Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/imRQrEVxHTKfOCkHN83I0t9StLc.roa
File: imRQrEVxHTKfOCkHN83I0t9StLc.roa (raw, json)
Hash identifier: o9nyGX+UKlQzCKNmffRJvbIcAuii6K4ubZKyr4Zvxck=
Subject key identifier: 8A:64:50:AC:45:71:1D:32:9F:38:29:07:37:CD:C8:D2:DF:52:B4:B7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0188E7A825671BC5A43DB36276150CE46086
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/imRQrEVxHTKfOCkHN83I0t9StLc.roa
Signing time: Fri 23 Jun 2023 09:48:56 +0000
ROA not before: Fri 23 Jun 2023 09:48:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51722
IP address blocks: 194.87.120.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
192.124.182.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
193.124.201.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e7:a8:25:67:1b:c5:a4:3d:b3:62:76:15:0c:e4:60:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 23 09:48:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a6450ac45711d329f38290737cdc8d2df52b4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4a:c3:cb:e4:98:ba:9d:49:d3:82:53:ba:50:
ff:28:11:6d:59:d4:83:91:73:d0:ab:12:c5:09:46:
a4:64:0a:34:57:0e:b9:21:fc:ab:ab:f0:8e:b6:7c:
15:ad:e9:2b:25:72:44:a2:d9:45:f1:fc:c7:03:d6:
0d:b9:00:80:4c:09:69:15:6f:c4:ab:98:4a:4c:06:
67:db:94:66:7b:a7:e0:02:17:49:2a:6a:49:49:0d:
6d:5a:fd:44:18:13:8e:ec:b7:61:94:40:a5:51:60:
ac:d6:2a:d9:95:6f:25:05:15:16:ce:d5:c9:80:e4:
81:5b:00:da:76:54:1c:22:7f:71:0b:09:1a:a4:22:
bc:fc:ad:12:f0:7f:3b:93:a7:a6:ca:16:62:f5:99:
6b:57:66:9d:13:0d:b2:36:4f:cf:03:8a:30:cb:81:
75:52:ca:d6:5a:1e:d1:58:ad:c5:39:80:5e:64:b5:
01:8f:db:81:8f:38:3c:3d:59:7a:69:01:f6:86:e1:
b9:73:9a:98:8e:4a:9c:2c:b5:09:48:92:da:d4:46:
02:37:d9:61:f0:5e:a0:55:ce:e5:c6:2e:3a:90:f0:
60:38:ea:0e:8d:79:62:58:e6:b0:43:2b:15:41:86:
40:c2:7b:30:b3:46:66:59:90:e9:ad:e4:95:85:fd:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:64:50:AC:45:71:1D:32:9F:38:29:07:37:CD:C8:D2:DF:52:B4:B7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/imRQrEVxHTKfOCkHN83I0t9StLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.182.0/24
193.124.94.0/24
193.124.201.0/24
194.87.119.0-194.87.120.255
194.87.181.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:73:15:34:ef:5c:66:d4:b5:2a:59:8f:9d:c1:3b:ca:28:e8:
f1:58:6f:33:1b:7b:24:a5:93:e3:55:40:c4:09:6e:a9:a9:91:
f4:40:b6:3d:38:99:9c:99:e1:c3:56:8a:f1:0e:bb:f9:b1:89:
28:0d:49:8a:0e:ca:8f:54:ef:44:92:5f:92:89:1c:b4:a7:bd:
73:9b:8f:6a:a9:6d:d6:9a:e4:27:79:4a:0e:39:e3:86:01:d2:
6a:f1:23:5a:c0:8d:a0:64:5f:72:c9:49:02:23:4a:a9:00:ea:
39:e1:c4:d3:35:2d:52:40:6f:ff:e1:8c:24:59:eb:ee:9e:8f:
e6:fd:f7:85:d9:b5:94:0e:68:81:5e:73:47:64:e6:ef:41:6f:
68:65:4e:55:87:a2:a6:37:b8:ee:82:a8:49:d0:58:58:d5:5a:
54:48:6f:aa:4e:d6:c6:c0:7e:26:6b:c9:46:c8:bc:f0:9a:b7:
f5:07:08:fa:75:76:de:69:7d:c3:c0:be:0f:75:ee:4e:f9:6e:
49:32:96:7c:47:e9:fb:f0:96:1a:b8:e9:0a:84:01:a8:91:36:
2b:44:c0:a8:a6:95:26:e4:90:ee:ef:0d:fb:f5:4d:c2:30:9b:
c3:7c:57:82:e8:1f:8c:47:15:f4:7a:ca:26:6c:01:bd:d3:c0:
c0:1e:d9:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYjnqCVnG8WkPbNidhUM5GCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNjIzMDk0ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTY0NTBhYzQ1NzExZDMyOWYzODI5MDczN2NkYzhkMmRmNTJiNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkrDy+SYup1J04JTulD/KBFtWdSD
kXPQqxLFCUakZAo0Vw65Ifyrq/COtnwVrekrJXJEotlF8fzHA9YNuQCATAlpFW/E
q5hKTAZn25Rme6fgAhdJKmpJSQ1tWv1EGBOO7LdhlEClUWCs1irZlW8lBRUWztXJ
gOSBWwDadlQcIn9xCwkapCK8/K0S8H87k6emyhZi9ZlrV2adEw2yNk/PA4owy4F1
UsrWWh7RWK3FOYBeZLUBj9uBjzg8PVl6aQH2huG5c5qYjkqcLLUJSJLa1EYCN9lh
8F6gVc7lxi46kPBgOOoOjXliWOawQysVQYZAwnsws0ZmWZDpreSVhf26eQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIpkUKxFcR0ynzgpBzfNyNLfUrS3MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvaW1SUXJFVnhIVEtmT0NrSE44M0kwdDlTdExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAwHy2AwQA
wXxeAwQAwXzJMAwDBADCV3cDBADCV3gDBADCV7UwDQYJKoZIhvcNAQELBQADggEB
ACtzFTTvXGbUtSpZj53BO8oo6PFYbzMbeySlk+NVQMQJbqmpkfRAtj04mZyZ4cNW
ivEOu/mxiSgNSYoOyo9U70SSX5KJHLSnvXObj2qpbdaa5Cd5Sg4544YB0mrxI1rA
jaBkX3LJSQIjSqkA6jnhxNM1LVJAb//hjCRZ6+6ej+b994XZtZQOaIFec0dk5u9B
b2hlTlWHoqY3uO6CqEnQWFjVWlRIb6pO1sbAfiZryUbIvPCat/UHCPp1dt5pfcPA
vg917k75bkkylnxH6fvwlhq46QqEAaiRNitEwKimlSbkkO7vDfv1TcIwm8N8V4Lo
H4xHFfR6yiZsAb3TwMAe2Ro=
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:52:06 2025 by rpki-client