Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/8etm5Kcurs7Qav-Jzc0jF40-khg.roa
File: 8etm5Kcurs7Qav-Jzc0jF40-khg.roa (raw, json)
Hash identifier: pJ4gUv0O8Ai6VvsKd/BXLp+ZJt7tFaF8e5a9Qee8uFs=
Subject key identifier: F1:EB:66:E4:A7:2E:AE:CE:D0:6A:FF:89:CD:CD:23:17:8D:3E:92:18
Certificate issuer: /CN=8293905afa134944f0630c949f3abda40646dac1
Certificate serial: 1668A319
Authority key identifier: 82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/8etm5Kcurs7Qav-Jzc0jF40-khg.roa
Signing time: Sat 01 Jan 2022 16:02:31 +0000
ROA not before: Sat 01 Jan 2022 16:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201333
IP address blocks: 194.156.8.0/22 maxlen: 24
185.78.48.0/22 maxlen: 24
185.54.212.0/22 maxlen: 24
2a02:4720::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 375956249 (0x1668a319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8293905afa134944f0630c949f3abda40646dac1
Validity
Not Before: Jan 1 16:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1eb66e4a72eaeced06aff89cdcd23178d3e9218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b9:25:78:aa:a8:f1:13:8d:f4:d2:ad:a4:8d:
ff:56:e3:11:ff:fd:39:ec:a6:0e:d7:1c:12:89:15:
aa:9b:56:4c:cd:a0:61:52:20:5f:d7:ed:9a:14:b8:
e0:2e:ca:14:83:de:99:ec:f2:ae:a0:aa:3c:b4:e8:
a6:71:68:8a:b4:be:1e:cf:4a:0c:7d:db:77:64:c8:
8a:00:30:1e:21:82:fa:ac:96:84:9a:88:ad:6c:91:
e9:9a:fd:ac:56:9d:f4:21:aa:bb:c7:e8:ca:87:1e:
40:83:01:f3:73:16:c1:4c:02:7b:3f:86:39:14:8f:
23:34:d8:1c:ff:68:ac:4e:5a:cb:76:80:6d:90:2e:
e9:03:de:8e:fa:af:42:e5:a8:0b:05:60:e9:2d:c5:
3c:8b:46:22:a7:c1:2e:b9:ea:51:9b:b3:59:04:2d:
c0:ee:fe:fe:6d:a2:8c:c5:a6:ae:d3:e4:47:27:72:
e0:5d:73:c5:ef:66:95:69:06:94:58:c3:c9:e5:5c:
75:a8:10:12:66:1b:45:ea:df:5f:8a:4f:0f:22:51:
1d:7c:d0:9a:be:fe:ac:41:4b:d2:12:8f:6a:a0:6c:
66:1a:73:44:64:70:24:e5:74:a1:68:f7:55:10:67:
db:5b:90:00:6b:c3:a4:25:3b:e7:72:43:55:d1:ff:
c6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EB:66:E4:A7:2E:AE:CE:D0:6A:FF:89:CD:CD:23:17:8D:3E:92:18
X509v3 Authority Key Identifier:
keyid:82:93:90:5A:FA:13:49:44:F0:63:0C:94:9F:3A:BD:A4:06:46:DA:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gpOQWvoTSUTwYwyUnzq9pAZG2sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/8etm5Kcurs7Qav-Jzc0jF40-khg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/e1c373-64f8-4226-9044-81095a13b9de/1/gpOQWvoTSUTwYwyUnzq9pAZG2sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.212.0/22
185.78.48.0/22
194.156.8.0/22
IPv6:
2a02:4720::/29
Signature Algorithm: sha256WithRSAEncryption
b9:d9:ba:fa:ef:d6:6b:be:4a:57:ba:ba:a3:88:ad:a3:d4:9a:
3e:62:a8:3f:dd:71:ce:6b:78:d6:b5:d1:94:d3:52:b8:26:d8:
36:b7:14:0f:78:6b:30:10:a3:60:dc:d1:85:13:01:57:1d:56:
fd:98:d7:f5:33:2b:ef:d4:62:af:c5:1a:fc:06:43:07:6f:d7:
d9:89:8b:9c:ff:3b:ff:72:a2:ec:c5:9f:11:dc:9f:7e:a9:05:
79:3a:c3:b6:23:ac:88:e6:1e:06:f7:d6:0d:50:74:3c:dd:f7:
ea:3e:24:cd:5c:04:d6:5f:5a:c1:5e:d9:f7:05:8d:fb:db:e3:
b1:c8:d9:2e:45:71:a1:0f:51:8d:45:9d:fa:b0:7c:b0:bd:10:
d8:df:bf:89:9c:5a:00:fe:9c:49:48:bb:3f:57:76:aa:a5:bf:
c9:93:73:ef:6e:c5:e3:91:58:a7:2c:73:b4:d6:13:a8:4a:df:
e5:43:44:85:52:91:9f:53:b1:47:fe:a5:86:89:35:43:5f:d4:
a6:14:7c:1a:e1:0f:b4:57:3f:8e:52:0e:b8:dd:00:f8:bf:31:
70:92:0e:dd:6c:4e:06:23:c0:47:c9:cf:a2:33:6a:1e:aa:46:
19:7d:60:1d:c7:69:98:66:3e:eb:b0:dc:91:2e:6d:c8:f7:38:
be:5e:64:e9
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFmijGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjkzOTA1YWZhMTM0OTQ0ZjA2MzBjOTQ5ZjNhYmRhNDA2NDZkYWMxMB4XDTIyMDEw
MTE2MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFlYjY2ZTRhNzJl
YWVjZWQwNmFmZjg5Y2RjZDIzMTc4ZDNlOTIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANK5JXiqqPETjfTSraSN/1bjEf/9OeymDtccEokVqptWTM2g
YVIgX9ftmhS44C7KFIPemezyrqCqPLTopnFoirS+Hs9KDH3bd2TIigAwHiGC+qyW
hJqIrWyR6Zr9rFad9CGqu8foyoceQIMB83MWwUwCez+GORSPIzTYHP9orE5ay3aA
bZAu6QPejvqvQuWoCwVg6S3FPItGIqfBLrnqUZuzWQQtwO7+/m2ijMWmrtPkRydy
4F1zxe9mlWkGlFjDyeVcdagQEmYbRerfX4pPDyJRHXzQmr7+rEFL0hKPaqBsZhpz
RGRwJOV0oWj3VRBn21uQAGvDpCU753JDVdH/xiMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTx62bkpy6uztBq/4nNzSMXjT6SGDAfBgNVHSMEGDAWgBSCk5Ba+hNJRPBj
DJSfOr2kBkbawTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dwT1FXdm9UU1VUd1l3eVVuenE5cEFaRzJzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvZTFjMzczLTY0ZjgtNDIyNi05MDQ0LTgxMDk1YTEzYjlkZS8x
LzhldG01S2N1cnM3UWF2LUp6YzBqRjQwLWtoZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
ZTFjMzczLTY0ZjgtNDIyNi05MDQ0LTgxMDk1YTEzYjlkZS8xL2dwT1FXdm9UU1VU
d1l3eVVuenE5cEFaRzJzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArk21AMEArlOMAMEAsKcCDANBAIA
AjAHAwUDKgJHIDANBgkqhkiG9w0BAQsFAAOCAQEAudm6+u/Wa75KV7q6o4ito9Sa
PmKoP91xzmt41rXRlNNSuCbYNrcUD3hrMBCjYNzRhRMBVx1W/ZjX9TMr79Rir8Ua
/AZDB2/X2YmLnP87/3Ki7MWfEdyffqkFeTrDtiOsiOYeBvfWDVB0PN336j4kzVwE
1l9awV7Z9wWN+9vjscjZLkVxoQ9RjUWd+rB8sL0Q2N+/iZxaAP6cSUi7P1d2qqW/
yZNz727F45FYpyxztNYTqErf5UNEhVKRn1OxR/6lhok1Q1/UphR8GuEPtFc/jlIO
uN0A+L8xcJIO3WxOBiPAR8nPojNqHqpGGX1gHcdpmGY+67DckS5tyPc4vl5k6Q==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:49:38 2025 by rpki-client