Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/KJe1GTnJMONhXNLMztO3hZ9CRo4.roa
File: KJe1GTnJMONhXNLMztO3hZ9CRo4.roa (raw, json)
Hash identifier: dnYKxoX+qfJzspLhQHtfHTxcJnpdpJxurvAVcNf2GpM=
Subject key identifier: 28:97:B5:19:39:C9:30:E3:61:5C:D2:CC:CE:D3:B7:85:9F:42:46:8E
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 02FEB6
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/KJe1GTnJMONhXNLMztO3hZ9CRo4.roa
Signing time: Tue 15 Feb 2022 11:24:56 +0000
ROA not before: Tue 15 Feb 2022 11:24:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197019
IP address blocks: 185.8.236.0/22 maxlen: 22
2a02:2b88:2:1::306a:1/128 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196278 (0x2feb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Feb 15 11:24:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2897b51939c930e3615cd2ccced3b7859f42468e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e5:fd:2b:b8:7f:ff:af:9d:a9:4c:bb:b4:b2:
eb:12:ec:b8:f2:14:c2:8f:d5:1a:77:54:bd:7d:86:
d8:e9:8c:f6:a1:be:45:d4:95:fc:f4:82:a1:c3:c8:
38:6f:7b:0b:06:b8:9e:d0:55:b0:e1:87:6e:76:0f:
40:fc:ec:0a:46:51:90:6a:38:7e:3a:ed:63:72:fa:
78:7a:77:52:ec:bb:e3:e8:02:0d:95:4b:88:d7:8f:
52:90:dd:e2:68:45:1f:37:bf:09:fe:a3:1c:13:4d:
d1:cf:f1:c6:bc:9c:68:a1:1c:4e:ca:4b:c8:b5:39:
ee:48:57:f6:ca:70:49:51:61:81:8b:41:4a:79:94:
bc:10:21:69:26:c8:fe:ba:14:b4:4c:1a:be:4f:f3:
f8:9d:13:c0:1b:07:d1:23:25:bb:2e:da:47:0e:ce:
a6:95:ea:fe:f2:29:14:89:1d:7a:dc:1a:33:f7:1b:
df:c2:9e:97:24:31:2e:a2:9c:36:91:88:2a:3f:55:
88:65:a7:a4:cd:d7:8f:68:25:5d:64:a1:08:e7:0c:
f1:35:4a:11:d4:2b:32:a4:63:1c:7c:05:87:54:e4:
71:32:fa:d2:4f:c3:25:72:de:aa:00:4f:fc:89:05:
82:41:d5:47:d3:bb:fe:6f:a9:34:1e:ff:4a:66:85:
3a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:97:B5:19:39:C9:30:E3:61:5C:D2:CC:CE:D3:B7:85:9F:42:46:8E
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/KJe1GTnJMONhXNLMztO3hZ9CRo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.236.0/22
IPv6:
2a02:2b88:2:1:0:0:306a:1/128
Signature Algorithm: sha256WithRSAEncryption
5f:0c:be:b3:49:11:53:94:45:c9:26:19:c8:8b:a0:f2:7e:8a:
c2:51:a6:b2:7e:80:1f:18:e9:8a:40:13:ea:7e:f0:15:95:28:
59:8a:ef:a7:f8:4e:dd:e0:57:ee:00:ce:60:c4:bc:e1:52:a5:
8f:3b:34:79:fa:1f:3b:bd:4d:4f:a3:74:77:6c:50:05:b1:56:
6d:39:f1:cb:86:7f:4a:84:28:cb:ad:31:cd:a1:be:54:5a:2f:
3a:ec:8f:ff:ef:0b:c0:73:5c:b7:67:92:6e:cb:ed:c3:0c:54:
29:ba:e6:ab:ef:62:a4:23:f0:1b:34:63:63:a0:26:b5:63:27:
63:0d:68:31:f7:66:b0:b2:ef:dc:56:0a:7f:bb:83:7d:89:41:
39:2b:09:83:40:20:d3:4d:5a:f8:11:da:6e:46:ee:23:27:d9:
38:e2:d4:e9:a7:81:e0:9f:84:90:5b:b5:3a:18:31:9b:0a:fa:
04:e2:6d:e9:d3:ff:5c:dd:d1:21:03:f1:6d:52:aa:21:96:96:
38:3e:e5:7a:62:22:d4:76:a9:c4:20:95:23:4b:d5:da:d1:1f:
e0:ab:d4:5b:96:23:ad:a0:ee:6d:7e:a3:ac:bb:37:7e:ec:ca:
51:46:6b:83:1d:4a:b4:55:11:49:34:55:0f:64:32:18:08:d7:
ed:c2:d8:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDAv62MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGE1
YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4MjgwMjEwHhcNMjIwMjE1
MTEyNDU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyODk3YjUxOTM5Yzkz
MGUzNjE1Y2QyY2NjZWQzYjc4NTlmNDI0NjhlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAiuX9K7h//6+dqUy7tLLrEuy48hTCj9Uad1S9fYbY6Yz2ob5F
1JX89IKhw8g4b3sLBrie0FWw4Ydudg9A/OwKRlGQajh+Ou1jcvp4endS7Lvj6AIN
lUuI149SkN3iaEUfN78J/qMcE03Rz/HGvJxooRxOykvItTnuSFf2ynBJUWGBi0FK
eZS8ECFpJsj+uhS0TBq+T/P4nRPAGwfRIyW7LtpHDs6mler+8ikUiR163Boz9xvf
wp6XJDEuopw2kYgqP1WIZaekzdePaCVdZKEI5wzxNUoR1CsypGMcfAWHVORxMvrS
T8Mlct6qAE/8iQWCQdVH07v+b6k0Hv9KZoU6CQIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFCiXtRk5yTDjYVzSzM7Tt4WfQkaOMB8GA1UdIwQYMBaAFKW5336Y9vOf4rpA
ItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJiLzEv
S0plMUdUbkpNT05oWE5MTXp0TzNoWjlDUm80LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85
NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJiLzEvcGJuZmZwajI4NV9p
dWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQCuQjsMBkEAgACMBMDEQAqAiuIAAIA
AQAAAAAwagABMA0GCSqGSIb3DQEBCwUAA4IBAQBfDL6zSRFTlEXJJhnIi6DyforC
UaayfoAfGOmKQBPqfvAVlShZiu+n+E7d4FfuAM5gxLzhUqWPOzR5+h87vU1Po3R3
bFAFsVZtOfHLhn9KhCjLrTHNob5UWi867I//7wvAc1y3Z5Juy+3DDFQpuuar72Kk
I/AbNGNjoCa1YydjDWgx92awsu/cVgp/u4N9iUE5KwmDQCDTTVr4EdpuRu4jJ9k4
4tTpp4Hgn4SQW7U6GDGbCvoE4m3p0/9c3dEhA/FtUqohlpY4PuV6YiLUdqnEIJUj
S9Xa0R/gq9RbliOtoO5tfqOsuzd+7MpRRmuDHUq0VRFJNFUPZDIYCNftwtg+
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:59 2025 by rpki-client