Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/jeD8mFU92ac36QqLau14K87hcI4.roa
File: jeD8mFU92ac36QqLau14K87hcI4.roa (raw, json)
Hash identifier: /EDo4+mZln/Z3FbP9YpJeTMHalS4su93tSD+xyx5gDo=
Subject key identifier: 8D:E0:FC:98:55:3D:D9:A7:37:E9:0A:8B:6A:ED:78:2B:CE:E1:70:8E
Certificate issuer: /CN=c9633fa6fc66b43639c056d02174f80c2426614b
Certificate serial: 018572CCD7E0C3AD0DA885F2BFDBE5BFEDDC
Authority key identifier: C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/jeD8mFU92ac36QqLau14K87hcI4.roa
Signing time: Mon 02 Jan 2023 14:05:05 +0000
ROA not before: Mon 02 Jan 2023 14:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.166.142.0/24 maxlen: 24
185.166.143.0/24 maxlen: 24
185.166.140.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:d7:e0:c3:ad:0d:a8:85:f2:bf:db:e5:bf:ed:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9633fa6fc66b43639c056d02174f80c2426614b
Validity
Not Before: Jan 2 14:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8de0fc98553dd9a737e90a8b6aed782bcee1708e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:31:da:55:8b:c3:d3:cd:46:a0:0d:7a:97:
9e:de:c9:1c:0b:cf:5a:bd:a6:a1:b2:06:7b:fc:49:
79:35:aa:93:be:f8:0b:15:eb:79:82:b5:54:e4:16:
f4:b8:8a:85:d4:40:09:63:59:73:a4:92:40:e0:fe:
35:29:0f:4e:98:00:d3:a8:ed:3c:ff:05:76:07:1d:
4e:b6:d7:57:29:79:1d:29:50:7c:c1:6c:9f:a3:ae:
28:34:9c:fe:ec:72:7d:7c:25:8d:91:7b:21:2f:f4:
d6:63:bc:01:a1:ef:f4:6f:54:33:5f:b5:c6:49:22:
53:a4:a3:25:6a:83:21:d7:3a:bc:f1:d0:d6:eb:ea:
a1:e9:8d:62:04:fe:07:5b:5e:7f:8e:e8:08:62:b5:
d3:a7:9a:ac:51:5f:0f:3b:1c:22:b7:5b:08:e5:eb:
10:0c:a7:a5:c8:3f:58:12:26:d7:97:ab:aa:4d:90:
05:dc:f3:ce:84:e4:53:34:97:b7:32:ca:ef:07:5f:
de:ad:d7:b5:6d:47:e6:97:1e:76:a5:c6:b9:2e:e5:
ae:96:98:5e:17:9f:65:55:b9:0c:5a:d3:76:23:43:
f8:ca:f0:88:2d:46:cf:b7:c4:ab:fd:b1:79:72:d2:
da:d2:4c:f6:8c:03:d7:ca:1d:11:66:eb:77:1a:62:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E0:FC:98:55:3D:D9:A7:37:E9:0A:8B:6A:ED:78:2B:CE:E1:70:8E
X509v3 Authority Key Identifier:
keyid:C9:63:3F:A6:FC:66:B4:36:39:C0:56:D0:21:74:F8:0C:24:26:61:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWM_pvxmtDY5wFbQIXT4DCQmYUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/jeD8mFU92ac36QqLau14K87hcI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/9cb329-0fe9-4ffe-be5f-038a54e3912f/1/yWM_pvxmtDY5wFbQIXT4DCQmYUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.140.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c7:8e:01:ea:8c:d4:26:f9:89:67:fa:d4:1f:97:7e:33:70:
09:94:d1:83:65:36:7a:ee:f6:c6:fa:ee:93:fc:19:8c:44:fc:
ae:9a:18:09:88:7c:4a:cb:18:0f:53:47:6a:cd:1f:66:37:3a:
cf:1a:fb:de:46:0e:49:35:37:09:d1:96:ec:0a:a1:02:fb:c2:
d5:35:7c:ff:92:13:d3:37:aa:7c:ca:49:56:c9:68:53:be:dd:
04:a0:41:8f:e6:d3:95:c2:d5:ea:b3:ae:42:bf:36:43:f3:c7:
1d:bf:e2:4d:e3:13:ae:08:26:73:bb:43:9e:60:cc:7a:66:0c:
76:e1:1b:e3:fa:23:30:de:78:9e:82:ad:cb:d4:3b:57:2b:a6:
f0:c3:10:d2:c6:f5:73:c5:5e:e1:ec:fd:8e:71:3b:22:c3:11:
52:60:c0:b8:88:56:e5:fe:c5:da:4b:d1:9e:17:7f:c5:89:20:
25:c2:e3:27:65:17:9a:d9:e7:b6:c2:2f:94:00:e9:16:55:32:
e4:95:45:69:40:53:07:45:14:fd:2d:78:77:f6:5a:60:47:d5:
4b:6c:3e:dd:64:bf:36:bf:8d:b0:d9:54:cf:fd:51:0f:e9:2a:
d3:6f:54:b8:4d:82:90:d4:8a:9f:a5:a1:33:b8:91:cf:de:03:
95:3a:b2:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzNfgw60NqIXyv9vlv+3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NjMzZmE2ZmM2NmI0MzYzOWMwNTZkMDIxNzRmODBjMjQy
NjYxNGIwHhcNMjMwMTAyMTQwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGUwZmM5ODU1M2RkOWE3MzdlOTBhOGI2YWVkNzgyYmNlZTE3MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqosx2lWLw9PNRqANepee3skcC89a
vaahsgZ7/El5NaqTvvgLFet5grVU5Bb0uIqF1EAJY1lzpJJA4P41KQ9OmADTqO08
/wV2Bx1OttdXKXkdKVB8wWyfo64oNJz+7HJ9fCWNkXshL/TWY7wBoe/0b1QzX7XG
SSJTpKMlaoMh1zq88dDW6+qh6Y1iBP4HW15/jugIYrXTp5qsUV8POxwit1sI5esQ
DKelyD9YEibXl6uqTZAF3PPOhORTNJe3MsrvB1/erde1bUfmlx52pca5LuWulphe
F59lVbkMWtN2I0P4yvCILUbPt8Sr/bF5ctLa0kz2jAPXyh0RZut3GmK5+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3g/JhVPdmnN+kKi2rteCvO4XCOMB8GA1UdIwQY
MBaAFMljP6b8ZrQ2OcBW0CF0+AwkJmFLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYt
MDM4YTU0ZTM5MTJmLzEvamVEOG1GVTkyYWMzNlFxTGF1MTRLODdoY0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi85Y2IzMjktMGZlOS00ZmZlLWJlNWYtMDM4YTU0ZTM5MTJm
LzEveVdNX3B2eG10RFk1d0ZiUUlYVDREQ1FtWVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaaMMA0G
CSqGSIb3DQEBCwUAA4IBAQAex44B6ozUJvmJZ/rUH5d+M3AJlNGDZTZ67vbG+u6T
/BmMRPyumhgJiHxKyxgPU0dqzR9mNzrPGvveRg5JNTcJ0ZbsCqEC+8LVNXz/khPT
N6p8yklWyWhTvt0EoEGP5tOVwtXqs65CvzZD88cdv+JN4xOuCCZzu0OeYMx6Zgx2
4Rvj+iMw3niegq3L1DtXK6bwwxDSxvVzxV7h7P2OcTsiwxFSYMC4iFbl/sXaS9Ge
F3/FiSAlwuMnZRea2ee2wi+UAOkWVTLklUVpQFMHRRT9LXh39lpgR9VLbD7dZL82
v42w2VTP/VEP6SrTb1S4TYKQ1IqfpaEzuJHP3gOVOrKD
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:08:19 2025 by rpki-client