Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/1-j-ufaRzmpKFjuSdmZsYK5KqBvo.roa
File: 1-j-ufaRzmpKFjuSdmZsYK5KqBvo.roa (raw, json)
Hash identifier: vjP/wnIcknnl3r5MairNJ0C7Oe2huKi/w0XMlKqb2hQ=
Subject key identifier: FA:3F:AE:7D:A4:73:9A:92:85:8E:E4:9D:99:9B:18:2B:92:AA:06:FA
Certificate issuer: /CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Certificate serial: 010ED9EF
Authority key identifier: B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/1-j-ufaRzmpKFjuSdmZsYK5KqBvo.roa
Signing time: Thu 07 Apr 2022 08:05:02 +0000
ROA not before: Thu 07 Apr 2022 08:05:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.15.102.0/23 maxlen: 23
185.15.101.0/24 maxlen: 24
5.152.168.0/21 maxlen: 21
5.8.184.0/24 maxlen: 24
5.8.185.0/24 maxlen: 24
5.8.186.0/24 maxlen: 24
5.8.191.0/24 maxlen: 24
5.8.190.0/24 maxlen: 24
5.8.187.0/24 maxlen: 24
37.1.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17750511 (0x10ed9ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a89b67c66debf5ded3f2880bb4941d30411257
Validity
Not Before: Apr 7 08:05:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa3fae7da4739a92858ee49d999b182b92aa06fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:1b:52:bc:90:69:d6:ec:5c:7d:b5:22:26:
dc:a9:da:27:4d:18:eb:52:57:a6:2c:63:da:ef:ea:
df:a1:1e:23:63:41:6e:6c:12:91:b8:0b:63:bd:c0:
94:7d:cf:1d:8e:2d:5a:4d:e7:9d:86:fb:90:d1:76:
bc:61:7d:01:94:6b:b5:92:4d:ca:29:5c:a4:33:02:
d2:a3:8c:fb:7f:31:64:d9:ee:01:65:65:99:c0:d0:
e4:ca:6f:da:3d:14:f3:16:80:bf:22:c9:4b:1d:f6:
4b:5a:a5:b9:38:de:96:23:f4:75:32:2c:c5:79:e9:
c6:74:7b:fb:22:8d:46:19:bb:8f:a4:e6:9b:ce:fc:
8a:11:9a:05:a5:d4:04:14:cd:c7:95:74:47:ba:81:
bb:14:3c:10:9f:cf:d6:70:b9:0c:bd:96:a5:6f:17:
1b:d4:fc:c2:9f:97:b8:28:76:03:53:6c:25:bc:ef:
68:2c:ea:7a:bc:cd:23:61:1d:55:49:19:d8:30:3f:
89:a4:c0:ee:8a:0c:6f:61:3a:7a:7c:c9:f6:1a:27:
02:60:65:24:b2:4d:97:9f:60:f7:11:fb:bb:55:4d:
8b:84:03:d5:c1:3c:41:fd:de:83:ec:86:3f:3f:99:
88:d8:fc:0f:d6:67:b1:e6:4d:e6:d3:ab:4c:2b:34:
4e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3F:AE:7D:A4:73:9A:92:85:8E:E4:9D:99:9B:18:2B:92:AA:06:FA
X509v3 Authority Key Identifier:
keyid:B1:A8:9B:67:C6:6D:EB:F5:DE:D3:F2:88:0B:B4:94:1D:30:41:12:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saibZ8Zt6_Xe0_KIC7SUHTBBElc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/1-j-ufaRzmpKFjuSdmZsYK5KqBvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/bc4d7b-3cb7-4f33-89e7-2100bf0f140a/1/saibZ8Zt6_Xe0_KIC7SUHTBBElc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.184.0/22
5.8.190.0/23
5.152.168.0/21
37.1.183.0/24
185.15.101.0-185.15.103.255
Signature Algorithm: sha256WithRSAEncryption
56:01:47:3f:a3:20:e9:ee:e0:fe:03:ae:d8:7e:e1:93:e7:eb:
4b:49:ef:d1:2a:74:45:7c:bd:58:34:93:05:45:54:5d:4b:c2:
ec:79:fb:b5:c4:ef:e7:ca:6c:5d:7f:18:90:0d:96:08:3d:db:
ee:13:cc:31:ed:cd:97:91:e0:f2:2d:84:46:45:35:40:c4:d6:
c0:13:91:85:1e:d6:e7:14:7c:0d:da:19:d7:3f:ea:fa:7f:6d:
5b:1c:3e:e8:8c:c0:86:63:66:bd:ec:e6:3d:ac:e3:e1:50:b3:
5a:8d:6e:c6:b6:2a:93:1c:91:03:aa:32:14:78:62:46:aa:bc:
c1:00:e4:db:b8:ba:f3:a2:19:04:65:88:84:cd:21:e2:15:f2:
5a:8a:1d:15:a5:b1:4a:02:ab:c1:2d:4b:62:cc:e9:1e:e1:c2:
e5:12:8e:1d:d9:d0:99:5d:43:8d:0b:48:ec:75:f5:7e:1b:fa:
97:f0:d3:42:c8:21:83:4c:09:b0:a7:cb:f0:e7:1a:20:29:fb:
af:5a:a9:f2:be:1f:01:d4:f5:ff:be:5f:b4:2d:27:ab:69:7d:
e5:d3:11:87:ff:3a:e4:d4:d0:7d:ef:e0:95:5a:d3:82:d0:3e:
22:a5:fc:24:fe:b5:35:06:d7:c2:af:25:52:8c:be:91:da:f2:
ef:37:bf:13
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAQ7Z7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE4OWI2N2M2NmRlYmY1ZGVkM2YyODgwYmI0OTQxZDMwNDExMjU3MB4XDTIyMDQw
NzA4MDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEzZmFlN2RhNDcz
OWE5Mjg1OGVlNDlkOTk5YjE4MmI5MmFhMDZmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc6G1K8kGnW7Fx9tSIm3KnaJ00Y61JXpixj2u/q36EeI2NB
bmwSkbgLY73AlH3PHY4tWk3nnYb7kNF2vGF9AZRrtZJNyilcpDMC0qOM+38xZNnu
AWVlmcDQ5Mpv2j0U8xaAvyLJSx32S1qluTjeliP0dTIsxXnpxnR7+yKNRhm7j6Tm
m878ihGaBaXUBBTNx5V0R7qBuxQ8EJ/P1nC5DL2WpW8XG9T8wp+XuCh2A1NsJbzv
aCzqerzNI2EdVUkZ2DA/iaTA7ooMb2E6enzJ9honAmBlJLJNl59g9xH7u1VNi4QD
1cE8Qf3eg+yGPz+ZiNj8D9ZnseZN5tOrTCs0TicCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBT6P659pHOakoWO5J2ZmxgrkqoG+jAfBgNVHSMEGDAWgBSxqJtnxm3r9d7T
8ogLtJQdMEESVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhaWJaOFp0Nl9YZTBfS0lDN1NVSFRCQkVsYy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvYmM0ZDdiLTNjYjctNGYzMy04OWU3LTIxMDBiZjBmMTQwYS8x
LzEtai11ZmFSem1wS0ZqdVNkbVpzWUs1S3FCdm8ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRh
L2JjNGQ3Yi0zY2I3LTRmMzMtODllNy0yMTAwYmYwZjE0MGEvMS9zYWliWjhadDZf
WGUwX0tJQzdTVUhUQkJFbGMuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
PwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYDBAIFCLgDBAEFCL4DBAMFmKgDBAAl
AbcwDAMEALkPZQMEA7kPYDANBgkqhkiG9w0BAQsFAAOCAQEAVgFHP6Mg6e7g/gOu
2H7hk+frS0nv0Sp0RXy9WDSTBUVUXUvC7Hn7tcTv58psXX8YkA2WCD3b7hPMMe3N
l5Hg8i2ERkU1QMTWwBORhR7W5xR8DdoZ1z/q+n9tWxw+6IzAhmNmvezmPazj4VCz
Wo1uxrYqkxyRA6oyFHhiRqq8wQDk27i686IZBGWIhM0h4hXyWoodFaWxSgKrwS1L
YszpHuHC5RKOHdnQmV1DjQtI7HX1fhv6l/DTQsghg0wJsKfL8OcaICn7r1qp8r4f
AdT1/75ftC0nq2l95dMRh/865NTQfe/glVrTgtA+IqX8JP61NQbXwq8lUoy+kdry
7ze/Ew==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:46:19 2025 by rpki-client