Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/pG5XJQ1fr8Fk60vmeOJ1L3bBnSg.roa
File: pG5XJQ1fr8Fk60vmeOJ1L3bBnSg.roa (raw, json)
Hash identifier: OJ4rOBK1GxouJVRZfC/8jamAt5OXYxluOmr2bUo8dns=
Subject key identifier: A4:6E:57:25:0D:5F:AF:C1:64:EB:4B:E6:78:E2:75:2F:76:C1:9D:28
Certificate issuer: /CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Certificate serial: 01883422EFD412CCC9318724F5C8A0150AA2
Authority key identifier: EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/pG5XJQ1fr8Fk60vmeOJ1L3bBnSg.roa
Signing time: Fri 19 May 2023 13:11:24 +0000
ROA not before: Fri 19 May 2023 13:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30925
IP address blocks: 185.223.36.0/22 maxlen: 22
194.124.196.0/22 maxlen: 22
185.220.212.0/22 maxlen: 22
185.226.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:34:22:ef:d4:12:cc:c9:31:87:24:f5:c8:a0:15:0a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Validity
Not Before: May 19 13:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46e57250d5fafc164eb4be678e2752f76c19d28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f9:06:0d:7b:29:d9:2c:fc:d6:55:8b:a9:8c:
ad:3b:27:6c:d7:66:c5:74:1c:b9:4a:9d:25:8a:ba:
c1:c5:84:76:d7:8f:d1:b3:d3:f0:75:39:cb:00:90:
c1:e7:4a:45:07:d2:28:d7:7d:cc:cb:87:4a:d9:70:
4d:9c:f5:80:9f:09:88:0a:13:ee:81:cc:65:e8:ff:
c3:69:62:ec:89:93:bb:f4:67:88:51:97:0f:a6:86:
e9:6c:ab:65:2b:45:19:a6:9d:fa:1a:ff:9b:18:6d:
8d:6b:32:ed:6a:df:2f:e6:fd:6e:f7:b1:ae:92:e5:
dd:46:74:e4:d8:68:57:b1:61:4c:69:63:2a:82:70:
02:1d:9b:16:5d:11:91:e3:f1:88:b0:87:df:01:22:
44:d7:b9:e1:7a:11:29:ab:4f:20:cb:2c:f8:91:93:
2e:d2:2a:58:d7:0f:8e:74:55:7c:b4:a8:ca:30:33:
10:b4:b5:96:2c:a1:00:2f:02:e7:59:37:8d:1c:fb:
93:c0:8f:de:92:7f:85:b1:f9:7d:6d:34:c6:a6:03:
56:e2:f1:89:ed:30:bc:a6:66:ee:63:3a:8b:34:71:
2d:d2:45:28:c6:0e:d2:48:64:8a:a7:0c:10:f1:39:
2f:f3:f3:17:63:c2:ab:c5:a8:41:84:dc:84:e6:47:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6E:57:25:0D:5F:AF:C1:64:EB:4B:E6:78:E2:75:2F:76:C1:9D:28
X509v3 Authority Key Identifier:
keyid:EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/pG5XJQ1fr8Fk60vmeOJ1L3bBnSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/6p03bVRB9Is91QhRWxb-lcWhF4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.212.0/22
185.223.36.0/22
185.226.76.0/22
194.124.196.0/22
Signature Algorithm: sha256WithRSAEncryption
52:e9:f5:7b:f8:f3:52:a4:a3:9a:a0:c9:dc:83:b4:95:d4:5f:
8f:54:bf:7c:14:27:ec:45:23:76:8c:a5:52:00:e7:7f:77:2c:
fa:ce:fe:47:3e:59:a2:aa:ec:55:21:df:f9:8a:af:74:f7:c0:
6f:a6:fd:35:9f:09:5b:f6:6b:0c:49:ab:ba:63:97:95:bb:46:
28:ac:1b:d9:a1:76:6e:8c:f5:31:ca:6b:4f:98:9f:bb:f9:f7:
62:db:aa:c3:e3:72:0d:68:2c:e6:96:7a:55:26:3e:91:5b:0b:
61:f2:8a:21:3e:30:1d:bc:7a:55:64:e7:ce:81:bd:11:1e:15:
c5:aa:a2:01:80:1b:84:6f:8e:3b:bb:cc:34:69:16:48:cc:a4:
f7:43:6e:b9:d1:c7:21:68:48:1e:98:69:b0:7b:57:6b:1e:76:
56:a4:1a:5c:f5:71:1e:f1:00:5f:72:df:43:ea:bb:2a:f3:03:
07:af:e7:90:9d:b3:aa:27:6e:00:ff:a0:be:56:3f:98:b5:db:
fe:b0:2a:0e:19:aa:ac:5e:95:02:f0:f5:02:b9:3e:74:ac:1d:
d9:15:b1:0d:43:90:68:c6:00:90:1c:8b:21:b2:e7:65:a8:34:
1f:c4:29:5a:88:04:91:15:bb:95:b2:20:9b:1f:5d:52:ba:f4:
ed:32:2f:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYg0Iu/UEszJMYck9cigFQqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWQzNzZkNTQ0MWY0OGIzZGQ1MDg1MTViMTZmZTk1YzVh
MTE3ODIwHhcNMjMwNTE5MTMxMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZlNTcyNTBkNWZhZmMxNjRlYjRiZTY3OGUyNzUyZjc2YzE5ZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/kGDXsp2Sz81lWLqYytOyds12bF
dBy5Sp0lirrBxYR214/Rs9PwdTnLAJDB50pFB9Io133My4dK2XBNnPWAnwmIChPu
gcxl6P/DaWLsiZO79GeIUZcPpobpbKtlK0UZpp36Gv+bGG2NazLtat8v5v1u97Gu
kuXdRnTk2GhXsWFMaWMqgnACHZsWXRGR4/GIsIffASJE17nhehEpq08gyyz4kZMu
0ipY1w+OdFV8tKjKMDMQtLWWLKEALwLnWTeNHPuTwI/ekn+Fsfl9bTTGpgNW4vGJ
7TC8pmbuYzqLNHEt0kUoxg7SSGSKpwwQ8Tkv8/MXY8KrxahBhNyE5kdpawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKRuVyUNX6/BZOtL5njidS92wZ0oMB8GA1UdIwQY
MBaAFOqdN21UQfSLPdUIUVsW/pXFoReCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMt
M2Y3YWE0NDZmN2E4LzEvcEc1WEpRMWZyOEZrNjB2bWVPSjFMM2JCblNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMtM2Y3YWE0NDZmN2E4
LzEvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCudzUAwQC
ud8kAwQCueJMAwQCwnzEMA0GCSqGSIb3DQEBCwUAA4IBAQBS6fV7+PNSpKOaoMnc
g7SV1F+PVL98FCfsRSN2jKVSAOd/dyz6zv5HPlmiquxVId/5iq9098Bvpv01nwlb
9msMSau6Y5eVu0YorBvZoXZujPUxymtPmJ+7+fdi26rD43INaCzmlnpVJj6RWwth
8oohPjAdvHpVZOfOgb0RHhXFqqIBgBuEb447u8w0aRZIzKT3Q2650cchaEgemGmw
e1drHnZWpBpc9XEe8QBfct9D6rsq8wMHr+eQnbOqJ24A/6C+Vj+Ytdv+sCoOGaqs
XpUC8PUCuT50rB3ZFbENQ5BoxgCQHIshsudlqDQfxClaiASRFbuVsiCbH11SuvTt
Mi8b
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:32:14 2025 by rpki-client