Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/pRNVld9ufk13DE1Tsk-3tiAkiLw.roa
File: pRNVld9ufk13DE1Tsk-3tiAkiLw.roa (raw, json)
Hash identifier: y+B5wDKl+SRf52mqjvYQdEyqaiw9uP49lZwlIAaLX8Q=
Subject key identifier: A5:13:55:95:DF:6E:7E:4D:77:0C:4D:53:B2:4F:B7:B6:20:24:88:BC
Certificate issuer: /CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Certificate serial: 03D94D38
Authority key identifier: 8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/pRNVld9ufk13DE1Tsk-3tiAkiLw.roa
Signing time: Sat 01 Jan 2022 08:59:01 +0000
ROA not before: Sat 01 Jan 2022 08:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200839
IP address blocks: 185.76.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64572728 (0x3d94d38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4f3f8ba7dcf5894f2f611d7dfab53d4a63c0a9
Validity
Not Before: Jan 1 08:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5135595df6e7e4d770c4d53b24fb7b6202488bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8d:22:a5:fd:48:c9:1c:18:85:0f:6a:5f:a1:
89:2b:74:97:85:4f:72:9a:74:58:fe:b3:0a:d9:a7:
27:1a:05:dc:a7:c1:9a:35:45:d2:23:b0:bd:09:43:
9d:6c:ad:e1:a4:a0:37:de:2c:7e:bd:67:7b:c0:cf:
02:f7:d1:99:e6:6d:9a:3d:5a:8e:32:0a:2e:21:4d:
21:a6:e9:8c:c2:b5:bc:3c:b3:06:f8:df:9a:da:73:
65:87:c2:50:04:a2:0d:fb:06:a8:17:8e:d9:7c:63:
2c:d0:e3:86:05:22:17:5b:29:c5:96:58:ba:9f:d8:
ea:1a:0f:4d:58:15:8c:5a:58:f2:70:d6:31:8f:75:
31:34:53:96:56:c8:07:18:b5:ba:b4:21:2a:6b:b9:
0a:dd:2e:c9:ce:3e:ed:f1:47:f6:0b:58:ca:bd:53:
7a:60:a3:27:7f:d3:a8:b0:b2:6a:ed:07:e8:14:39:
e5:0a:3b:9d:f3:17:cb:d7:32:a8:ab:e5:de:13:7e:
01:c3:41:0b:b2:72:36:99:02:a8:aa:cb:67:1c:bc:
f2:1e:c0:77:7e:af:59:c3:59:cf:63:45:a8:ba:56:
c9:7d:47:2e:24:70:ec:a6:01:87:66:2a:8a:c7:2d:
e1:69:c4:79:be:cc:5e:ce:cc:39:04:ed:24:1b:a4:
17:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:13:55:95:DF:6E:7E:4D:77:0C:4D:53:B2:4F:B7:B6:20:24:88:BC
X509v3 Authority Key Identifier:
keyid:8D:4F:3F:8B:A7:DC:F5:89:4F:2F:61:1D:7D:FA:B5:3D:4A:63:C0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU8_i6fc9YlPL2Edffq1PUpjwKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/pRNVld9ufk13DE1Tsk-3tiAkiLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/55229c-e282-4a85-b7a4-8acbfea2ecfa/1/jU8_i6fc9YlPL2Edffq1PUpjwKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.104.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b2:8f:5f:bb:6f:3b:27:60:55:17:63:c6:f8:dd:b3:a4:af:
26:21:43:85:05:e1:95:d8:ff:ae:87:00:8b:83:31:53:16:87:
05:d9:d5:38:4b:68:f6:d3:10:54:08:e4:55:45:3b:0c:17:73:
7d:29:f9:db:2b:8f:5c:eb:aa:29:b6:a0:65:fb:f0:ca:36:3b:
a7:b5:48:7d:49:40:37:5b:70:8a:b9:21:64:cf:f5:bc:51:9f:
72:58:e5:70:3d:0c:b7:cd:32:0e:87:b9:2d:cb:95:2e:80:55:
2e:2e:6f:d2:01:56:3f:70:91:02:43:29:a6:80:f7:cb:10:a8:
e0:74:37:a5:d2:af:07:a1:82:c8:77:39:b1:cb:9b:89:79:55:
2e:b8:47:12:ee:0d:e8:c5:98:c6:fa:20:63:5b:b6:4f:fb:4b:
c7:be:f1:16:12:ea:fd:18:bf:d1:1a:93:f0:f2:e5:24:b6:9f:
de:df:19:2d:4b:e0:51:ea:82:cf:4b:ae:cc:e1:17:ea:0c:72:
84:e4:e1:7c:63:40:7c:95:7e:03:af:f2:b4:6f:a7:08:5c:49:
51:96:8e:1b:9e:ec:47:60:7b:96:3a:ea:c6:b7:72:fc:76:55:
a7:e2:26:82:3f:c9:7e:29:89:5c:0e:57:00:0c:56:74:39:eb:
45:3b:34:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9lNODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDRmM2Y4YmE3ZGNmNTg5NGYyZjYxMWQ3ZGZhYjUzZDRhNjNjMGE5MB4XDTIyMDEw
MTA4NTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUxMzU1OTVkZjZl
N2U0ZDc3MGM0ZDUzYjI0ZmI3YjYyMDI0ODhiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuNIqX9SMkcGIUPal+hiSt0l4VPcpp0WP6zCtmnJxoF3KfB
mjVF0iOwvQlDnWyt4aSgN94sfr1ne8DPAvfRmeZtmj1ajjIKLiFNIabpjMK1vDyz
BvjfmtpzZYfCUASiDfsGqBeO2XxjLNDjhgUiF1spxZZYup/Y6hoPTVgVjFpY8nDW
MY91MTRTllbIBxi1urQhKmu5Ct0uyc4+7fFH9gtYyr1TemCjJ3/TqLCyau0H6BQ5
5Qo7nfMXy9cyqKvl3hN+AcNBC7JyNpkCqKrLZxy88h7Ad36vWcNZz2NFqLpWyX1H
LiRw7KYBh2Yqisct4WnEeb7MXs7MOQTtJBukF80CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSlE1WV325+TXcMTVOyT7e2ICSIvDAfBgNVHSMEGDAWgBSNTz+Lp9z1iU8v
YR19+rU9SmPAqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pVOF9pNmZjOVlsUEwyRWRmZnExUFVwandLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvNTUyMjljLWUyODItNGE4NS1iN2E0LThhY2JmZWEyZWNmYS8x
L3BSTlZsZDl1ZmsxM0RFMVRzay0zdGlBa2lMdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
NTUyMjljLWUyODItNGE4NS1iN2E0LThhY2JmZWEyZWNmYS8xL2pVOF9pNmZjOVls
UEwyRWRmZnExUFVwandLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlMaDANBgkqhkiG9w0BAQsFAAOC
AQEAEbKPX7tvOydgVRdjxvjds6SvJiFDhQXhldj/rocAi4MxUxaHBdnVOEto9tMQ
VAjkVUU7DBdzfSn52yuPXOuqKbagZfvwyjY7p7VIfUlAN1twirkhZM/1vFGfcljl
cD0Mt80yDoe5LcuVLoBVLi5v0gFWP3CRAkMppoD3yxCo4HQ3pdKvB6GCyHc5scub
iXlVLrhHEu4N6MWYxvogY1u2T/tLx77xFhLq/Ri/0RqT8PLlJLaf3t8ZLUvgUeqC
z0uuzOEX6gxyhOThfGNAfJV+A6/ytG+nCFxJUZaOG57sR2B7ljrqxrdy/HZVp+Im
gj/JfimJXA5XAAxWdDnrRTs0rw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:07 2025 by rpki-client