Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/pSh1rEnqJAgF_1XYnFn3vYkZK2E.roa
File: pSh1rEnqJAgF_1XYnFn3vYkZK2E.roa (raw, json)
Hash identifier: qeRvWMBlrFhOBGgoWOO4+8h6a1vrJjAqio0W4J0Y/sM=
Subject key identifier: A5:28:75:AC:49:EA:24:08:05:FF:55:D8:9C:59:F7:BD:89:19:2B:61
Certificate issuer: /CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Certificate serial: 09E90326
Authority key identifier: 0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/pSh1rEnqJAgF_1XYnFn3vYkZK2E.roa
Signing time: Sat 01 Jan 2022 06:58:03 +0000
ROA not before: Sat 01 Jan 2022 06:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51269
IP address blocks: 178.255.96.0/21 maxlen: 24
185.103.140.0/22 maxlen: 24
2a03:b700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166265638 (0x9e90326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Validity
Not Before: Jan 1 06:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a52875ac49ea240805ff55d89c59f7bd89192b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ea:12:f3:d6:02:f7:49:e4:3e:b1:59:6f:19:
ae:5b:0b:6b:2d:0b:db:e0:47:34:50:6a:28:de:be:
c4:10:24:95:e6:24:72:13:3a:2f:2f:d4:36:44:50:
37:12:30:03:fd:38:82:05:21:5f:34:56:79:11:c7:
c0:03:c1:15:e6:71:40:31:bc:0a:62:09:af:a1:23:
56:c7:ca:b0:ba:ce:4d:6e:91:04:c4:9d:18:a7:f0:
ba:ae:3f:5c:25:62:6a:2c:f6:1f:eb:19:5e:28:4a:
7c:17:aa:87:8e:71:13:f1:d9:93:fe:d9:0e:1a:09:
86:3c:c4:95:6f:3f:54:cb:a1:7a:1c:ce:bf:b9:19:
87:cf:80:47:40:5b:8f:95:8c:c3:69:26:3b:35:4c:
6b:54:c2:24:76:e5:ce:73:dd:24:a5:f8:da:6c:d1:
81:85:20:e2:2c:3c:91:51:23:c9:95:d7:4d:1c:fe:
5c:5b:09:22:fb:b0:47:f6:be:62:67:f1:fb:8f:65:
64:c0:9f:54:0e:53:6c:59:f7:38:0a:4c:f5:f6:e7:
87:2c:b8:94:92:f7:a8:a8:fa:b2:f8:b1:e8:9b:43:
65:b8:2e:54:5e:ea:26:ac:d9:a0:7b:3b:23:c1:8e:
af:36:3c:45:b5:19:11:99:d7:e3:8a:be:62:fc:0a:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:28:75:AC:49:EA:24:08:05:FF:55:D8:9C:59:F7:BD:89:19:2B:61
X509v3 Authority Key Identifier:
keyid:0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/pSh1rEnqJAgF_1XYnFn3vYkZK2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.96.0/21
185.103.140.0/22
IPv6:
2a03:b700::/32
Signature Algorithm: sha256WithRSAEncryption
78:b9:af:6f:0f:d6:6b:80:cd:74:ae:f4:7b:a3:13:35:9b:ce:
b0:1d:9e:ae:76:ab:ef:00:10:63:4e:e1:f6:6f:28:44:ba:fb:
cb:83:9b:d3:bf:19:eb:b6:68:99:c1:66:a0:37:8c:4e:dc:de:
8a:d5:e4:ba:e7:fb:3d:49:31:34:46:8c:fa:d3:22:34:5f:84:
a6:2f:56:d0:f6:4d:16:ea:fb:ec:2b:e8:ba:fd:a4:a0:86:9b:
60:27:a6:77:54:29:50:70:0e:0a:e7:94:41:43:99:1a:f7:04:
55:65:21:f7:f5:49:af:e9:b1:83:a1:e2:99:35:7a:c0:35:04:
e6:a7:0f:79:b7:f1:eb:45:3d:ef:32:da:5f:1b:99:32:d8:d3:
37:af:e4:00:32:11:d2:18:32:2d:20:f0:d8:71:cc:fb:3b:e6:
39:b6:71:11:f9:8b:1b:e2:83:37:da:ff:c3:7e:8e:cb:5f:30:
b5:1a:7b:7d:b6:af:a0:0f:dc:02:a6:5a:52:e2:e8:0c:cc:c1:
a6:91:a9:62:2a:e2:fb:36:d1:7c:0c:55:5b:bb:40:6b:22:04:
58:89:fa:6d:cf:b0:41:ca:8f:90:75:06:64:b0:0a:53:bf:3e:
be:43:66:f7:ad:bb:e6:3c:ce:a1:f4:f4:6d:88:56:7e:7d:32:
2e:52:e9:04
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECekDJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTRiZDFkMzBmNzIzNWNkNzE3MzljMDQyMzEwZGMyNjA4MDczOGY2MB4XDTIyMDEw
MTA2NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUyODc1YWM0OWVh
MjQwODA1ZmY1NWQ4OWM1OWY3YmQ4OTE5MmI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjqEvPWAvdJ5D6xWW8ZrlsLay0L2+BHNFBqKN6+xBAkleYk
chM6Ly/UNkRQNxIwA/04ggUhXzRWeRHHwAPBFeZxQDG8CmIJr6EjVsfKsLrOTW6R
BMSdGKfwuq4/XCViaiz2H+sZXihKfBeqh45xE/HZk/7ZDhoJhjzElW8/VMuhehzO
v7kZh8+AR0Bbj5WMw2kmOzVMa1TCJHblznPdJKX42mzRgYUg4iw8kVEjyZXXTRz+
XFsJIvuwR/a+Ymfx+49lZMCfVA5TbFn3OApM9fbnhyy4lJL3qKj6svix6JtDZbgu
VF7qJqzZoHs7I8GOrzY8RbUZEZnX44q+YvwK3/UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSlKHWsSeokCAX/VdicWfe9iRkrYTAfBgNVHSMEGDAWgBQKS9HTD3I1zXFz
nAQjENwmCAc49jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NrdlIwdzl5TmMxeGM1d0VJeERjSmdnSE9QWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvOGQ1MDlmLWZiNjQtNDIzZC1iMjYxLTM4ODQ0M2Q1ZjAwZi8x
L3BTaDFyRW5xSkFnRl8xWFluRm4zdllrWksyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
OGQ1MDlmLWZiNjQtNDIzZC1iMjYxLTM4ODQ0M2Q1ZjAwZi8xL0NrdlIwdzl5TmMx
eGM1d0VJeERjSmdnSE9QWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7L/YAMEArlnjDANBAIAAjAHAwUA
KgO3ADANBgkqhkiG9w0BAQsFAAOCAQEAeLmvbw/Wa4DNdK70e6MTNZvOsB2ernar
7wAQY07h9m8oRLr7y4Ob078Z67ZomcFmoDeMTtzeitXkuuf7PUkxNEaM+tMiNF+E
pi9W0PZNFur77Cvouv2koIabYCemd1QpUHAOCueUQUOZGvcEVWUh9/VJr+mxg6Hi
mTV6wDUE5qcPebfx60U97zLaXxuZMtjTN6/kADIR0hgyLSDw2HHM+zvmObZxEfmL
G+KDN9r/w36Oy18wtRp7fbavoA/cAqZaUuLoDMzBppGpYiri+zbRfAxVW7tAayIE
WIn6bc+wQcqPkHUGZLAKU78+vkNm96275jzOofT0bYhWfn0yLlLpBA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:36:07 2025 by rpki-client