Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/J9276kiKhZC-uRF8xFP1E7Kyy9s.roa
File: J9276kiKhZC-uRF8xFP1E7Kyy9s.roa (raw, json)
Hash identifier: uatNHGlRvd+Wdn1e1nDg7Yb9IEhQ/Ha/PPEfnw22zYE=
Subject key identifier: 27:DD:BB:EA:48:8A:85:90:BE:B9:11:7C:C4:53:F5:13:B2:B2:CB:DB
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0829389D
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/J9276kiKhZC-uRF8xFP1E7Kyy9s.roa
Signing time: Sat 01 Jan 2022 09:04:26 +0000
ROA not before: Sat 01 Jan 2022 09:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48918
IP address blocks: 185.250.108.0/22 maxlen: 24
2a0c:c40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136919197 (0x829389d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Jan 1 09:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27ddbbea488a8590beb9117cc453f513b2b2cbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a0:d8:a0:9a:0b:f0:0f:2b:72:dd:39:26:b2:
52:1a:0e:f2:9e:50:77:99:62:97:10:a6:0d:2b:72:
5f:6f:e8:83:9e:4f:0a:a2:de:7f:37:86:f3:ae:6c:
f0:95:5a:75:05:43:54:67:e1:8d:41:55:f4:f0:16:
44:f8:67:61:bc:fd:ba:2e:db:f9:0a:21:4a:c2:a9:
48:2a:42:da:ab:75:6a:0f:63:28:e3:7d:e2:5b:39:
da:64:e0:90:0a:b0:b2:46:0a:a0:14:ee:2f:9e:83:
04:09:c5:22:26:79:73:3d:78:72:73:9b:6c:f8:b5:
ac:02:e9:e9:47:b7:14:2b:fe:40:de:33:8e:7c:99:
c3:3c:c6:ae:48:4b:c8:b7:36:cf:12:cd:b9:d5:8b:
bf:a9:6c:63:05:4f:95:2e:fd:dd:fe:c8:07:75:bc:
81:fc:9a:68:9a:07:c5:4f:75:06:bc:c1:c6:3e:b0:
f6:79:a7:d3:7a:66:f4:f5:48:a2:ae:c0:42:70:7f:
ec:19:52:2b:7d:25:48:04:8c:61:61:33:ac:1e:4f:
3b:cd:04:0e:03:99:51:5d:5a:dd:78:88:99:aa:89:
42:87:d8:5a:64:f2:a7:54:cb:56:ec:af:22:93:18:
d5:d0:7b:51:bd:e3:d9:84:c4:c3:3f:e1:bc:4d:9e:
7a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DD:BB:EA:48:8A:85:90:BE:B9:11:7C:C4:53:F5:13:B2:B2:CB:DB
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/J9276kiKhZC-uRF8xFP1E7Kyy9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.108.0/22
IPv6:
2a0c:c40::/32
Signature Algorithm: sha256WithRSAEncryption
05:79:d3:10:f5:fe:c8:09:4c:a0:17:07:e0:03:06:fc:70:bc:
78:5f:53:49:64:b3:24:3f:a6:da:cd:b8:77:64:e4:20:4d:2b:
de:2a:1c:39:c5:a6:15:40:22:7f:26:71:5d:33:0b:73:d5:a3:
e3:1a:ba:15:c2:91:6b:09:60:6f:e8:19:e4:93:6c:7a:e0:e4:
f7:6a:33:46:51:38:77:d2:eb:b1:1c:f2:65:53:8d:20:99:c3:
a0:cb:e1:1c:c5:87:94:f9:0b:89:07:7a:da:24:a8:44:48:b0:
2d:ee:4b:7a:ef:3f:c7:8b:1e:5d:95:b7:58:35:76:ed:99:30:
a1:f4:5b:eb:c9:d5:69:29:eb:7f:04:c6:85:b6:35:95:2a:b5:
14:d2:9d:74:49:dd:94:60:b9:1e:f4:27:a8:9d:78:40:ea:1e:
1a:31:56:3e:f5:1b:db:ff:de:80:24:8f:44:3e:a5:c0:01:1e:
46:6c:24:33:eb:87:7c:01:00:06:fa:4c:39:19:e3:99:70:bc:
f8:ab:5f:c1:2c:d9:f8:65:73:5b:12:7c:88:7e:c2:17:88:08:
42:a3:9e:f2:73:cd:00:d9:c2:2d:09:90:4a:6a:6c:ae:5c:b8:
fb:01:b5:7c:54:37:52:d2:67:d5:56:c5:d0:b9:00:2e:f0:aa:
6f:80:66:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECCk4nTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OWY3Yzc0OThmZDljOWYyODY4MDQ5NTE2MmI5ZWI3NmFkNDdjNjAzMB4XDTIyMDEw
MTA5MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdkZGJiZWE0ODhh
ODU5MGJlYjkxMTdjYzQ1M2Y1MTNiMmIyY2JkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeg2KCaC/APK3LdOSayUhoO8p5Qd5lilxCmDStyX2/og55P
CqLefzeG865s8JVadQVDVGfhjUFV9PAWRPhnYbz9ui7b+QohSsKpSCpC2qt1ag9j
KON94ls52mTgkAqwskYKoBTuL56DBAnFIiZ5cz14cnObbPi1rALp6Ue3FCv+QN4z
jnyZwzzGrkhLyLc2zxLNudWLv6lsYwVPlS793f7IB3W8gfyaaJoHxU91BrzBxj6w
9nmn03pm9PVIoq7AQnB/7BlSK30lSASMYWEzrB5PO80EDgOZUV1a3XiImaqJQofY
WmTyp1TLVuyvIpMY1dB7Ub3j2YTEwz/hvE2eensCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQn3bvqSIqFkL65EXzEU/UTsrLL2zAfBgNVHSMEGDAWgBQ598dJj9nJ8oaA
SVFiuet2rUfGAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09mZkhTWV9aeWZLR2dFbFJZcm5yZHExSHhnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvMWQ1YjBiLTRiMDUtNDAyYy04MjY1LWVmY2ZiYTk5MDdkYy8x
L0o5Mjc2a2lLaFpDLXVSRjh4RlAxRTdLeXk5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
MWQ1YjBiLTRiMDUtNDAyYy04MjY1LWVmY2ZiYTk5MDdkYy8xL09mZkhTWV9aeWZL
R2dFbFJZcm5yZHExSHhnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn6bDANBAIAAjAHAwUAKgwMQDAN
BgkqhkiG9w0BAQsFAAOCAQEABXnTEPX+yAlMoBcH4AMG/HC8eF9TSWSzJD+m2s24
d2TkIE0r3iocOcWmFUAifyZxXTMLc9Wj4xq6FcKRawlgb+gZ5JNseuDk92ozRlE4
d9LrsRzyZVONIJnDoMvhHMWHlPkLiQd62iSoREiwLe5Leu8/x4seXZW3WDV27Zkw
ofRb68nVaSnrfwTGhbY1lSq1FNKddEndlGC5HvQnqJ14QOoeGjFWPvUb2//egCSP
RD6lwAEeRmwkM+uHfAEABvpMORnjmXC8+KtfwSzZ+GVzWxJ8iH7CF4gIQqOe8nPN
ANnCLQmQSmpsrly4+wG1fFQ3UtJn1VbF0LkALvCqb4Bmxw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:14 2025 by rpki-client