Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/t8YVt5oozn_ylcq9i3Qa6I5h2-g.roa
File: t8YVt5oozn_ylcq9i3Qa6I5h2-g.roa (raw, json)
Hash identifier: 5ecmXNnrtD330SNPyDJAe2nkJx7ld5Wd0LVFffBECFk=
Subject key identifier: B7:C6:15:B7:9A:28:CE:7F:F2:95:CA:BD:8B:74:1A:E8:8E:61:DB:E8
Certificate issuer: /CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Certificate serial: 099DCDFA
Authority key identifier: 26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/t8YVt5oozn_ylcq9i3Qa6I5h2-g.roa
Signing time: Sat 01 Jan 2022 05:01:36 +0000
ROA not before: Sat 01 Jan 2022 05:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29686
IP address blocks: 82.96.64.0/18 maxlen: 18
185.191.224.0/22 maxlen: 24
82.96.96.0/24 maxlen: 24
85.190.0.0/18 maxlen: 18
85.190.0.0/19 maxlen: 19
2001:1bc7::/48 maxlen: 48
2001:1bc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161336826 (0x99dcdfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26b9ceb10c2c8c00d16099603cc11bed00547be6
Validity
Not Before: Jan 1 05:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7c615b79a28ce7ff295cabd8b741ae88e61dbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:22:81:68:32:c8:a5:b1:4c:7e:8b:d4:b8:
89:f1:b5:3d:0a:a0:8e:18:f1:23:ff:3a:84:d9:5d:
2d:60:34:85:1a:bc:04:9b:10:7e:cd:21:a1:64:9e:
89:b1:fd:92:49:f9:65:44:32:25:78:e3:1b:d1:33:
cd:37:83:c6:06:a7:d8:4f:a1:38:be:5d:6f:8d:09:
b9:6c:bd:0e:97:9d:db:f2:eb:a4:37:42:e3:4c:01:
80:c9:e6:fd:2b:2a:bf:76:3a:c7:30:f4:e1:1c:92:
0b:c2:0a:99:c4:37:9f:cb:c5:fe:c5:eb:2c:12:11:
ad:c3:83:b9:38:cc:44:c9:5f:b2:5c:21:c9:f5:9e:
82:d8:2f:5b:d9:f0:81:51:3f:da:86:8a:71:d9:05:
a1:1d:a1:c9:ca:83:b3:b2:03:ef:d5:fe:e2:3b:b0:
1b:65:6d:f2:f7:93:b4:07:96:c3:21:cc:a7:d4:48:
22:62:0c:4e:6e:d8:02:8b:01:c4:12:c8:b4:a0:1b:
95:b7:9c:ae:5a:84:64:11:8a:50:42:03:a5:51:db:
f1:c0:d6:b2:90:67:66:a7:79:f1:b1:0b:c8:21:1c:
f3:ba:e4:e3:5f:32:ce:05:06:26:f2:ed:5e:78:dd:
7f:9a:f2:c6:34:30:72:c8:90:b3:09:f2:a9:1e:33:
fc:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C6:15:B7:9A:28:CE:7F:F2:95:CA:BD:8B:74:1A:E8:8E:61:DB:E8
X509v3 Authority Key Identifier:
keyid:26:B9:CE:B1:0C:2C:8C:00:D1:60:99:60:3C:C1:1B:ED:00:54:7B:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JrnOsQwsjADRYJlgPMEb7QBUe-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/t8YVt5oozn_ylcq9i3Qa6I5h2-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/bc98cb-971d-4b04-b81e-b610568466b3/1/JrnOsQwsjADRYJlgPMEb7QBUe-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.64.0/18
85.190.0.0/18
185.191.224.0/22
IPv6:
2001:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
ab:d9:34:2d:67:10:9b:2b:51:82:4c:8f:a3:0b:ad:7d:f3:0b:
1b:96:32:23:e7:ac:9c:b3:10:23:a5:0c:c1:a6:a3:0a:63:6e:
c8:6f:f0:ed:8c:3a:4d:e9:2b:81:f4:dd:1d:27:32:ae:3b:9f:
f9:5a:22:70:61:3e:48:2c:ed:bd:81:e6:48:f0:e2:8d:d2:4a:
18:3c:0c:16:65:33:6b:de:10:98:9f:e0:9b:fe:e8:2c:5d:0a:
0d:56:3b:76:23:f7:db:d0:fb:22:92:e1:5f:a4:f5:f4:13:c7:
36:c9:09:8c:34:fb:84:59:bd:ff:15:44:db:69:a1:c7:75:bc:
4d:27:0b:4e:e9:91:b0:c8:89:d9:54:91:5d:08:55:6a:b8:fd:
19:0c:5b:09:9a:f3:5a:55:82:d6:bc:6d:70:a5:1d:b3:67:d5:
91:92:06:99:cd:48:1e:13:36:8b:ea:91:26:65:be:9c:81:81:
dd:9d:90:26:66:53:0c:f9:6b:d5:b3:3e:68:a2:9a:d0:92:28:
8b:ff:e5:32:a7:3d:f4:90:ca:72:96:99:74:37:6b:b5:62:11:
7e:50:bc:18:48:3a:fe:ff:f9:16:58:42:a6:a4:88:3a:29:c7:
6e:fd:c2:1a:f0:86:d6:dd:ae:e7:4b:b8:a1:d4:e5:c4:2e:1e:
e8:8c:4a:b9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECZ3N+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmI5Y2ViMTBjMmM4YzAwZDE2MDk5NjAzY2MxMWJlZDAwNTQ3YmU2MB4XDTIyMDEw
MTA1MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdjNjE1Yjc5YTI4
Y2U3ZmYyOTVjYWJkOGI3NDFhZTg4ZTYxZGJlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI8mIoFoMsilsUx+i9S4ifG1PQqgjhjxI/86hNldLWA0hRq8
BJsQfs0hoWSeibH9kkn5ZUQyJXjjG9EzzTeDxgan2E+hOL5db40JuWy9Dped2/Lr
pDdC40wBgMnm/Ssqv3Y6xzD04RySC8IKmcQ3n8vF/sXrLBIRrcODuTjMRMlfslwh
yfWegtgvW9nwgVE/2oaKcdkFoR2hycqDs7ID79X+4juwG2Vt8veTtAeWwyHMp9RI
ImIMTm7YAosBxBLItKAblbecrlqEZBGKUEIDpVHb8cDWspBnZqd58bELyCEc87rk
418yzgUGJvLtXnjdf5ryxjQwcsiQswnyqR4z/IsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS3xhW3mijOf/KVyr2LdBrojmHb6DAfBgNVHSMEGDAWgBQmuc6xDCyMANFg
mWA8wRvtAFR75jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pybk9zUXdzakFEUllKbGdQTUViN1FCVWUtWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvYmM5OGNiLTk3MWQtNGIwNC1iODFlLWI2MTA1Njg0NjZiMy8x
L3Q4WVZ0NW9vem5feWxjcTlpM1FhNkk1aDItZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
YmM5OGNiLTk3MWQtNGIwNC1iODFlLWI2MTA1Njg0NjZiMy8xL0pybk9zUXdzakFE
UllKbGdQTUViN1FCVWUtWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBlJgQAMEBlW+AAMEArm/4DANBAIA
AjAHAwUDIAEbwDANBgkqhkiG9w0BAQsFAAOCAQEAq9k0LWcQmytRgkyPowutffML
G5YyI+esnLMQI6UMwaajCmNuyG/w7Yw6TekrgfTdHScyrjuf+VoicGE+SCztvYHm
SPDijdJKGDwMFmUza94QmJ/gm/7oLF0KDVY7diP329D7IpLhX6T19BPHNskJjDT7
hFm9/xVE22mhx3W8TScLTumRsMiJ2VSRXQhVarj9GQxbCZrzWlWC1rxtcKUds2fV
kZIGmc1IHhM2i+qRJmW+nIGB3Z2QJmZTDPlr1bM+aKKa0JIoi//lMqc99JDKcpaZ
dDdrtWIRflC8GEg6/v/5FlhCpqSIOinHbv3CGvCG1t2u50u4odTlxC4e6IxKuQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:58 2025 by rpki-client