Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/r2GBctgRUfkjCJBo8So1t9LNWsw.roa
File: r2GBctgRUfkjCJBo8So1t9LNWsw.roa (raw, json)
Hash identifier: sOG3tRsiNlpu1EixosYjV3eRDm6ivxAmg8xxS12xJRI=
Subject key identifier: AF:61:81:72:D8:11:51:F9:23:08:90:68:F1:2A:35:B7:D2:CD:5A:CC
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188E5064FE7C8CCB77E8699B4CE3D70D54D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/r2GBctgRUfkjCJBo8So1t9LNWsw.roa
Signing time: Thu 22 Jun 2023 21:32:56 +0000
ROA not before: Thu 22 Jun 2023 21:32:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397563
IP address blocks: 185.225.20.0/24 maxlen: 24
185.220.251.0/24 maxlen: 24
185.220.250.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.221.20.0/24 maxlen: 24
185.221.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e5:06:4f:e7:c8:cc:b7:7e:86:99:b4:ce:3d:70:d5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 22 21:32:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af618172d81151f923089068f12a35b7d2cd5acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:de:6b:67:21:16:8b:02:37:bb:a2:fd:d4:c0:
c5:9f:f6:6e:f8:af:04:a0:18:85:0f:8f:20:ea:0c:
ab:e6:87:8d:83:b9:fa:1c:6b:76:4e:80:6e:a7:1a:
77:b9:17:ae:37:44:f0:8f:a1:42:2f:ab:8a:b3:0f:
f0:95:ec:53:83:9a:d4:86:4d:21:40:c2:88:29:55:
0f:40:0c:aa:d4:43:56:73:32:14:e7:43:e7:b4:06:
0a:95:5c:a6:6a:b5:ad:97:d9:d8:88:f7:5e:3c:b2:
52:47:13:f3:12:1c:6d:fb:4b:95:6f:cc:fb:6d:2c:
81:2f:fe:f2:9e:24:1e:cb:d2:de:56:ca:e6:0e:15:
e0:fc:ad:c6:9f:1c:4f:6a:31:f5:a4:34:44:d0:76:
c1:3e:7a:9e:33:00:f1:4c:c1:18:bf:20:65:a6:04:
3b:fd:83:f0:6c:96:9d:6d:75:df:f3:fc:b1:05:75:
98:ca:99:b2:54:32:e9:ca:f2:c2:53:2c:ab:72:6a:
59:a4:50:48:3c:03:7d:e2:a1:d7:5e:85:a4:20:5a:
0a:fd:68:ce:70:86:f9:22:69:58:82:23:72:55:5a:
de:a9:88:c3:c3:c7:97:34:85:38:04:6e:d7:d5:59:
94:52:90:78:d9:58:3e:de:c7:57:dd:33:f4:f3:3d:
f2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:61:81:72:D8:11:51:F9:23:08:90:68:F1:2A:35:B7:D2:CD:5A:CC
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/r2GBctgRUfkjCJBo8So1t9LNWsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.235.0/24
185.220.250.0/23
185.221.20.0/23
185.225.20.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:92:08:08:20:86:59:e6:d4:55:18:0e:1b:36:bf:d9:b3:af:
62:27:a2:50:07:18:6b:b1:26:ea:79:d8:72:f3:fb:6f:c2:1f:
99:02:03:aa:0d:4c:f7:fa:dc:45:f7:5f:80:c5:e7:7c:f3:cf:
e6:77:30:e8:98:91:00:51:7d:6f:10:2a:7e:bc:a0:0d:7e:0c:
fe:e0:b4:33:56:76:bd:f1:63:f1:75:0d:20:fd:5e:62:a5:12:
e2:b7:cb:06:9f:c9:4e:98:29:c8:33:ea:92:7a:b6:08:1d:1d:
28:d7:05:2a:10:d6:9a:be:69:a8:ca:1b:ba:f9:2e:b4:e0:19:
e1:8f:32:a3:1e:9c:65:44:c6:91:3f:a6:d6:22:4b:17:d1:40:
87:f3:0e:20:50:20:ed:a6:fc:73:9e:f2:e7:80:12:ec:78:4b:
78:d5:0a:85:e2:eb:35:b0:73:c4:c7:84:20:36:02:28:97:91:
38:25:f9:e1:72:e8:f2:20:76:c7:af:c0:61:26:78:39:d5:64:
ad:cc:14:c2:7a:e7:3c:c8:4b:20:a8:80:79:80:10:16:2f:a4:
13:d7:5a:42:ba:3e:17:be:ec:b0:ed:56:7f:56:90:bd:3c:3f:
15:49:79:7c:92:85:20:89:9f:18:ff:e5:56:15:12:94:cd:8d:
fd:de:9c:78
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYjlBk/nyMy3foaZtM49cNVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjIyMjEzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjYxODE3MmQ4MTE1MWY5MjMwODkwNjhmMTJhMzViN2QyY2Q1YWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhN5rZyEWiwI3u6L91MDFn/Zu+K8E
oBiFD48g6gyr5oeNg7n6HGt2ToBupxp3uReuN0Twj6FCL6uKsw/wlexTg5rUhk0h
QMKIKVUPQAyq1ENWczIU50PntAYKlVymarWtl9nYiPdePLJSRxPzEhxt+0uVb8z7
bSyBL/7yniQey9LeVsrmDhXg/K3GnxxPajH1pDRE0HbBPnqeMwDxTMEYvyBlpgQ7
/YPwbJadbXXf8/yxBXWYypmyVDLpyvLCUyyrcmpZpFBIPAN94qHXXoWkIFoK/WjO
cIb5ImlYgiNyVVreqYjDw8eXNIU4BG7X1VmUUpB42Vg+3sdX3TP08z3y+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK9hgXLYEVH5IwiQaPEqNbfSzVrMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvcjJHQmN0Z1JVZmtqQ0pCbzhTbzF0OUxOV3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAudLrAwQB
udz6AwQBud0UAwQAueEUMA0GCSqGSIb3DQEBCwUAA4IBAQCfkggIIIZZ5tRVGA4b
Nr/Zs69iJ6JQBxhrsSbqedhy8/tvwh+ZAgOqDUz3+txF91+Axed888/mdzDomJEA
UX1vECp+vKANfgz+4LQzVna98WPxdQ0g/V5ipRLit8sGn8lOmCnIM+qSerYIHR0o
1wUqENaavmmoyhu6+S604BnhjzKjHpxlRMaRP6bWIksX0UCH8w4gUCDtpvxznvLn
gBLseEt41QqF4us1sHPEx4QgNgIol5E4JfnhcujyIHbHr8BhJng51WStzBTCeuc8
yEsgqIB5gBAWL6QT11pCuj4Xvuyw7VZ/VpC9PD8VSXl8koUgiZ8Y/+VWFRKUzY39
3px4
-----END CERTIFICATE-----
Generated at Thu May 15 03:46:21 2025 by rpki-client