Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/JEaIi88ApoygO9Ttwxs5-Am7VJI.roa
File: JEaIi88ApoygO9Ttwxs5-Am7VJI.roa (raw, json)
Hash identifier: S3QDCRRqMLq0RATQOd/C4xt9T07864beUNAjg0wPxDU=
Subject key identifier: 24:46:88:8B:CF:00:A6:8C:A0:3B:D4:ED:C3:1B:39:F8:09:BB:54:92
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 01931AC099230950AB4EC19BC811C19F567D
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/JEaIi88ApoygO9Ttwxs5-Am7VJI.roa
Signing time: Mon 11 Nov 2024 10:24:09 +0000
ROA not before: Mon 11 Nov 2024 10:24:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200924
IP address blocks: 85.204.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:c0:99:23:09:50:ab:4e:c1:9b:c8:11:c1:9f:56:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Nov 11 10:24:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2446888bcf00a68ca03bd4edc31b39f809bb5492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:60:39:09:fe:77:5d:5d:b1:b3:a7:61:5d:
6c:fb:f6:92:b5:12:8d:b8:a4:96:6f:4c:32:97:10:
db:66:91:7f:c2:86:31:23:e0:ca:56:38:83:cd:f7:
26:23:17:12:4e:6c:cf:05:e6:2b:28:27:98:13:10:
e1:1b:cc:86:2f:be:a6:3f:e0:41:78:19:b4:1c:51:
bb:ea:ac:4f:ed:6b:d7:86:2c:03:56:44:2d:db:d6:
34:cf:41:83:f5:89:f6:43:1b:cc:07:95:c0:58:39:
fe:f5:94:1b:70:26:53:de:a3:57:20:b6:e8:7c:67:
60:d8:2d:45:8a:9d:e3:e0:6d:d6:4b:76:41:da:2b:
e7:e2:71:65:58:f9:e9:f5:a2:a3:3d:28:32:dc:9e:
9c:da:b2:5d:c3:80:4c:e9:68:63:51:6e:75:03:37:
03:dc:a2:d1:c5:e0:18:4a:ea:ae:f2:b2:89:ed:e1:
13:e3:4c:4e:2a:ae:be:3f:fb:93:c9:d2:3b:16:66:
73:dc:9f:e4:b0:f6:10:7b:4e:78:90:63:b4:7b:db:
02:47:f2:61:d1:13:a6:59:1f:55:31:9c:97:a6:7c:
32:f7:68:a9:a9:ac:2a:1d:19:d9:72:71:df:a6:89:
64:e6:94:4a:c4:64:1b:ff:37:f0:56:8f:a3:cf:c8:
5e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:46:88:8B:CF:00:A6:8C:A0:3B:D4:ED:C3:1B:39:F8:09:BB:54:92
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/JEaIi88ApoygO9Ttwxs5-Am7VJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.37.0/24
Signature Algorithm: sha256WithRSAEncryption
10:66:1c:04:c5:26:ba:e1:bb:60:ee:fc:db:7e:f0:3d:db:f8:
0f:2a:b4:ea:44:25:b5:41:7f:d4:29:4c:62:e9:b7:09:fe:58:
a8:17:9b:e8:5b:c8:e8:8f:6e:59:9c:a9:ce:0a:1a:08:36:cf:
dc:94:b1:8a:3b:9b:ec:6a:93:73:7b:92:88:bd:d2:75:d3:1a:
71:fa:9d:d0:ef:98:1d:bb:f7:eb:1b:b6:85:76:a7:aa:03:82:
ff:79:8a:2a:5c:b2:3f:82:51:78:39:9f:0a:d4:e2:cf:bf:c9:
31:76:34:f8:06:c2:66:b9:69:1e:45:9e:58:1e:04:75:60:2b:
11:97:eb:2b:70:16:05:20:58:f0:18:8d:d6:5d:ef:6e:98:5a:
8b:a3:50:5c:7b:05:52:d3:98:8d:61:9b:af:80:a2:50:a9:fe:
42:49:5a:88:77:e1:9a:c8:16:05:2b:9a:a8:53:5d:82:31:eb:
f6:bd:06:1d:3a:6e:49:39:47:88:bb:f4:50:8e:c5:a6:81:66:
3e:b2:8f:03:9d:ee:3f:5a:ad:a6:f6:47:9f:12:8f:ea:28:75:
be:62:36:ca:cd:b7:35:d7:4f:7d:12:5a:06:dd:e5:23:4d:e8:
99:10:3e:91:80:f6:b7:91:35:2a:8c:8f:83:0b:67:82:11:0d:
50:d1:37:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMawJkjCVCrTsGbyBHBn1Z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjQxMTExMTAyNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ2ODg4YmNmMDBhNjhjYTAzYmQ0ZWRjMzFiMzlmODA5YmI1NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvehgOQn+d11dsbOnYV1s+/aStRKN
uKSWb0wylxDbZpF/woYxI+DKVjiDzfcmIxcSTmzPBeYrKCeYExDhG8yGL76mP+BB
eBm0HFG76qxP7WvXhiwDVkQt29Y0z0GD9Yn2QxvMB5XAWDn+9ZQbcCZT3qNXILbo
fGdg2C1Fip3j4G3WS3ZB2ivn4nFlWPnp9aKjPSgy3J6c2rJdw4BM6WhjUW51AzcD
3KLRxeAYSuqu8rKJ7eET40xOKq6+P/uTydI7FmZz3J/ksPYQe054kGO0e9sCR/Jh
0ROmWR9VMZyXpnwy92ipqawqHRnZcnHfpolk5pRKxGQb/zfwVo+jz8heXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRGiIvPAKaMoDvU7cMbOfgJu1SSMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvSkVhSWk4OEFwb3lnTzlUdHd4czUtQW03VkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcwlMA0G
CSqGSIb3DQEBCwUAA4IBAQAQZhwExSa64btg7vzbfvA92/gPKrTqRCW1QX/UKUxi
6bcJ/lioF5voW8joj25ZnKnOChoINs/clLGKO5vsapNze5KIvdJ10xpx+p3Q75gd
u/frG7aFdqeqA4L/eYoqXLI/glF4OZ8K1OLPv8kxdjT4BsJmuWkeRZ5YHgR1YCsR
l+srcBYFIFjwGI3WXe9umFqLo1BcewVS05iNYZuvgKJQqf5CSVqId+GayBYFK5qo
U12CMev2vQYdOm5JOUeIu/RQjsWmgWY+so8Dne4/Wq2m9kefEo/qKHW+YjbKzbc1
1099EloG3eUjTeiZED6RgPa3kTUqjI+DC2eCEQ1Q0TcY
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:15:28 2025 by rpki-client