Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/jXmlKYlKEcjLBStsF6SjK9BtpZg.roa
File: jXmlKYlKEcjLBStsF6SjK9BtpZg.roa (raw, json)
Hash identifier: SocMfOa1IJPiGnzSksF1BMRvGnliKK9hlFezAp4GW8A=
Subject key identifier: 8D:79:A5:29:89:4A:11:C8:CB:05:2B:6C:17:A4:A3:2B:D0:6D:A5:98
Certificate issuer: /CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Certificate serial: 018AB1E0E34B33E1A869B34213DDD931B9CE
Authority key identifier: 58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/jXmlKYlKEcjLBStsF6SjK9BtpZg.roa
Signing time: Wed 20 Sep 2023 09:17:00 +0000
ROA not before: Wed 20 Sep 2023 09:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3278
IP address blocks: 194.180.2.0/24 maxlen: 24
194.180.1.0/24 maxlen: 24
194.180.3.0/24 maxlen: 24
194.180.0.0/24 maxlen: 24
194.180.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:e0:e3:4b:33:e1:a8:69:b3:42:13:dd:d9:31:b9:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ec149761a5d84b8c49e2c9936bbb748033fe66
Validity
Not Before: Sep 20 09:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d79a529894a11c8cb052b6c17a4a32bd06da598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:e5:e3:95:8f:b0:0c:26:18:fc:77:ae:d2:
76:de:46:5c:b9:6d:77:ef:bf:90:be:8f:c5:f6:46:
aa:ae:5e:fd:e4:0a:58:0a:70:2a:24:c2:c6:5a:11:
72:7b:45:14:0a:4a:e5:33:aa:d6:67:99:bf:7e:2c:
4d:b5:7c:3f:67:80:0b:e7:de:07:e4:43:a7:54:0e:
db:2b:73:f9:86:23:ce:39:e6:c5:66:2d:cd:df:d1:
51:66:6f:de:87:c5:41:b3:b8:10:50:bf:ef:76:92:
83:21:f0:36:90:13:c5:81:59:bc:ad:7c:f2:f6:eb:
b8:5a:2b:9e:2b:85:bd:34:e9:df:58:92:c9:2a:15:
03:77:15:e0:d7:c4:2f:5a:c1:a3:91:5b:54:93:38:
b1:7f:82:51:f0:14:5f:63:28:0d:55:15:5b:64:17:
6f:8f:4e:55:93:a4:f5:4f:b5:b8:7e:e2:2e:e0:0e:
99:78:f5:dd:70:c2:13:29:be:bf:f0:86:42:d0:df:
0e:7a:72:07:c9:89:e4:a6:c7:8a:6e:92:2a:f7:45:
6a:8c:a4:61:73:a6:23:e3:52:9d:31:a0:8a:48:8a:
0d:c8:f3:d7:af:8f:5b:25:bc:54:36:e9:c3:a9:84:
00:08:df:16:85:ca:ee:e9:8e:21:52:4b:45:22:fa:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:79:A5:29:89:4A:11:C8:CB:05:2B:6C:17:A4:A3:2B:D0:6D:A5:98
X509v3 Authority Key Identifier:
keyid:58:EC:14:97:61:A5:D8:4B:8C:49:E2:C9:93:6B:BB:74:80:33:FE:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/jXmlKYlKEcjLBStsF6SjK9BtpZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/b4ad9c-0d0b-4c3d-8533-dbf62fc5beb0/1/WOwUl2Gl2EuMSeLJk2u7dIAz_mY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.0.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:23:ca:56:30:25:73:42:d1:72:9d:0e:11:0a:fe:31:6d:e5:
e6:a6:32:0e:2e:b2:c2:00:6c:5a:47:36:ff:48:2e:0e:1e:a2:
a3:ce:79:1a:9e:fa:92:95:f4:3d:32:c6:df:fd:af:0a:84:3b:
b8:45:3b:3c:e0:ed:20:c1:7f:5b:82:de:2b:88:89:25:e4:b6:
47:bc:d5:e6:a8:42:18:bb:6d:86:ee:07:4b:34:7a:64:d1:76:
c5:24:b6:92:e3:2c:a6:98:2e:79:c2:89:cd:99:25:e8:8f:2d:
64:13:3e:e9:0d:3f:f9:6e:83:29:5f:58:f4:d0:4a:90:6a:aa:
50:09:c7:bb:93:07:97:8e:3e:c2:4b:38:70:f0:c0:6b:7f:5f:
ea:af:33:51:b2:cc:2a:f7:31:ab:05:ab:7c:db:03:ba:de:cc:
38:f0:6d:7c:b4:7a:3c:da:f2:38:42:71:d9:85:bf:87:fc:db:
cc:80:9f:79:d5:38:bc:58:99:3d:5f:b8:bd:de:84:ab:95:3f:
56:14:86:b8:56:af:4b:ee:37:69:fb:79:ed:5b:90:67:15:36:
b7:3f:00:7b:bb:e4:49:6b:4b:9e:ab:b9:14:64:9f:72:80:df:
f9:0e:15:eb:d8:05:d9:33:f7:1b:73:26:5d:3c:1a:dc:3c:5a:
aa:35:ce:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqx4ONLM+GoabNCE93ZMbnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZWMxNDk3NjFhNWQ4NGI4YzQ5ZTJjOTkzNmJiYjc0ODAz
M2ZlNjYwHhcNMjMwOTIwMDkxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc5YTUyOTg5NGExMWM4Y2IwNTJiNmMxN2E0YTMyYmQwNmRhNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+Tl45WPsAwmGPx3rtJ23kZcuW13
77+Qvo/F9kaqrl795ApYCnAqJMLGWhFye0UUCkrlM6rWZ5m/fixNtXw/Z4AL594H
5EOnVA7bK3P5hiPOOebFZi3N39FRZm/eh8VBs7gQUL/vdpKDIfA2kBPFgVm8rXzy
9uu4WiueK4W9NOnfWJLJKhUDdxXg18QvWsGjkVtUkzixf4JR8BRfYygNVRVbZBdv
j05Vk6T1T7W4fuIu4A6ZePXdcMITKb6/8IZC0N8OenIHyYnkpseKbpIq90VqjKRh
c6Yj41KdMaCKSIoNyPPXr49bJbxUNunDqYQACN8Whcru6Y4hUktFIvrlmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI15pSmJShHIywUrbBekoyvQbaWYMB8GA1UdIwQY
MBaAFFjsFJdhpdhLjEniyZNru3SAM/5mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMt
ZGJmNjJmYzViZWIwLzEvalhtbEtZbEtFY2pMQlN0c0Y2U2pLOUJ0cFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9iNGFkOWMtMGQwYi00YzNkLTg1MzMtZGJmNjJmYzViZWIw
LzEvV093VWwyR2wyRXVNU2VMSmsydTdkSUF6X21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrQAMA0G
CSqGSIb3DQEBCwUAA4IBAQDTI8pWMCVzQtFynQ4RCv4xbeXmpjIOLrLCAGxaRzb/
SC4OHqKjznkanvqSlfQ9Msbf/a8KhDu4RTs84O0gwX9bgt4riIkl5LZHvNXmqEIY
u22G7gdLNHpk0XbFJLaS4yymmC55wonNmSXojy1kEz7pDT/5boMpX1j00EqQaqpQ
Cce7kweXjj7CSzhw8MBrf1/qrzNRsswq9zGrBat82wO63sw48G18tHo82vI4QnHZ
hb+H/NvMgJ951Ti8WJk9X7i93oSrlT9WFIa4Vq9L7jdp+3ntW5BnFTa3PwB7u+RJ
a0ueq7kUZJ9ygN/5DhXr2AXZM/cbcyZdPBrcPFqqNc7j
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:40:36 2025 by rpki-client