Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/jlR7biSYlxpfN1I1WKcd45OBPmM.roa
File: jlR7biSYlxpfN1I1WKcd45OBPmM.roa (raw, json)
Hash identifier: kiiDMUV9Y+WbTKrqRs7zel0XZqrltvyyNAUjSc3Gmso=
Subject key identifier: 8E:54:7B:6E:24:98:97:1A:5F:37:52:35:58:A7:1D:E3:93:81:3E:63
Certificate issuer: /CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Certificate serial: 01857130938C25164AC95EA33A5D2C971BAF
Authority key identifier: 7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/jlR7biSYlxpfN1I1WKcd45OBPmM.roa
Signing time: Mon 02 Jan 2023 06:34:46 +0000
ROA not before: Mon 02 Jan 2023 06:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50718
IP address blocks: 185.29.89.0/24 maxlen: 24
91.227.236.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:93:8c:25:16:4a:c9:5e:a3:3a:5d:2c:97:1b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d0213e3e7ebe6170a3600a8e3ae64ed962c0e36
Validity
Not Before: Jan 2 06:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e547b6e2498971a5f37523558a71de393813e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6d:e8:e8:ba:b8:fd:fc:a8:13:4f:cf:53:3a:
3b:ef:ca:0c:3c:75:d5:99:79:c6:37:7c:a2:81:44:
46:5d:eb:38:b2:bf:f4:89:f9:e3:6f:17:e6:4f:c1:
97:df:ac:97:f2:c1:a2:e8:c0:9c:7b:03:c9:1d:b7:
4b:59:be:21:4c:69:83:23:56:ad:a9:5d:b7:c5:75:
81:57:f7:71:fe:cd:1c:71:a4:09:4c:e6:39:63:02:
5a:20:ce:41:3a:3d:bb:9a:d8:46:3b:73:ad:a5:b7:
10:a6:5b:6a:10:d9:b4:20:ed:0a:91:86:19:01:82:
08:d9:46:07:80:54:3c:9d:f1:50:e6:c2:0e:5f:d8:
3a:87:76:79:1b:f4:2b:99:28:61:d9:7c:db:b2:c7:
e3:93:34:75:28:5c:41:2c:61:53:07:e2:25:1f:5e:
be:ca:51:2a:c0:a4:bf:8b:41:74:f7:c0:ec:12:5b:
a1:78:16:33:e2:09:b4:97:5b:fd:b0:1a:90:29:7f:
82:04:44:3f:66:b5:5e:96:1a:d9:8e:37:bd:48:0e:
34:56:52:93:89:16:7d:3d:7b:6e:c0:46:ac:c0:7d:
8a:33:1d:41:c2:f3:a2:41:2a:84:59:1f:70:3b:74:
fd:74:83:9c:54:f3:5a:21:0c:76:50:40:e5:d0:4b:
d2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:54:7B:6E:24:98:97:1A:5F:37:52:35:58:A7:1D:E3:93:81:3E:63
X509v3 Authority Key Identifier:
keyid:7D:02:13:E3:E7:EB:E6:17:0A:36:00:A8:E3:AE:64:ED:96:2C:0E:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQIT4-fr5hcKNgCo465k7ZYsDjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/jlR7biSYlxpfN1I1WKcd45OBPmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/821dc2-6766-4988-b777-03532140ef52/1/fQIT4-fr5hcKNgCo465k7ZYsDjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.236.0/22
185.29.89.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b9:55:15:ec:c4:1e:a7:bd:aa:8e:63:01:80:1e:fa:91:22:
6e:1f:76:00:f5:50:ed:e4:45:75:5f:3f:2e:ee:b0:f4:8f:45:
fd:a7:b0:fc:4f:86:8c:03:96:c8:11:b5:33:90:be:3c:94:3a:
e3:8c:82:e3:9a:81:76:73:46:a6:50:59:6b:a9:e7:73:86:26:
03:d4:ae:52:5b:3f:17:7e:15:5f:be:c9:8b:c9:da:8e:1f:5c:
09:e2:0a:a2:f3:0e:4a:84:a9:9f:60:8a:d2:e9:20:d4:22:48:
63:0d:f3:ec:a2:4e:43:32:3d:35:c9:51:07:87:57:2b:ff:30:
45:52:ee:70:3e:6d:34:5b:7c:c4:64:77:88:f3:59:e0:ab:a0:
ce:2b:9e:a1:7c:ef:86:e2:f8:b4:27:f7:e6:85:8f:32:5a:67:
c5:e7:cb:30:68:ee:bd:32:65:e3:89:2a:1a:97:51:4d:17:c7:
aa:e4:2b:5e:c5:ec:b2:a7:b9:47:c7:17:85:97:a9:d4:4c:38:
11:dc:a8:68:de:0d:a7:8a:8b:62:ac:bf:7c:33:96:da:b4:0d:
7d:54:a0:47:80:f9:e3:6b:53:f8:2b:dc:cd:70:10:6f:eb:fd:
ff:cc:42:bd:22:ca:48:87:29:b9:0b:74:27:f2:71:a0:48:48:
21:5e:af:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxMJOMJRZKyV6jOl0slxuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDIxM2UzZTdlYmU2MTcwYTM2MDBhOGUzYWU2NGVkOTYy
YzBlMzYwHhcNMjMwMTAyMDYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTU0N2I2ZTI0OTg5NzFhNWYzNzUyMzU1OGE3MWRlMzkzODEzZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh23o6Lq4/fyoE0/PUzo778oMPHXV
mXnGN3yigURGXes4sr/0ifnjbxfmT8GX36yX8sGi6MCcewPJHbdLWb4hTGmDI1at
qV23xXWBV/dx/s0ccaQJTOY5YwJaIM5BOj27mthGO3OtpbcQpltqENm0IO0KkYYZ
AYII2UYHgFQ8nfFQ5sIOX9g6h3Z5G/QrmShh2XzbssfjkzR1KFxBLGFTB+IlH16+
ylEqwKS/i0F098DsEluheBYz4gm0l1v9sBqQKX+CBEQ/ZrVelhrZjje9SA40VlKT
iRZ9PXtuwEaswH2KMx1BwvOiQSqEWR9wO3T9dIOcVPNaIQx2UEDl0EvScwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI5Ue24kmJcaXzdSNVinHeOTgT5jMB8GA1UdIwQY
MBaAFH0CE+Pn6+YXCjYAqOOuZO2WLA42MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3Nzct
MDM1MzIxNDBlZjUyLzEvamxSN2JpU1lseHBmTjFJMVdLY2Q0NU9CUG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84MjFkYzItNjc2Ni00OTg4LWI3NzctMDM1MzIxNDBlZjUy
LzEvZlFJVDQtZnI1aGNLTmdDbzQ2NWs3WllzRGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+PsAwQA
uR1ZMA0GCSqGSIb3DQEBCwUAA4IBAQB8uVUV7MQep72qjmMBgB76kSJuH3YA9VDt
5EV1Xz8u7rD0j0X9p7D8T4aMA5bIEbUzkL48lDrjjILjmoF2c0amUFlrqedzhiYD
1K5SWz8XfhVfvsmLydqOH1wJ4gqi8w5KhKmfYIrS6SDUIkhjDfPsok5DMj01yVEH
h1cr/zBFUu5wPm00W3zEZHeI81ngq6DOK56hfO+G4vi0J/fmhY8yWmfF58swaO69
MmXjiSoal1FNF8eq5Ctexeyyp7lHxxeFl6nUTDgR3Kho3g2niotirL98M5batA19
VKBHgPnja1P4K9zNcBBv6/3/zEK9IspIhym5C3Qn8nGgSEghXq/B
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:58:02 2025 by rpki-client