Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ef2a01-d8ca-4b94-8f67-78ea83d21249/1/td3qhXEd_ncOUIHPqBoK7gw7vGg.roa
File: td3qhXEd_ncOUIHPqBoK7gw7vGg.roa (raw, json)
Hash identifier: rKRQU0qqyXzMw3/MsQPkn2uCBNO+i6wIeln/1U2b+4Q=
Subject key identifier: B5:DD:EA:85:71:1D:FE:77:0E:50:81:CF:A8:1A:0A:EE:0C:3B:BC:68
Certificate issuer: /CN=ee82395001b03c663509909979dfb78445b3d9c4
Certificate serial: 14EA900B
Authority key identifier: EE:82:39:50:01:B0:3C:66:35:09:90:99:79:DF:B7:84:45:B3:D9:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7oI5UAGwPGY1CZCZed-3hEWz2cQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ef2a01-d8ca-4b94-8f67-78ea83d21249/1/td3qhXEd_ncOUIHPqBoK7gw7vGg.roa
Signing time: Sat 01 Jan 2022 03:51:06 +0000
ROA not before: Sat 01 Jan 2022 03:51:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8253
IP address blocks: 192.108.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350916619 (0x14ea900b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee82395001b03c663509909979dfb78445b3d9c4
Validity
Not Before: Jan 1 03:51:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5ddea85711dfe770e5081cfa81a0aee0c3bbc68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:8a:1d:75:0a:ec:53:32:b7:76:97:d7:ee:b2:
f9:c6:41:2e:3f:0e:9a:36:78:87:31:d0:ff:c5:6c:
ab:45:6d:ee:39:aa:21:25:ae:e2:85:3e:78:eb:2b:
5a:39:97:b8:39:65:b7:8e:cd:91:8f:09:b3:6c:b7:
f5:65:01:b6:20:77:0e:46:83:fe:45:64:79:ef:95:
a0:fa:fb:9e:c1:73:5c:ec:50:7a:ed:4b:33:26:da:
a5:5e:9a:df:c4:cf:4e:88:fb:27:02:95:c5:30:0a:
15:6d:07:8b:43:af:2d:42:09:ad:01:74:78:97:8c:
78:48:0d:f9:6f:08:e5:b7:9e:b5:06:a8:2d:8d:c0:
d1:78:b8:1f:3f:10:de:ae:e6:e8:32:83:05:fc:1e:
8f:ce:73:26:ed:1f:16:7d:d4:50:e1:17:3a:21:3e:
18:c3:88:b6:75:02:72:eb:b5:eb:84:7a:e4:47:f5:
95:7e:02:bc:b9:e8:db:80:44:4b:70:4a:94:2b:b1:
7d:9d:1b:ab:a9:1c:10:74:13:77:8c:3b:d9:0c:07:
ad:43:d1:09:d8:8f:dd:ed:8b:a8:93:49:4f:00:be:
73:7b:60:ce:36:17:13:04:c9:d1:f0:ca:03:35:e8:
49:91:5b:40:75:5f:18:e4:db:55:11:7c:05:14:6e:
4c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DD:EA:85:71:1D:FE:77:0E:50:81:CF:A8:1A:0A:EE:0C:3B:BC:68
X509v3 Authority Key Identifier:
keyid:EE:82:39:50:01:B0:3C:66:35:09:90:99:79:DF:B7:84:45:B3:D9:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7oI5UAGwPGY1CZCZed-3hEWz2cQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ef2a01-d8ca-4b94-8f67-78ea83d21249/1/td3qhXEd_ncOUIHPqBoK7gw7vGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ef2a01-d8ca-4b94-8f67-78ea83d21249/1/7oI5UAGwPGY1CZCZed-3hEWz2cQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.108.114.0/24
Signature Algorithm: sha256WithRSAEncryption
66:00:29:6d:48:95:65:03:b6:ec:1c:85:ac:04:a9:aa:74:15:
bf:30:d2:c4:45:1c:74:03:ea:28:e5:af:26:25:f8:2f:50:94:
1f:40:c7:df:17:73:c9:e0:d4:08:1e:e4:dc:37:81:d0:6f:94:
bf:3f:44:0a:e5:83:2f:46:ab:d7:66:ad:76:54:13:86:c8:ce:
59:d7:6f:c6:7c:f0:a4:20:90:f0:41:f7:2b:d3:b8:a2:b0:ca:
a4:a6:4a:02:f6:8d:51:5a:d8:36:b5:4a:2d:cf:8a:bf:0a:11:
7d:f6:e4:37:e3:59:51:d1:2e:64:d3:af:a9:ab:bf:02:5e:9b:
38:71:63:dc:27:97:52:15:f0:70:b3:23:7d:46:31:e8:2b:fd:
69:52:1b:c3:62:34:af:ec:49:fe:9c:f7:09:d3:07:fa:27:42:
b4:a8:c0:d4:ad:27:6d:45:7b:0b:ae:47:9b:b2:87:ca:1a:8a:
fd:c4:95:7e:cb:e9:f5:ad:39:91:29:01:d3:8d:7b:84:1f:ab:
8e:1a:cd:2b:8b:70:88:4f:29:a3:0e:7f:1f:5f:63:99:a8:3e:
c3:a2:e1:0a:d3:31:bc:f7:a3:66:37:70:8f:57:19:b7:a8:a9:
5c:63:ed:78:d9:b8:e2:6f:e7:c8:75:ee:fd:98:fe:ec:69:c8:
67:81:f0:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFOqQCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZTgyMzk1MDAxYjAzYzY2MzUwOTkwOTk3OWRmYjc4NDQ1YjNkOWM0MB4XDTIyMDEw
MTAzNTEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVkZGVhODU3MTFk
ZmU3NzBlNTA4MWNmYTgxYTBhZWUwYzNiYmM2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPKKHXUK7FMyt3aX1+6y+cZBLj8OmjZ4hzHQ/8Vsq0Vt7jmq
ISWu4oU+eOsrWjmXuDllt47NkY8Js2y39WUBtiB3DkaD/kVkee+VoPr7nsFzXOxQ
eu1LMybapV6a38TPToj7JwKVxTAKFW0Hi0OvLUIJrQF0eJeMeEgN+W8I5beetQao
LY3A0Xi4Hz8Q3q7m6DKDBfwej85zJu0fFn3UUOEXOiE+GMOItnUCcuu164R65Ef1
lX4CvLno24BES3BKlCuxfZ0bq6kcEHQTd4w72QwHrUPRCdiP3e2LqJNJTwC+c3tg
zjYXEwTJ0fDKAzXoSZFbQHVfGOTbVRF8BRRuTP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS13eqFcR3+dw5Qgc+oGgruDDu8aDAfBgNVHSMEGDAWgBTugjlQAbA8ZjUJ
kJl537eERbPZxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdvSTVVQUd3UEdZMUNaQ1plZC0zaEVXejJjUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvZWYyYTAxLWQ4Y2EtNGI5NC04ZjY3LTc4ZWE4M2QyMTI0OS8x
L3RkM3FoWEVkX25jT1VJSFBxQm9LN2d3N3ZHZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
ZWYyYTAxLWQ4Y2EtNGI5NC04ZjY3LTc4ZWE4M2QyMTI0OS8xLzdvSTVVQUd3UEdZ
MUNaQ1plZC0zaEVXejJjUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBscjANBgkqhkiG9w0BAQsFAAOC
AQEAZgApbUiVZQO27ByFrASpqnQVvzDSxEUcdAPqKOWvJiX4L1CUH0DH3xdzyeDU
CB7k3DeB0G+Uvz9ECuWDL0ar12atdlQThsjOWddvxnzwpCCQ8EH3K9O4orDKpKZK
AvaNUVrYNrVKLc+KvwoRffbkN+NZUdEuZNOvqau/Al6bOHFj3CeXUhXwcLMjfUYx
6Cv9aVIbw2I0r+xJ/pz3CdMH+idCtKjA1K0nbUV7C65Hm7KHyhqK/cSVfsvp9a05
kSkB0417hB+rjhrNK4twiE8pow5/H19jmag+w6LhCtMxvPejZjdwj1cZt6ipXGPt
eNm44m/nyHXu/Zj+7GnIZ4HwuQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:22:18 2025 by rpki-client