Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/J9D6J7Nbrd1Bu3XrBdiEF36O6VI.roa
File: J9D6J7Nbrd1Bu3XrBdiEF36O6VI.roa (raw, json)
Hash identifier: IHpfzlIac4fXJE/52qiQCbIRZFHiYD30oYLeE5V1lek=
Subject key identifier: 27:D0:FA:27:B3:5B:AD:DD:41:BB:75:EB:05:D8:84:17:7E:8E:E9:52
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 018BA8FB7FB1CC2CE17330E92955FF20776A
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/J9D6J7Nbrd1Bu3XrBdiEF36O6VI.roa
Signing time: Tue 07 Nov 2023 08:52:16 +0000
ROA not before: Tue 07 Nov 2023 08:52:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47952
IP address blocks: 185.82.220.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:fb:7f:b1:cc:2c:e1:73:30:e9:29:55:ff:20:77:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Nov 7 08:52:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27d0fa27b35baddd41bb75eb05d884177e8ee952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:94:c5:d3:c6:e3:b3:b5:e2:34:48:34:b5:e4:
f7:8c:47:a6:9c:76:c1:dd:26:ea:24:42:3e:b7:0a:
44:ca:1d:06:49:63:0b:40:12:9d:f0:2e:12:3f:8f:
e2:a2:b7:e5:7b:9d:ac:24:0b:a5:ad:d8:e7:95:70:
e4:73:28:79:3f:34:80:73:5c:3b:c1:be:e1:1c:08:
b4:81:9d:11:49:84:85:5a:bd:02:44:e7:c7:dd:2f:
5a:4b:df:5e:26:67:41:29:d8:2e:24:0c:fc:9a:de:
2f:19:61:44:44:a6:a7:7d:90:28:a1:d8:cc:37:c5:
16:69:49:85:35:8e:32:d0:ef:42:26:da:2f:e5:8f:
ef:2a:c1:14:d1:7d:67:f4:8c:68:06:6b:90:32:88:
3e:c9:41:94:91:67:c7:a3:9c:33:bd:20:08:18:e5:
75:41:a0:e3:5a:fb:28:12:f1:eb:54:fc:a5:0b:16:
e9:11:23:d0:ee:4f:6a:66:71:8a:50:48:f5:9f:40:
02:9e:88:09:ee:c9:b9:5d:c6:fa:2f:31:a9:53:e0:
72:c2:ef:eb:24:64:b1:15:8b:76:0d:48:83:3f:bf:
74:15:7c:4f:fc:69:38:ce:71:b7:52:9d:43:f3:0b:
4e:7c:49:10:63:6c:38:61:97:f0:27:1b:3a:7b:7b:
a5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D0:FA:27:B3:5B:AD:DD:41:BB:75:EB:05:D8:84:17:7E:8E:E9:52
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/J9D6J7Nbrd1Bu3XrBdiEF36O6VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.52.0/24
91.194.54.0/24
185.82.220.0/24
185.82.223.0/24
185.201.212.0/22
IPv6:
2a0a:c4c0::/47
Signature Algorithm: sha256WithRSAEncryption
7c:fb:b4:a7:e7:41:b6:b0:1c:0d:e4:4c:c8:2e:fb:bb:36:81:
5a:fd:cc:92:28:25:21:b4:2f:c4:2e:fe:5b:a6:ea:42:57:b7:
59:22:e3:26:20:5e:17:ff:90:91:29:79:fd:c7:7c:1b:c4:c6:
7e:ee:81:80:b4:4c:fb:17:c7:90:a6:ac:1d:19:1d:33:3e:94:
b0:5e:8a:06:f1:73:9e:b6:2b:1e:64:51:67:c0:92:43:dd:2a:
ac:3e:14:06:4e:9c:47:00:ff:43:3f:b1:5f:8e:48:e1:b6:e2:
d3:62:87:04:44:ea:bf:6d:ba:ed:af:e8:ba:e1:7e:52:64:16:
bd:47:6a:7a:69:71:ff:d4:49:89:33:db:1b:95:b1:be:b4:20:
ec:58:cd:b6:1e:ec:00:3b:cc:e7:06:c7:d4:8b:3a:fa:6d:78:
0c:7e:25:b5:3b:f2:df:de:36:5a:ca:f3:51:dc:53:5f:1d:63:
ca:1f:20:a1:b7:7c:09:dd:f7:40:13:29:44:51:e9:c8:77:38:
13:0c:c9:0e:76:d6:ba:cf:5e:be:0c:fb:e2:8a:b5:27:3a:44:
c0:0b:04:d4:b9:99:00:e8:84:a8:fb:45:f7:e3:02:75:80:90:
7c:13:e3:a3:4c:3c:45:ff:97:d5:8c:a7:4b:a8:fe:a4:b5:52:
de:43:42:59
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYuo+3+xzCzhczDpKVX/IHdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjMxMTA3MDg1MjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QwZmEyN2IzNWJhZGRkNDFiYjc1ZWIwNWQ4ODQxNzdlOGVlOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJTF08bjs7XiNEg0teT3jEemnHbB
3SbqJEI+twpEyh0GSWMLQBKd8C4SP4/iorfle52sJAulrdjnlXDkcyh5PzSAc1w7
wb7hHAi0gZ0RSYSFWr0CROfH3S9aS99eJmdBKdguJAz8mt4vGWFERKanfZAoodjM
N8UWaUmFNY4y0O9CJtov5Y/vKsEU0X1n9IxoBmuQMog+yUGUkWfHo5wzvSAIGOV1
QaDjWvsoEvHrVPylCxbpESPQ7k9qZnGKUEj1n0ACnogJ7sm5Xcb6LzGpU+Bywu/r
JGSxFYt2DUiDP790FXxP/Gk4znG3Up1D8wtOfEkQY2w4YZfwJxs6e3ul3QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCfQ+iezW63dQbt16wXYhBd+julSMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvSjlENko3TmJyZDFCdTNYckJkaUVGMzZPNlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW8I0AwQA
W8I2AwQAuVLcAwQAuVLfAwQCucnUMA8EAgACMAkDBwEqCsTAAAAwDQYJKoZIhvcN
AQELBQADggEBAHz7tKfnQbawHA3kTMgu+7s2gVr9zJIoJSG0L8Qu/lum6kJXt1ki
4yYgXhf/kJEpef3HfBvExn7ugYC0TPsXx5CmrB0ZHTM+lLBeigbxc562Kx5kUWfA
kkPdKqw+FAZOnEcA/0M/sV+OSOG24tNihwRE6r9tuu2v6LrhflJkFr1Hanppcf/U
SYkz2xuVsb60IOxYzbYe7AA7zOcGx9SLOvpteAx+JbU78t/eNlrK81HcU18dY8of
IKG3fAnd90ATKURR6ch3OBMMyQ521rrPXr4M++KKtSc6RMALBNS5mQDohKj7Rffj
AnWAkHwT46NMPEX/l9WMp0uo/qS1Ut5DQlk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:32:46 2025 by rpki-client