Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g8nxk64nvi4fWG_rqqsRhdWofp8.roa
File: g8nxk64nvi4fWG_rqqsRhdWofp8.roa (raw, json)
Hash identifier: Zux1Vy1qGjXZRtNlRUtX3DN8Yyd09I5OgnzTM66x2Vg=
Subject key identifier: 83:C9:F1:93:AE:27:BE:2E:1F:58:6F:EB:AA:AB:11:85:D5:A8:7E:9F
Certificate issuer: /CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Certificate serial: 01856C53A3C558336D7EC6C415DC1CEB6D74
Authority key identifier: A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g8nxk64nvi4fWG_rqqsRhdWofp8.roa
Signing time: Sun 01 Jan 2023 07:54:58 +0000
ROA not before: Sun 01 Jan 2023 07:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197019
IP address blocks: 185.8.236.0/22 maxlen: 24
2a02:2b88:2:1::306a:1/128 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:a3:c5:58:33:6d:7e:c6:c4:15:dc:1c:eb:6d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5b9df7e98f6f39fe2ba4022da277d2819828021
Validity
Not Before: Jan 1 07:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83c9f193ae27be2e1f586febaaab1185d5a87e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1f:af:ea:e9:cb:8f:4c:51:b8:9b:9c:c7:b3:
b2:29:d2:21:70:c3:38:c9:75:36:0b:b1:16:40:53:
2d:0e:e0:93:d9:1c:8f:98:f0:52:2a:cc:62:71:44:
cc:61:b8:8b:9c:20:2a:ca:4e:6d:19:4a:44:f0:d1:
ce:56:f1:41:6c:10:2c:96:7c:80:89:db:56:d3:3b:
17:f9:9c:25:36:ac:46:70:d0:35:45:08:6b:14:6c:
e7:99:53:3b:86:11:5a:5b:d3:64:4b:24:42:57:84:
26:22:24:b4:3b:07:0f:be:64:0a:7a:b8:12:57:e6:
1c:4f:b4:be:01:12:83:2a:24:b2:81:30:2d:ff:d2:
bd:70:73:05:70:48:87:a1:5b:e1:fb:d8:11:93:3d:
63:d6:3d:1c:a2:21:13:cb:08:aa:49:fc:83:f2:aa:
e5:14:ab:c9:f2:4d:34:42:d4:fb:e6:40:a0:99:ce:
a4:ed:7c:f5:30:b2:b1:5b:41:14:b2:7e:9e:07:9c:
11:e8:23:d4:bd:37:ff:98:ba:3f:3e:1b:58:b0:ce:
89:21:cf:0a:c9:1e:87:cb:1f:58:23:cd:ae:a8:61:
08:6b:1d:bd:37:04:ca:fc:8b:48:9a:d4:05:96:fc:
2b:8a:13:fd:e3:83:9a:ab:06:3d:87:7e:78:a6:c3:
83:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C9:F1:93:AE:27:BE:2E:1F:58:6F:EB:AA:AB:11:85:D5:A8:7E:9F
X509v3 Authority Key Identifier:
keyid:A5:B9:DF:7E:98:F6:F3:9F:E2:BA:40:22:DA:27:7D:28:19:82:80:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pbnffpj285_iukAi2id9KBmCgCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/g8nxk64nvi4fWG_rqqsRhdWofp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/973047-8914-41c6-a1e0-0ac7b7ede42b/1/pbnffpj285_iukAi2id9KBmCgCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.236.0/22
IPv6:
2a02:2b88:2:1:0:0:306a:1/128
Signature Algorithm: sha256WithRSAEncryption
13:90:0d:5f:23:4d:54:84:fc:56:75:48:2f:f1:3f:45:c7:c2:
eb:fa:c3:6b:85:70:71:9b:4e:31:de:b7:1e:21:ae:c2:63:4d:
36:a9:14:c1:c9:3c:00:5b:e1:a0:51:7f:e0:73:10:dc:ae:92:
a6:0f:bd:b3:e7:44:1c:bb:06:4c:1d:f6:51:81:10:90:8a:98:
da:03:a5:a3:36:e8:2b:f3:8f:20:7d:c8:8c:68:f0:0c:c1:80:
59:33:02:61:52:c8:68:f7:72:f8:bb:cd:ba:0b:11:1c:7a:ab:
02:ab:54:5b:45:eb:ce:b3:c7:f7:52:71:7a:a1:89:d8:04:c4:
99:74:d6:9a:33:22:38:4a:2e:83:7a:70:83:88:bb:2b:1a:12:
39:5d:0f:89:c2:60:e1:b5:f1:7b:ad:b1:c2:ab:e4:43:ce:11:
66:b6:7b:44:3e:87:ef:2d:60:7c:6b:66:36:83:5f:12:f6:8e:
4b:8e:25:d9:bc:19:9c:85:7d:14:1f:50:8a:f1:39:41:3f:8d:
f3:fe:ec:12:47:b4:27:ca:1d:b4:fe:eb:32:6f:36:6a:dd:35:
9b:4c:e6:33:54:99:e9:0a:62:f0:72:bd:5b:54:73:12:4a:b8:
74:a1:02:b6:e7:b3:e6:be:b7:6c:26:d7:fb:92:e8:ca:8f:01:
70:20:3f:3e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsU6PFWDNtfsbEFdwc6210MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YjlkZjdlOThmNmYzOWZlMmJhNDAyMmRhMjc3ZDI4MTk4
MjgwMjEwHhcNMjMwMTAxMDc1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2M5ZjE5M2FlMjdiZTJlMWY1ODZmZWJhYWFiMTE4NWQ1YTg3ZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx+v6unLj0xRuJucx7OyKdIhcMM4
yXU2C7EWQFMtDuCT2RyPmPBSKsxicUTMYbiLnCAqyk5tGUpE8NHOVvFBbBAslnyA
idtW0zsX+ZwlNqxGcNA1RQhrFGznmVM7hhFaW9NkSyRCV4QmIiS0OwcPvmQKergS
V+YcT7S+ARKDKiSygTAt/9K9cHMFcEiHoVvh+9gRkz1j1j0coiETywiqSfyD8qrl
FKvJ8k00QtT75kCgmc6k7Xz1MLKxW0EUsn6eB5wR6CPUvTf/mLo/PhtYsM6JIc8K
yR6Hyx9YI82uqGEIax29NwTK/ItImtQFlvwrihP944OaqwY9h354psODLQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIPJ8ZOuJ74uH1hv66qrEYXVqH6fMB8GA1UdIwQY
MBaAFKW5336Y9vOf4rpAItonfSgZgoAhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAt
MGFjN2I3ZWRlNDJiLzEvZzhueGs2NG52aTRmV0dfcnFxc1JoZFdvZnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC85NzMwNDctODkxNC00MWM2LWExZTAtMGFjN2I3ZWRlNDJi
LzEvcGJuZmZwajI4NV9pdWtBaTJpZDlLQm1DZ0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQCuQjsMBkE
AgACMBMDEQAqAiuIAAIAAQAAAAAwagABMA0GCSqGSIb3DQEBCwUAA4IBAQATkA1f
I01UhPxWdUgv8T9Fx8Lr+sNrhXBxm04x3rceIa7CY002qRTByTwAW+GgUX/gcxDc
rpKmD72z50QcuwZMHfZRgRCQipjaA6WjNugr848gfciMaPAMwYBZMwJhUsho93L4
u826CxEceqsCq1RbRevOs8f3UnF6oYnYBMSZdNaaMyI4Si6DenCDiLsrGhI5XQ+J
wmDhtfF7rbHCq+RDzhFmtntEPofvLWB8a2Y2g18S9o5LjiXZvBmchX0UH1CK8TlB
P43z/uwSR7Qnyh20/usybzZq3TWbTOYzVJnpCmLwcr1bVHMSSrh0oQK257Pmvrds
Jtf7kujKjwFwID8+
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:16:53 2025 by rpki-client