Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iX6-q4oebZuABMkOTyBeqWi5g5c.roa
File: iX6-q4oebZuABMkOTyBeqWi5g5c.roa (raw, json)
Hash identifier: CdglleI5jwH31mURHFJZRikTbCTM6rmrFpcpt4oEa7s=
Subject key identifier: 89:7E:BE:AB:8A:1E:6D:9B:80:04:C9:0E:4F:20:5E:A9:68:B9:83:97
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01890BDE30F355087AAB823C438111C659DE
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iX6-q4oebZuABMkOTyBeqWi5g5c.roa
Signing time: Fri 30 Jun 2023 10:34:18 +0000
ROA not before: Fri 30 Jun 2023 10:34:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.218.100.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
193.58.144.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.246.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:de:30:f3:55:08:7a:ab:82:3c:43:81:11:c6:59:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 30 10:34:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=897ebeab8a1e6d9b8004c90e4f205ea968b98397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cd:21:50:0e:67:59:95:7a:35:08:77:bf:d8:
da:69:dc:5c:28:4a:79:97:f9:8b:68:da:63:62:0c:
2a:1a:d7:fd:02:12:cf:f1:4a:d8:00:6b:0d:2e:da:
89:c7:be:fe:e9:7d:3f:e3:34:2f:c2:8a:27:29:61:
65:a0:56:7a:55:50:6d:3a:7a:9b:7c:7a:d9:71:40:
79:81:d5:76:24:00:3c:95:35:21:4f:ae:e6:fc:31:
9e:22:40:c1:2c:67:cd:8d:cb:9e:74:5b:64:2b:e8:
01:66:d4:a6:23:79:42:42:73:a2:b2:3e:1d:65:6b:
e2:98:96:ab:23:1c:54:ef:82:18:96:c3:18:21:63:
f2:20:9f:73:a5:18:7a:c0:e9:1f:7f:17:74:04:40:
0e:ae:54:4c:6e:1b:b0:a6:69:7a:c4:85:66:78:74:
05:a7:b9:88:01:69:3e:13:6c:c3:6a:81:55:51:3f:
e2:ec:bf:48:d4:91:f7:74:f6:2e:bb:b0:f2:0b:78:
c5:1c:4a:f4:da:e5:7d:19:06:f4:10:ed:96:2d:17:
20:ec:44:a7:22:6a:da:53:1d:4b:7d:4c:5f:b8:94:
73:d4:54:5a:c4:a7:f2:00:ea:c2:61:3a:09:65:91:
46:e2:85:30:fa:1f:41:3d:4f:93:56:4f:b7:95:3e:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7E:BE:AB:8A:1E:6D:9B:80:04:C9:0E:4F:20:5E:A9:68:B9:83:97
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iX6-q4oebZuABMkOTyBeqWi5g5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
45.147.226.0/24
185.210.234.0/23
185.214.103.0/24
185.218.100.0/24
185.218.102.0/24
185.225.0.0/23
185.225.22.0/24
185.230.52.0/24
185.246.115.0/24
193.58.144.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:38:95:86:7e:72:5f:38:c7:b9:fd:2f:50:8d:a3:51:08:6e:
66:ea:20:d0:f2:54:38:52:e9:ce:bd:58:31:9d:3a:fe:48:a5:
cb:9e:c3:83:9f:aa:6a:2d:20:97:fc:84:c8:81:03:23:a8:cc:
51:fe:90:2c:e4:eb:00:04:56:52:d9:0a:08:05:26:f9:a2:81:
46:09:7b:53:ca:44:ce:94:b2:c6:57:c4:0d:95:f8:8d:b1:b1:
3a:e8:a1:35:20:c0:be:7f:9c:64:b5:6e:cc:74:e2:72:80:ca:
cb:bd:42:f0:7b:e3:c2:72:94:00:58:ba:1d:97:7a:6c:94:9d:
88:ff:16:06:65:52:8d:d9:3b:ce:c4:d5:b0:d4:d3:ab:e6:85:
00:2a:68:9a:91:37:47:df:a4:d9:67:ae:f8:d5:83:5a:fd:e0:
f7:d1:89:51:0b:ce:c7:e9:f9:67:ed:94:3f:3b:ee:cb:2e:a2:
5f:a3:2a:82:e7:0f:ab:ac:20:75:7c:40:95:a5:3d:c5:a2:f1:
59:98:d9:d2:e2:d9:e4:74:8f:f0:99:84:5c:ba:60:be:48:0c:
31:c6:0e:af:d0:7f:42:38:0c:4c:b6:94:25:3a:39:6c:38:4f:
b3:ba:34:89:b5:92:18:46:95:97:ce:42:85:f3:ff:9d:e0:73:
aa:e6:ca:1f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYkL3jDzVQh6q4I8Q4ERxlneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjMwMTAzNDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdlYmVhYjhhMWU2ZDliODAwNGM5MGU0ZjIwNWVhOTY4Yjk4Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs0hUA5nWZV6NQh3v9jaadxcKEp5
l/mLaNpjYgwqGtf9AhLP8UrYAGsNLtqJx77+6X0/4zQvwoonKWFloFZ6VVBtOnqb
fHrZcUB5gdV2JAA8lTUhT67m/DGeIkDBLGfNjcuedFtkK+gBZtSmI3lCQnOisj4d
ZWvimJarIxxU74IYlsMYIWPyIJ9zpRh6wOkffxd0BEAOrlRMbhuwpml6xIVmeHQF
p7mIAWk+E2zDaoFVUT/i7L9I1JH3dPYuu7DyC3jFHEr02uV9GQb0EO2WLRcg7ESn
ImraUx1LfUxfuJRz1FRaxKfyAOrCYToJZZFG4oUw+h9BPU+TVk+3lT6a7QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIl+vquKHm2bgATJDk8gXqlouYOXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVg2LXE0b2ViWnVBQk1rT1R5QmVxV2k1ZzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQgVAwQA
LZPgAwQALZPiAwQBudLqAwQAudZnAwQAudpkAwQAudpmAwQBueEAAwQAueEWAwQA
ueY0AwQAufZzAwQCwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQB7OJWGfnJfOMe5/S9Q
jaNRCG5m6iDQ8lQ4UunOvVgxnTr+SKXLnsODn6pqLSCX/ITIgQMjqMxR/pAs5OsA
BFZS2QoIBSb5ooFGCXtTykTOlLLGV8QNlfiNsbE66KE1IMC+f5xktW7MdOJygMrL
vULwe+PCcpQAWLodl3pslJ2I/xYGZVKN2TvOxNWw1NOr5oUAKmiakTdH36TZZ674
1YNa/eD30YlRC87H6fln7ZQ/O+7LLqJfoyqC5w+rrCB1fECVpT3FovFZmNnS4tnk
dI/wmYRcumC+SAwxxg6v0H9COAxMtpQlOjlsOE+zujSJtZIYRpWXzkKF8/+d4HOq
5sof
-----END CERTIFICATE-----
Generated at Wed May 7 20:48:41 2025 by rpki-client