Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/EAtnYMmt7FT9u5eTjqMaN6II57w.roa
File: EAtnYMmt7FT9u5eTjqMaN6II57w.roa (raw, json)
Hash identifier: PQnVoWO8u8zev5t7Ntzsw4goNL8+R95qKgQnnlYlCt0=
Subject key identifier: 10:0B:67:60:C9:AD:EC:54:FD:BB:97:93:8E:A3:1A:37:A2:08:E7:BC
Certificate issuer: /CN=afb00b29396e78033edbacafef9850b1b0e35323
Certificate serial: 01857315C4479CECD8D8505D9F5406C10E75
Authority key identifier: AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/EAtnYMmt7FT9u5eTjqMaN6II57w.roa
Signing time: Mon 02 Jan 2023 15:24:44 +0000
ROA not before: Mon 02 Jan 2023 15:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206911
IP address blocks: 185.171.109.0/24 maxlen: 24
185.171.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:c4:47:9c:ec:d8:d8:50:5d:9f:54:06:c1:0e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb00b29396e78033edbacafef9850b1b0e35323
Validity
Not Before: Jan 2 15:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=100b6760c9adec54fdbb97938ea31a37a208e7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9b:5d:8d:58:64:ff:b0:af:16:81:6c:c4:93:
6a:0a:05:48:ad:d6:5b:10:ce:47:8f:97:0d:02:61:
bf:b0:27:b4:47:21:4d:f5:20:b5:de:e4:2c:b4:1e:
77:14:d0:eb:20:20:7e:24:2d:ef:c4:79:76:fa:1f:
f7:1c:27:0c:99:cb:3b:23:e3:92:64:d9:05:92:fc:
a6:c7:c7:68:2b:62:5b:61:34:40:5c:ca:8b:7c:4d:
dd:57:cc:0b:82:cd:2f:2f:59:7f:51:36:1b:03:c9:
6e:3f:f6:77:9d:8c:43:34:10:7f:8a:4b:fe:4c:b2:
1c:a7:b7:55:93:3e:3d:6a:79:c7:31:92:88:75:38:
9a:53:10:ea:c6:2b:46:96:b8:8e:dc:24:e7:53:1c:
b4:bf:da:0e:69:53:73:8d:57:ab:4c:db:bd:3e:51:
d3:b6:f7:24:f5:50:97:cd:76:22:5b:ca:f0:48:00:
1b:a3:ea:1b:23:a8:1d:f5:88:cc:f4:75:d9:47:0b:
e0:39:f9:22:aa:64:52:1f:8c:8e:be:8e:97:27:95:
e9:fc:e0:3c:fb:23:f7:96:a4:17:81:3e:ba:82:63:
09:4f:bc:0b:36:d2:df:91:ff:dd:7e:20:69:f2:09:
e1:d2:b5:bb:2a:7c:d6:09:32:c1:ec:e8:6e:da:80:
33:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0B:67:60:C9:AD:EC:54:FD:BB:97:93:8E:A3:1A:37:A2:08:E7:BC
X509v3 Authority Key Identifier:
keyid:AF:B0:0B:29:39:6E:78:03:3E:DB:AC:AF:EF:98:50:B1:B0:E3:53:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7ALKTlueAM-26yv75hQsbDjUyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/EAtnYMmt7FT9u5eTjqMaN6II57w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/e4ca56-1386-432c-96cb-65a9a4dfad9e/1/r7ALKTlueAM-26yv75hQsbDjUyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.108.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:98:12:76:81:aa:50:87:0f:fc:6e:68:f0:0d:73:06:2f:8a:
cb:ed:82:4a:bb:43:d0:3c:03:ce:44:d5:1e:e7:f3:84:8b:df:
0d:88:ff:d4:99:4d:0e:20:d3:f4:f2:af:5a:8f:8f:e0:a1:d2:
61:b4:16:0d:1c:7d:c9:a6:87:30:98:f0:bc:4c:c5:29:74:bf:
e1:1e:4a:a2:7f:d0:c5:b9:f6:f9:57:e5:39:f7:e5:db:92:f1:
77:90:3a:de:15:b3:ba:15:5c:92:a3:b5:46:57:eb:b8:76:63:
9d:3f:92:87:2b:aa:52:72:ac:46:77:dd:1f:8f:01:b0:8b:08:
ee:99:9b:9e:6d:77:3d:ab:94:ac:bc:e2:f6:77:f6:85:26:52:
9e:60:47:21:a2:02:fd:9c:d3:b7:7a:42:96:13:df:d3:22:d5:
37:e3:a0:06:d8:dc:3d:4c:39:68:9a:40:25:a4:0d:8f:64:c1:
8d:8f:b5:eb:a1:fc:10:8b:e8:a9:35:f6:91:bc:fe:f2:c2:bc:
c4:99:7c:11:97:bd:68:c7:94:27:97:c7:1a:44:36:03:6a:00:
20:03:15:74:3e:fe:af:b0:e4:77:5c:fb:32:fb:b0:d2:55:0d:
0a:c3:e1:3f:1f:6c:1e:ad:49:4e:84:ae:7f:9c:5c:70:c7:03:
85:d6:ef:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFcRHnOzY2FBdn1QGwQ51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjAwYjI5Mzk2ZTc4MDMzZWRiYWNhZmVmOTg1MGIxYjBl
MzUzMjMwHhcNMjMwMTAyMTUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDBiNjc2MGM5YWRlYzU0ZmRiYjk3OTM4ZWEzMWEzN2EyMDhlN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkptdjVhk/7CvFoFsxJNqCgVIrdZb
EM5Hj5cNAmG/sCe0RyFN9SC13uQstB53FNDrICB+JC3vxHl2+h/3HCcMmcs7I+OS
ZNkFkvymx8doK2JbYTRAXMqLfE3dV8wLgs0vL1l/UTYbA8luP/Z3nYxDNBB/ikv+
TLIcp7dVkz49annHMZKIdTiaUxDqxitGlriO3CTnUxy0v9oOaVNzjVerTNu9PlHT
tvck9VCXzXYiW8rwSAAbo+obI6gd9YjM9HXZRwvgOfkiqmRSH4yOvo6XJ5Xp/OA8
+yP3lqQXgT66gmMJT7wLNtLfkf/dfiBp8gnh0rW7KnzWCTLB7Ohu2oAzhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBALZ2DJrexU/buXk46jGjeiCOe8MB8GA1UdIwQY
MBaAFK+wCyk5bngDPtusr++YULGw41MjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2It
NjVhOWE0ZGZhZDllLzEvRUF0bllNbXQ3RlQ5dTVlVGpxTWFONklJNTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9lNGNhNTYtMTM4Ni00MzJjLTk2Y2ItNjVhOWE0ZGZhZDll
LzEvcjdBTEtUbHVlQU0tMjZ5djc1aFFzYkRqVXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuatsMA0G
CSqGSIb3DQEBCwUAA4IBAQChmBJ2gapQhw/8bmjwDXMGL4rL7YJKu0PQPAPORNUe
5/OEi98NiP/UmU0OINP08q9aj4/godJhtBYNHH3JpocwmPC8TMUpdL/hHkqif9DF
ufb5V+U59+XbkvF3kDreFbO6FVySo7VGV+u4dmOdP5KHK6pScqxGd90fjwGwiwju
mZuebXc9q5SsvOL2d/aFJlKeYEchogL9nNO3ekKWE9/TItU346AG2Nw9TDlomkAl
pA2PZMGNj7XrofwQi+ipNfaRvP7ywrzEmXwRl71ox5Qnl8caRDYDagAgAxV0Pv6v
sOR3XPsy+7DSVQ0Kw+E/H2werUlOhK5/nFxwxwOF1u+E
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:39:11 2025 by rpki-client