Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/8JIWF-r5BZ-6_AeuFb_jnYOHO5E.roa
File: 8JIWF-r5BZ-6_AeuFb_jnYOHO5E.roa (raw, json)
Hash identifier: zO9ULLwxpHud/bVuXwX+zMujVxKB3Bhh6HbgXhIGfKM=
Subject key identifier: F0:92:16:17:EA:F9:05:9F:BA:FC:07:AE:15:BF:E3:9D:83:87:3B:91
Certificate issuer: /CN=d489a5ddd3002e800999b5c1867f786781baf13d
Certificate serial: 079FAE98
Authority key identifier: D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/8JIWF-r5BZ-6_AeuFb_jnYOHO5E.roa
Signing time: Sat 01 Jan 2022 15:58:19 +0000
ROA not before: Sat 01 Jan 2022 15:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 193.161.239.0/24 maxlen: 24
193.161.236.0/22 maxlen: 22
193.161.236.0/24 maxlen: 24
193.161.238.0/24 maxlen: 24
193.161.237.0/24 maxlen: 24
194.35.82.0/23 maxlen: 23
194.35.83.0/24 maxlen: 24
194.35.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127905432 (0x79fae98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d489a5ddd3002e800999b5c1867f786781baf13d
Validity
Not Before: Jan 1 15:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0921617eaf9059fbafc07ae15bfe39d83873b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:6a:62:7a:67:e5:8d:c4:8c:e5:75:fc:f2:ca:
c7:4e:0f:88:c9:50:54:d5:c4:32:8e:04:a8:39:bf:
48:30:8a:93:e4:f0:51:8c:e7:7e:62:3a:54:37:6e:
8c:64:f9:42:6b:65:1e:38:60:f7:83:a9:ae:bd:6a:
07:82:97:f1:26:79:c0:89:82:14:d7:31:d1:86:9d:
62:22:7f:0b:43:9b:a0:ae:71:42:ac:14:06:39:2f:
c5:4d:10:0d:aa:0d:4d:c5:c0:a2:83:ef:af:9e:2b:
7c:48:dc:cf:0d:41:b4:bb:36:4c:c5:0b:f9:31:8a:
67:d3:c7:31:b8:64:43:9f:74:26:72:54:84:62:b0:
fe:26:25:93:2c:0e:ab:76:cc:86:d4:25:72:8c:b2:
b0:42:83:38:e9:c8:ae:81:82:85:42:73:64:3e:dc:
17:d0:dc:88:ba:ab:85:0e:e0:41:b8:60:74:fb:e3:
16:85:a2:4e:78:f1:b6:88:85:85:fc:b8:78:93:03:
d1:0d:8e:be:41:09:12:77:f6:01:cd:59:ec:12:f4:
20:99:c8:59:7b:dd:0c:20:c5:f8:3d:da:f5:1f:be:
5d:f9:2d:a2:19:c7:8b:04:5c:1e:e8:b7:55:85:d3:
a1:f7:eb:5a:0e:04:ea:04:71:61:ae:63:a0:9a:01:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:92:16:17:EA:F9:05:9F:BA:FC:07:AE:15:BF:E3:9D:83:87:3B:91
X509v3 Authority Key Identifier:
keyid:D4:89:A5:DD:D3:00:2E:80:09:99:B5:C1:86:7F:78:67:81:BA:F1:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Iml3dMALoAJmbXBhn94Z4G68T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/8JIWF-r5BZ-6_AeuFb_jnYOHO5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/bfd2d4-6d45-44bb-ae6b-5259eedca07c/1/1Iml3dMALoAJmbXBhn94Z4G68T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.161.236.0/22
194.35.82.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:4c:93:a7:8e:ad:21:d8:1e:e7:a0:b3:2a:0a:68:5d:73:9f:
ff:a0:b0:98:ba:58:7f:cd:4c:c2:5a:6c:3a:a4:2a:94:5c:10:
70:d9:9b:98:5c:5d:70:2e:11:ec:94:3b:2f:8f:22:83:bd:22:
50:a8:e4:d4:8b:1d:21:b8:3b:43:30:03:d8:27:81:5a:0f:4f:
66:1a:a3:8a:63:21:b9:ce:e8:e6:4c:3c:e9:d3:6e:46:73:06:
74:d3:7d:c3:82:22:c0:a1:a2:2b:80:dd:bd:32:cf:72:81:84:
38:30:fc:06:09:06:e9:58:ed:c9:11:1e:be:ba:50:3a:2c:35:
85:51:15:f3:6c:f5:41:d6:31:3a:d5:9b:a4:f4:82:a0:36:35:
36:8a:c3:5d:e7:e7:73:c7:22:e8:c9:5b:37:03:ab:4f:97:a8:
fd:71:10:ca:7e:95:5e:54:11:8c:05:64:99:35:33:5f:2f:a1:
e1:de:56:71:6f:f3:5e:0f:0b:42:c0:6a:0d:92:31:71:51:12:
90:f4:56:6b:4e:73:34:1c:9a:07:ff:8a:ae:71:0a:7b:55:aa:
3b:41:8a:75:5e:a4:33:28:6d:61:e8:64:38:c4:12:36:b7:cf:
4c:d6:88:51:0e:89:52:e4:00:d4:50:0d:4c:b6:2e:06:aa:06:
2d:1b:49:27
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB5+umDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDg5YTVkZGQzMDAyZTgwMDk5OWI1YzE4NjdmNzg2NzgxYmFmMTNkMB4XDTIyMDEw
MTE1NTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA5MjE2MTdlYWY5
MDU5ZmJhZmMwN2FlMTViZmUzOWQ4Mzg3M2I5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhqYnpn5Y3EjOV1/PLKx04PiMlQVNXEMo4EqDm/SDCKk+Tw
UYznfmI6VDdujGT5QmtlHjhg94Oprr1qB4KX8SZ5wImCFNcx0YadYiJ/C0OboK5x
QqwUBjkvxU0QDaoNTcXAooPvr54rfEjczw1BtLs2TMUL+TGKZ9PHMbhkQ590JnJU
hGKw/iYlkywOq3bMhtQlcoyysEKDOOnIroGChUJzZD7cF9DciLqrhQ7gQbhgdPvj
FoWiTnjxtoiFhfy4eJMD0Q2OvkEJEnf2Ac1Z7BL0IJnIWXvdDCDF+D3a9R++Xfkt
ohnHiwRcHui3VYXToffrWg4E6gRxYa5joJoB00cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTwkhYX6vkFn7r8B64Vv+Odg4c7kTAfBgNVHSMEGDAWgBTUiaXd0wAugAmZ
tcGGf3hngbrxPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFJbWwzZE1BTG9BSm1iWEJobjk0WjRHNjhUMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvYmZkMmQ0LTZkNDUtNDRiYi1hZTZiLTUyNTllZWRjYTA3Yy8x
LzhKSVdGLXI1QlotNl9BZXVGYl9qbllPSE81RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
YmZkMmQ0LTZkNDUtNDRiYi1hZTZiLTUyNTllZWRjYTA3Yy8xLzFJbWwzZE1BTG9B
Sm1iWEJobjk0WjRHNjhUMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAsGh7AMEAcIjUjANBgkqhkiG9w0B
AQsFAAOCAQEAjEyTp46tIdge56CzKgpoXXOf/6CwmLpYf81MwlpsOqQqlFwQcNmb
mFxdcC4R7JQ7L48ig70iUKjk1IsdIbg7QzAD2CeBWg9PZhqjimMhuc7o5kw86dNu
RnMGdNN9w4IiwKGiK4DdvTLPcoGEODD8BgkG6VjtyREevrpQOiw1hVEV82z1QdYx
OtWbpPSCoDY1NorDXefnc8ci6MlbNwOrT5eo/XEQyn6VXlQRjAVkmTUzXy+h4d5W
cW/zXg8LQsBqDZIxcVESkPRWa05zNByaB/+KrnEKe1WqO0GKdV6kMyhtYehkOMQS
NrfPTNaIUQ6JUuQA1FANTLYuBqoGLRtJJw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:27:36 2025 by rpki-client