Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/t8zYX-UrmPjJUtAlQFlKK6iJ23c.roa
File: t8zYX-UrmPjJUtAlQFlKK6iJ23c.roa (raw, json)
Hash identifier: herjDL5xqWsQQ6s+lWY3tpek/8R3PRxI76yrVsm2aJA=
Subject key identifier: B7:CC:D8:5F:E5:2B:98:F8:C9:52:D0:25:40:59:4A:2B:A8:89:DB:77
Certificate issuer: /CN=394c6f73b3c83881ffc8e6603a6b64f45365acf1
Certificate serial: 110DCF59
Authority key identifier: 39:4C:6F:73:B3:C8:38:81:FF:C8:E6:60:3A:6B:64:F4:53:65:AC:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUxvc7PIOIH_yOZgOmtk9FNlrPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/t8zYX-UrmPjJUtAlQFlKK6iJ23c.roa
Signing time: Sat 01 Jan 2022 10:05:39 +0000
ROA not before: Sat 01 Jan 2022 10:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197060
IP address blocks: 185.155.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286117721 (0x110dcf59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=394c6f73b3c83881ffc8e6603a6b64f45365acf1
Validity
Not Before: Jan 1 10:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7ccd85fe52b98f8c952d02540594a2ba889db77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:89:9f:63:22:50:ac:2d:71:87:71:7f:35:3f:
56:a6:1c:21:b0:06:08:6c:9f:fd:26:7c:85:5f:ae:
a2:1d:67:53:04:3b:e8:a9:dc:d3:2a:c0:58:d0:88:
d9:8e:43:c3:4e:11:0d:b0:d7:de:9b:19:45:19:7e:
52:f8:86:7f:0c:3e:f7:23:1c:cf:49:32:1d:8f:fa:
bd:a1:91:25:a4:70:f3:35:3c:8f:c8:0e:57:3c:4a:
91:31:fb:d1:00:6f:a2:b7:63:4e:e0:73:81:89:4f:
68:a4:20:c3:88:66:ed:30:f1:fd:89:da:7e:d1:0a:
f6:74:10:b8:79:9c:4b:74:15:a7:2d:de:a0:82:a3:
34:d7:23:de:aa:5c:2e:5f:5b:2a:83:64:f5:a7:51:
2c:bb:01:c4:94:48:8c:02:99:d9:f0:62:24:1a:ff:
ae:b2:2a:41:33:3c:1c:55:2c:22:45:84:0e:11:81:
da:96:b7:66:d0:05:c4:44:f3:d2:84:a7:8c:c2:a2:
49:d2:19:fd:8d:69:c7:02:5f:a0:80:46:27:fc:3e:
b5:1b:0c:0a:3c:99:17:87:ab:9f:3a:67:66:be:4b:
af:46:13:40:07:77:42:5e:41:50:6c:9e:95:1f:27:
0d:03:1a:d6:e5:7b:c9:f5:c6:89:57:28:83:d9:69:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CC:D8:5F:E5:2B:98:F8:C9:52:D0:25:40:59:4A:2B:A8:89:DB:77
X509v3 Authority Key Identifier:
keyid:39:4C:6F:73:B3:C8:38:81:FF:C8:E6:60:3A:6B:64:F4:53:65:AC:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUxvc7PIOIH_yOZgOmtk9FNlrPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/t8zYX-UrmPjJUtAlQFlKK6iJ23c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/0c3d2a-adb7-49e9-adfa-6968e2d81826/1/OUxvc7PIOIH_yOZgOmtk9FNlrPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.252.0/22
Signature Algorithm: sha256WithRSAEncryption
18:96:3b:c9:0a:ba:d0:81:4e:20:54:40:72:34:7e:33:a4:7e:
66:4f:bc:48:3b:ae:0a:05:ae:0b:22:f4:2f:a0:d7:52:8e:81:
cb:68:b5:57:0a:31:63:ea:03:5d:18:8c:6c:8a:0a:ee:57:8b:
ad:60:3f:56:d8:5b:6a:f3:bb:82:8b:3e:da:e6:d9:de:f6:71:
f1:2b:7d:2d:b3:ca:d2:10:7e:48:75:54:58:e7:7d:30:32:23:
67:4a:b4:ef:07:26:16:58:35:da:ce:04:34:a3:3c:90:2f:88:
f6:ff:6c:d8:1d:5d:6c:d1:85:41:fc:59:8d:6b:fa:05:1f:e8:
31:f3:a1:45:be:8c:f8:4a:b6:a3:17:c2:02:c5:88:af:0b:d1:
94:64:22:b2:18:34:8a:a0:d0:b6:29:ed:21:9e:75:66:39:10:
05:a3:4b:3a:64:98:cc:8f:72:a0:8d:01:34:6c:5c:af:c2:cc:
a1:49:09:76:8a:fb:d9:e1:8a:71:88:95:09:23:70:d3:5a:68:
0a:73:dc:35:6c:03:cd:0c:ee:9e:f6:b6:d7:a7:52:9e:11:7e:
8e:ed:97:14:8c:9c:e9:37:85:c1:96:11:78:d1:38:d8:c4:4a:
eb:a3:b7:3c:59:36:95:b9:5e:9f:71:ad:50:c2:ed:50:dc:bf:
f3:08:69:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEQ3PWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTRjNmY3M2IzYzgzODgxZmZjOGU2NjAzYTZiNjRmNDUzNjVhY2YxMB4XDTIyMDEw
MTEwMDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdjY2Q4NWZlNTJi
OThmOGM5NTJkMDI1NDA1OTRhMmJhODg5ZGI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKJn2MiUKwtcYdxfzU/VqYcIbAGCGyf/SZ8hV+uoh1nUwQ7
6Knc0yrAWNCI2Y5Dw04RDbDX3psZRRl+UviGfww+9yMcz0kyHY/6vaGRJaRw8zU8
j8gOVzxKkTH70QBvordjTuBzgYlPaKQgw4hm7TDx/YnaftEK9nQQuHmcS3QVpy3e
oIKjNNcj3qpcLl9bKoNk9adRLLsBxJRIjAKZ2fBiJBr/rrIqQTM8HFUsIkWEDhGB
2pa3ZtAFxETz0oSnjMKiSdIZ/Y1pxwJfoIBGJ/w+tRsMCjyZF4ernzpnZr5Lr0YT
QAd3Ql5BUGyelR8nDQMa1uV7yfXGiVcog9lpxA0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3zNhf5SuY+MlS0CVAWUorqInbdzAfBgNVHSMEGDAWgBQ5TG9zs8g4gf/I
5mA6a2T0U2Ws8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09VeHZjN1BJT0lIX3lPWmdPbXRrOUZObHJQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvMGMzZDJhLWFkYjctNDllOS1hZGZhLTY5NjhlMmQ4MTgyNi8x
L3Q4ellYLVVybVBqSlV0QWxRRmxLSzZpSjIzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
MGMzZDJhLWFkYjctNDllOS1hZGZhLTY5NjhlMmQ4MTgyNi8xL09VeHZjN1BJT0lI
X3lPWmdPbXRrOUZObHJQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmb/DANBgkqhkiG9w0BAQsFAAOC
AQEAGJY7yQq60IFOIFRAcjR+M6R+Zk+8SDuuCgWuCyL0L6DXUo6By2i1VwoxY+oD
XRiMbIoK7leLrWA/VthbavO7gos+2ubZ3vZx8St9LbPK0hB+SHVUWOd9MDIjZ0q0
7wcmFlg12s4ENKM8kC+I9v9s2B1dbNGFQfxZjWv6BR/oMfOhRb6M+Eq2oxfCAsWI
rwvRlGQishg0iqDQtintIZ51ZjkQBaNLOmSYzI9yoI0BNGxcr8LMoUkJdor72eGK
cYiVCSNw01poCnPcNWwDzQzunva216dSnhF+ju2XFIyc6TeFwZYReNE42MRK66O3
PFk2lblen3GtUMLtUNy/8whpoA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:38:24 2025 by rpki-client