Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/aQTrujD91-edBP2sxwle_Mis9tQ.roa
File: aQTrujD91-edBP2sxwle_Mis9tQ.roa (raw, json)
Hash identifier: 0yNS/f0PbUOlRUdnbMaC+3d6oqWcJ7FdAusdYHzZ5eE=
Subject key identifier: 69:04:EB:BA:30:FD:D7:E7:9D:04:FD:AC:C7:09:5E:FC:C8:AC:F6:D4
Certificate issuer: /CN=24992f32d7486dfb4a32c2e7810854ac6a668e34
Certificate serial: 01874DF80DCDE2E1A58F7ED98FB6BA60A8B3
Authority key identifier: 24:99:2F:32:D7:48:6D:FB:4A:32:C2:E7:81:08:54:AC:6A:66:8E:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JJkvMtdIbftKMsLngQhUrGpmjjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/aQTrujD91-edBP2sxwle_Mis9tQ.roa
Signing time: Tue 04 Apr 2023 20:31:54 +0000
ROA not before: Tue 04 Apr 2023 20:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206028
IP address blocks: 185.108.76.0/22 maxlen: 22
2a0d:2940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:f8:0d:cd:e2:e1:a5:8f:7e:d9:8f:b6:ba:60:a8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24992f32d7486dfb4a32c2e7810854ac6a668e34
Validity
Not Before: Apr 4 20:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6904ebba30fdd7e79d04fdacc7095efcc8acf6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:83:8d:e5:9a:a4:ff:6b:4f:7e:6b:a8:a1:
3b:57:9b:9b:c7:02:97:69:c1:c3:e7:37:c5:5b:c6:
7d:b3:83:8f:79:4c:18:08:81:2b:74:50:3e:e4:72:
8d:05:67:e4:cd:c6:9e:ca:83:da:bb:cb:b4:70:2e:
bf:b4:62:a2:e1:b0:b2:57:df:f0:62:7e:71:97:8e:
45:ae:a3:6f:92:48:b8:b7:86:4e:e5:5c:9c:a2:be:
0b:0d:67:49:1d:7d:7c:bf:da:4f:6e:90:2c:08:68:
a5:04:86:bb:14:60:dc:56:53:f2:1f:2c:ad:a1:ca:
04:20:64:02:cc:3a:7c:ed:c6:d0:4a:6a:fa:d4:e7:
22:57:c5:87:8e:63:82:0d:3b:76:a8:21:58:90:61:
60:a3:32:54:34:78:bc:41:4d:2e:5c:6a:42:51:93:
bf:21:40:cc:f7:d8:12:2c:98:0d:3f:e0:27:0a:13:
de:18:48:5f:70:f4:10:c1:c5:9e:24:5e:ae:f3:28:
10:ec:2a:ec:3c:a4:57:3e:31:c3:c1:20:45:ba:79:
31:7a:72:53:47:20:46:42:86:f0:2b:07:0b:fb:89:
a5:9c:05:cd:54:25:fe:4b:fd:8b:ed:bf:39:c3:75:
a6:c8:63:1c:29:33:73:66:8a:17:30:ad:92:c0:5a:
7f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:04:EB:BA:30:FD:D7:E7:9D:04:FD:AC:C7:09:5E:FC:C8:AC:F6:D4
X509v3 Authority Key Identifier:
keyid:24:99:2F:32:D7:48:6D:FB:4A:32:C2:E7:81:08:54:AC:6A:66:8E:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JJkvMtdIbftKMsLngQhUrGpmjjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/aQTrujD91-edBP2sxwle_Mis9tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/219592-4a44-4298-bd8e-4b2e680c7491/1/JJkvMtdIbftKMsLngQhUrGpmjjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.76.0/22
IPv6:
2a0d:2940::/29
Signature Algorithm: sha256WithRSAEncryption
1b:5d:27:16:d8:e1:78:ef:3d:9c:37:0e:80:2a:30:a7:17:40:
d2:c9:5e:25:90:17:ec:44:65:59:f5:16:d7:d5:d5:52:27:52:
be:20:31:59:55:b3:6d:1a:10:c7:a0:6b:f4:b4:61:83:79:47:
f1:46:f7:c3:18:25:3b:c8:10:5d:11:86:77:13:c6:f6:92:91:
a3:0b:3f:cf:27:39:cf:84:5c:71:10:ea:9c:42:8d:e8:99:f4:
d9:3c:88:aa:3c:5c:4b:57:01:ad:95:c3:bf:be:87:bd:e3:f7:
0e:50:ff:d1:1e:9b:39:40:42:5a:1f:96:10:11:fd:1e:d9:31:
76:62:0f:e0:e4:51:5b:0e:8a:4a:ab:89:8b:80:9f:63:b4:5d:
e0:f4:68:99:19:76:35:78:03:06:90:c8:a3:ae:ba:f8:df:95:
3e:f8:8f:38:41:2c:de:ab:67:53:fd:30:8c:e2:8d:64:7b:3a:
cb:67:b1:1a:1e:b8:77:ec:4e:67:aa:90:17:9b:30:4e:de:3d:
ae:7e:0d:3b:fb:7d:59:9d:e5:c9:8e:3e:b0:14:35:e4:35:60:
20:c3:ea:7d:e7:e5:1c:ec:e5:7e:a6:24:e3:b9:8b:64:f4:28:
d3:60:e1:64:52:15:5c:97:1d:42:0b:a6:10:a6:c2:40:cc:b0:
69:af:cd:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYdN+A3N4uGlj37Zj7a6YKizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0OTkyZjMyZDc0ODZkZmI0YTMyYzJlNzgxMDg1NGFjNmE2
NjhlMzQwHhcNMjMwNDA0MjAzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA0ZWJiYTMwZmRkN2U3OWQwNGZkYWNjNzA5NWVmY2M4YWNmNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSWDjeWapP9rT35rqKE7V5ubxwKX
acHD5zfFW8Z9s4OPeUwYCIErdFA+5HKNBWfkzcaeyoPau8u0cC6/tGKi4bCyV9/w
Yn5xl45FrqNvkki4t4ZO5Vycor4LDWdJHX18v9pPbpAsCGilBIa7FGDcVlPyHyyt
ocoEIGQCzDp87cbQSmr61OciV8WHjmOCDTt2qCFYkGFgozJUNHi8QU0uXGpCUZO/
IUDM99gSLJgNP+AnChPeGEhfcPQQwcWeJF6u8ygQ7CrsPKRXPjHDwSBFunkxenJT
RyBGQobwKwcL+4mlnAXNVCX+S/2L7b85w3WmyGMcKTNzZooXMK2SwFp/DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGkE67ow/dfnnQT9rMcJXvzIrPbUMB8GA1UdIwQY
MBaAFCSZLzLXSG37SjLC54EIVKxqZo40MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkprdk10ZEliZnRLTXNMbmdRaFVyR3BtampRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yMTk1OTItNGE0NC00Mjk4LWJkOGUt
NGIyZTY4MGM3NDkxLzEvYVFUcnVqRDkxLWVkQlAyc3h3bGVfTWlzOXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yMTk1OTItNGE0NC00Mjk4LWJkOGUtNGIyZTY4MGM3NDkx
LzEvSkprdk10ZEliZnRLTXNMbmdRaFVyR3BtampRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxMMA0E
AgACMAcDBQMqDSlAMA0GCSqGSIb3DQEBCwUAA4IBAQAbXScW2OF47z2cNw6AKjCn
F0DSyV4lkBfsRGVZ9RbX1dVSJ1K+IDFZVbNtGhDHoGv0tGGDeUfxRvfDGCU7yBBd
EYZ3E8b2kpGjCz/PJznPhFxxEOqcQo3omfTZPIiqPFxLVwGtlcO/voe94/cOUP/R
Hps5QEJaH5YQEf0e2TF2Yg/g5FFbDopKq4mLgJ9jtF3g9GiZGXY1eAMGkMijrrr4
35U++I84QSzeq2dT/TCM4o1kezrLZ7EaHrh37E5nqpAXmzBO3j2ufg07+31ZneXJ
jj6wFDXkNWAgw+p95+Uc7OV+piTjuYtk9CjTYOFkUhVclx1CC6YQpsJAzLBpr80r
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:11 2025 by rpki-client