Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/jvHRy9xpJSmS4T2gFqJK8YRg8hA.roa
File: jvHRy9xpJSmS4T2gFqJK8YRg8hA.roa (raw, json)
Hash identifier: D5VqXlnxLyWc9qOUvXhrzaCWPJQRmeJY+M/9zKCfk8g=
Subject key identifier: 8E:F1:D1:CB:DC:69:25:29:92:E1:3D:A0:16:A2:4A:F1:84:60:F2:10
Certificate issuer: /CN=83609f2b9d2486f36e8cd29dfa2a756a48de7c51
Certificate serial: 01856D3863CB39066CAE461D9BB800C08E91
Authority key identifier: 83:60:9F:2B:9D:24:86:F3:6E:8C:D2:9D:FA:2A:75:6A:48:DE:7C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2CfK50khvNujNKd-ip1akjefFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/jvHRy9xpJSmS4T2gFqJK8YRg8hA.roa
Signing time: Sun 01 Jan 2023 12:04:50 +0000
ROA not before: Sun 01 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57724
IP address blocks: 185.226.160.0/24 maxlen: 24
185.226.163.0/24 maxlen: 24
185.226.161.0/24 maxlen: 24
185.226.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:63:cb:39:06:6c:ae:46:1d:9b:b8:00:c0:8e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83609f2b9d2486f36e8cd29dfa2a756a48de7c51
Validity
Not Before: Jan 1 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ef1d1cbdc69252992e13da016a24af18460f210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:4b:52:6d:65:41:c3:17:00:7b:b2:65:07:
44:4e:23:da:97:af:ba:91:ac:c2:61:e9:9c:c4:0f:
dd:1a:4a:32:2d:31:38:a1:a1:cc:dc:37:64:30:17:
27:f9:c3:fd:0c:ac:1b:23:f0:1f:50:09:e9:a4:9f:
1b:a0:af:6c:97:77:1f:d6:7b:16:f5:88:81:4c:8a:
8d:6d:74:e3:30:11:ff:5d:41:e9:2a:73:16:2a:fc:
cd:9c:11:85:68:05:8d:24:d1:ce:7a:2f:16:50:ca:
fc:ea:83:45:42:eb:b6:84:dc:74:0d:d7:9d:83:78:
a4:ce:92:79:16:60:94:04:bc:2c:92:27:e2:62:bf:
d0:fb:fb:bc:da:48:2e:7c:82:f2:e0:31:b0:13:68:
ca:92:c2:9e:ff:d0:4c:4b:39:88:85:3c:c6:3a:80:
72:8f:3a:31:dc:3e:7f:38:e1:ad:56:23:e6:32:a9:
4f:42:1b:70:6c:11:f2:de:b0:ad:43:a7:f9:56:c9:
75:62:7b:8d:1d:01:bf:c5:16:15:64:61:b8:21:80:
ca:8f:f0:90:65:4f:17:94:81:d4:0a:ab:46:ae:50:
30:7d:8b:51:86:99:80:a8:4b:72:f1:d9:29:d2:9e:
03:b6:94:99:4c:cd:5b:dd:4e:97:0b:46:60:e5:89:
fa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:F1:D1:CB:DC:69:25:29:92:E1:3D:A0:16:A2:4A:F1:84:60:F2:10
X509v3 Authority Key Identifier:
keyid:83:60:9F:2B:9D:24:86:F3:6E:8C:D2:9D:FA:2A:75:6A:48:DE:7C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2CfK50khvNujNKd-ip1akjefFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/jvHRy9xpJSmS4T2gFqJK8YRg8hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/d6ec3b-e717-4c3d-b0ae-5e60f6da2b09/1/g2CfK50khvNujNKd-ip1akjefFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.160.0/22
Signature Algorithm: sha256WithRSAEncryption
31:6d:1a:76:b6:81:08:f1:79:d5:f0:6e:71:42:16:38:ee:cf:
ee:1d:77:7a:bf:27:23:37:70:51:d2:63:7f:c7:03:91:8f:11:
38:95:aa:21:81:15:20:4b:b0:d5:c1:d4:b9:48:83:3a:a4:78:
e2:68:d3:67:e5:5f:f5:9b:6b:d6:87:5a:5d:fd:87:46:e9:f4:
7c:b4:bc:38:84:ca:ce:14:52:68:d0:91:0a:43:72:14:48:33:
ae:32:e5:e3:ff:ab:08:e6:7a:1a:f0:ef:c9:26:c2:3e:dd:56:
68:1e:06:2d:b1:f3:82:20:0e:b3:7c:50:01:e6:9e:40:c2:dc:
14:b1:0a:12:49:ed:8d:aa:02:b3:ec:90:5a:01:91:04:59:fe:
33:aa:b4:63:34:5f:4a:ca:3f:bc:ae:c8:fe:79:ee:98:e0:78:
34:e8:ea:bc:3d:7a:02:c1:c7:07:b8:00:da:be:fb:c0:4c:5a:
ab:98:00:31:ed:c9:b4:35:ca:06:89:73:50:27:e9:1d:1a:d5:
bc:bf:e4:f0:ac:bc:ba:6a:7e:f5:07:d8:42:b7:7b:cc:e7:26:
76:32:9d:82:92:ca:b0:b6:b6:ba:3b:ba:60:a3:fd:df:a1:3d:
a8:ab:a0:ed:2f:79:a7:8e:de:42:76:ae:eb:b4:cd:d7:7f:9d:
8e:34:98:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGPLOQZsrkYdm7gAwI6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjA5ZjJiOWQyNDg2ZjM2ZThjZDI5ZGZhMmE3NTZhNDhk
ZTdjNTEwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWYxZDFjYmRjNjkyNTI5OTJlMTNkYTAxNmEyNGFmMTg0NjBmMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDRLUm1lQcMXAHuyZQdETiPal6+6
kazCYemcxA/dGkoyLTE4oaHM3DdkMBcn+cP9DKwbI/AfUAnppJ8boK9sl3cf1nsW
9YiBTIqNbXTjMBH/XUHpKnMWKvzNnBGFaAWNJNHOei8WUMr86oNFQuu2hNx0Dded
g3ikzpJ5FmCUBLwskifiYr/Q+/u82kgufILy4DGwE2jKksKe/9BMSzmIhTzGOoBy
jzox3D5/OOGtViPmMqlPQhtwbBHy3rCtQ6f5Vsl1YnuNHQG/xRYVZGG4IYDKj/CQ
ZU8XlIHUCqtGrlAwfYtRhpmAqEty8dkp0p4DtpSZTM1b3U6XC0Zg5Yn6AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7x0cvcaSUpkuE9oBaiSvGEYPIQMB8GA1UdIwQY
MBaAFINgnyudJIbzbozSnfoqdWpI3nxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJDZks1MGtodk51ak5LZC1pcDFha2plZkZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9kNmVjM2ItZTcxNy00YzNkLWIwYWUt
NWU2MGY2ZGEyYjA5LzEvanZIUnk5eHBKU21TNFQyZ0ZxSks4WVJnOGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9kNmVjM2ItZTcxNy00YzNkLWIwYWUtNWU2MGY2ZGEyYjA5
LzEvZzJDZks1MGtodk51ak5LZC1pcDFha2plZkZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueKgMA0G
CSqGSIb3DQEBCwUAA4IBAQAxbRp2toEI8XnV8G5xQhY47s/uHXd6vycjN3BR0mN/
xwORjxE4laohgRUgS7DVwdS5SIM6pHjiaNNn5V/1m2vWh1pd/YdG6fR8tLw4hMrO
FFJo0JEKQ3IUSDOuMuXj/6sI5noa8O/JJsI+3VZoHgYtsfOCIA6zfFAB5p5AwtwU
sQoSSe2NqgKz7JBaAZEEWf4zqrRjNF9Kyj+8rsj+ee6Y4Hg06Oq8PXoCwccHuADa
vvvATFqrmAAx7cm0NcoGiXNQJ+kdGtW8v+TwrLy6an71B9hCt3vM5yZ2Mp2Cksqw
tra6O7pgo/3foT2oq6DtL3mnjt5Cdq7rtM3Xf52ONJhR
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:13 2025 by rpki-client