Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/JGq8rsxL93AHhlhpORjsdXuB6QQ.roa
File: JGq8rsxL93AHhlhpORjsdXuB6QQ.roa (raw, json)
Hash identifier: Al1TE5Y042eTOrrPC9EEU5RSoMBmbmqCC26OeiWT15Y=
Subject key identifier: 24:6A:BC:AE:CC:4B:F7:70:07:86:58:69:39:18:EC:75:7B:81:E9:04
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 01856EF4282291979BE0783A395F0EC16393
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/JGq8rsxL93AHhlhpORjsdXuB6QQ.roa
Signing time: Sun 01 Jan 2023 20:09:32 +0000
ROA not before: Sun 01 Jan 2023 20:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.178.0/24 maxlen: 24
185.88.176.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
2a05:cd01::/32 maxlen: 32
2a05:cd00::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:28:22:91:97:9b:e0:78:3a:39:5f:0e:c1:63:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Jan 1 20:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246abcaecc4bf770078658693918ec757b81e904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a0:2d:77:7e:d2:29:2f:63:bd:ac:6c:9e:f7:
21:e6:f4:8c:fd:2c:c1:8f:be:10:58:86:68:f2:2f:
06:e1:b6:12:63:cc:36:78:d9:cf:23:dd:5b:37:f0:
93:82:c6:2b:41:2f:2c:49:56:d0:28:71:78:11:12:
ee:f7:31:5c:5d:d0:62:c3:93:8a:4d:f1:f1:ce:af:
79:2c:6b:6e:eb:4f:a4:cd:56:a8:9b:e5:d6:9d:af:
96:e8:ce:02:5a:10:6b:19:e4:0c:ed:80:9e:64:b5:
19:d6:5d:2c:f6:dc:27:1e:6f:70:8e:70:93:9c:0f:
07:7b:47:87:ae:46:f3:f6:76:87:a4:3a:ee:1f:da:
56:74:94:17:14:cb:16:52:82:9e:15:31:c6:f6:17:
1e:00:31:0b:ca:74:1e:04:98:f4:01:92:65:dd:48:
53:5e:de:c5:a2:ce:96:6f:71:74:50:55:d4:26:30:
b0:30:ae:3a:a5:b6:80:d9:8d:f9:44:ac:77:ea:3f:
2d:57:ea:b0:89:d8:07:22:d6:80:29:36:d1:63:c6:
cb:6e:e0:e6:08:e3:93:8d:97:9f:e4:9a:d2:76:25:
5f:8c:d1:b9:85:78:d3:00:a0:f2:06:62:d8:9e:e7:
71:1d:28:cf:28:a3:52:29:16:88:99:a3:e8:93:fe:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6A:BC:AE:CC:4B:F7:70:07:86:58:69:39:18:EC:75:7B:81:E9:04
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/JGq8rsxL93AHhlhpORjsdXuB6QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
7d:17:6e:15:e4:8d:dd:1c:e3:10:a3:45:8c:5f:c8:69:e5:cd:
93:8e:31:b0:e7:c4:f8:a3:fc:fd:3d:f6:33:3b:8b:98:d6:0d:
4d:1e:a2:0d:46:de:0f:2c:d3:e4:90:86:de:ee:4d:ec:bf:9d:
28:a3:81:45:8c:24:67:27:1e:06:49:64:b6:8d:5b:3d:5e:a3:
9c:71:e1:73:b8:c5:c0:5b:34:2c:a5:59:7c:07:cc:0d:52:cf:
d8:2f:31:5f:ab:5b:4e:66:2b:17:43:a5:6f:c2:89:c3:7b:78:
ad:29:26:a3:e4:d1:ff:6b:13:dc:4b:85:78:60:db:92:f4:59:
6e:09:8b:b2:7e:88:e8:14:be:b8:ff:fa:66:d4:fc:45:4d:b1:
fa:11:be:0c:80:68:53:8b:c3:ca:68:fc:05:ef:54:c8:b7:08:
47:fa:cf:3b:b4:e8:11:82:2c:a0:5a:f0:d3:5e:19:e2:0b:50:
3d:a3:ba:60:50:2f:0b:e0:f9:1e:be:ea:fc:75:cb:6f:62:49:
5f:f0:9e:47:df:00:66:77:6f:a2:9d:8e:cb:ff:8c:27:58:0d:
96:88:73:b6:5f:6b:da:0f:6a:61:79:f4:6e:26:2a:55:ba:4c:
90:41:42:5d:46:7a:b6:16:a5:32:f7:c6:da:de:11:90:bf:7d:
12:a9:47:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu9CgikZeb4Hg6OV8OwWOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjMwMTAxMjAwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZhYmNhZWNjNGJmNzcwMDc4NjU4NjkzOTE4ZWM3NTdiODFlOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKAtd37SKS9jvaxsnvch5vSM/SzB
j74QWIZo8i8G4bYSY8w2eNnPI91bN/CTgsYrQS8sSVbQKHF4ERLu9zFcXdBiw5OK
TfHxzq95LGtu60+kzVaom+XWna+W6M4CWhBrGeQM7YCeZLUZ1l0s9twnHm9wjnCT
nA8He0eHrkbz9naHpDruH9pWdJQXFMsWUoKeFTHG9hceADELynQeBJj0AZJl3UhT
Xt7Fos6Wb3F0UFXUJjCwMK46pbaA2Y35RKx36j8tV+qwidgHItaAKTbRY8bLbuDm
COOTjZef5JrSdiVfjNG5hXjTAKDyBmLYnudxHSjPKKNSKRaImaPok/4N7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCRqvK7MS/dwB4ZYaTkY7HV7gekEMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvSkdxOHJzeEw5M0FIaGxocE9SanNkWHVCNlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQB9F24V5I3dHOMQo0WMX8hp
5c2TjjGw58T4o/z9PfYzO4uY1g1NHqINRt4PLNPkkIbe7k3sv50oo4FFjCRnJx4G
SWS2jVs9XqOcceFzuMXAWzQspVl8B8wNUs/YLzFfq1tOZisXQ6VvwonDe3itKSaj
5NH/axPcS4V4YNuS9FluCYuyfojoFL64//pm1PxFTbH6Eb4MgGhTi8PKaPwF71TI
twhH+s87tOgRgiygWvDTXhniC1A9o7pgUC8L4Pkevur8dctvYklf8J5H3wBmd2+i
nY7L/4wnWA2WiHO2X2vaD2phefRuJipVukyQQUJdRnq2FqUy98ba3hGQv30SqUeY
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:47:08 2025 by rpki-client