Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/JOHZAuRwKkJbgBKXmcyH__Zm_nc.roa
File: JOHZAuRwKkJbgBKXmcyH__Zm_nc.roa (raw, json)
Hash identifier: PVHIU/2QuWeBuOG+BjkRMyMhYWGeEdFm9Loz7cJMtZo=
Subject key identifier: 24:E1:D9:02:E4:70:2A:42:5B:80:12:97:99:CC:87:FF:F6:66:FE:77
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018C1AB9EE502DD956075BE43B6702625E19
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/JOHZAuRwKkJbgBKXmcyH__Zm_nc.roa
Signing time: Wed 29 Nov 2023 10:57:21 +0000
ROA not before: Wed 29 Nov 2023 10:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201917
IP address blocks: 37.25.128.0/17 maxlen: 24
46.108.0.0/16 maxlen: 24
195.232.128.0/17 maxlen: 24
46.190.128.0/17 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:b9:ee:50:2d:d9:56:07:5b:e4:3b:67:02:62:5e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 29 10:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e1d902e4702a425b80129799cc87fff666fe77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:63:bd:2e:66:8b:af:63:84:99:c4:46:dc:
4d:38:e2:c4:84:52:91:de:3d:63:0a:1c:89:d7:50:
35:fe:4a:4e:a7:ce:85:01:04:53:71:45:98:22:f3:
fc:a1:2c:af:a4:cd:1f:8f:43:88:f6:1a:02:7d:6d:
2c:c9:17:7a:12:2d:9b:1d:5a:6d:10:0c:aa:7e:3c:
05:02:6b:4d:af:b7:4a:a3:81:cf:e3:a7:d6:40:a0:
7f:c2:5d:b4:85:0f:93:1a:8a:53:0b:da:e6:70:3b:
3c:23:d9:dc:69:74:f7:3a:d1:5a:09:72:0e:d3:f0:
17:d2:b0:ef:e2:ea:0a:a6:b5:53:a1:b0:09:b6:b4:
10:ac:31:ba:71:4a:14:20:3d:86:08:1c:78:f8:ca:
0b:7b:43:4b:8e:7a:b3:a7:f0:e4:69:b3:f0:b3:05:
0a:2c:fa:d7:e1:b7:0d:13:1a:35:c0:d0:d5:ea:4d:
50:50:5f:87:43:91:f5:a7:df:42:50:e9:09:64:80:
9a:cd:51:9c:6c:6d:7c:b2:16:08:cf:72:66:f4:f9:
94:15:e8:8c:60:1e:19:e7:08:a2:09:60:50:f6:b3:
25:2c:c2:35:d0:1c:f6:3e:44:fa:a0:7e:df:b6:a9:
23:c4:71:13:fd:87:53:f8:0b:01:68:f3:5f:7c:23:
05:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E1:D9:02:E4:70:2A:42:5B:80:12:97:99:CC:87:FF:F6:66:FE:77
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/JOHZAuRwKkJbgBKXmcyH__Zm_nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
46.108.0.0/16
46.190.128.0/17
139.47.192.0/18
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
5a:b7:bf:a1:0a:f5:4b:f6:9a:e4:ec:72:d5:8d:0a:2f:a6:37:
a7:78:5c:57:b2:a4:0f:d3:05:d7:10:d9:31:bf:b4:c0:81:75:
cc:95:9d:28:a9:77:1e:a6:be:81:82:6b:b3:9b:ed:e2:20:24:
7c:e0:79:cc:f6:1d:ba:37:1b:f9:73:fd:45:7c:4d:c6:bf:6a:
51:df:c8:3a:09:43:93:64:c1:0c:81:7d:71:aa:83:8a:b8:17:
ed:a5:5f:27:ac:42:4b:52:2c:93:b2:c4:68:2e:e0:8f:d2:b4:
46:2d:78:e4:c8:fb:4b:21:32:ae:57:79:1a:a7:5f:30:6c:69:
33:dc:e1:2c:78:4f:01:d8:57:af:e1:bc:6d:83:40:44:2b:74:
4d:c2:8d:e9:58:43:76:81:ae:ae:91:f7:52:d3:c0:02:ee:12:
a1:de:f1:ba:9a:b7:c6:35:26:a5:27:e6:f5:c7:dc:7c:e2:ac:
be:e3:4e:83:33:f7:26:7c:78:a8:59:fe:2d:97:ec:b4:57:42:
7f:a1:d6:de:af:df:f0:d1:bd:32:8b:8e:e5:97:2e:1f:13:30:
d8:22:ee:64:37:9a:5f:c8:19:6e:ac:2a:6e:1f:a9:82:d9:42:
c5:b7:b9:ba:77:31:4c:ae:45:df:02:e2:e0:5c:27:a0:ca:c4:
e9:e4:0b:b2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwaue5QLdlWB1vkO2cCYl4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTI5MTA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGUxZDkwMmU0NzAyYTQyNWI4MDEyOTc5OWNjODdmZmY2NjZmZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAVjvS5mi69jhJnERtxNOOLEhFKR
3j1jChyJ11A1/kpOp86FAQRTcUWYIvP8oSyvpM0fj0OI9hoCfW0syRd6Ei2bHVpt
EAyqfjwFAmtNr7dKo4HP46fWQKB/wl20hQ+TGopTC9rmcDs8I9ncaXT3OtFaCXIO
0/AX0rDv4uoKprVTobAJtrQQrDG6cUoUID2GCBx4+MoLe0NLjnqzp/DkabPwswUK
LPrX4bcNExo1wNDV6k1QUF+HQ5H1p99CUOkJZICazVGcbG18shYIz3Jm9PmUFeiM
YB4Z5wiiCWBQ9rMlLMI10Bz2PkT6oH7ftqkjxHET/YdT+AsBaPNffCMFUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCTh2QLkcCpCW4ASl5nMh//2Zv53MB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvSk9IWkF1UndLa0piZ0JLWG1jeUhfX1ptX25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQHJRmAAwMA
LmwDBAcuvoADBAaLL8AwCwMEB8PogAMDAcPoMA0GCSqGSIb3DQEBCwUAA4IBAQBa
t7+hCvVL9prk7HLVjQovpjeneFxXsqQP0wXXENkxv7TAgXXMlZ0oqXcepr6Bgmuz
m+3iICR84HnM9h26Nxv5c/1FfE3Gv2pR38g6CUOTZMEMgX1xqoOKuBftpV8nrEJL
UiyTssRoLuCP0rRGLXjkyPtLITKuV3kap18wbGkz3OEseE8B2Fev4bxtg0BEK3RN
wo3pWEN2ga6ukfdS08AC7hKh3vG6mrfGNSalJ+b1x9x84qy+406DM/cmfHioWf4t
l+y0V0J/odber9/w0b0yi47lly4fEzDYIu5kN5pfyBlurCpuH6mC2ULFt7m6dzFM
rkXfAuLgXCegysTp5Auy
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:16:03 2025 by rpki-client