Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/jaN8y5j98Fd6nC9iQkh-OcDZv2k.roa
File: jaN8y5j98Fd6nC9iQkh-OcDZv2k.roa (raw, json)
Hash identifier: FQL1PLyjTawt84NEojzgjB5OPmkD7dUbLkz4mfPQciY=
Subject key identifier: 8D:A3:7C:CB:98:FD:F0:57:7A:9C:2F:62:42:48:7E:39:C0:D9:BF:69
Certificate issuer: /CN=b930da21518184145f6d7621b5a13bd54035ac83
Certificate serial: 0185715E60D1310DB7C4E255B4A24A327FFE
Authority key identifier: B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/jaN8y5j98Fd6nC9iQkh-OcDZv2k.roa
Signing time: Mon 02 Jan 2023 07:24:48 +0000
ROA not before: Mon 02 Jan 2023 07:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202876
IP address blocks: 185.152.28.0/22 maxlen: 22
2a07:7d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:60:d1:31:0d:b7:c4:e2:55:b4:a2:4a:32:7f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b930da21518184145f6d7621b5a13bd54035ac83
Validity
Not Before: Jan 2 07:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8da37ccb98fdf0577a9c2f6242487e39c0d9bf69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:25:51:95:e6:18:7d:3a:cd:9c:d4:67:27:d9:
e4:39:d6:07:84:e5:c9:55:f9:b3:43:b0:60:07:91:
a8:35:0f:85:fa:99:f0:dd:d0:76:b1:b8:36:0a:d1:
f9:66:aa:b9:67:82:1f:f0:7f:b8:19:c4:46:8c:e4:
06:d3:bb:f0:2e:7f:0e:ba:07:e6:60:fb:01:d3:b5:
a1:ec:23:0e:74:d9:58:de:13:9f:3a:4e:ec:e0:1a:
06:e9:3f:0f:5d:0a:fc:9c:fd:ac:25:ad:47:24:f0:
88:26:3f:dd:9e:c0:2c:4b:85:84:78:e3:44:ea:e2:
45:e2:f5:85:fa:72:cb:b7:c0:db:36:84:3a:28:3b:
ac:ef:8c:e8:a4:b9:8b:81:3c:16:94:3e:f7:04:31:
91:4f:48:2a:12:b0:83:9d:c2:4a:60:7c:87:94:c0:
65:0e:0c:64:5a:a5:89:51:6f:16:b3:ba:85:26:e4:
b4:26:8f:62:a5:89:fc:e9:e2:5c:95:35:93:28:0c:
02:4f:16:97:4e:07:08:d4:97:99:69:2d:79:01:a9:
5c:43:5e:99:9c:65:94:28:5e:41:b3:c1:df:8b:79:
4a:2e:c1:42:20:88:96:e0:13:33:19:93:af:d8:c3:
10:77:03:58:19:b4:5d:87:69:a5:40:48:7c:87:5d:
55:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A3:7C:CB:98:FD:F0:57:7A:9C:2F:62:42:48:7E:39:C0:D9:BF:69
X509v3 Authority Key Identifier:
keyid:B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/jaN8y5j98Fd6nC9iQkh-OcDZv2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.28.0/22
IPv6:
2a07:7d40::/29
Signature Algorithm: sha256WithRSAEncryption
4a:a8:c9:27:78:84:a0:c2:ab:dc:b2:b7:30:66:44:26:54:91:
dd:72:7a:e9:16:a2:40:56:af:6f:90:cf:0f:f7:60:c6:95:da:
55:78:22:58:fc:ed:42:7e:ae:81:b3:a9:a3:1b:d2:ce:75:98:
a4:87:0f:65:a8:7b:dd:6e:07:9f:a2:71:49:c2:83:15:de:6f:
0b:3c:d8:cf:21:83:46:c1:cb:a8:99:0f:86:20:fd:4b:71:1f:
c7:3a:53:65:36:05:6c:46:45:f3:34:be:f9:97:9c:a1:00:7c:
b6:ad:17:df:d1:f0:e0:b0:10:46:b4:ea:eb:c3:b1:c9:32:ab:
89:60:06:7f:77:d5:86:25:39:3f:ab:9a:9f:37:f5:14:6e:f9:
7d:e0:d3:3a:cb:eb:a9:d1:e0:8c:45:a6:38:61:46:53:06:88:
8c:ba:3e:44:9c:0b:8d:ef:3d:41:54:8e:04:28:0e:da:86:6d:
87:81:37:59:08:bf:a2:71:86:b7:b9:57:38:b2:60:26:99:77:
c0:07:01:bc:ce:db:cc:f4:c2:d8:19:fa:c1:e1:da:a0:3b:d6:
4f:94:cb:84:45:8c:5a:f7:31:31:1a:53:c4:9d:fe:db:b3:1a:
39:17:72:4f:ce:85:4d:19:b9:fc:4d:0c:03:fe:d4:ac:66:c3:
80:6a:c9:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxXmDRMQ23xOJVtKJKMn/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MzBkYTIxNTE4MTg0MTQ1ZjZkNzYyMWI1YTEzYmQ1NDAz
NWFjODMwHhcNMjMwMTAyMDcyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEzN2NjYjk4ZmRmMDU3N2E5YzJmNjI0MjQ4N2UzOWMwZDliZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyVRleYYfTrNnNRnJ9nkOdYHhOXJ
VfmzQ7BgB5GoNQ+F+pnw3dB2sbg2CtH5Zqq5Z4If8H+4GcRGjOQG07vwLn8Ougfm
YPsB07Wh7CMOdNlY3hOfOk7s4BoG6T8PXQr8nP2sJa1HJPCIJj/dnsAsS4WEeONE
6uJF4vWF+nLLt8DbNoQ6KDus74zopLmLgTwWlD73BDGRT0gqErCDncJKYHyHlMBl
DgxkWqWJUW8Ws7qFJuS0Jo9ipYn86eJclTWTKAwCTxaXTgcI1JeZaS15AalcQ16Z
nGWUKF5Bs8Hfi3lKLsFCIIiW4BMzGZOv2MMQdwNYGbRdh2mlQEh8h11VCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI2jfMuY/fBXepwvYkJIfjnA2b9pMB8GA1UdIwQY
MBaAFLkw2iFRgYQUX212IbWhO9VANayDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVREYUlWR0JoQlJmYlhZaHRhRTcxVUExcklNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80NzBjZGEtZDBlYy00MzIzLWFlOWIt
OTk0YWY1YzM0NDAyLzEvamFOOHk1ajk4RmQ2bkM5aVFraC1PY0RadjJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80NzBjZGEtZDBlYy00MzIzLWFlOWItOTk0YWY1YzM0NDAy
LzEvdVREYUlWR0JoQlJmYlhZaHRhRTcxVUExcklNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZgcMA0E
AgACMAcDBQMqB31AMA0GCSqGSIb3DQEBCwUAA4IBAQBKqMkneISgwqvcsrcwZkQm
VJHdcnrpFqJAVq9vkM8P92DGldpVeCJY/O1Cfq6Bs6mjG9LOdZikhw9lqHvdbgef
onFJwoMV3m8LPNjPIYNGwcuomQ+GIP1LcR/HOlNlNgVsRkXzNL75l5yhAHy2rRff
0fDgsBBGtOrrw7HJMquJYAZ/d9WGJTk/q5qfN/UUbvl94NM6y+up0eCMRaY4YUZT
BoiMuj5EnAuN7z1BVI4EKA7ahm2HgTdZCL+icYa3uVc4smAmmXfABwG8ztvM9MLY
GfrB4dqgO9ZPlMuERYxa9zExGlPEnf7bsxo5F3JPzoVNGbn8TQwD/tSsZsOAasky
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:52:26 2025 by rpki-client