Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/e8WEBOxggfEx62AE5phvUI8HNFk.roa
File: e8WEBOxggfEx62AE5phvUI8HNFk.roa (raw, json)
Hash identifier: f8Rw+8Ce7TqTgX3eTOr4miGswKdcVgwS8udwg4PDP6Y=
Subject key identifier: 7B:C5:84:04:EC:60:81:F1:31:EB:60:04:E6:98:6F:50:8F:07:34:59
Certificate issuer: /CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
Certificate serial: 01840B026380928EED680E191FDDDBC35622
Authority key identifier: B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/e8WEBOxggfEx62AE5phvUI8HNFk.roa
Signing time: Mon 24 Oct 2022 17:20:16 +0000
ROA not before: Mon 24 Oct 2022 17:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206343
IP address blocks: 185.137.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:02:63:80:92:8e:ed:68:0e:19:1f:dd:db:c3:56:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d7f999838aa163bf344fc69917bb60d12fdfc3
Validity
Not Before: Oct 24 17:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7bc58404ec6081f131eb6004e6986f508f073459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:e0:e3:2c:7d:aa:aa:e5:5a:8a:06:57:1f:
1a:37:2c:fa:89:ba:6a:55:9a:3a:6c:73:a9:b3:91:
29:2b:52:e4:f4:0b:60:31:0c:8f:c0:bb:6e:90:86:
ad:c6:de:47:45:e9:09:a1:db:9c:1a:fb:b4:0d:4f:
05:a2:59:4f:34:97:f7:1a:47:a3:3a:0e:de:89:46:
84:72:83:b4:42:66:94:f9:57:2a:ca:b5:c7:9b:5b:
55:3f:df:67:ef:74:03:a1:5a:7d:9b:56:1b:e0:b4:
f3:d4:55:ba:cf:ea:95:4e:f6:2e:6f:f2:1b:47:25:
3b:13:8b:b1:60:8d:c3:c0:68:7f:52:cc:66:18:fd:
6a:6b:2e:38:7b:e7:36:ff:da:43:46:49:0f:80:8e:
8d:47:c0:31:52:62:7e:ef:80:52:9a:ae:22:b5:81:
e0:bd:d2:cc:2a:78:80:0c:9b:b0:69:e4:9d:4f:f0:
80:23:d5:54:79:c2:7e:8f:8d:60:ef:c2:2a:7a:a3:
48:22:1b:92:c1:19:7c:05:a5:57:b0:af:1e:30:55:
09:5a:61:8f:ec:55:f9:bd:dd:60:3d:47:80:00:a9:
44:67:77:00:4d:04:05:72:74:6a:b9:76:5e:90:39:
15:34:66:94:1a:11:03:68:32:ff:53:be:c4:65:ea:
5c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C5:84:04:EC:60:81:F1:31:EB:60:04:E6:98:6F:50:8F:07:34:59
X509v3 Authority Key Identifier:
keyid:B2:D7:F9:99:83:8A:A1:63:BF:34:4F:C6:99:17:BB:60:D1:2F:DF:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stf5mYOKoWO_NE_GmRe7YNEv38M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/e8WEBOxggfEx62AE5phvUI8HNFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/698efb-c6b4-4d2c-9368-7cec2d5345b4/1/stf5mYOKoWO_NE_GmRe7YNEv38M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.158.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:06:25:38:45:01:91:83:8a:8e:0e:15:5f:2d:4e:53:7e:2a:
a4:a8:2e:e2:0b:b9:ca:b6:bc:e7:c0:10:c5:7f:62:62:c0:d2:
3b:2d:99:22:84:cd:3b:36:ba:cc:50:99:3b:63:04:36:9e:cd:
98:10:cd:ef:1c:a2:b7:d2:d6:8a:ab:ed:8b:d5:fc:71:33:bd:
00:ba:08:c0:8b:71:ae:ca:d5:ad:60:7b:ca:7e:b5:cd:7e:6e:
80:5a:1d:00:00:61:97:84:c5:cc:7d:5c:9b:3e:6f:48:87:90:
29:f2:ca:95:56:9e:d4:8e:86:6a:ac:93:57:83:58:d4:21:df:
e3:b1:5e:b8:3c:22:38:97:f2:40:ae:68:ed:bd:2b:7b:e4:bb:
fa:d9:bf:39:89:e2:fb:8a:6c:ac:97:3f:9f:a3:76:96:fd:83:
95:9a:ae:a5:b7:0b:07:6e:a5:9a:61:94:ef:6f:ac:1b:5e:af:
83:45:a4:05:bc:d3:c7:41:f7:c5:71:2b:13:c0:61:45:93:52:
85:04:d0:7a:ae:80:0a:76:27:ea:d9:95:c8:ae:d1:25:be:38:
fd:29:e7:d8:d5:69:21:53:c0:7e:34:06:37:21:92:ae:f0:02:
cf:d0:12:ee:5e:c7:b5:74:d2:0a:8c:20:2f:ed:9d:6e:51:44:
4c:b7:ae:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQLAmOAko7taA4ZH93bw1YiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDdmOTk5ODM4YWExNjNiZjM0NGZjNjk5MTdiYjYwZDEy
ZmRmYzMwHhcNMjIxMDI0MTcyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmM1ODQwNGVjNjA4MWYxMzFlYjYwMDRlNjk4NmY1MDhmMDczNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytrg4yx9qqrlWooGVx8aNyz6ibpq
VZo6bHOps5EpK1Lk9AtgMQyPwLtukIatxt5HRekJoducGvu0DU8FollPNJf3Gkej
Og7eiUaEcoO0QmaU+VcqyrXHm1tVP99n73QDoVp9m1Yb4LTz1FW6z+qVTvYub/Ib
RyU7E4uxYI3DwGh/UsxmGP1qay44e+c2/9pDRkkPgI6NR8AxUmJ+74BSmq4itYHg
vdLMKniADJuwaeSdT/CAI9VUecJ+j41g78IqeqNIIhuSwRl8BaVXsK8eMFUJWmGP
7FX5vd1gPUeAAKlEZ3cATQQFcnRquXZekDkVNGaUGhEDaDL/U77EZepcWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHvFhATsYIHxMetgBOaYb1CPBzRZMB8GA1UdIwQY
MBaAFLLX+ZmDiqFjvzRPxpkXu2DRL9/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgt
N2NlYzJkNTM0NWI0LzEvZThXRUJPeGdnZkV4NjJBRTVwaHZVSThITkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82OThlZmItYzZiNC00ZDJjLTkzNjgtN2NlYzJkNTM0NWI0
LzEvc3RmNW1ZT0tvV09fTkVfR21SZTdZTkV2MzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYmeMA0G
CSqGSIb3DQEBCwUAA4IBAQCbBiU4RQGRg4qODhVfLU5TfiqkqC7iC7nKtrznwBDF
f2JiwNI7LZkihM07NrrMUJk7YwQ2ns2YEM3vHKK30taKq+2L1fxxM70AugjAi3Gu
ytWtYHvKfrXNfm6AWh0AAGGXhMXMfVybPm9Ih5Ap8sqVVp7UjoZqrJNXg1jUId/j
sV64PCI4l/JArmjtvSt75Lv62b85ieL7imyslz+fo3aW/YOVmq6ltwsHbqWaYZTv
b6wbXq+DRaQFvNPHQffFcSsTwGFFk1KFBNB6roAKdifq2ZXIrtElvjj9KefY1Wkh
U8B+NAY3IZKu8ALP0BLuXse1dNIKjCAv7Z1uUURMt65g
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:05 2025 by rpki-client