Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/Jb_5otsF05rq2k_eflfKucR9-0U.roa
File: Jb_5otsF05rq2k_eflfKucR9-0U.roa (raw, json)
Hash identifier: Xwkbk4dsMe05Ax5RzG27lWGHuCEJ5ltw/6jW6/jnYy4=
Subject key identifier: 25:BF:F9:A2:DB:05:D3:9A:EA:DA:4F:DE:7E:57:CA:B9:C4:7D:FB:45
Certificate issuer: /CN=7ec5f1896e9a44357c9d78acf37d48f4780520d9
Certificate serial: 01856DC1A2E49D5F604CCAF516E79F73A8C9
Authority key identifier: 7E:C5:F1:89:6E:9A:44:35:7C:9D:78:AC:F3:7D:48:F4:78:05:20:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsXxiW6aRDV8nXis831I9HgFINk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/Jb_5otsF05rq2k_eflfKucR9-0U.roa
Signing time: Sun 01 Jan 2023 14:34:44 +0000
ROA not before: Sun 01 Jan 2023 14:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205728
IP address blocks: 185.208.132.0/22 maxlen: 24
2a0b:37c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:a2:e4:9d:5f:60:4c:ca:f5:16:e7:9f:73:a8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec5f1896e9a44357c9d78acf37d48f4780520d9
Validity
Not Before: Jan 1 14:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25bff9a2db05d39aeada4fde7e57cab9c47dfb45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ff:23:e8:89:51:da:f8:ab:5f:63:6a:02:74:
58:ca:d1:6c:0f:9f:7e:36:a4:d1:7e:b1:62:49:13:
b9:63:0c:9b:d3:bd:bb:b6:79:80:41:97:bc:e0:6d:
34:11:2e:da:f8:e0:96:3f:32:b1:f7:1d:f0:a6:95:
2c:28:e4:75:99:fc:bc:51:d2:33:2b:47:66:d3:60:
da:16:6e:ad:5c:4d:76:1f:fc:b6:10:e8:34:a1:13:
80:05:4e:32:d7:9a:3e:37:f3:ef:6b:28:55:c1:6b:
07:70:fd:01:f5:71:eb:7e:ac:54:d1:ba:62:42:0a:
84:ee:c8:4f:39:a6:ff:16:6d:3b:e4:61:35:7d:a4:
47:f2:94:cc:91:d0:8b:e6:64:1c:ad:3a:85:f0:c9:
89:01:8e:28:ad:df:49:41:88:33:1a:cf:2f:84:3c:
1c:1f:f4:0f:e6:8c:b4:2b:be:20:65:5d:e1:5b:62:
f7:ac:ae:7e:b4:07:e1:d1:7e:df:50:5e:b8:81:36:
58:d4:9c:3a:b1:0d:d8:7b:b6:ad:b0:c3:80:31:1a:
49:ae:a3:a0:b9:49:96:6f:35:be:76:8d:5e:ca:37:
62:0e:91:3d:56:51:62:4d:dd:bc:83:e6:83:f1:7d:
4f:97:8c:06:3d:dd:a6:b3:42:d7:38:92:7e:f1:17:
84:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:BF:F9:A2:DB:05:D3:9A:EA:DA:4F:DE:7E:57:CA:B9:C4:7D:FB:45
X509v3 Authority Key Identifier:
keyid:7E:C5:F1:89:6E:9A:44:35:7C:9D:78:AC:F3:7D:48:F4:78:05:20:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsXxiW6aRDV8nXis831I9HgFINk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/Jb_5otsF05rq2k_eflfKucR9-0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/157c8b-8f27-47dd-995e-b436d76dad65/1/fsXxiW6aRDV8nXis831I9HgFINk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.132.0/22
IPv6:
2a0b:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:ad:90:fc:c0:90:1d:80:13:bc:85:cf:88:0d:30:de:a7:f2:
45:45:0e:a1:2b:78:9b:a9:63:29:70:63:ff:b3:9b:fb:04:3a:
82:90:73:17:b5:bd:87:01:e3:5e:bb:70:b5:3e:47:92:e0:b9:
5e:2b:85:56:03:4a:e6:86:b4:a2:33:08:7d:96:e2:1e:30:af:
db:e9:50:2a:e4:90:0c:f7:a0:dd:2b:5a:12:be:4d:d7:59:29:
fa:4e:91:24:c5:db:37:0e:8b:61:71:e0:36:9b:1a:a6:dc:2b:
8c:05:5e:9c:d5:30:b9:53:37:b2:32:30:b2:22:4d:75:71:97:
d5:b8:bf:b6:c6:b5:da:e8:01:cf:58:fe:ed:45:4f:cc:f6:5f:
83:e0:02:e4:93:2d:8c:54:97:6e:05:08:cd:e8:47:12:eb:8f:
cf:ad:ae:87:15:97:9e:18:92:af:fe:60:3d:75:d2:d8:3e:11:
8f:a7:06:9b:da:11:70:7a:1c:e8:78:da:8c:73:7e:22:00:de:
43:cb:d5:b3:1e:82:b7:b5:fc:43:1b:ad:27:60:0c:91:c3:6f:
b6:05:34:29:9a:b5:67:a1:6a:ff:42:86:6e:22:e2:56:f4:88:
e2:50:ec:d6:ed:28:89:69:50:22:fe:c4:be:15:7b:d1:6b:45:
78:08:ab:51
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtwaLknV9gTMr1Fuefc6jJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzVmMTg5NmU5YTQ0MzU3YzlkNzhhY2YzN2Q0OGY0Nzgw
NTIwZDkwHhcNMjMwMTAxMTQzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWJmZjlhMmRiMDVkMzlhZWFkYTRmZGU3ZTU3Y2FiOWM0N2RmYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6f8j6IlR2virX2NqAnRYytFsD59+
NqTRfrFiSRO5Ywyb0727tnmAQZe84G00ES7a+OCWPzKx9x3wppUsKOR1mfy8UdIz
K0dm02DaFm6tXE12H/y2EOg0oROABU4y15o+N/PvayhVwWsHcP0B9XHrfqxU0bpi
QgqE7shPOab/Fm075GE1faRH8pTMkdCL5mQcrTqF8MmJAY4ord9JQYgzGs8vhDwc
H/QP5oy0K74gZV3hW2L3rK5+tAfh0X7fUF64gTZY1Jw6sQ3Ye7atsMOAMRpJrqOg
uUmWbzW+do1eyjdiDpE9VlFiTd28g+aD8X1Pl4wGPd2ms0LXOJJ+8ReELQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCW/+aLbBdOa6tpP3n5XyrnEfftFMB8GA1UdIwQY
MBaAFH7F8YlumkQ1fJ14rPN9SPR4BSDZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNYeGlXNmFSRFY4blhpczgzMUk5SGdGSU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8xNTdjOGItOGYyNy00N2RkLTk5NWUt
YjQzNmQ3NmRhZDY1LzEvSmJfNW90c0YwNXJxMmtfZWZsZkt1Y1I5LTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8xNTdjOGItOGYyNy00N2RkLTk5NWUtYjQzNmQ3NmRhZDY1
LzEvZnNYeGlXNmFSRFY4blhpczgzMUk5SGdGSU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudCEMA0E
AgACMAcDBQMqCzfAMA0GCSqGSIb3DQEBCwUAA4IBAQAVrZD8wJAdgBO8hc+IDTDe
p/JFRQ6hK3ibqWMpcGP/s5v7BDqCkHMXtb2HAeNeu3C1PkeS4LleK4VWA0rmhrSi
Mwh9luIeMK/b6VAq5JAM96DdK1oSvk3XWSn6TpEkxds3DothceA2mxqm3CuMBV6c
1TC5UzeyMjCyIk11cZfVuL+2xrXa6AHPWP7tRU/M9l+D4ALkky2MVJduBQjN6EcS
64/Pra6HFZeeGJKv/mA9ddLYPhGPpwab2hFwehzoeNqMc34iAN5Dy9WzHoK3tfxD
G60nYAyRw2+2BTQpmrVnoWr/QoZuIuJW9IjiUOzW7SiJaVAi/sS+FXvRa0V4CKtR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:01 2025 by rpki-client