Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/7_pgG8A1pYeSjf9jHjEfXpt6QI8.roa
File: 7_pgG8A1pYeSjf9jHjEfXpt6QI8.roa (raw, json)
Hash identifier: WmDi7TOHYJFZUcI22Mrehe+6cZOFXxWaU2bWBBM1U4I=
Subject key identifier: EF:FA:60:1B:C0:35:A5:87:92:8D:FF:63:1E:31:1F:5E:9B:7A:40:8F
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 0186FBA08789828244DE4FD34CBAB3DC66F2
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/7_pgG8A1pYeSjf9jHjEfXpt6QI8.roa
Signing time: Sun 19 Mar 2023 20:47:27 +0000
ROA not before: Sun 19 Mar 2023 20:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134433
IP address blocks: 185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.231.0/24 maxlen: 24
185.71.228.0/24 maxlen: 24
185.125.85.0/24 maxlen: 24
193.0.180.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.183.0/24 maxlen: 24
2a05:3343:4::/48 maxlen: 48
2a05:3340:140::/42 maxlen: 48
2a05:3340::/42 maxlen: 42
2a05:3343:5::/48 maxlen: 48
2a05:3343:a::/48 maxlen: 48
2a05:3340::/29 maxlen: 64
2a05:3343:c::/48 maxlen: 48
2a05:3343:6::/48 maxlen: 48
2a05:3343:b::/48 maxlen: 48
2a05:3343:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fb:a0:87:89:82:82:44:de:4f:d3:4c:ba:b3:dc:66:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Mar 19 20:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=effa601bc035a587928dff631e311f5e9b7a408f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4a:28:a4:78:c7:2a:99:99:30:d3:7a:4d:e5:
d3:d0:30:03:3e:7c:b4:4f:27:2d:de:c5:48:84:5c:
07:7e:d8:96:ec:e7:bf:71:7b:a0:73:a6:eb:13:9c:
f4:24:9a:11:52:07:5f:4b:dd:5f:07:13:0c:cf:f5:
a0:f4:10:fd:47:72:73:db:fe:cc:24:c3:bf:ac:77:
7a:ff:73:e2:44:d3:35:64:d4:94:ca:74:89:82:52:
dc:f7:1d:e1:eb:49:84:21:e7:c8:b0:45:48:ee:18:
58:a7:a5:46:2a:71:65:ee:50:17:b2:6a:e0:ac:83:
a8:4c:6a:da:fe:12:b0:66:67:9b:56:79:9a:f7:80:
0f:f4:e5:3e:14:c6:67:a1:67:91:e1:dd:67:53:fa:
34:64:b2:ce:79:34:d7:b1:a1:c4:b9:9d:3d:e0:69:
2a:46:21:c8:eb:ed:9f:39:15:c2:91:05:f4:4c:db:
a0:b2:79:15:96:b9:1a:29:92:17:25:c1:c2:26:56:
57:5c:d8:81:8d:42:6b:b6:fd:b9:04:d6:f9:d0:12:
ce:8a:8b:d9:29:ca:87:38:a3:29:0c:0f:04:5e:8d:
44:34:2b:2b:9d:cc:01:f6:74:f6:f5:90:9d:0e:da:
ea:64:41:66:f3:f3:28:f3:93:58:e0:45:0d:63:30:
68:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:FA:60:1B:C0:35:A5:87:92:8D:FF:63:1E:31:1F:5E:9B:7A:40:8F
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/7_pgG8A1pYeSjf9jHjEfXpt6QI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/22
185.125.85.0-185.125.86.255
193.0.180.0/24
193.0.182.0/23
IPv6:
2a05:3340::/29
Signature Algorithm: sha256WithRSAEncryption
30:df:e7:55:77:c7:ba:7b:35:6b:2b:bb:43:9b:6b:8d:7b:1b:
44:f1:5f:c7:75:17:bc:a3:a6:4e:57:5c:75:f5:28:c1:bc:7b:
b5:82:2c:e0:6e:1e:36:56:78:f7:d7:c9:a6:5a:c2:04:2a:af:
86:31:24:77:3a:9f:8c:9b:f2:57:35:fb:67:77:e2:80:94:74:
3a:ec:1d:87:1a:11:e2:d2:2d:86:c3:ee:ec:57:53:92:dd:40:
e2:b7:86:3e:df:22:4d:42:44:7f:5a:96:7d:22:b7:5a:07:26:
e2:34:54:c7:81:ad:29:8a:5a:57:b5:14:ca:ba:c3:09:c9:73:
8f:3d:03:7b:7a:c5:5b:ba:3d:8d:8a:bf:ae:a5:04:fc:24:e7:
22:7e:53:ca:7c:15:97:c2:02:f8:b9:58:fb:86:1b:ac:ff:e0:
08:48:e9:b8:6b:0e:64:c5:44:63:7e:50:32:89:2e:e3:46:25:
a6:31:26:7f:78:07:8b:f3:10:be:8d:5d:b8:aa:25:78:3d:e7:
66:34:3b:bc:3a:40:77:94:61:c6:42:c1:a7:7b:fa:8c:c7:91:
e1:20:45:c5:4c:d4:c8:00:44:25:fd:26:71:81:a8:81:63:5c:
21:86:f7:fd:74:b3:87:1e:86:d5:cb:4f:a5:0f:ed:5a:b2:21:
a1:ed:1a:ee
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYb7oIeJgoJE3k/TTLqz3GbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjMwMzE5MjA0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmZhNjAxYmMwMzVhNTg3OTI4ZGZmNjMxZTMxMWY1ZTliN2E0MDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUoopHjHKpmZMNN6TeXT0DADPny0
Tyct3sVIhFwHftiW7Oe/cXugc6brE5z0JJoRUgdfS91fBxMMz/Wg9BD9R3Jz2/7M
JMO/rHd6/3PiRNM1ZNSUynSJglLc9x3h60mEIefIsEVI7hhYp6VGKnFl7lAXsmrg
rIOoTGra/hKwZmebVnma94AP9OU+FMZnoWeR4d1nU/o0ZLLOeTTXsaHEuZ094Gkq
RiHI6+2fORXCkQX0TNugsnkVlrkaKZIXJcHCJlZXXNiBjUJrtv25BNb50BLOiovZ
KcqHOKMpDA8EXo1ENCsrncwB9nT29ZCdDtrqZEFm8/Mo85NY4EUNYzBouwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFO/6YBvANaWHko3/Yx4xH16bekCPMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvN19wZ0c4QTFwWWVTamY5akhqRWZYcHQ2UUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCuUfkMAwD
BAC5fVUDBAC5fVYDBADBALQDBAHBALYwDQQCAAIwBwMFAyoFM0AwDQYJKoZIhvcN
AQELBQADggEBADDf51V3x7p7NWsru0Oba417G0TxX8d1F7yjpk5XXHX1KMG8e7WC
LOBuHjZWePfXyaZawgQqr4YxJHc6n4yb8lc1+2d34oCUdDrsHYcaEeLSLYbD7uxX
U5LdQOK3hj7fIk1CRH9aln0it1oHJuI0VMeBrSmKWle1FMq6wwnJc489A3t6xVu6
PY2Kv66lBPwk5yJ+U8p8FZfCAvi5WPuGG6z/4AhI6bhrDmTFRGN+UDKJLuNGJaYx
Jn94B4vzEL6NXbiqJXg952Y0O7w6QHeUYcZCwad7+ozHkeEgRcVM1MgARCX9JnGB
qIFjXCGG9/10s4cehtXLT6UP7VqyIaHtGu4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:36:35 2025 by rpki-client