Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PEJJDOHeHUZUIKEcmUV7cmKBO6M.roa
File: PEJJDOHeHUZUIKEcmUV7cmKBO6M.roa (raw, json)
Hash identifier: S3f6tCCli6SFHF4sv+VsjGt1lgKnq1xZOz+Pa4jIfCc=
Subject key identifier: 3C:42:49:0C:E1:DE:1D:46:54:20:A1:1C:99:45:7B:72:62:81:3B:A3
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A2E5CAAA69126258C89B288D0F26F14C8
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PEJJDOHeHUZUIKEcmUV7cmKBO6M.roa
Signing time: Fri 25 Aug 2023 20:22:19 +0000
ROA not before: Fri 25 Aug 2023 20:22:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.21.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
194.87.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2e:5c:aa:a6:91:26:25:8c:89:b2:88:d0:f2:6f:14:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 25 20:22:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c42490ce1de1d465420a11c99457b7262813ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7a:b5:8f:32:2e:67:fb:f2:03:60:13:f8:2b:
2a:29:94:6e:9d:29:ba:08:8b:77:b2:43:8d:c6:98:
59:40:19:7a:04:96:ef:70:9c:2a:ed:88:fe:92:e2:
4c:9e:85:37:d8:57:0e:70:3b:44:2c:06:3e:f6:85:
cd:34:91:93:17:c4:d2:74:a1:88:5a:7b:8f:a8:89:
ab:1e:47:66:58:6e:b8:25:9a:a4:46:fe:d9:71:14:
59:7d:b9:43:ac:78:d6:9b:ee:3e:28:71:30:a5:25:
09:e6:91:67:86:62:35:3d:44:64:6c:25:60:a6:82:
f3:22:94:8f:5b:c2:ef:bf:51:23:b7:3d:a0:10:34:
5a:2e:ff:a6:02:45:9a:63:6a:ad:9f:34:16:da:c5:
98:b2:ba:6b:25:e6:04:57:56:57:99:70:ff:59:ea:
33:8b:4c:16:8f:5a:87:e9:a6:c7:98:da:91:b0:f7:
e5:a0:6e:1e:ba:4d:cc:f4:af:a0:1b:08:b7:3a:7a:
f9:fb:f6:08:06:7a:2d:db:09:dc:0c:e7:00:5e:c7:
16:4d:36:53:fe:7d:9b:30:eb:bc:6d:4a:bb:c2:2b:
e9:13:bb:16:73:04:b2:34:5b:07:4b:f4:83:81:f9:
8b:5d:46:06:17:dd:16:dd:7f:e2:3e:86:d2:c8:2d:
f1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:42:49:0C:E1:DE:1D:46:54:20:A1:1C:99:45:7B:72:62:81:3B:A3
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/PEJJDOHeHUZUIKEcmUV7cmKBO6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.95.0/24
194.87.21.0/24
194.87.170.0/24
194.87.187.0/24
212.192.248.0/24
Signature Algorithm: sha256WithRSAEncryption
55:84:ea:79:d5:ee:b8:e2:fc:87:6e:45:3f:0a:ad:6e:05:e9:
39:6d:07:a3:d6:97:a1:ac:72:0d:06:38:3a:d9:d9:81:74:4a:
13:a6:03:b0:68:6b:b3:0f:91:b5:81:33:ab:49:bf:0d:d5:89:
35:04:df:f4:a0:1e:c2:dc:2f:e1:95:a6:ba:be:27:55:0b:17:
d4:98:44:e1:c7:8f:47:c5:06:34:c9:46:67:a0:65:66:11:8d:
ba:32:97:31:69:49:6e:de:7c:7b:54:e8:30:eb:d4:d8:04:5f:
12:4f:f0:6a:7b:2e:bd:38:93:41:1d:06:e5:bb:1d:26:b1:7c:
78:c2:5a:fb:79:20:2e:78:fc:1f:45:54:ca:5e:9b:e4:6a:64:
02:c4:fe:b3:3e:20:bf:19:43:b3:4b:8f:48:33:d2:85:93:d7:
76:e7:0e:28:29:18:03:61:ad:f0:11:04:a5:42:fd:78:4e:06:
7d:d5:61:20:0a:d8:89:59:cd:e1:df:57:c5:47:d6:e7:b5:ea:
f6:9d:c6:af:6e:f7:1b:db:c3:40:1c:c5:9c:d7:57:6a:07:b7:
56:f3:3a:73:03:37:8a:a8:a3:61:54:c2:fa:65:2a:b5:0a:3a:
94:4e:81:95:4c:5a:7c:b3:25:86:d1:89:52:a8:ba:60:2d:bf:
d8:45:17:5f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYouXKqmkSYljImyiNDybxTIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI1MjAyMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQyNDkwY2UxZGUxZDQ2NTQyMGExMWM5OTQ1N2I3MjYyODEzYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnq1jzIuZ/vyA2AT+CsqKZRunSm6
CIt3skONxphZQBl6BJbvcJwq7Yj+kuJMnoU32FcOcDtELAY+9oXNNJGTF8TSdKGI
WnuPqImrHkdmWG64JZqkRv7ZcRRZfblDrHjWm+4+KHEwpSUJ5pFnhmI1PURkbCVg
poLzIpSPW8Lvv1Ejtz2gEDRaLv+mAkWaY2qtnzQW2sWYsrprJeYEV1ZXmXD/Weoz
i0wWj1qH6abHmNqRsPfloG4euk3M9K+gGwi3Onr5+/YIBnot2wncDOcAXscWTTZT
/n2bMOu8bUq7wivpE7sWcwSyNFsHS/SDgfmLXUYGF90W3X/iPobSyC3xtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDxCSQzh3h1GVCChHJlFe3JigTujMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUEVKSkRPSGVIVVpVSUtFY21VVjdjbUtCTzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXxfAwQA
wlcVAwQAwleqAwQAwle7AwQA1MD4MA0GCSqGSIb3DQEBCwUAA4IBAQBVhOp51e64
4vyHbkU/Cq1uBek5bQej1pehrHINBjg62dmBdEoTpgOwaGuzD5G1gTOrSb8N1Yk1
BN/0oB7C3C/hlaa6vidVCxfUmEThx49HxQY0yUZnoGVmEY26MpcxaUlu3nx7VOgw
69TYBF8ST/Bqey69OJNBHQblux0msXx4wlr7eSAuePwfRVTKXpvkamQCxP6zPiC/
GUOzS49IM9KFk9d25w4oKRgDYa3wEQSlQv14TgZ91WEgCtiJWc3h31fFR9bnter2
ncavbvcb28NAHMWc11dqB7dW8zpzAzeKqKNhVML6ZSq1CjqUToGVTFp8syWG0YlS
qLpgLb/YRRdf
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:49 2025 by rpki-client