Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5c36f7-9fca-4896-ab72-05e7fa630bbc/1/jwGaUevhmGrK8-RjnCrPOS9FAa8.roa
File: jwGaUevhmGrK8-RjnCrPOS9FAa8.roa (raw, json)
Hash identifier: gTyjuhxlnbZJLhxZ2afIs0bj5adaaYRkUbuB5SWQ+UM=
Subject key identifier: 8F:01:9A:51:EB:E1:98:6A:CA:F3:E4:63:9C:2A:CF:39:2F:45:01:AF
Certificate issuer: /CN=9a98febc33e4d517ae3d9ca3e932e2d4ba6885ac
Certificate serial: 018572310E63F6EEFC84285AECFED87282FF
Authority key identifier: 9A:98:FE:BC:33:E4:D5:17:AE:3D:9C:A3:E9:32:E2:D4:BA:68:85:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mpj-vDPk1ReuPZyj6TLi1Lpohaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5c36f7-9fca-4896-ab72-05e7fa630bbc/1/jwGaUevhmGrK8-RjnCrPOS9FAa8.roa
Signing time: Mon 02 Jan 2023 11:14:55 +0000
ROA not before: Mon 02 Jan 2023 11:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210431
IP address blocks: 185.140.175.0/24 maxlen: 24
2a12:7380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:0e:63:f6:ee:fc:84:28:5a:ec:fe:d8:72:82:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a98febc33e4d517ae3d9ca3e932e2d4ba6885ac
Validity
Not Before: Jan 2 11:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f019a51ebe1986acaf3e4639c2acf392f4501af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2b:6b:34:f5:5c:25:4b:c3:7a:4f:51:de:a9:
47:d8:22:9d:39:bd:33:db:20:3b:f6:b8:67:55:00:
b5:3e:1f:a3:f1:1a:a5:a2:c5:97:93:d7:e2:ae:cf:
99:b3:cb:f4:b8:b8:6f:b9:21:94:a7:e1:5b:f6:94:
24:40:5a:3f:19:e5:7b:3a:a5:79:bb:07:d5:e0:d5:
58:58:c9:73:23:38:d4:65:63:70:2c:05:b3:df:a7:
f6:0e:0b:be:13:3b:f3:15:a2:d7:aa:b4:28:8c:fc:
66:d9:1c:b6:c8:c6:d1:b5:98:4d:f2:63:40:1b:92:
f9:79:bd:15:fd:d2:fc:a2:4c:fb:8a:31:fe:8d:32:
3c:0d:ed:e0:c6:52:84:66:a8:cb:79:ee:0c:8d:9c:
fb:27:42:ec:88:3b:4f:35:23:54:8a:55:73:e7:3f:
a6:11:c0:11:8a:c0:3d:5c:c4:34:7b:a9:7e:86:2d:
88:f1:53:7f:96:66:e8:20:b7:13:54:0b:dd:3e:96:
74:bd:ce:2c:6d:0f:2b:d5:58:44:ec:d9:6d:2f:d5:
36:32:b3:59:46:33:cb:f9:8a:94:03:dc:ad:99:12:
47:ab:09:de:92:fb:b8:3f:a9:9c:f9:c2:e6:49:a4:
2a:19:c2:9d:8e:7f:4f:62:45:ce:3d:9f:77:eb:d9:
8a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:01:9A:51:EB:E1:98:6A:CA:F3:E4:63:9C:2A:CF:39:2F:45:01:AF
X509v3 Authority Key Identifier:
keyid:9A:98:FE:BC:33:E4:D5:17:AE:3D:9C:A3:E9:32:E2:D4:BA:68:85:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mpj-vDPk1ReuPZyj6TLi1Lpohaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5c36f7-9fca-4896-ab72-05e7fa630bbc/1/jwGaUevhmGrK8-RjnCrPOS9FAa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5c36f7-9fca-4896-ab72-05e7fa630bbc/1/mpj-vDPk1ReuPZyj6TLi1Lpohaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.175.0/24
IPv6:
2a12:7380::/32
Signature Algorithm: sha256WithRSAEncryption
75:b2:fb:fd:bf:80:e0:97:44:25:0f:dc:98:ae:e0:c1:08:ca:
d1:ad:b6:15:73:da:78:4d:f8:00:94:2e:3a:30:9a:9f:5b:16:
b1:11:48:ce:d8:5f:64:10:df:8e:59:14:28:93:d7:03:eb:89:
b1:da:85:0c:5c:79:b3:0a:d7:75:3d:9f:76:7b:27:6c:94:ac:
61:c4:71:d7:31:8f:fd:25:24:42:07:e5:a6:84:3e:a3:a1:cf:
e7:a5:e4:f8:59:20:55:2b:91:32:4f:52:1b:59:76:a7:e5:62:
a8:a7:7b:be:83:1c:1d:76:3e:e0:77:1c:4f:82:ef:f7:e9:8d:
46:d7:89:0e:8c:47:29:6f:83:68:df:7e:6b:58:90:c9:74:79:
ba:9b:d3:63:01:f6:38:68:98:b3:88:f3:92:80:9d:cd:c9:95:
68:0f:e1:3e:23:37:6d:cf:d0:eb:88:74:90:47:c1:1d:44:b3:
8e:7e:e0:09:fa:02:e6:c0:52:35:21:84:86:c3:e1:a3:ad:79:
23:cc:8f:d7:13:42:b3:92:b5:0c:8a:73:f9:7a:e2:77:05:06:
f8:df:3c:4a:ed:67:01:8a:08:3b:35:10:a8:23:43:96:fb:3f:
44:ff:d2:52:7f:9b:4f:aa:44:61:dd:fa:1a:ca:c8:ba:bb:1e:
da:13:22:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMQ5j9u78hCha7P7YcoL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhOThmZWJjMzNlNGQ1MTdhZTNkOWNhM2U5MzJlMmQ0YmE2
ODg1YWMwHhcNMjMwMTAyMTExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjAxOWE1MWViZTE5ODZhY2FmM2U0NjM5YzJhY2YzOTJmNDUwMWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgytrNPVcJUvDek9R3qlH2CKdOb0z
2yA79rhnVQC1Ph+j8RqlosWXk9firs+Zs8v0uLhvuSGUp+Fb9pQkQFo/GeV7OqV5
uwfV4NVYWMlzIzjUZWNwLAWz36f2Dgu+EzvzFaLXqrQojPxm2Ry2yMbRtZhN8mNA
G5L5eb0V/dL8okz7ijH+jTI8De3gxlKEZqjLee4MjZz7J0LsiDtPNSNUilVz5z+m
EcARisA9XMQ0e6l+hi2I8VN/lmboILcTVAvdPpZ0vc4sbQ8r1VhE7NltL9U2MrNZ
RjPL+YqUA9ytmRJHqwnekvu4P6mc+cLmSaQqGcKdjn9PYkXOPZ9369mK6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI8BmlHr4ZhqyvPkY5wqzzkvRQGvMB8GA1UdIwQY
MBaAFJqY/rwz5NUXrj2co+ky4tS6aIWsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXBqLXZEUGsxUmV1UFp5ajZUTGkxTHBvaGF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81YzM2ZjctOWZjYS00ODk2LWFiNzIt
MDVlN2ZhNjMwYmJjLzEvandHYVVldmhtR3JLOC1Sam5DclBPUzlGQWE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81YzM2ZjctOWZjYS00ODk2LWFiNzItMDVlN2ZhNjMwYmJj
LzEvbXBqLXZEUGsxUmV1UFp5ajZUTGkxTHBvaGF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYyvMA0E
AgACMAcDBQAqEnOAMA0GCSqGSIb3DQEBCwUAA4IBAQB1svv9v4Dgl0QlD9yYruDB
CMrRrbYVc9p4TfgAlC46MJqfWxaxEUjO2F9kEN+OWRQok9cD64mx2oUMXHmzCtd1
PZ92eydslKxhxHHXMY/9JSRCB+WmhD6joc/npeT4WSBVK5EyT1IbWXan5WKop3u+
gxwddj7gdxxPgu/36Y1G14kOjEcpb4No335rWJDJdHm6m9NjAfY4aJiziPOSgJ3N
yZVoD+E+Izdtz9DriHSQR8EdRLOOfuAJ+gLmwFI1IYSGw+GjrXkjzI/XE0KzkrUM
inP5euJ3BQb43zxK7WcBigg7NRCoI0OW+z9E/9JSf5tPqkRh3foaysi6ux7aEyIq
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:19:35 2025 by rpki-client