Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/JSkgYjLn4t_7bWZAu1xB7bIyw68.roa
File: JSkgYjLn4t_7bWZAu1xB7bIyw68.roa (raw, json)
Hash identifier: nZZJq7m04KoR4OV/rClineysuwFa6Hav+T1ZctlyhZE=
Subject key identifier: 25:29:20:62:32:E7:E2:DF:FB:6D:66:40:BB:5C:41:ED:B2:32:C3:AF
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 0183A6C92D3F091005103E485C4212137DFA
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/JSkgYjLn4t_7bWZAu1xB7bIyw68.roa
Signing time: Wed 05 Oct 2022 06:15:45 +0000
ROA not before: Wed 05 Oct 2022 06:15:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12414
IP address blocks: 217.26.96.0/20 maxlen: 20
82.139.64.0/18 maxlen: 24
185.117.108.0/22 maxlen: 22
5.199.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a6:c9:2d:3f:09:10:05:10:3e:48:5c:42:12:13:7d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Oct 5 06:15:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2529206232e7e2dffb6d6640bb5c41edb232c3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bd:85:70:13:13:8b:b7:61:56:6e:bf:44:db:
d2:fe:93:a6:02:12:b0:0b:f4:3c:9a:ee:41:5e:32:
ad:86:fd:74:5f:e2:90:bc:db:b8:fc:94:7a:21:15:
92:43:16:1d:7e:0a:c8:27:8d:ec:b9:06:14:83:ee:
52:e3:e3:21:69:a0:b6:cf:7d:83:7b:a2:6f:72:5d:
b5:d8:70:74:03:72:4e:2a:4c:1d:90:82:f9:d9:2b:
a5:a3:86:f9:71:ab:cc:ee:b4:bc:6e:c9:04:81:48:
49:af:2a:68:2a:67:41:b7:12:4e:a7:b3:85:69:9c:
87:11:ff:76:cb:b5:8c:66:3e:2d:63:1e:8d:d7:53:
1b:92:f8:a5:7d:dc:cb:7a:47:e7:de:26:e3:fb:47:
ae:39:0d:ab:18:7b:c8:fe:8b:fa:b0:4d:c1:0c:9b:
05:73:6c:f0:29:5a:9f:cf:33:30:69:65:88:c0:8a:
b5:c7:96:7c:f3:c2:ff:90:94:d5:4c:36:93:f5:13:
b1:a3:44:86:11:42:f9:b4:94:5d:d3:61:00:5c:52:
6a:55:d4:b5:78:3c:57:8a:10:b1:74:d2:33:95:d6:
bc:4b:46:33:3f:75:03:02:2f:38:01:d5:f9:f6:e4:
16:6b:ae:2a:3a:d8:29:aa:80:d3:a4:36:8b:33:38:
75:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:29:20:62:32:E7:E2:DF:FB:6D:66:40:BB:5C:41:ED:B2:32:C3:AF
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/JSkgYjLn4t_7bWZAu1xB7bIyw68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.144.0/20
82.139.64.0/18
185.117.108.0/22
217.26.96.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:02:51:c4:b3:04:8f:c1:c1:97:b5:a5:1a:92:f5:e4:07:ed:
a0:71:2b:17:0f:ba:c2:33:75:44:36:aa:df:e9:19:36:d7:cf:
9b:d1:bc:da:ba:7d:87:9c:2c:20:d5:68:86:f0:c3:08:ec:e5:
ca:5c:61:28:8f:f0:b5:42:02:e1:65:0a:b8:6f:19:2f:ba:e6:
2f:85:a0:8a:39:5a:88:d5:0e:fd:08:c2:69:f7:e4:2c:1a:56:
1c:c7:83:0d:cb:91:19:f9:2d:6c:b5:ea:79:d3:18:64:77:c6:
5e:fd:6f:a4:04:48:3d:dc:29:5b:e3:d1:5b:72:ac:3f:70:5c:
f9:d2:52:c5:df:71:06:8b:f2:7e:88:fa:d3:38:bc:35:ab:d4:
76:f2:b0:0d:dc:37:30:85:7c:3c:1d:dc:4c:b9:16:4a:9f:9a:
2b:e6:aa:82:48:bf:db:b2:e6:fd:62:8b:ed:55:15:a3:d6:96:
ea:21:64:35:7c:fa:15:e4:30:08:df:cc:2f:2a:b0:19:e8:e3:
66:dc:95:a7:b8:92:9c:f1:c2:ac:53:5d:99:47:05:e9:28:1c:
13:19:9f:9c:11:31:4d:94:a9:db:3d:e5:69:51:a0:eb:a1:65:
b8:ae:83:5c:ab:43:25:4c:4b:b7:62:43:43:46:80:3f:24:bd:
75:af:0b:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOmyS0/CRAFED5IXEISE336MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjIxMDA1MDYxNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI5MjA2MjMyZTdlMmRmZmI2ZDY2NDBiYjVjNDFlZGIyMzJjM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir2FcBMTi7dhVm6/RNvS/pOmAhKw
C/Q8mu5BXjKthv10X+KQvNu4/JR6IRWSQxYdfgrIJ43suQYUg+5S4+MhaaC2z32D
e6Jvcl212HB0A3JOKkwdkIL52Sulo4b5cavM7rS8bskEgUhJrypoKmdBtxJOp7OF
aZyHEf92y7WMZj4tYx6N11MbkvilfdzLekfn3ibj+0euOQ2rGHvI/ov6sE3BDJsF
c2zwKVqfzzMwaWWIwIq1x5Z888L/kJTVTDaT9ROxo0SGEUL5tJRd02EAXFJqVdS1
eDxXihCxdNIzlda8S0YzP3UDAi84AdX59uQWa64qOtgpqoDTpDaLMzh1twIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCUpIGIy5+Lf+21mQLtcQe2yMsOvMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvSlNrZ1lqTG40dF83YldaQXUxeEI3Ykl5dzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEBceQAwQG
UotAAwQCuXVsAwQE2RpgMA0GCSqGSIb3DQEBCwUAA4IBAQCtAlHEswSPwcGXtaUa
kvXkB+2gcSsXD7rCM3VENqrf6Rk218+b0bzaun2HnCwg1WiG8MMI7OXKXGEoj/C1
QgLhZQq4bxkvuuYvhaCKOVqI1Q79CMJp9+QsGlYcx4MNy5EZ+S1step50xhkd8Ze
/W+kBEg93Clb49Fbcqw/cFz50lLF33EGi/J+iPrTOLw1q9R28rAN3DcwhXw8HdxM
uRZKn5or5qqCSL/bsub9YovtVRWj1pbqIWQ1fPoV5DAI38wvKrAZ6ONm3JWnuJKc
8cKsU12ZRwXpKBwTGZ+cETFNlKnbPeVpUaDroWW4roNcq0MlTEu3YkNDRoA/JL11
rwui
-----END CERTIFICATE-----
Generated at Sat May 10 19:52:53 2025 by rpki-client