Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JKFEGc51b5Ar1vaorwGC1ErIwN4.roa
File: JKFEGc51b5Ar1vaorwGC1ErIwN4.roa (raw, json)
Hash identifier: sRLSN5Kloc4pxD4PKWwhV0ThdF7F3RlUnCvBdr01on8=
Subject key identifier: 24:A1:44:19:CE:75:6F:90:2B:D6:F6:A8:AF:01:82:D4:4A:C8:C0:DE
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018A8FBD1DD0A27DD73F3FE69BCE6468CFC1
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JKFEGc51b5Ar1vaorwGC1ErIwN4.roa
Signing time: Wed 13 Sep 2023 18:10:50 +0000
ROA not before: Wed 13 Sep 2023 18:10:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.21.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8f:bd:1d:d0:a2:7d:d7:3f:3f:e6:9b:ce:64:68:cf:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 13 18:10:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24a14419ce756f902bd6f6a8af0182d44ac8c0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:7c:9b:5f:49:d5:7e:cf:a4:9d:e4:07:16:
1a:72:ba:4f:40:e2:f0:f9:d1:df:e9:69:59:a9:1d:
b9:6b:9d:0e:9d:cf:c5:8a:a8:ff:d3:5a:b1:27:2c:
e9:5e:07:41:c5:64:0d:2a:69:08:99:b7:78:f2:53:
a2:9e:3d:28:48:45:2d:5e:25:d1:bd:91:f8:35:29:
bf:31:7e:08:bd:b9:e6:2e:63:5f:7f:74:bf:29:c3:
32:9e:7d:2c:2d:33:a8:ef:30:65:67:87:20:84:09:
6c:09:e4:d0:70:b0:08:40:bc:26:5b:27:29:0c:53:
df:e0:66:86:0a:a3:f0:5e:05:20:1e:e2:20:b6:e8:
48:b5:64:8b:f4:2e:0f:6b:9e:0c:fb:b4:21:8a:68:
3f:47:20:87:62:01:6e:6f:9d:df:cf:9a:bc:94:c8:
c5:26:70:2e:d6:04:81:12:df:c9:04:38:56:58:c7:
19:dd:58:d0:2d:b7:14:84:96:e2:b1:64:4d:e3:87:
1e:af:5e:fd:9d:b1:0a:d6:47:98:75:57:2c:91:5d:
1b:3a:59:12:3a:c7:66:57:37:ac:31:1b:5d:53:5f:
10:77:a0:30:8e:82:4a:34:9d:d5:9a:8c:81:06:9c:
a9:f6:1e:8a:9b:7f:df:71:6d:1b:b2:85:d5:6b:f4:
93:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A1:44:19:CE:75:6F:90:2B:D6:F6:A8:AF:01:82:D4:4A:C8:C0:DE
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JKFEGc51b5Ar1vaorwGC1ErIwN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.252.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:de:05:ad:30:cf:c1:ee:a9:91:57:80:4a:58:e5:13:95:8a:
43:a6:5a:da:55:7f:85:4a:99:47:3b:39:7c:9b:6e:87:33:07:
63:26:7d:fc:da:aa:88:2f:cc:68:13:a5:09:64:50:61:61:10:
4d:5c:27:ba:66:0d:c7:24:66:78:12:92:7e:69:d8:8d:d6:44:
38:16:fd:cb:19:bf:45:17:b6:1c:6e:33:45:32:0a:6e:db:3f:
9c:11:a5:97:e1:0d:66:b5:1a:d2:ad:f2:d3:c2:62:85:ee:ba:
f2:c5:93:31:42:fe:f7:2a:8b:8e:38:38:48:54:31:e4:24:8a:
23:b8:c4:c6:3c:94:b6:3e:2d:01:8a:a0:e8:88:dc:91:65:d8:
f2:91:33:d5:94:08:73:f3:89:dc:c7:04:0c:4c:a7:62:6f:67:
c8:1d:b6:5d:77:d8:6b:85:6a:f0:06:a5:94:e3:28:32:1c:14:
c9:71:b8:a3:1d:90:f7:ff:65:c9:3d:c8:47:76:6e:18:04:aa:
ce:ff:dd:2f:2d:ae:df:7c:be:e8:8d:0f:d3:ce:b5:99:9d:06:
f0:c4:8e:85:9e:e7:f2:26:9e:74:10:44:d1:94:76:b9:49:0d:
05:43:ab:e1:c3:8f:1d:ee:72:b8:b3:ff:95:27:af:e8:15:d2:
bd:6b:41:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqPvR3Qon3XPz/mm85kaM/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTEzMTgxMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGExNDQxOWNlNzU2ZjkwMmJkNmY2YThhZjAxODJkNDRhYzhjMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/J8m19J1X7PpJ3kBxYacrpPQOLw
+dHf6WlZqR25a50Onc/Fiqj/01qxJyzpXgdBxWQNKmkImbd48lOinj0oSEUtXiXR
vZH4NSm/MX4IvbnmLmNff3S/KcMynn0sLTOo7zBlZ4cghAlsCeTQcLAIQLwmWycp
DFPf4GaGCqPwXgUgHuIgtuhItWSL9C4Pa54M+7Qhimg/RyCHYgFub53fz5q8lMjF
JnAu1gSBEt/JBDhWWMcZ3VjQLbcUhJbisWRN44cer179nbEK1keYdVcskV0bOlkS
OsdmVzesMRtdU18Qd6AwjoJKNJ3VmoyBBpyp9h6Km3/fcW0bsoXVa/STLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCShRBnOdW+QK9b2qK8BgtRKyMDeMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSktGRUdjNTFiNUFyMXZhb3J3R0MxRXJJd040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRX8MA0G
CSqGSIb3DQEBCwUAA4IBAQAd3gWtMM/B7qmRV4BKWOUTlYpDplraVX+FSplHOzl8
m26HMwdjJn382qqIL8xoE6UJZFBhYRBNXCe6Zg3HJGZ4EpJ+adiN1kQ4Fv3LGb9F
F7YcbjNFMgpu2z+cEaWX4Q1mtRrSrfLTwmKF7rryxZMxQv73KouOODhIVDHkJIoj
uMTGPJS2Pi0BiqDoiNyRZdjykTPVlAhz84ncxwQMTKdib2fIHbZdd9hrhWrwBqWU
4ygyHBTJcbijHZD3/2XJPchHdm4YBKrO/90vLa7ffL7ojQ/TzrWZnQbwxI6Fnufy
Jp50EETRlHa5SQ0FQ6vhw48d7nK4s/+VJ6/oFdK9a0Hc
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:16 2025 by rpki-client