Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/or3oYMlPOnqXqEILzV8rplJB6L4.roa
File: or3oYMlPOnqXqEILzV8rplJB6L4.roa (raw, json)
Hash identifier: f6aezacwqGiLZN7yt3yVPfMK1mXEu+2pvYsJDXgR30w=
Subject key identifier: A2:BD:E8:60:C9:4F:3A:7A:97:A8:42:0B:CD:5F:2B:A6:52:41:E8:BE
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AB7C72939E880B034C1FD805A6EC51DDB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/or3oYMlPOnqXqEILzV8rplJB6L4.roa
Signing time: Thu 21 Sep 2023 12:46:37 +0000
ROA not before: Thu 21 Sep 2023 12:46:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216394
IP address blocks: 194.87.224.0/24 maxlen: 24
194.87.130.0/24 maxlen: 24
194.87.246.0/24 maxlen: 24
212.192.222.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:c7:29:39:e8:80:b0:34:c1:fd:80:5a:6e:c5:1d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 21 12:46:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2bde860c94f3a7a97a8420bcd5f2ba65241e8be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:46:c9:49:86:63:67:7c:07:30:96:eb:17:80:
09:19:a8:22:95:66:06:af:f3:8a:14:83:27:5e:1c:
0a:0c:f2:e9:04:87:4f:f9:fa:de:1a:d5:92:33:5a:
7a:b0:bf:54:0a:22:da:f3:78:b4:1c:2e:a2:86:87:
73:af:a9:91:82:b0:37:fb:7c:51:a4:c8:8a:43:b4:
55:44:6c:db:a4:17:56:07:5e:9f:e0:41:86:ad:c9:
d0:80:c7:8b:f2:1c:57:c9:58:a7:83:d1:bd:36:18:
6e:10:84:db:9c:fd:7b:65:ab:bc:3e:f6:be:12:5f:
a8:65:5e:6a:66:bd:c9:e3:fa:70:2a:25:7c:ce:b4:
0c:44:0c:02:ba:3a:47:b1:8b:d7:57:3c:b9:ea:19:
d1:40:bb:66:1e:61:88:1d:9e:d3:e3:ca:8a:0f:1b:
53:0c:84:93:d5:c2:f9:57:d2:fe:ad:bc:4e:fc:87:
47:ed:56:03:fb:58:00:51:9c:92:23:af:79:c3:eb:
33:65:80:40:94:38:e6:7e:9d:a1:57:03:50:9d:22:
ad:18:be:77:02:33:13:fc:01:68:65:a1:9d:d9:68:
aa:fd:30:47:09:04:89:0a:54:03:62:85:63:2e:56:
b1:0f:0e:cd:9b:f7:d3:a9:bb:71:30:dd:f7:60:b6:
e2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BD:E8:60:C9:4F:3A:7A:97:A8:42:0B:CD:5F:2B:A6:52:41:E8:BE
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/or3oYMlPOnqXqEILzV8rplJB6L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.130.0/24
194.87.224.0/24
194.87.246.0/24
195.133.43.0/24
212.192.222.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:fd:7b:89:3b:2f:81:28:8b:c6:0d:9b:d2:89:06:5d:71:d4:
e4:4c:e2:65:1c:64:20:cc:ef:81:22:3a:e4:1b:25:ff:83:4a:
70:41:d0:e1:f8:be:2b:4b:9c:13:e7:48:f2:96:b1:c9:77:22:
88:43:36:96:f4:27:d8:5f:25:1b:dd:6f:bc:8b:7a:38:ea:61:
16:3c:61:28:e7:78:47:ec:84:15:e4:9d:e8:a7:da:7f:0b:9d:
dc:3b:3c:f3:2d:0a:58:29:ef:c8:fc:7b:32:b8:49:f9:80:17:
49:92:10:bb:67:b7:66:a0:e9:6f:1c:04:32:c8:22:1c:b6:27:
2b:d4:03:89:16:a4:4c:26:eb:c6:ed:6b:58:14:33:df:22:ee:
28:e4:f0:9b:88:2d:4e:04:5e:ff:59:5a:c3:34:ff:e8:b8:2b:
0a:bd:9d:11:1a:0d:90:b3:ff:6d:68:8a:88:5e:ff:2c:3a:fb:
b2:40:c1:c0:77:cb:5d:3f:7c:ce:be:39:0f:10:0b:6e:9e:25:
f4:20:fc:c1:d9:e6:a3:04:53:3b:48:fc:49:cf:f9:2b:2c:5c:
50:b7:e6:3c:35:eb:28:21:26:a2:fd:a8:e3:c6:0e:eb:72:cb:
3f:c7:e8:c2:f2:a8:aa:bc:1e:6d:69:6c:5b:65:8a:aa:68:06:
4f:c1:db:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYq3xyk56ICwNMH9gFpuxR3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTIxMTI0NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJkZTg2MGM5NGYzYTdhOTdhODQyMGJjZDVmMmJhNjUyNDFlOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUbJSYZjZ3wHMJbrF4AJGagilWYG
r/OKFIMnXhwKDPLpBIdP+freGtWSM1p6sL9UCiLa83i0HC6ihodzr6mRgrA3+3xR
pMiKQ7RVRGzbpBdWB16f4EGGrcnQgMeL8hxXyVing9G9NhhuEITbnP17Zau8Pva+
El+oZV5qZr3J4/pwKiV8zrQMRAwCujpHsYvXVzy56hnRQLtmHmGIHZ7T48qKDxtT
DIST1cL5V9L+rbxO/IdH7VYD+1gAUZySI695w+szZYBAlDjmfp2hVwNQnSKtGL53
AjMT/AFoZaGd2Wiq/TBHCQSJClQDYoVjLlaxDw7Nm/fTqbtxMN33YLbiHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKK96GDJTzp6l6hCC81fK6ZSQei+MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvb3Izb1lNbFBPbnFYcUVJTHpWOHJwbEpCNkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwleCAwQA
wlfgAwQAwlf2AwQAw4UrAwQA1MDeMA0GCSqGSIb3DQEBCwUAA4IBAQAu/XuJOy+B
KIvGDZvSiQZdcdTkTOJlHGQgzO+BIjrkGyX/g0pwQdDh+L4rS5wT50jylrHJdyKI
QzaW9CfYXyUb3W+8i3o46mEWPGEo53hH7IQV5J3op9p/C53cOzzzLQpYKe/I/Hsy
uEn5gBdJkhC7Z7dmoOlvHAQyyCIcticr1AOJFqRMJuvG7WtYFDPfIu4o5PCbiC1O
BF7/WVrDNP/ouCsKvZ0RGg2Qs/9taIqIXv8sOvuyQMHAd8tdP3zOvjkPEAtuniX0
IPzB2eajBFM7SPxJz/krLFxQt+Y8NesoISai/ajjxg7rcss/x+jC8qiqvB5taWxb
ZYqqaAZPwdtT
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:50:20 2025 by rpki-client