Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lJhaKrXA0Vr_806iVd3gGt42QMo.roa
File: lJhaKrXA0Vr_806iVd3gGt42QMo.roa (raw, json)
Hash identifier: sNdregyIrhBzB6ejSp2hLO+JaZQ7WdXz7/jWVybqHtc=
Subject key identifier: 94:98:5A:2A:B5:C0:D1:5A:FF:F3:4E:A2:55:DD:E0:1A:DE:36:40:CA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018847D4BFBF7DDBB8F57DE34042B56EF7D9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lJhaKrXA0Vr_806iVd3gGt42QMo.roa
Signing time: Tue 23 May 2023 08:58:24 +0000
ROA not before: Tue 23 May 2023 08:58:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 194.87.121.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:d4:bf:bf:7d:db:b8:f5:7d:e3:40:42:b5:6e:f7:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 23 08:58:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94985a2ab5c0d15afff34ea255dde01ade3640ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:93:67:2d:f3:93:53:63:9f:fe:ef:97:0b:
04:b9:19:58:21:50:5f:a4:c2:de:1c:e7:d1:a8:38:
56:79:af:8e:73:a6:ea:41:09:88:a5:bf:b3:18:06:
c5:0c:8f:ac:10:7a:cf:0b:b7:71:77:44:c7:fc:86:
68:68:10:90:4a:af:fb:ac:73:76:b3:ce:8f:e8:16:
8e:68:3e:af:d2:bd:ac:e4:00:8e:7b:c4:6d:a6:99:
49:61:d9:5b:6a:4f:84:a4:de:ec:8a:0b:13:7b:ed:
8b:da:1c:eb:1a:2a:02:bf:76:d7:2d:58:10:4b:cd:
71:a1:54:32:af:2f:75:fa:3d:61:77:d5:fe:4c:e8:
64:79:e8:d1:d9:55:3b:b0:8f:c1:1e:50:f9:e0:59:
d4:6b:de:6b:49:e6:3a:ed:85:d8:ec:19:88:92:74:
a5:f7:c1:43:f1:81:29:2d:ea:32:b4:f1:8e:47:41:
db:47:f3:bc:c7:54:9e:36:9a:ea:d3:7a:ff:35:f1:
63:e0:0a:4b:a1:54:ed:ff:0d:44:19:78:b7:d0:36:
53:42:bd:ea:42:05:b5:64:03:71:ce:f6:b0:55:6b:
77:70:0a:c4:7a:bb:b9:5f:98:6f:b8:25:81:3b:e5:
8b:75:16:30:ba:8c:e9:41:05:da:36:aa:75:77:1e:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:98:5A:2A:B5:C0:D1:5A:FF:F3:4E:A2:55:DD:E0:1A:DE:36:40:CA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/lJhaKrXA0Vr_806iVd3gGt42QMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.121.0/24
194.87.165.0/24
194.87.171.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:5a:e5:ce:29:d7:58:4c:9a:ec:b5:8d:34:6d:83:63:de:c6:
9c:60:b6:5d:00:6a:ef:7b:2c:f6:1e:0d:c1:4a:83:fd:8d:43:
67:59:b7:e2:10:4c:19:f4:6c:06:10:20:49:9d:6f:4f:80:db:
81:c4:40:23:14:85:f6:2c:2a:b3:1d:a3:95:95:39:1d:0e:7e:
07:53:69:13:0e:28:78:9c:91:5b:16:9c:d3:b0:07:1c:0d:3d:
d0:26:9e:80:44:7c:a3:cc:75:42:63:04:8a:2d:a5:b3:66:54:
28:b5:42:88:24:b8:1f:42:90:8a:c5:56:05:ae:16:25:2d:87:
97:cb:f3:f6:ee:11:af:3c:ad:e5:55:2c:85:a5:ad:9e:b0:e5:
80:d1:8b:72:41:e0:ef:87:41:a6:38:03:3d:1f:dc:97:64:f0:
ea:1f:37:3a:35:f6:ab:0e:60:23:c0:bf:bc:23:ed:99:d7:98:
97:80:50:88:be:fa:e4:6b:47:24:4b:95:4b:a1:cb:0e:8c:0d:
96:fa:31:a3:77:60:62:55:ce:ba:1d:e7:5d:45:7e:6d:1b:0e:
98:44:a7:9e:73:ee:cf:4e:e7:02:92:29:72:8f:58:33:0b:1f:
79:4f:da:2f:1a:f8:e1:85:5a:71:8d:a1:52:65:05:cb:23:43:
30:f9:3e:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhH1L+/fdu49X3jQEK1bvfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTIzMDg1ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk4NWEyYWI1YzBkMTVhZmZmMzRlYTI1NWRkZTAxYWRlMzY0MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdiTZy3zk1Njn/7vlwsEuRlYIVBf
pMLeHOfRqDhWea+Oc6bqQQmIpb+zGAbFDI+sEHrPC7dxd0TH/IZoaBCQSq/7rHN2
s86P6BaOaD6v0r2s5ACOe8RtpplJYdlbak+EpN7sigsTe+2L2hzrGioCv3bXLVgQ
S81xoVQyry91+j1hd9X+TOhkeejR2VU7sI/BHlD54FnUa95rSeY67YXY7BmIknSl
98FD8YEpLeoytPGOR0HbR/O8x1SeNprq03r/NfFj4ApLoVTt/w1EGXi30DZTQr3q
QgW1ZANxzvawVWt3cArEeru5X5hvuCWBO+WLdRYwuozpQQXaNqp1dx68GwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJSYWiq1wNFa//NOolXd4BreNkDKMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbEpoYUtyWEEwVnJfODA2aVZkM2dHdDQyUU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwld5AwQA
wlelAwQAwlerMA0GCSqGSIb3DQEBCwUAA4IBAQAaWuXOKddYTJrstY00bYNj3sac
YLZdAGrveyz2Hg3BSoP9jUNnWbfiEEwZ9GwGECBJnW9PgNuBxEAjFIX2LCqzHaOV
lTkdDn4HU2kTDih4nJFbFpzTsAccDT3QJp6ARHyjzHVCYwSKLaWzZlQotUKIJLgf
QpCKxVYFrhYlLYeXy/P27hGvPK3lVSyFpa2esOWA0YtyQeDvh0GmOAM9H9yXZPDq
Hzc6NfarDmAjwL+8I+2Z15iXgFCIvvrka0ckS5VLocsOjA2W+jGjd2BiVc66Hedd
RX5tGw6YRKeec+7PTucCkilyj1gzCx95T9ovGvjhhVpxjaFSZQXLI0Mw+T5z
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:51:29 2025 by rpki-client