Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xC6OsTCVjaVbCUctKL6HqzYvc1c.roa
File: xC6OsTCVjaVbCUctKL6HqzYvc1c.roa (raw, json)
Hash identifier: BqjbJ4jj736nKsN3o4aF1VMevyZ1MhVxfZhcFjfIm8U=
Subject key identifier: C4:2E:8E:B1:30:95:8D:A5:5B:09:47:2D:28:BE:87:AB:36:2F:73:57
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B614F6B22B1C0A979459053DF37E99C49
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xC6OsTCVjaVbCUctKL6HqzYvc1c.roa
Signing time: Tue 24 Oct 2023 10:51:16 +0000
ROA not before: Tue 24 Oct 2023 10:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213005
IP address blocks: 93.92.228.0/22 maxlen: 24
185.223.220.0/22 maxlen: 22
194.38.56.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
185.211.180.0/22 maxlen: 22
85.115.192.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
81.21.228.0/22 maxlen: 24
185.245.34.0/23 maxlen: 23
185.179.228.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:4f:6b:22:b1:c0:a9:79:45:90:53:df:37:e9:9c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 24 10:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c42e8eb130958da55b09472d28be87ab362f7357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8e:bd:7d:ab:38:8d:60:f6:8b:85:9c:3d:5e:
0c:09:3f:c1:1a:df:dc:16:58:43:93:d7:aa:ba:d7:
f6:56:ba:55:d9:d8:a5:a4:c4:06:c4:86:3e:31:ef:
a1:e5:f0:40:1f:6e:d2:40:eb:c4:e9:99:df:b5:09:
f2:a3:57:b7:10:c8:d4:8b:80:7c:02:f9:1f:6f:70:
04:10:8b:de:aa:21:b5:56:2a:d4:9d:7b:0c:82:37:
89:cf:86:33:39:0d:fa:1a:0f:08:75:3e:92:73:8e:
0f:33:47:3e:7b:a6:01:8b:0d:24:36:2c:48:45:1e:
dc:08:d9:b1:de:62:20:97:1d:3a:22:5f:e6:83:4f:
c1:19:46:6b:6d:ee:cd:de:5d:d1:00:d0:0c:56:54:
bd:23:27:49:25:65:78:b2:f8:54:25:26:1d:4e:2a:
cc:48:70:65:d6:2b:b7:3c:65:12:37:09:e3:9b:29:
e4:82:f4:5a:ef:fe:f3:ba:53:35:16:53:b9:e2:0a:
08:02:55:71:29:b5:6f:84:d5:49:fe:7a:ad:70:0a:
4a:c7:6a:af:0c:61:f3:54:05:bc:4b:b4:da:a1:42:
b5:77:2d:c0:97:18:1d:04:ad:26:22:e3:92:1f:73:
ca:b9:6d:1f:85:7d:71:9c:ed:f8:13:76:a1:4a:ac:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2E:8E:B1:30:95:8D:A5:5B:09:47:2D:28:BE:87:AB:36:2F:73:57
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xC6OsTCVjaVbCUctKL6HqzYvc1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.228.0/22
85.115.192.0/22
92.60.34.0/24
93.92.228.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
194.38.56.0/22
212.80.208.0/22
Signature Algorithm: sha256WithRSAEncryption
95:06:90:7b:9a:79:78:10:6f:d2:3b:bf:04:ad:46:ee:56:04:
50:61:2e:40:ea:f9:e1:b3:6b:34:33:c0:69:40:06:b7:02:04:
dd:1f:45:8c:4d:ed:86:6c:3e:a6:52:28:af:3d:2f:d4:2b:d9:
59:a6:ab:9e:fe:40:eb:c3:d4:08:fd:67:26:e1:98:0f:32:24:
8c:17:ec:b5:7d:00:fc:54:f6:74:c4:25:f3:ba:96:dd:95:22:
25:53:3a:54:b4:a2:98:14:f9:34:b7:da:22:fc:36:d2:05:3d:
ff:fd:a9:ab:86:5c:e5:ba:6d:2e:01:2a:49:14:fc:18:e3:6b:
50:9d:e6:05:25:92:2b:9b:00:5d:47:ea:b2:22:ec:2b:71:16:
b4:07:60:d5:ed:b0:7c:51:19:66:92:e7:e9:8b:28:a4:35:93:
10:b7:ba:8d:cd:be:47:49:3d:74:eb:0b:57:0f:07:cf:9f:8f:
f1:0e:3f:e4:51:54:cf:ed:56:22:4d:70:33:65:9e:02:2e:3e:
87:56:3a:ce:4e:e5:b1:a6:cb:be:87:5f:0e:7d:12:2e:0e:bb:
09:81:67:56:af:92:2d:3b:89:72:de:6a:eb:8e:f5:d4:1f:16:
d3:a0:d9:a8:c6:17:67:59:73:41:d8:32:4f:54:e7:3c:33:40:
b3:98:d6:e1
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYthT2siscCpeUWQU9836ZxJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI0MTA1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJlOGViMTMwOTU4ZGE1NWIwOTQ3MmQyOGJlODdhYjM2MmY3MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3I69fas4jWD2i4WcPV4MCT/BGt/c
FlhDk9equtf2VrpV2dilpMQGxIY+Me+h5fBAH27SQOvE6ZnftQnyo1e3EMjUi4B8
Avkfb3AEEIveqiG1VirUnXsMgjeJz4YzOQ36Gg8IdT6Sc44PM0c+e6YBiw0kNixI
RR7cCNmx3mIglx06Il/mg0/BGUZrbe7N3l3RANAMVlS9IydJJWV4svhUJSYdTirM
SHBl1iu3PGUSNwnjmynkgvRa7/7zulM1FlO54goIAlVxKbVvhNVJ/nqtcApKx2qv
DGHzVAW8S7TaoUK1dy3AlxgdBK0mIuOSH3PKuW0fhX1xnO34E3ahSqwS+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMQujrEwlY2lWwlHLSi+h6s2L3NXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveEM2T3NUQ1ZqYVZiQ1VjdEtMNkhxell2YzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCURXkAwQC
VXPAAwQAXDwiAwQCXVzkAwQCubPkAwQCub1AAwQCudO0AwQCud/cAwQCueOAAwQB
ufUiAwQCwiY4AwQC1FDQMA0GCSqGSIb3DQEBCwUAA4IBAQCVBpB7mnl4EG/SO78E
rUbuVgRQYS5A6vnhs2s0M8BpQAa3AgTdH0WMTe2GbD6mUiivPS/UK9lZpque/kDr
w9QI/Wcm4ZgPMiSMF+y1fQD8VPZ0xCXzupbdlSIlUzpUtKKYFPk0t9oi/DbSBT3/
/amrhlzlum0uASpJFPwY42tQneYFJZIrmwBdR+qyIuwrcRa0B2DV7bB8URlmkufp
iyikNZMQt7qNzb5HST106wtXDwfPn4/xDj/kUVTP7VYiTXAzZZ4CLj6HVjrOTuWx
psu+h18OfRIuDrsJgWdWr5ItO4ly3mrrjvXUHxbToNmoxhdnWXNB2DJPVOc8M0Cz
mNbh
-----END CERTIFICATE-----
Generated at Wed May 7 23:00:07 2025 by rpki-client