Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/o6Y2NentMfQSQRxS8BPHTiWofU0.roa
File: o6Y2NentMfQSQRxS8BPHTiWofU0.roa (raw, json)
Hash identifier: BZAXJfxqr0E90gAw9Fyfavv8ZrhRYeMvNEE4cN/qXcM=
Subject key identifier: A3:A6:36:35:E9:ED:31:F4:12:41:1C:52:F0:13:C7:4E:25:A8:7D:4D
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 0182A12D4698BE0435283FA805BC5F0D9761
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/o6Y2NentMfQSQRxS8BPHTiWofU0.roa
Signing time: Mon 15 Aug 2022 11:04:35 +0000
ROA not before: Mon 15 Aug 2022 11:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60848
IP address blocks: 185.247.96.0/24 maxlen: 24
185.247.99.0/24 maxlen: 24
94.127.60.0/22 maxlen: 22
2a02:2188:2000::/36 maxlen: 36
2a02:2188:f000::/36 maxlen: 36
2a02:2188::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:2d:46:98:be:04:35:28:3f:a8:05:bc:5f:0d:97:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: Aug 15 11:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3a63635e9ed31f412411c52f013c74e25a87d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f4:3d:17:c2:28:1d:c1:33:01:3b:0d:a2:c6:
5c:1d:93:3a:e5:ff:a7:45:47:5a:9f:1d:c1:a4:18:
69:92:97:20:b0:af:0d:f3:c4:52:a2:a5:2f:7a:5c:
ce:7f:d8:3b:62:d0:d8:c9:66:b1:19:5b:5c:d7:4a:
b4:67:4c:9e:f4:12:35:5c:ee:ea:a8:b1:dd:6c:59:
83:54:9f:ba:a6:2b:2c:a1:67:05:18:b7:58:2c:c8:
4b:05:ef:20:36:f7:76:5b:48:7d:d1:cb:eb:4b:40:
e0:7c:c6:ca:13:70:33:04:f0:13:70:8a:ce:bb:95:
c0:70:a0:03:cf:48:36:8f:e1:fd:d0:92:57:a2:60:
68:c3:14:7f:e8:af:af:03:32:52:03:05:74:d6:99:
ca:86:97:ca:92:f1:95:97:f2:c0:88:72:44:d1:ab:
dc:dc:d6:6e:87:41:2f:15:b2:1c:73:ba:8e:e0:59:
9a:e4:2c:01:6c:a2:e3:14:b7:d8:22:68:11:3c:1f:
53:84:33:78:54:d1:8c:6c:ec:ac:70:0f:91:67:63:
c8:c5:d8:57:fd:c0:a7:b7:d8:83:aa:29:3d:34:e2:
02:3d:33:f2:8d:35:bd:9a:d2:88:62:88:7d:45:88:
3d:95:2b:f1:35:19:7a:9d:4e:e2:6e:1f:59:15:26:
8e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A6:36:35:E9:ED:31:F4:12:41:1C:52:F0:13:C7:4E:25:A8:7D:4D
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/o6Y2NentMfQSQRxS8BPHTiWofU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.60.0/22
185.247.96.0/24
185.247.99.0/24
IPv6:
2a02:2188::/48
2a02:2188:2000::/36
2a02:2188:f000::/36
Signature Algorithm: sha256WithRSAEncryption
3b:f6:f2:1b:ca:83:23:a5:e7:a8:65:91:47:21:7f:79:b8:9f:
3e:f1:9f:07:4b:55:cf:94:e8:44:df:2d:3e:cf:2a:45:f5:8e:
9c:34:49:44:2c:e9:9e:6f:32:1a:7b:aa:2f:af:39:ea:5d:8d:
8e:ec:47:bf:3a:18:93:d5:68:c9:89:e5:9a:34:b0:68:ac:02:
c0:20:48:a6:6b:28:5a:6a:4f:c2:1f:8e:73:d9:9a:9b:22:b8:
2e:2a:30:2c:70:35:aa:21:cf:f5:0b:27:88:c9:bb:9d:eb:c3:
e1:9b:b3:b7:c5:71:c1:95:22:be:9b:b0:4f:55:02:f3:e6:55:
b6:ac:85:34:b1:f5:38:ea:6b:ed:01:c7:bb:0c:03:aa:01:bd:
aa:03:ce:b6:bb:49:da:98:f7:c1:51:bb:74:79:28:86:eb:3a:
85:1d:59:7b:2d:40:79:a1:68:7f:f3:c1:33:62:d4:e7:bc:1c:
b4:0f:89:67:a4:0a:e3:d8:b3:b0:ec:7d:0d:80:1c:da:a1:19:
26:c2:03:87:e5:ee:1e:1e:12:09:30:52:7f:75:8b:4c:21:04:
2f:fa:38:14:30:ba:a2:9b:7a:04:67:e0:ca:fd:fe:ca:a7:a6:
72:56:71:37:b4:39:68:3d:98:62:8c:3e:c6:38:86:c5:9d:e2:
32:25:d2:08
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYKhLUaYvgQ1KD+oBbxfDZdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmUyMTJhMmYxYTExOWVmNjRhYjYyZTFhOTZkNzExNTI0
YzhiYzcwHhcNMjIwODE1MTEwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E2MzYzNWU5ZWQzMWY0MTI0MTFjNTJmMDEzYzc0ZTI1YTg3ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfQ9F8IoHcEzATsNosZcHZM65f+n
RUdanx3BpBhpkpcgsK8N88RSoqUvelzOf9g7YtDYyWaxGVtc10q0Z0ye9BI1XO7q
qLHdbFmDVJ+6pissoWcFGLdYLMhLBe8gNvd2W0h90cvrS0DgfMbKE3AzBPATcIrO
u5XAcKADz0g2j+H90JJXomBowxR/6K+vAzJSAwV01pnKhpfKkvGVl/LAiHJE0avc
3NZuh0EvFbIcc7qO4Fma5CwBbKLjFLfYImgRPB9ThDN4VNGMbOyscA+RZ2PIxdhX
/cCnt9iDqik9NOICPTPyjTW9mtKIYoh9RYg9lSvxNRl6nU7ibh9ZFSaOFQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKOmNjXp7TH0EkEcUvATx04lqH1NMB8GA1UdIwQY
MBaAFKy+ISovGhGe9kq2LhqW1xFSTIvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYt
MjNjMzM4NjgwNzcxLzEvbzZZMk5lbnRNZlFTUVJ4UzhCUEhUaVdvZlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYtMjNjMzM4NjgwNzcx
LzEvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQCXn88AwQA
ufdgAwQAufdjMB8EAgACMBkDBwAqAiGIAAADBgQqAiGIIAMGBCoCIYjwMA0GCSqG
SIb3DQEBCwUAA4IBAQA79vIbyoMjpeeoZZFHIX95uJ8+8Z8HS1XPlOhE3y0+zypF
9Y6cNElELOmebzIae6ovrznqXY2O7Ee/OhiT1WjJieWaNLBorALAIEimayhaak/C
H45z2ZqbIrguKjAscDWqIc/1CyeIybud68Phm7O3xXHBlSK+m7BPVQLz5lW2rIU0
sfU46mvtAce7DAOqAb2qA862u0namPfBUbt0eSiG6zqFHVl7LUB5oWh/88EzYtTn
vBy0D4lnpArj2LOw7H0NgBzaoRkmwgOH5e4eHhIJMFJ/dYtMIQQv+jgUMLqim3oE
Z+DK/f7Kp6ZyVnE3tDloPZhijD7GOIbFneIyJdII
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:37:22 2025 by rpki-client