Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/jjeMoDOF7Zt7GhNmjwMWuclsRic.roa
File: jjeMoDOF7Zt7GhNmjwMWuclsRic.roa (raw, json)
Hash identifier: Rx4xZ8nBoEMMvIELsMig8XveU3O+bsQvHZwNIFlfE+0=
Subject key identifier: 8E:37:8C:A0:33:85:ED:9B:7B:1A:13:66:8F:03:16:B9:C9:6C:46:27
Certificate issuer: /CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Certificate serial: 01860C93CC54446EA44DAD96D542FD6774DA
Authority key identifier: 61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/jjeMoDOF7Zt7GhNmjwMWuclsRic.roa
Signing time: Wed 01 Feb 2023 10:44:18 +0000
ROA not before: Wed 01 Feb 2023 10:44:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51431
IP address blocks: 185.137.24.0/24 maxlen: 24
185.137.26.0/24 maxlen: 24
185.137.25.0/24 maxlen: 24
185.137.27.0/24 maxlen: 24
185.191.77.0/24 maxlen: 24
185.191.76.0/24 maxlen: 24
185.191.76.0/22 maxlen: 24
185.191.78.0/24 maxlen: 24
185.191.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:93:cc:54:44:6e:a4:4d:ad:96:d5:42:fd:67:74:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61ba0be7cce380e6bb74e3c5fcea081e9799ae54
Validity
Not Before: Feb 1 10:44:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e378ca03385ed9b7b1a13668f0316b9c96c4627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:65:a2:dd:87:a6:95:71:e5:1a:52:1a:d1:d2:
f6:7f:55:74:dd:a7:28:00:a5:00:39:07:33:2c:83:
4c:2f:de:88:27:61:75:aa:4a:8f:f0:1c:6c:db:1c:
68:94:41:1e:6e:1a:99:0c:0d:b8:97:24:44:8a:78:
ec:67:c1:92:d7:85:d1:c2:68:13:ac:71:89:af:29:
62:dd:2a:a6:ad:77:e4:ab:84:23:61:94:8d:fa:bd:
a7:ac:e1:4e:0e:1e:c0:dd:e4:c1:9b:05:2f:5d:da:
e6:a7:b7:d0:4e:45:7a:25:57:6b:bc:a3:13:04:67:
34:b0:5c:66:99:07:8d:cd:73:71:be:89:90:8a:21:
7b:12:91:f5:46:a9:ba:a2:90:70:ce:11:f1:9e:ad:
61:40:4d:8c:e9:13:c9:55:2c:2c:5e:8b:14:7d:6d:
2d:bb:b3:07:82:4a:79:b0:36:ae:c3:4b:92:bb:4c:
3c:6a:91:1a:8a:ee:01:ff:eb:62:c6:c5:13:86:3a:
6c:3a:65:d1:46:a3:56:c5:b1:00:5f:db:b7:5b:b0:
9a:45:97:b4:ac:fb:cb:bd:47:1b:e6:ad:c8:6a:ed:
e5:db:e2:55:05:1c:57:a7:e9:ac:58:fa:5f:29:5c:
37:b5:17:20:df:11:0f:b8:26:3a:78:2c:ba:c0:7d:
7f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:37:8C:A0:33:85:ED:9B:7B:1A:13:66:8F:03:16:B9:C9:6C:46:27
X509v3 Authority Key Identifier:
keyid:61:BA:0B:E7:CC:E3:80:E6:BB:74:E3:C5:FC:EA:08:1E:97:99:AE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YboL58zjgOa7dOPF_OoIHpeZrlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/jjeMoDOF7Zt7GhNmjwMWuclsRic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a2e37d-4ba5-4165-9fd2-210d482a4b93/1/YboL58zjgOa7dOPF_OoIHpeZrlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.24.0/22
185.191.76.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:5c:f6:0e:fe:ff:65:2f:2e:20:6d:af:72:27:9b:61:22:f4:
fb:25:fa:ee:ee:6d:d7:5b:d9:4e:59:7e:fb:31:ee:7f:24:5d:
7b:5a:7a:22:5c:e9:e9:69:f7:50:80:72:22:a4:a0:50:2d:dd:
b6:5a:cb:dc:e4:c2:f4:a8:bc:07:c1:cb:dc:25:c4:87:62:4b:
99:23:2b:52:a4:0a:a5:43:7c:4d:61:3b:ba:0c:e7:dd:0d:2e:
cf:3c:50:7a:06:1f:98:97:45:a5:4d:db:d3:3a:e8:4b:4b:99:
55:2c:f5:5c:c2:01:f9:4e:ec:3e:f2:86:3a:57:13:df:ed:a0:
ee:36:ec:e2:ab:d6:1b:f2:5c:fa:28:a2:26:24:d7:ea:50:3a:
5d:b0:88:72:4b:8e:ea:f8:a0:7c:1b:56:55:2b:30:ab:be:f0:
a2:5a:22:50:6c:03:55:ab:c5:7d:b0:05:79:4a:95:43:d1:f0:
94:3c:32:19:68:09:79:5a:14:99:86:b1:c1:10:1f:eb:d4:25:
11:f0:10:ea:98:7c:a4:06:fc:f8:38:4b:11:e4:cf:7a:4c:8d:
46:c8:3e:6c:f5:f1:49:19:21:67:5e:a4:08:4b:62:2e:e7:d0:
97:01:5a:e8:9e:dd:39:d7:ef:7f:af:84:93:84:0e:24:22:2a:
99:6a:e1:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYMk8xURG6kTa2W1UL9Z3TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYmEwYmU3Y2NlMzgwZTZiYjc0ZTNjNWZjZWEwODFlOTc5
OWFlNTQwHhcNMjMwMjAxMTA0NDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM3OGNhMDMzODVlZDliN2IxYTEzNjY4ZjAzMTZiOWM5NmM0NjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWWi3YemlXHlGlIa0dL2f1V03aco
AKUAOQczLINML96IJ2F1qkqP8Bxs2xxolEEebhqZDA24lyREinjsZ8GS14XRwmgT
rHGJryli3SqmrXfkq4QjYZSN+r2nrOFODh7A3eTBmwUvXdrmp7fQTkV6JVdrvKMT
BGc0sFxmmQeNzXNxvomQiiF7EpH1Rqm6opBwzhHxnq1hQE2M6RPJVSwsXosUfW0t
u7MHgkp5sDauw0uSu0w8apEaiu4B/+tixsUThjpsOmXRRqNWxbEAX9u3W7CaRZe0
rPvLvUcb5q3Iau3l2+JVBRxXp+msWPpfKVw3tRcg3xEPuCY6eCy6wH1/jQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI43jKAzhe2bexoTZo8DFrnJbEYnMB8GA1UdIwQY
MBaAFGG6C+fM44Dmu3TjxfzqCB6Xma5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDIt
MjEwZDQ4MmE0YjkzLzEvamplTW9ET0Y3WnQ3R2hObWp3TVd1Y2xzUmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMmUzN2QtNGJhNS00MTY1LTlmZDItMjEwZDQ4MmE0Yjkz
LzEvWWJvTDU4empnT2E3ZE9QRl9Pb0lIcGVacmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYkYAwQC
ub9MMA0GCSqGSIb3DQEBCwUAA4IBAQA/XPYO/v9lLy4gba9yJ5thIvT7Jfru7m3X
W9lOWX77Me5/JF17WnoiXOnpafdQgHIipKBQLd22Wsvc5ML0qLwHwcvcJcSHYkuZ
IytSpAqlQ3xNYTu6DOfdDS7PPFB6Bh+Yl0WlTdvTOuhLS5lVLPVcwgH5Tuw+8oY6
VxPf7aDuNuziq9Yb8lz6KKImJNfqUDpdsIhyS47q+KB8G1ZVKzCrvvCiWiJQbANV
q8V9sAV5SpVD0fCUPDIZaAl5WhSZhrHBEB/r1CUR8BDqmHykBvz4OEsR5M96TI1G
yD5s9fFJGSFnXqQIS2Iu59CXAVront051+9/r4SThA4kIiqZauE6
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:36:11 2025 by rpki-client