Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4f10a3-6b21-4805-8e03-931ff3d9df41/1/8jtXqXtyZfnsJ8GB159V6GNyPcI.roa
File: 8jtXqXtyZfnsJ8GB159V6GNyPcI.roa (raw, json)
Hash identifier: Xe9XfH4rGglIi7Y4XLiMIB95FG6Z8x/97CDzgS0IExY=
Subject key identifier: F2:3B:57:A9:7B:72:65:F9:EC:27:C1:81:D7:9F:55:E8:63:72:3D:C2
Certificate issuer: /CN=fcb8983e529fc949b89fab3703b795b78b1a875c
Certificate serial: 0184BD0A2D6C3A495C7DDBDE4E0EAA9937CB
Authority key identifier: FC:B8:98:3E:52:9F:C9:49:B8:9F:AB:37:03:B7:95:B7:8B:1A:87:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_LiYPlKfyUm4n6s3A7eVt4sah1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4f10a3-6b21-4805-8e03-931ff3d9df41/1/8jtXqXtyZfnsJ8GB159V6GNyPcI.roa
Signing time: Mon 28 Nov 2022 07:01:11 +0000
ROA not before: Mon 28 Nov 2022 07:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206376
IP address blocks: 185.188.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:0a:2d:6c:3a:49:5c:7d:db:de:4e:0e:aa:99:37:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcb8983e529fc949b89fab3703b795b78b1a875c
Validity
Not Before: Nov 28 07:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f23b57a97b7265f9ec27c181d79f55e863723dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:ad:1f:a8:9d:7b:fb:d2:46:16:a0:66:a4:
10:8a:d3:12:29:b9:5d:41:14:df:52:89:2f:59:1b:
f9:90:19:39:d5:22:ee:16:f0:dc:cb:79:ab:95:ac:
8a:63:75:f6:b0:02:a3:b1:bb:7e:39:f5:b6:47:5a:
3a:da:24:ed:de:09:ab:bc:5d:55:5c:6c:5a:e2:2e:
4d:ca:56:7e:64:50:a6:85:7a:0f:bd:0d:a0:c0:2e:
78:53:aa:a7:b1:b5:4f:03:d4:ef:70:e4:47:93:77:
22:50:af:3e:6f:02:86:47:7e:9e:25:6c:a7:66:80:
32:7d:5b:f8:87:1d:be:33:98:05:95:2b:b6:e2:4a:
aa:c1:cc:2b:ac:3a:db:55:bf:ed:21:81:1e:53:b5:
22:34:ce:7b:68:cf:6b:fc:25:57:6a:c8:80:0a:d1:
56:3a:4a:3b:3c:e6:b0:e5:cf:65:9b:bf:79:cc:97:
90:5c:35:14:94:56:31:ef:42:f4:92:5f:f9:d1:f1:
23:04:00:39:5e:4a:8c:12:d9:9e:d7:1c:27:d1:45:
2b:99:56:ec:6f:c4:90:25:68:3a:9b:6c:06:c4:3b:
d6:a2:a5:b9:8e:6d:71:4a:9b:28:8f:cf:4f:aa:fa:
93:b2:1f:6d:26:a5:20:78:b7:57:1c:72:48:f6:ef:
36:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3B:57:A9:7B:72:65:F9:EC:27:C1:81:D7:9F:55:E8:63:72:3D:C2
X509v3 Authority Key Identifier:
keyid:FC:B8:98:3E:52:9F:C9:49:B8:9F:AB:37:03:B7:95:B7:8B:1A:87:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_LiYPlKfyUm4n6s3A7eVt4sah1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4f10a3-6b21-4805-8e03-931ff3d9df41/1/8jtXqXtyZfnsJ8GB159V6GNyPcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4f10a3-6b21-4805-8e03-931ff3d9df41/1/_LiYPlKfyUm4n6s3A7eVt4sah1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.124.0/22
Signature Algorithm: sha256WithRSAEncryption
92:e7:ff:4f:ca:9a:73:3f:40:31:10:9e:c3:d5:20:a3:b4:b1:
eb:0e:60:01:e9:26:87:05:0c:53:e1:0d:99:44:1d:56:c8:f6:
11:20:38:9e:42:04:ea:01:5e:44:a4:b8:ec:4c:1d:ee:7a:23:
16:06:4a:28:01:7e:43:d8:4d:4f:c1:22:96:8f:12:fb:8b:9b:
2a:2d:5a:2d:83:55:e5:23:76:fe:fd:c2:d0:3a:bd:95:6c:2e:
54:ca:f9:0e:e7:01:1a:7f:5f:85:41:7c:4d:bd:b4:5b:4e:ac:
08:80:11:81:44:d8:8f:bd:3a:83:3a:d5:d4:ba:3e:d7:9c:87:
73:65:3b:53:0e:41:18:6a:5c:bd:52:73:cf:6b:5e:dc:e0:4a:
e0:64:0c:7c:26:38:23:7d:86:eb:40:c5:38:b8:7f:e7:8a:af:
c5:39:76:ae:e3:ab:d4:76:74:b0:05:37:e7:8f:62:01:d4:87:
e7:50:48:7e:0b:02:94:c6:05:a0:45:88:9b:c1:bd:fe:d4:1d:
b8:8b:1f:eb:59:69:f7:d5:8d:03:fb:77:09:c3:be:f8:be:72:
17:89:9d:98:22:47:01:79:7c:b6:6f:1e:b8:2c:bd:8e:2b:fd:
b0:c2:2b:df:3e:5f:3b:42:bc:e9:44:57:73:7f:fb:8f:6a:c8:
73:a6:a5:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9Ci1sOklcfdveTg6qmTfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYjg5ODNlNTI5ZmM5NDliODlmYWIzNzAzYjc5NWI3OGIx
YTg3NWMwHhcNMjIxMTI4MDcwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNiNTdhOTdiNzI2NWY5ZWMyN2MxODFkNzlmNTVlODYzNzIzZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuStH6ide/vSRhagZqQQitMSKbld
QRTfUokvWRv5kBk51SLuFvDcy3mrlayKY3X2sAKjsbt+OfW2R1o62iTt3gmrvF1V
XGxa4i5NylZ+ZFCmhXoPvQ2gwC54U6qnsbVPA9TvcORHk3ciUK8+bwKGR36eJWyn
ZoAyfVv4hx2+M5gFlSu24kqqwcwrrDrbVb/tIYEeU7UiNM57aM9r/CVXasiACtFW
Oko7POaw5c9lm795zJeQXDUUlFYx70L0kl/50fEjBAA5XkqMEtme1xwn0UUrmVbs
b8SQJWg6m2wGxDvWoqW5jm1xSpsoj89PqvqTsh9tJqUgeLdXHHJI9u82bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI7V6l7cmX57CfBgdefVehjcj3CMB8GA1UdIwQY
MBaAFPy4mD5Sn8lJuJ+rNwO3lbeLGodcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0xpWVBsS2Z5VW00bjZzM0E3ZVZ0NHNhaDF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZjEwYTMtNmIyMS00ODA1LThlMDMt
OTMxZmYzZDlkZjQxLzEvOGp0WHFYdHlaZm5zSjhHQjE1OVY2R055UGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZjEwYTMtNmIyMS00ODA1LThlMDMtOTMxZmYzZDlkZjQx
LzEvX0xpWVBsS2Z5VW00bjZzM0E3ZVZ0NHNhaDF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubx8MA0G
CSqGSIb3DQEBCwUAA4IBAQCS5/9PyppzP0AxEJ7D1SCjtLHrDmAB6SaHBQxT4Q2Z
RB1WyPYRIDieQgTqAV5EpLjsTB3ueiMWBkooAX5D2E1PwSKWjxL7i5sqLVotg1Xl
I3b+/cLQOr2VbC5UyvkO5wEaf1+FQXxNvbRbTqwIgBGBRNiPvTqDOtXUuj7XnIdz
ZTtTDkEYaly9UnPPa17c4ErgZAx8JjgjfYbrQMU4uH/niq/FOXau46vUdnSwBTfn
j2IB1IfnUEh+CwKUxgWgRYibwb3+1B24ix/rWWn31Y0D+3cJw774vnIXiZ2YIkcB
eXy2bx64LL2OK/2wwivfPl87QrzpRFdzf/uPashzpqVT
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:54:28 2025 by rpki-client