Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/k4Z0O61sGbyLBs8M4UTQ5phwkww.roa
File: k4Z0O61sGbyLBs8M4UTQ5phwkww.roa (raw, json)
Hash identifier: ZLEa9tGZv3PN1cOTZC6TleIwfOVz30mYUmNwLDUQ+Gc=
Subject key identifier: 93:86:74:3B:AD:6C:19:BC:8B:06:CF:0C:E1:44:D0:E6:98:70:93:0C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188EE67C1375C71646C4AF5BDAFE87AD421
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/k4Z0O61sGbyLBs8M4UTQ5phwkww.roa
Signing time: Sat 24 Jun 2023 17:15:57 +0000
ROA not before: Sat 24 Jun 2023 17:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.225.22.0/24 maxlen: 24
185.210.234.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
45.90.17.0/24 maxlen: 24
45.90.19.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.226.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
185.214.101.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
194.147.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ee:67:c1:37:5c:71:64:6c:4a:f5:bd:af:e8:7a:d4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 24 17:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9386743bad6c19bc8b06cf0ce144d0e69870930c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:81:75:b7:1d:ff:73:73:7d:2b:d1:c7:02:3b:
66:ef:06:66:c7:2a:40:03:38:6f:ed:bf:d9:7f:e4:
35:97:00:fa:d6:91:07:93:fd:3f:a4:4b:8e:5e:a1:
e6:ba:cf:ac:e5:fc:7a:d9:98:3e:70:0d:b0:ef:e4:
40:d7:1b:2b:8c:d2:e9:fd:d5:9c:d6:25:de:cf:5d:
70:4f:59:67:51:2a:48:e6:02:02:56:a9:72:f7:6e:
ec:b1:02:7c:99:f3:92:27:6c:8b:d5:eb:89:2d:50:
c9:f9:26:43:4d:1d:98:64:96:24:6f:54:f5:e0:f3:
30:bd:18:93:c2:7e:fc:8c:09:89:49:88:f3:06:a3:
c6:43:ad:88:ce:40:46:b2:32:71:ee:5f:69:b2:3a:
9f:ac:ee:ba:91:c4:dc:cb:59:9f:ce:7d:42:08:08:
11:33:a8:d9:63:17:ae:da:c8:8a:fb:93:e5:88:74:
83:2c:ad:b5:44:26:07:ac:6b:61:80:87:16:ee:b9:
84:52:90:a0:9e:25:de:16:df:7c:5f:ab:61:bb:e4:
6b:e9:dd:99:16:d4:ad:72:e3:03:41:64:a3:9f:4d:
48:b9:2e:ea:b5:39:3f:3d:f8:85:9f:1d:bd:4b:68:
e0:01:d5:f6:53:34:05:23:06:78:4b:99:9d:e7:f5:
a5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:86:74:3B:AD:6C:19:BC:8B:06:CF:0C:E1:44:D0:E6:98:70:93:0C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/k4Z0O61sGbyLBs8M4UTQ5phwkww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.90.17.0/24
45.90.19.0/24
45.147.224.0/24
45.147.226.0/24
185.210.234.0/24
185.214.101.0/24
185.225.0.0/23
185.225.22.0/24
193.58.144.0/22
194.147.16.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f3:e3:1c:b5:f5:60:56:1a:d2:62:50:40:1f:92:a6:d6:4a:
73:23:ca:b0:57:1e:24:68:14:a1:f7:93:b3:90:7b:5a:7f:b5:
a5:a2:3b:f8:24:3a:ba:c1:50:c6:4c:98:3d:b5:94:1f:59:b3:
7a:8e:1e:ed:5a:49:eb:8f:25:21:a1:d2:8f:62:8f:fb:7e:db:
76:9a:25:48:48:75:bc:47:63:c2:43:a4:16:d8:66:23:aa:38:
4f:f1:f6:10:e8:df:74:38:f5:a7:6d:47:2c:fb:66:a2:0f:2b:
a9:db:8a:3d:70:bd:e6:6d:f9:bd:1e:99:ec:4f:30:af:7a:ac:
f9:a1:57:e5:3b:d1:ca:77:ad:d5:98:3b:a0:58:82:91:69:fc:
37:81:93:61:98:f7:6c:3b:3c:68:2f:ef:b2:d8:46:b8:46:05:
8d:6b:7a:7d:34:80:eb:90:e1:c4:c6:76:17:5d:b9:95:58:83:
00:df:61:5a:c2:d6:5b:10:5e:1e:5a:de:94:f8:3f:95:9c:62:
53:43:04:2a:59:ae:7d:dd:a6:61:87:59:31:b0:59:cc:a2:63:
34:36:57:e1:fc:65:45:51:62:45:da:4a:d1:37:65:8c:74:0d:
e7:c2:d0:0a:4b:c0:9b:3b:e8:82:32:da:3a:98:7f:f4:62:40:
ed:d2:3b:69
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYjuZ8E3XHFkbEr1va/oetQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjI0MTcxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzg2NzQzYmFkNmMxOWJjOGIwNmNmMGNlMTQ0ZDBlNjk4NzA5MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4F1tx3/c3N9K9HHAjtm7wZmxypA
Azhv7b/Zf+Q1lwD61pEHk/0/pEuOXqHmus+s5fx62Zg+cA2w7+RA1xsrjNLp/dWc
1iXez11wT1lnUSpI5gICVqly927ssQJ8mfOSJ2yL1euJLVDJ+SZDTR2YZJYkb1T1
4PMwvRiTwn78jAmJSYjzBqPGQ62IzkBGsjJx7l9psjqfrO66kcTcy1mfzn1CCAgR
M6jZYxeu2siK+5PliHSDLK21RCYHrGthgIcW7rmEUpCgniXeFt98X6thu+Rr6d2Z
FtStcuMDQWSjn01IuS7qtTk/PfiFnx29S2jgAdX2UzQFIwZ4S5md5/WlqwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJOGdDutbBm8iwbPDOFE0OaYcJMMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvazRaME82MXNHYnlMQnM4TTRVVFE1cGh3a3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALQgVAwQA
LVoRAwQALVoTAwQALZPgAwQALZPiAwQAudLqAwQAudZlAwQBueEAAwQAueEWAwQC
wTqQAwQAwpMQMA0GCSqGSIb3DQEBCwUAA4IBAQCF8+MctfVgVhrSYlBAH5Km1kpz
I8qwVx4kaBSh95OzkHtaf7Wlojv4JDq6wVDGTJg9tZQfWbN6jh7tWknrjyUhodKP
Yo/7ftt2miVISHW8R2PCQ6QW2GYjqjhP8fYQ6N90OPWnbUcs+2aiDyup24o9cL3m
bfm9HpnsTzCveqz5oVflO9HKd63VmDugWIKRafw3gZNhmPdsOzxoL++y2Ea4RgWN
a3p9NIDrkOHExnYXXbmVWIMA32FawtZbEF4eWt6U+D+VnGJTQwQqWa593aZhh1kx
sFnMomM0Nlfh/GVFUWJF2krRN2WMdA3nwtAKS8CbO+iCMto6mH/0YkDt0jtp
-----END CERTIFICATE-----
Generated at Wed May 7 18:51:07 2025 by rpki-client