Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/ELj9XY-0AdPcnv5pujwcANn7dko.roa
File: ELj9XY-0AdPcnv5pujwcANn7dko.roa (raw, json)
Hash identifier: 1EDzhhfaCZgmMb9bUIiFfjAgRyC/m9QVGoA8K1mwJJc=
Subject key identifier: 10:B8:FD:5D:8F:B4:01:D3:DC:9E:FE:69:BA:3C:1C:00:D9:FB:76:4A
Certificate issuer: /CN=75790c7ecf24d28be2e13fe069118cee27d58002
Certificate serial: 01856FF0591EC0E9FFAE5F8A6B010B1590BE
Authority key identifier: 75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/ELj9XY-0AdPcnv5pujwcANn7dko.roa
Signing time: Mon 02 Jan 2023 00:45:00 +0000
ROA not before: Mon 02 Jan 2023 00:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204156
IP address blocks: 188.214.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:59:1e:c0:e9:ff:ae:5f:8a:6b:01:0b:15:90:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75790c7ecf24d28be2e13fe069118cee27d58002
Validity
Not Before: Jan 2 00:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=10b8fd5d8fb401d3dc9efe69ba3c1c00d9fb764a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:58:f3:51:f0:47:68:a0:4a:5e:7f:c1:77:
a5:fe:a5:87:d1:64:f1:fc:1f:18:12:b5:bc:8a:d7:
12:82:1d:15:ab:cd:ba:f4:c2:93:ad:2c:62:92:ec:
90:a0:34:25:a7:5f:92:72:86:3e:86:62:c6:72:b5:
a7:92:7c:e0:ba:d0:5d:7b:5b:77:33:b3:9c:cf:b4:
d7:af:fa:8a:19:e1:84:ae:17:22:51:ab:ea:34:8f:
72:2d:61:3c:d2:c5:c9:e5:77:59:a7:59:23:86:c8:
44:8c:5f:f3:31:72:8e:45:a3:ff:9b:c0:d9:9b:5b:
40:58:eb:78:d9:05:6e:ff:ed:d6:6a:91:c8:eb:38:
82:88:53:e5:35:56:69:af:44:31:21:7a:a0:ea:be:
26:d8:da:99:cf:b2:34:b7:25:87:41:17:7c:3e:39:
46:e9:9b:54:de:ff:e0:39:ed:0b:d9:5f:72:c7:0c:
51:10:3f:4a:6f:34:8e:53:d2:00:c0:fb:7c:e8:08:
a0:7d:c1:85:25:ab:c2:89:ea:9e:6c:bd:24:0a:9e:
85:77:50:d2:0a:fd:ee:66:ca:38:ec:c7:fe:d5:47:
42:d1:36:b0:1c:62:31:8e:d2:49:b8:35:f5:1a:31:
8c:2a:ac:21:0b:4d:94:bd:57:2d:0f:af:12:0e:46:
c0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B8:FD:5D:8F:B4:01:D3:DC:9E:FE:69:BA:3C:1C:00:D9:FB:76:4A
X509v3 Authority Key Identifier:
keyid:75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/ELj9XY-0AdPcnv5pujwcANn7dko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.92.0/24
Signature Algorithm: sha256WithRSAEncryption
66:06:d0:70:e6:4a:a9:c1:5f:97:7d:2d:67:ae:e7:69:a5:a8:
d8:9b:fa:f1:aa:21:e9:b4:8f:c3:2f:5d:5e:0a:fa:8a:4e:28:
16:b1:2f:7d:fc:64:1d:5a:4e:70:81:1f:31:3c:8c:39:f6:a8:
69:ee:37:ae:a4:fc:e6:e6:16:b3:38:93:e1:86:3c:6c:81:f1:
f3:57:b2:08:fa:97:5d:59:2c:0d:10:34:ce:2b:a2:de:06:b7:
d6:1a:f0:32:63:bd:c5:88:f9:d0:82:c3:67:cf:62:5a:3b:76:
d2:7d:f4:d8:a9:d6:f0:01:da:c9:c4:8d:6a:7b:74:30:8f:4a:
76:f5:cc:e0:5b:02:19:65:90:cf:45:a6:0e:39:5f:8c:a3:cf:
a5:4c:bf:ad:f8:a6:bb:e7:d8:a5:9f:f1:e9:03:9a:ca:37:71:
45:c4:66:de:07:43:91:80:a4:37:ef:2c:ac:a1:80:e4:fe:87:
34:e2:b4:8a:20:3c:8c:19:af:cd:0e:aa:28:75:42:aa:61:f1:
6d:8b:a3:8a:c9:77:a1:b1:ce:63:7a:17:2f:0c:70:2c:a0:eb:
99:36:e3:1b:bf:12:d4:bb:ac:d6:e2:38:34:53:1f:09:83:70:
24:e5:04:8b:49:f9:88:0d:da:5e:ac:fe:88:af:ab:0a:3a:8a:
e0:1e:21:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8FkewOn/rl+KawELFZC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzkwYzdlY2YyNGQyOGJlMmUxM2ZlMDY5MTE4Y2VlMjdk
NTgwMDIwHhcNMjMwMTAyMDA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI4ZmQ1ZDhmYjQwMWQzZGM5ZWZlNjliYTNjMWMwMGQ5ZmI3NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnpY81HwR2igSl5/wXel/qWH0WTx
/B8YErW8itcSgh0Vq8269MKTrSxikuyQoDQlp1+ScoY+hmLGcrWnknzgutBde1t3
M7Ocz7TXr/qKGeGErhciUavqNI9yLWE80sXJ5XdZp1kjhshEjF/zMXKORaP/m8DZ
m1tAWOt42QVu/+3WapHI6ziCiFPlNVZpr0QxIXqg6r4m2NqZz7I0tyWHQRd8PjlG
6ZtU3v/gOe0L2V9yxwxRED9KbzSOU9IAwPt86AigfcGFJavCieqebL0kCp6Fd1DS
Cv3uZso47Mf+1UdC0TawHGIxjtJJuDX1GjGMKqwhC02UvVctD68SDkbAUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBC4/V2PtAHT3J7+abo8HADZ+3ZKMB8GA1UdIwQY
MBaAFHV5DH7PJNKL4uE/4GkRjO4n1YACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMt
MjcxZmRlMmRjNjU1LzEvRUxqOVhZLTBBZFBjbnY1cHVqd2NBTm43ZGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi80OTZkNTYtODZmZi00OGJlLWJkZTMtMjcxZmRlMmRjNjU1
LzEvZFhrTWZzOGswb3ZpNFRfZ2FSR003aWZWZ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNZcMA0G
CSqGSIb3DQEBCwUAA4IBAQBmBtBw5kqpwV+XfS1nrudppajYm/rxqiHptI/DL11e
CvqKTigWsS99/GQdWk5wgR8xPIw59qhp7jeupPzm5hazOJPhhjxsgfHzV7II+pdd
WSwNEDTOK6LeBrfWGvAyY73FiPnQgsNnz2JaO3bSffTYqdbwAdrJxI1qe3Qwj0p2
9czgWwIZZZDPRaYOOV+Mo8+lTL+t+Ka759iln/HpA5rKN3FFxGbeB0ORgKQ37yys
oYDk/oc04rSKIDyMGa/NDqoodUKqYfFti6OKyXehsc5jehcvDHAsoOuZNuMbvxLU
u6zW4jg0Ux8Jg3Ak5QSLSfmIDdperP6Ir6sKOorgHiFW
-----END CERTIFICATE-----
Generated at Mon Apr 7 22:53:57 2025 by rpki-client