Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/jSMW25Ff7vWisUnS44xUJOetg90.roa
File: jSMW25Ff7vWisUnS44xUJOetg90.roa (raw, json)
Hash identifier: I7c7Zl9p28RT1AQiutDL3Zh+4tV+JohWBZIpF1CUQco=
Subject key identifier: 8D:23:16:DB:91:5F:EE:F5:A2:B1:49:D2:E3:8C:54:24:E7:AD:83:DD
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 0B68E584
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/jSMW25Ff7vWisUnS44xUJOetg90.roa
Signing time: Sat 01 Jan 2022 11:03:16 +0000
ROA not before: Sat 01 Jan 2022 11:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202391
IP address blocks: 185.255.208.0/24 maxlen: 24
185.255.208.0/22 maxlen: 22
185.255.211.0/24 maxlen: 24
185.255.210.0/24 maxlen: 24
185.255.209.0/24 maxlen: 24
185.227.64.0/22 maxlen: 22
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 191423876 (0xb68e584)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: Jan 1 11:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d2316db915feef5a2b149d2e38c5424e7ad83dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:41:6f:62:19:44:9f:df:f2:e1:61:dd:a3:
d0:83:bf:df:56:19:58:be:77:98:3c:16:6e:30:35:
91:77:f9:f6:1b:28:1a:ff:21:40:9f:38:b1:f3:38:
3e:78:b2:36:b8:2f:4f:cd:71:85:25:2e:b1:ee:53:
08:07:1f:01:7a:f7:78:8d:77:ef:48:58:df:9b:be:
f8:48:84:3c:a2:6d:85:0c:f6:2a:7c:2f:4c:2e:a9:
72:d6:45:17:ab:d5:2b:2b:52:32:d7:01:f0:e6:e4:
1d:82:aa:a3:65:a5:04:49:69:c4:51:7d:f3:82:a1:
c4:5d:1a:ed:8b:7a:d8:4b:81:95:76:32:52:67:ad:
2c:ac:7f:8f:ac:d2:c0:90:92:3b:5b:a1:48:58:78:
bc:0f:68:37:26:0e:da:ff:b3:5d:47:f7:84:c6:88:
3e:cc:42:e7:bc:06:a8:02:c7:c1:9f:e5:4c:14:3f:
06:b8:93:09:d7:56:17:a6:2d:d5:7e:b8:5c:3a:d1:
3c:0e:0f:b4:47:44:99:df:9e:66:5f:0a:6b:8a:f0:
88:bf:be:54:e8:a9:c1:47:4f:fc:bf:1b:bb:78:7f:
9a:03:ef:c7:2a:a9:a8:d8:af:eb:1d:19:ea:4c:5d:
21:54:8d:e6:b5:67:a1:c5:b0:34:85:a8:a2:eb:1d:
45:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:23:16:DB:91:5F:EE:F5:A2:B1:49:D2:E3:8C:54:24:E7:AD:83:DD
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/jSMW25Ff7vWisUnS44xUJOetg90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.64.0/22
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
06:73:2a:0a:d0:4d:f1:4e:22:a4:38:3e:2c:7f:21:12:61:1f:
8f:13:cf:73:ce:3e:9f:54:05:60:2e:4a:7c:ec:bc:e6:a7:30:
92:9f:63:a7:07:e8:5f:27:4a:7c:4a:c8:c4:cf:0f:b6:dc:e2:
c7:45:e0:70:c8:e5:3d:15:e8:15:3a:c1:a8:f6:74:19:38:5c:
22:cc:0c:55:d6:76:75:da:7c:86:cd:10:4d:4e:56:e9:2b:bc:
bd:49:fc:25:c4:d1:fb:4d:f2:b8:e7:a8:67:3c:a3:3b:6c:0a:
13:1a:56:c8:0e:55:54:f7:74:d4:42:dc:fe:f2:89:cd:10:20:
73:06:8a:2c:61:1b:fb:0c:37:59:ba:db:9c:3d:58:c2:32:d7:
99:5b:90:da:4e:b0:eb:75:56:71:77:93:41:b8:28:fb:3d:68:
d2:b0:25:78:d9:ab:33:d1:ca:9c:d7:4b:cf:54:77:64:18:8d:
8b:89:72:49:50:7f:88:52:40:e0:11:7f:f2:18:2c:c2:78:a1:
5f:2b:41:bf:4c:6d:f7:85:71:40:0e:35:40:d7:b4:9a:2d:1e:
0f:10:d7:5f:5d:ed:e6:d5:76:6f:8e:33:e4:1f:cd:fd:9d:ff:
e5:56:13:b2:d8:92:43:a9:f7:b0:e1:48:64:87:4f:1c:d1:93:
c4:0f:59:5d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEC2jlhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWJjNDBiY2FiNWU5MDUzYWI2ZGI3ZDE5ZTJhMzhkZjFiNmY5YTRiMB4XDTIyMDEw
MTExMDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQyMzE2ZGI5MTVm
ZWVmNWEyYjE0OWQyZTM4YzU0MjRlN2FkODNkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoEQW9iGUSf3/LhYd2j0IO/31YZWL53mDwWbjA1kXf59hso
Gv8hQJ84sfM4PniyNrgvT81xhSUuse5TCAcfAXr3eI1370hY35u++EiEPKJthQz2
KnwvTC6pctZFF6vVKytSMtcB8ObkHYKqo2WlBElpxFF984KhxF0a7Yt62EuBlXYy
UmetLKx/j6zSwJCSO1uhSFh4vA9oNyYO2v+zXUf3hMaIPsxC57wGqALHwZ/lTBQ/
BriTCddWF6Yt1X64XDrRPA4PtEdEmd+eZl8Ka4rwiL++VOipwUdP/L8bu3h/mgPv
xyqpqNiv6x0Z6kxdIVSN5rVnocWwNIWoousdRasCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSNIxbbkV/u9aKxSdLjjFQk562D3TAfBgNVHSMEGDAWgBQRvEC8q16QU6tt
t9GeKjjfG2+aSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VieEF2S3Rla0ZPcmJiZlJuaW80M3h0dm1rcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvZGFmZmI2LThiZGYtNDExZC1iNmM0LWFlNGY4NGUxNmNhMS8x
L2pTTVcyNUZmN3ZXaXNVblM0NHhVSk9ldGc5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
ZGFmZmI2LThiZGYtNDExZC1iNmM0LWFlNGY4NGUxNmNhMS8xL0VieEF2S3Rla0ZP
cmJiZlJuaW80M3h0dm1rcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnjQAMEArn/0DANBAIAAjAHAwUD
KgpLgDANBgkqhkiG9w0BAQsFAAOCAQEABnMqCtBN8U4ipDg+LH8hEmEfjxPPc84+
n1QFYC5KfOy85qcwkp9jpwfoXydKfErIxM8Pttzix0XgcMjlPRXoFTrBqPZ0GThc
IswMVdZ2ddp8hs0QTU5W6Su8vUn8JcTR+03yuOeoZzyjO2wKExpWyA5VVPd01ELc
/vKJzRAgcwaKLGEb+ww3WbrbnD1YwjLXmVuQ2k6w63VWcXeTQbgo+z1o0rAleNmr
M9HKnNdLz1R3ZBiNi4lySVB/iFJA4BF/8hgswnihXytBv0xt94VxQA41QNe0mi0e
DxDXX13t5tV2b44z5B/N/Z3/5VYTstiSQ6n3sOFIZIdPHNGTxA9ZXQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:31:06 2025 by rpki-client