Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/aLr-Mnw2yIDri0icXQ3nrk5wTFs.roa
File: aLr-Mnw2yIDri0icXQ3nrk5wTFs.roa (raw, json)
Hash identifier: XqvjSThDFfJqfMaEL7Yrxqe/O/Lc8sFrytUAx2pj5m4=
Subject key identifier: 68:BA:FE:32:7C:36:C8:80:EB:8B:48:9C:5D:0D:E7:AE:4E:70:4C:5B
Certificate issuer: /CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Certificate serial: 018A3AADBDFA43A218CAD612942BEA54F9BE
Authority key identifier: E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/aLr-Mnw2yIDri0icXQ3nrk5wTFs.roa
Signing time: Mon 28 Aug 2023 05:46:19 +0000
ROA not before: Mon 28 Aug 2023 05:46:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 185.238.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3a:ad:bd:fa:43:a2:18:ca:d6:12:94:2b:ea:54:f9:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d0a84bab3def41d6aaa9028de7a475d32d12bd
Validity
Not Before: Aug 28 05:46:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68bafe327c36c880eb8b489c5d0de7ae4e704c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:e7:f4:c3:c3:14:ec:44:aa:e6:4a:2a:66:
6a:bd:dd:b8:3e:6d:7b:48:12:9b:67:26:61:61:02:
70:54:27:05:d5:fc:28:5f:b1:5b:cc:1a:0a:38:d7:
2c:9e:d0:d8:c9:c8:9c:a8:72:e4:00:14:d3:38:1c:
23:12:a2:05:14:61:9e:04:2b:d6:6e:6b:2d:69:ca:
52:08:18:8d:57:df:ec:0f:82:d0:a7:54:5e:a3:50:
5f:01:b5:5b:20:0b:37:3a:84:80:61:40:b5:66:7f:
04:d3:48:3f:4c:ee:34:17:cb:62:70:1a:58:db:de:
a3:e0:ba:3c:d7:bf:22:19:8a:d8:96:0b:5e:e2:e7:
70:2e:25:ce:53:ee:dd:74:6b:4e:cf:27:a7:6d:5c:
84:e5:55:3e:40:dc:8c:87:e2:6a:63:64:d0:ee:b0:
94:4d:1f:ba:fd:eb:64:14:02:6d:0c:42:a4:e6:5c:
76:0f:96:22:62:60:c2:c7:2e:2a:51:45:b3:c3:e0:
68:4b:d1:dc:9b:cf:21:64:d4:3b:9f:02:94:8d:da:
7e:31:6f:51:13:75:ed:f2:01:0a:5c:e2:78:a6:dc:
09:3e:3f:da:5d:49:b9:48:98:7c:f6:b8:fe:ad:3f:
c4:cf:32:09:e2:be:75:67:1f:e6:f1:9a:55:7e:74:
f4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BA:FE:32:7C:36:C8:80:EB:8B:48:9C:5D:0D:E7:AE:4E:70:4C:5B
X509v3 Authority Key Identifier:
keyid:E3:D0:A8:4B:AB:3D:EF:41:D6:AA:A9:02:8D:E7:A4:75:D3:2D:12:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49CoS6s970HWqqkCjeekddMtEr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/aLr-Mnw2yIDri0icXQ3nrk5wTFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/cb51f5-a843-49c4-9f19-10eb8adfea7e/1/49CoS6s970HWqqkCjeekddMtEr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.141.0/24
Signature Algorithm: sha256WithRSAEncryption
51:dc:8f:b9:fb:cf:80:95:3d:43:4c:a5:0b:46:63:4c:8e:b0:
6d:4c:ac:a0:72:03:f9:6d:72:7e:41:0c:c8:51:ad:e6:6f:03:
95:db:56:d9:32:78:bc:0c:a8:04:e8:fe:4a:18:2d:cf:d4:f5:
b1:15:5b:bf:b7:51:57:66:45:67:48:5c:f1:30:d4:de:e3:c1:
05:a8:7f:a6:04:22:97:ab:2a:3e:4c:6e:4c:f5:59:0c:db:0e:
93:34:12:d8:8f:43:08:e6:b7:b7:1f:23:fa:a1:e6:e2:93:57:
1c:82:57:50:0d:4c:82:56:6b:ed:56:3a:e4:22:00:d8:e0:4a:
9a:64:fc:75:a7:f6:a3:e0:0a:eb:18:df:77:e6:a7:be:4a:90:
17:7b:e1:77:69:99:b1:92:96:bb:4e:61:ab:1d:cf:28:47:11:
fe:f4:c6:e6:6f:37:17:a8:2b:c2:34:db:a0:91:1e:bb:75:03:
f4:c9:82:26:bf:0e:80:08:4b:57:96:ac:21:d7:29:c8:38:dc:
0b:02:1e:a5:fc:2e:1c:12:08:b9:d2:90:70:3e:31:95:48:31:
fb:b2:97:e4:80:75:be:88:fd:58:39:56:8a:16:db:c7:e9:08:
2a:e6:93:bf:81:e7:18:34:12:44:0c:32:d0:61:6c:c6:49:dd:
b5:22:04:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYo6rb36Q6IYytYSlCvqVPm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDBhODRiYWIzZGVmNDFkNmFhYTkwMjhkZTdhNDc1ZDMy
ZDEyYmQwHhcNMjMwODI4MDU0NjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJhZmUzMjdjMzZjODgwZWI4YjQ4OWM1ZDBkZTdhZTRlNzA0YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX/n9MPDFOxEquZKKmZqvd24Pm17
SBKbZyZhYQJwVCcF1fwoX7FbzBoKONcsntDYycicqHLkABTTOBwjEqIFFGGeBCvW
bmstacpSCBiNV9/sD4LQp1Reo1BfAbVbIAs3OoSAYUC1Zn8E00g/TO40F8ticBpY
296j4Lo8178iGYrYlgte4udwLiXOU+7ddGtOzyenbVyE5VU+QNyMh+JqY2TQ7rCU
TR+6/etkFAJtDEKk5lx2D5YiYmDCxy4qUUWzw+BoS9Hcm88hZNQ7nwKUjdp+MW9R
E3Xt8gEKXOJ4ptwJPj/aXUm5SJh89rj+rT/EzzIJ4r51Zx/m8ZpVfnT0dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGi6/jJ8NsiA64tInF0N565OcExbMB8GA1UdIwQY
MBaAFOPQqEurPe9B1qqpAo3npHXTLRK9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTkt
MTBlYjhhZGZlYTdlLzEvYUxyLU1udzJ5SURyaTBpY1hRM25yazV3VEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jYjUxZjUtYTg0My00OWM0LTlmMTktMTBlYjhhZGZlYTdl
LzEvNDlDb1M2czk3MEhXcXFrQ2plZWtkZE10RXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6NMA0G
CSqGSIb3DQEBCwUAA4IBAQBR3I+5+8+AlT1DTKULRmNMjrBtTKygcgP5bXJ+QQzI
Ua3mbwOV21bZMni8DKgE6P5KGC3P1PWxFVu/t1FXZkVnSFzxMNTe48EFqH+mBCKX
qyo+TG5M9VkM2w6TNBLYj0MI5re3HyP6oebik1ccgldQDUyCVmvtVjrkIgDY4Eqa
ZPx1p/aj4ArrGN935qe+SpAXe+F3aZmxkpa7TmGrHc8oRxH+9MbmbzcXqCvCNNug
kR67dQP0yYImvw6ACEtXlqwh1ynIONwLAh6l/C4cEgi50pBwPjGVSDH7spfkgHW+
iP1YOVaKFtvH6Qgq5pO/gecYNBJEDDLQYWzGSd21IgSV
-----END CERTIFICATE-----
Generated at Mon Jun 16 13:34:33 2025 by rpki-client