Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/tJrt9o7LO98WE_zDqSiNIyEV5iY.roa
File: tJrt9o7LO98WE_zDqSiNIyEV5iY.roa (raw, json)
Hash identifier: xYe2fEuelYtVAWljn8FVRyXFXX/dOOvkmNiyvBSmjwk=
Subject key identifier: B4:9A:ED:F6:8E:CB:3B:DF:16:13:FC:C3:A9:28:8D:23:21:15:E6:26
Certificate issuer: /CN=7e86dcde711d545353974b33955108d9df40b6e9
Certificate serial: 0FD02D
Authority key identifier: 7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/tJrt9o7LO98WE_zDqSiNIyEV5iY.roa
Signing time: Sat 01 Jan 2022 01:56:33 +0000
ROA not before: Sat 01 Jan 2022 01:56:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199803
IP address blocks: 185.138.108.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036333 (0xfd02d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e86dcde711d545353974b33955108d9df40b6e9
Validity
Not Before: Jan 1 01:56:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b49aedf68ecb3bdf1613fcc3a9288d232115e626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e6:27:32:46:88:60:11:9e:de:ab:ed:eb:db:
9f:7e:d5:ec:73:ba:dc:af:a1:aa:11:d6:56:9b:19:
51:70:01:37:1a:b0:59:e6:4f:d2:97:fd:14:76:1e:
54:99:4a:2d:5b:4c:20:0f:1d:87:62:28:aa:0c:08:
d0:89:3a:27:77:dc:d8:ce:c6:cf:3a:ab:45:6c:df:
f1:ed:0b:54:74:6a:f6:26:37:ec:27:98:f9:ac:a4:
47:a4:6a:e8:e4:96:fb:da:bb:f2:e1:9b:d8:56:fd:
75:61:54:d7:38:63:de:16:46:f0:ee:51:6f:1a:8e:
e7:24:51:70:c9:5a:f4:f3:a5:01:71:80:db:b5:6a:
20:40:ee:40:7d:5f:91:06:6c:26:60:48:97:13:90:
c0:bd:86:f2:45:bb:be:1b:35:ae:62:48:03:5b:b6:
36:f5:30:8d:e7:bb:5c:a5:ce:6c:9b:09:1b:37:15:
0b:04:72:14:1d:05:49:90:b9:53:36:e7:e5:18:ea:
ff:bf:27:c5:00:e5:8e:d5:c7:8c:37:76:ac:d2:33:
d8:bc:4a:a1:4a:ed:44:35:c1:2b:7e:f6:7c:43:5d:
07:39:59:0f:d8:01:16:43:5f:27:ef:ce:1f:3d:5f:
49:2d:84:52:24:56:e8:bf:ac:a1:c4:00:d2:bc:be:
d1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9A:ED:F6:8E:CB:3B:DF:16:13:FC:C3:A9:28:8D:23:21:15:E6:26
X509v3 Authority Key Identifier:
keyid:7E:86:DC:DE:71:1D:54:53:53:97:4B:33:95:51:08:D9:DF:40:B6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fobc3nEdVFNTl0szlVEI2d9Atuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/tJrt9o7LO98WE_zDqSiNIyEV5iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/63e413-35ca-49e0-8285-35f1a9088b42/1/fobc3nEdVFNTl0szlVEI2d9Atuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.108.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:11:66:57:f9:37:8e:cc:8c:2e:0c:0b:1d:d3:a2:f7:b7:d1:
92:7d:15:1b:55:64:f8:5e:a7:8c:ba:9d:d9:fa:13:e8:52:a1:
53:6b:a6:70:29:71:e5:4c:f4:db:27:e4:20:92:f1:1c:32:b6:
ca:0f:ec:b1:7d:d7:e4:38:ba:5b:12:b4:63:b1:34:bb:05:3d:
23:28:9e:42:64:a5:ad:0f:25:e8:55:44:9b:0f:f4:b6:72:6b:
0f:bf:7a:d6:94:9b:7a:8f:95:8f:56:82:d8:c5:a1:af:a6:af:
73:95:47:ca:02:b1:3d:5c:73:dc:dd:27:b6:11:02:12:4d:b5:
fd:74:39:b9:4a:b9:59:42:cc:9b:1e:42:10:a5:d3:74:6a:22:
35:68:4f:f3:8f:5f:58:61:ba:bb:3e:22:a6:4a:94:9b:82:64:
86:e0:dc:ea:29:90:de:28:35:a1:07:e8:ad:59:b8:36:9e:04:
12:bf:29:75:0a:4a:90:35:60:97:28:0e:70:f6:42:e3:a8:a4:
15:8b:0f:f6:7b:06:95:96:f2:04:ec:16:0b:48:35:7b:23:9e:
18:e2:39:12:71:73:f8:18:6e:80:4e:7e:f0:5f:c6:31:31:7f:
3e:c1:d0:ca:b5:2a:68:7e:48:f3:fa:da:90:3f:bb:da:27:6c:
69:0a:c3:80
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDD9AtMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDdl
ODZkY2RlNzExZDU0NTM1Mzk3NGIzMzk1NTEwOGQ5ZGY0MGI2ZTkwHhcNMjIwMTAx
MDE1NjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNDlhZWRmNjhlY2Iz
YmRmMTYxM2ZjYzNhOTI4OGQyMzIxMTVlNjI2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuOYnMkaIYBGe3qvt69ufftXsc7rcr6GqEdZWmxlRcAE3GrBZ
5k/Sl/0Udh5UmUotW0wgDx2HYiiqDAjQiTond9zYzsbPOqtFbN/x7QtUdGr2Jjfs
J5j5rKRHpGro5Jb72rvy4ZvYVv11YVTXOGPeFkbw7lFvGo7nJFFwyVr086UBcYDb
tWogQO5AfV+RBmwmYEiXE5DAvYbyRbu+GzWuYkgDW7Y29TCN57tcpc5smwkbNxUL
BHIUHQVJkLlTNuflGOr/vyfFAOWO1ceMN3as0jPYvEqhSu1ENcErfvZ8Q10HOVkP
2AEWQ18n784fPV9JLYRSJFbov6yhxADSvL7R2QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFLSa7faOyzvfFhP8w6kojSMhFeYmMB8GA1UdIwQYMBaAFH6G3N5xHVRTU5dL
M5VRCNnfQLbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Zm9iYzNuRWRWRk5UbDBzemxWRUkyZDlBdHVrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83Ny82M2U0MTMtMzVjYS00OWUwLTgyODUtMzVmMWE5MDg4YjQyLzEv
dEpydDlvN0xPOThXRV96RHFTaU5JeUVWNWlZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82
M2U0MTMtMzVjYS00OWUwLTgyODUtMzVmMWE5MDg4YjQyLzEvZm9iYzNuRWRWRk5U
bDBzemxWRUkyZDlBdHVrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYpsMA0GCSqGSIb3DQEBCwUAA4IB
AQAcEWZX+TeOzIwuDAsd06L3t9GSfRUbVWT4XqeMup3Z+hPoUqFTa6ZwKXHlTPTb
J+QgkvEcMrbKD+yxfdfkOLpbErRjsTS7BT0jKJ5CZKWtDyXoVUSbD/S2cmsPv3rW
lJt6j5WPVoLYxaGvpq9zlUfKArE9XHPc3Se2EQISTbX9dDm5SrlZQsybHkIQpdN0
aiI1aE/zj19YYbq7PiKmSpSbgmSG4NzqKZDeKDWhB+itWbg2ngQSvyl1CkqQNWCX
KA5w9kLjqKQViw/2ewaVlvIE7BYLSDV7I54Y4jkScXP4GG6ATn7wX8YxMX8+wdDK
tSpofkjz+tqQP7vaJ2xpCsOA
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:59:40 2025 by rpki-client