Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/8OftyMYY-BmYpIAwnWnClkO3e8M.roa
File: 8OftyMYY-BmYpIAwnWnClkO3e8M.roa (raw, json)
Hash identifier: E8qwEjpQdbkBeMBVL3M475Lzgp2XOxyxJgClCKJyAww=
Subject key identifier: F0:E7:ED:C8:C6:18:F8:19:98:A4:80:30:9D:69:C2:96:43:B7:7B:C3
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 380AD221
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/8OftyMYY-BmYpIAwnWnClkO3e8M.roa
Signing time: Sat 01 Jan 2022 04:04:07 +0000
ROA not before: Sat 01 Jan 2022 04:04:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204963
IP address blocks: 5.255.89.0/24 maxlen: 24
2a00:1ca8:89::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940233249 (0x380ad221)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 04:04:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0e7edc8c618f81998a480309d69c29643b77bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:42:4d:eb:1c:0b:fe:4a:58:a0:bf:6b:bb:46:
67:49:6d:ac:46:c1:e4:9b:fd:d2:82:3b:65:36:ce:
d2:07:e6:ee:1a:4b:0f:a6:be:6f:13:f9:b5:94:1a:
2f:94:c7:a9:55:7d:42:55:82:8a:ec:88:ea:5d:08:
3e:f8:3d:9d:1d:e7:05:be:6f:43:5b:19:d5:3d:f6:
80:a7:66:2c:bf:8d:27:36:b9:a0:29:45:e4:83:46:
a2:49:80:ff:87:1c:12:85:c5:00:b2:07:85:10:cb:
bf:c8:31:96:b4:7b:39:07:2d:4d:76:69:d6:86:86:
ed:2a:71:16:bc:6d:cf:82:53:a7:e0:f6:a3:f8:de:
45:8f:0f:86:61:41:44:70:d7:ac:48:5e:81:36:59:
a5:6b:ab:60:60:f0:92:14:c5:57:3e:7d:26:33:ef:
f5:26:85:b4:2b:02:18:10:b6:c7:66:ad:bd:b2:11:
c2:4f:9b:8a:e9:ff:48:0e:1a:7a:ea:f8:46:4b:bd:
31:3e:55:8c:64:98:5e:e6:9a:d8:4e:4f:8c:15:bc:
7e:76:52:80:af:61:f6:74:77:97:5f:f9:36:66:dd:
39:97:ab:ab:d9:36:42:1b:3f:e4:b3:4b:cc:89:96:
27:ef:9f:6a:4a:e5:f9:2d:28:3f:dc:f5:cc:f8:81:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E7:ED:C8:C6:18:F8:19:98:A4:80:30:9D:69:C2:96:43:B7:7B:C3
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/8OftyMYY-BmYpIAwnWnClkO3e8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.89.0/24
IPv6:
2a00:1ca8:89::/48
Signature Algorithm: sha256WithRSAEncryption
81:94:09:f4:a0:66:33:98:91:4b:8b:6d:04:39:51:1a:72:74:
3a:e0:60:50:07:0b:b2:7f:33:d4:b1:4b:e7:39:47:a6:ca:3c:
c8:f8:65:24:66:39:d1:6c:48:2b:fc:fe:ee:0d:73:90:20:1f:
31:09:ff:4e:5e:51:e2:b5:ba:ac:84:6a:29:ad:b2:e9:a9:04:
25:d2:96:62:e2:12:6b:41:e9:e2:9c:58:b1:a3:5e:7f:f5:c5:
0f:d9:75:2c:8b:45:c4:e3:55:bc:70:66:45:3b:0e:0a:5c:c5:
1c:87:9f:51:3e:61:b6:6d:61:98:8f:d0:5b:c3:37:fb:d8:ab:
85:c6:d1:15:a0:0f:e8:b6:50:7c:1b:c0:bb:47:a6:99:fd:bb:
89:a5:0d:f9:d3:b6:9d:63:f2:6b:43:d6:ef:cf:a7:ce:ec:cf:
80:0d:8b:3e:6a:71:bf:87:09:68:18:17:01:e7:60:e7:cb:ba:
5c:34:5c:65:16:b0:fb:41:ba:c2:9b:17:ff:6e:0b:ce:3f:f0:
71:65:82:f3:94:dc:e1:9a:e8:45:57:0a:92:77:ec:aa:76:45:
f7:62:86:85:7c:f3:d7:21:45:d2:3a:d7:77:45:59:fc:5e:08:
43:7c:ec:a6:fb:8f:a5:b7:d7:a0:56:19:40:b9:6d:d5:dc:10:
f8:ab:fc:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEOArSITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjMxMTY2ZGU3ODVhMzUzMWJkYzgzNjFmMTE5MGE4MzY5YTdlZDZhMB4XDTIyMDEw
MTA0MDQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBlN2VkYzhjNjE4
ZjgxOTk4YTQ4MDMwOWQ2OWMyOTY0M2I3N2JjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOlCTescC/5KWKC/a7tGZ0ltrEbB5Jv90oI7ZTbO0gfm7hpL
D6a+bxP5tZQaL5THqVV9QlWCiuyI6l0IPvg9nR3nBb5vQ1sZ1T32gKdmLL+NJza5
oClF5INGokmA/4ccEoXFALIHhRDLv8gxlrR7OQctTXZp1oaG7SpxFrxtz4JTp+D2
o/jeRY8PhmFBRHDXrEhegTZZpWurYGDwkhTFVz59JjPv9SaFtCsCGBC2x2atvbIR
wk+biun/SA4aeur4Rku9MT5VjGSYXuaa2E5PjBW8fnZSgK9h9nR3l1/5NmbdOZer
q9k2Qhs/5LNLzImWJ++fakrl+S0oP9z1zPiBuV0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTw5+3Ixhj4GZikgDCdacKWQ7d7wzAfBgNVHSMEGDAWgBQmMRZt54WjUxvc
g2HxGQqDaaftajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pqRVdiZWVGbzFNYjNJTmg4UmtLZzJtbjdXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8x
LzhPZnR5TVlZLUJtWXBJQXduV25DbGtPM2U4TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8xL0pqRVdiZWVGbzFN
YjNJTmg4UmtLZzJtbjdXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAAX/WTAPBAIAAjAJAwcAKgAcqACJ
MA0GCSqGSIb3DQEBCwUAA4IBAQCBlAn0oGYzmJFLi20EOVEacnQ64GBQBwuyfzPU
sUvnOUemyjzI+GUkZjnRbEgr/P7uDXOQIB8xCf9OXlHitbqshGoprbLpqQQl0pZi
4hJrQeninFixo15/9cUP2XUsi0XE41W8cGZFOw4KXMUch59RPmG2bWGYj9Bbwzf7
2KuFxtEVoA/otlB8G8C7R6aZ/buJpQ3507adY/JrQ9bvz6fO7M+ADYs+anG/hwlo
GBcB52Dny7pcNFxlFrD7QbrCmxf/bgvOP/BxZYLzlNzhmuhFVwqSd+yqdkX3YoaF
fPPXIUXSOtd3RVn8XghDfOym+4+lt9egVhlAuW3V3BD4q/zX
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:10 2025 by rpki-client