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:26:d8:d1:7b:a2:5e:bf:32:27:3d:48:3e:33:b6:84:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 5 16:18:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f22d43a78dbb7e9ca24928b8abbe96ad2c16efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ad:1e:c6:26:63:10:bc:87:05:15:fd:85:15:
6e:98:4f:25:7f:28:6c:21:4e:30:57:bd:c7:7b:91:
62:3c:6d:7e:88:d4:8e:d2:1e:6d:89:d1:3e:2c:84:
d1:79:25:96:9f:ec:e7:ec:41:b4:25:5b:71:b5:f7:
2a:f7:6c:fe:0d:8d:63:c7:aa:aa:f5:f9:ea:a9:29:
ed:1c:1c:05:63:21:62:9d:55:9e:56:3b:5f:30:9d:
23:ed:bf:6d:d3:1c:68:c1:d4:33:25:b4:58:ca:79:
dc:52:dc:13:af:7d:e1:38:91:4a:7a:73:e2:0e:86:
4b:82:75:68:d1:5c:48:90:2c:85:4c:e2:8f:b8:24:
aa:ff:66:a8:0a:d3:90:2a:65:b9:04:2b:33:d7:01:
47:29:8c:5f:84:c2:f4:25:d0:52:7c:46:eb:bc:eb:
ad:1c:46:3d:2e:88:f1:f1:14:93:05:57:25:87:cf:
97:a5:3e:9d:8e:4b:2f:37:59:a7:29:8d:63:64:72:
48:e6:0b:91:cc:b1:18:12:fb:92:fb:83:69:a2:4c:
52:f7:2d:ad:e3:b7:37:43:6a:42:0d:47:4e:27:0a:
b9:86:4a:f6:ed:9b:9c:9b:57:08:35:65:02:87:ea:
46:36:d4:26:36:6a:eb:c8:43:d6:4d:48:34:7c:fc:
67:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:22:D4:3A:78:DB:B7:E9:CA:24:92:8B:8A:BB:E9:6A:D2:C1:6E:FD
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/byLUOnjbt-nKJJKLirvpatLBbv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.233.0/24
Signature Algorithm: sha256WithRSAEncryption
21:90:87:a1:a8:f9:0a:4a:50:73:b3:8e:1e:99:e8:e2:f8:15:
da:1c:9d:fa:07:28:64:9b:cf:55:54:28:d2:b0:95:36:6c:97:
d3:7b:81:d4:e1:68:74:20:3d:c1:a3:12:61:b6:60:f9:a7:f6:
12:06:45:84:72:24:ad:db:74:bc:32:df:7a:11:c9:19:ba:7b:
f4:9f:87:ca:f9:2e:a9:ba:70:f4:eb:f6:df:d9:3c:c5:58:65:
aa:d9:09:6e:5d:2c:57:d3:ca:49:d5:10:9b:04:68:d8:ac:8d:
9a:e4:3b:72:64:34:1d:36:ab:c6:2b:b2:a4:f2:a9:ed:c5:4c:
ca:03:f6:09:16:12:6b:68:a2:d1:c9:61:f4:17:36:9e:26:fb:
23:da:aa:f4:2d:62:c1:27:d5:4a:e6:e3:8e:63:cd:40:c9:9f:
9f:46:7f:80:3d:96:39:91:38:60:73:aa:97:ef:1b:93:ac:06:
4a:9f:52:cd:9f:7f:54:c1:55:01:b2:4b:d3:90:ac:d1:de:6e:
6f:00:e8:06:93:0e:c3:a5:e2:de:05:55:85:1b:01:b6:b0:27:
cc:52:bb:02:c6:99:ad:14:99:98:cb:3c:71:c4:21:ca:2d:02:
79:78:6e:f9:b1:be:94:45:f7:de:81:31:ac:e2:f7:be:de:c3:
a6:3a:63:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkm2NF7ol6/Mic9SD4ztoQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA1MTYxODEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjIyZDQzYTc4ZGJiN2U5Y2EyNDkyOGI4YWJiZTk2YWQyYzE2ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa0exiZjELyHBRX9hRVumE8lfyhs
IU4wV73He5FiPG1+iNSO0h5tidE+LITReSWWn+zn7EG0JVtxtfcq92z+DY1jx6qq
9fnqqSntHBwFYyFinVWeVjtfMJ0j7b9t0xxowdQzJbRYynncUtwTr33hOJFKenPi
DoZLgnVo0VxIkCyFTOKPuCSq/2aoCtOQKmW5BCsz1wFHKYxfhML0JdBSfEbrvOut
HEY9Lojx8RSTBVclh8+XpT6djksvN1mnKY1jZHJI5guRzLEYEvuS+4NpokxS9y2t
47c3Q2pCDUdOJwq5hkr27Zucm1cINWUCh+pGNtQmNmrryEPWTUg0fPxnSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8i1Dp427fpyiSSi4q76WrSwW79MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYnlMVU9uamJ0LW5LSkpLTGlydnBhdExCYnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudLpMA0G
CSqGSIb3DQEBCwUAA4IBAQAhkIehqPkKSlBzs44emeji+BXaHJ36Byhkm89VVCjS
sJU2bJfTe4HU4Wh0ID3BoxJhtmD5p/YSBkWEciSt23S8Mt96EckZunv0n4fK+S6p
unD06/bf2TzFWGWq2QluXSxX08pJ1RCbBGjYrI2a5DtyZDQdNqvGK7Kk8qntxUzK
A/YJFhJraKLRyWH0FzaeJvsj2qr0LWLBJ9VK5uOOY81AyZ+fRn+APZY5kThgc6qX
7xuTrAZKn1LNn39UwVUBskvTkKzR3m5vAOgGkw7DpeLeBVWFGwG2sCfMUrsCxpmt
FJmYyzxxxCHKLQJ5eG75sb6URffegTGs4ve+3sOmOmMW
-----END CERTIFICATE-----
Generated at Thu May 8 04:10:13 2025 by rpki-client