Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/jb_vFFjAhH2_s3HMx0WD8xe6w7k.roa
File: jb_vFFjAhH2_s3HMx0WD8xe6w7k.roa (raw, json)
Hash identifier: xeqIBGPJ9qienuYy6uvb+3hQPbJlt8lZRoWN/pW56OM=
Subject key identifier: 8D:BF:EF:14:58:C0:84:7D:BF:B3:71:CC:C7:45:83:F3:17:BA:C3:B9
Certificate issuer: /CN=3eb903284a1d15dc158ad7182ea0bce786ceb2ad
Certificate serial: 0193CED715862F0F0BD939B70C8A5C790F99
Authority key identifier: 3E:B9:03:28:4A:1D:15:DC:15:8A:D7:18:2E:A0:BC:E7:86:CE:B2:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrkDKEodFdwVitcYLqC854bOsq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/jb_vFFjAhH2_s3HMx0WD8xe6w7k.roa
Signing time: Mon 16 Dec 2024 09:40:22 +0000
ROA not before: Mon 16 Dec 2024 09:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8865
IP address blocks: 37.128.152.0/21 maxlen: 21
212.33.64.0/19 maxlen: 19
2a02:1770::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:d7:15:86:2f:0f:0b:d9:39:b7:0c:8a:5c:79:0f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb903284a1d15dc158ad7182ea0bce786ceb2ad
Validity
Not Before: Dec 16 09:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dbfef1458c0847dbfb371ccc74583f317bac3b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:26:79:16:d2:26:ad:83:59:76:f8:00:ea:c0:
77:a8:99:42:83:6f:ec:0f:51:5b:f6:21:8e:ca:cb:
33:55:4a:96:06:24:7d:71:f2:e6:39:70:da:c8:cc:
6d:17:50:bb:20:32:b7:53:72:aa:dd:10:c7:ba:80:
8b:62:21:6c:53:ec:f2:eb:58:48:2c:8d:11:fa:8a:
6c:9c:73:79:71:1f:f8:bf:9a:75:11:f7:22:6d:7b:
f9:b9:98:00:9e:a4:40:28:a2:c2:64:a1:b9:59:48:
e2:59:26:18:3e:4e:35:95:4e:b3:a4:23:b3:47:6d:
1d:fb:5e:a2:47:fe:ba:68:ea:c6:20:07:ac:7c:eb:
3b:10:56:aa:e2:09:a4:08:d6:ba:ab:78:3e:78:21:
6e:e2:42:29:13:97:d6:d9:38:92:6a:91:a6:e2:0c:
a5:9c:b7:d6:e2:f0:13:7f:cd:06:bf:6d:f3:19:63:
f9:5d:c0:0d:c0:dd:8c:c3:e0:73:06:bd:57:7e:e6:
53:8a:c3:1c:b0:96:74:ac:e3:fb:ba:33:b4:95:81:
1b:ba:f6:f9:49:63:d9:2d:f1:88:b0:e3:6b:38:9f:
b1:b5:8c:2f:0f:49:45:fe:aa:83:64:2a:bb:82:b0:
fd:cf:e7:a7:29:26:79:bc:15:b2:a7:5e:6b:c5:35:
21:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BF:EF:14:58:C0:84:7D:BF:B3:71:CC:C7:45:83:F3:17:BA:C3:B9
X509v3 Authority Key Identifier:
keyid:3E:B9:03:28:4A:1D:15:DC:15:8A:D7:18:2E:A0:BC:E7:86:CE:B2:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrkDKEodFdwVitcYLqC854bOsq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/jb_vFFjAhH2_s3HMx0WD8xe6w7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/92ea9f-b12e-4dd5-9bd3-b77dc8dc1c7e/1/PrkDKEodFdwVitcYLqC854bOsq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.152.0/21
212.33.64.0/19
IPv6:
2a02:1770::/33
Signature Algorithm: sha256WithRSAEncryption
4c:ae:c0:22:2d:65:9e:a6:f7:42:78:00:1d:c4:4f:6e:f2:eb:
e7:56:07:34:42:57:e9:15:6f:09:7c:49:34:fb:20:7c:f8:f6:
b1:ff:6e:97:27:e8:8a:7c:3c:20:c9:4d:a1:9e:3c:98:f3:b1:
cb:56:5d:6e:61:73:92:1b:3a:ff:72:bd:e0:19:3a:d1:cb:ca:
1a:81:67:9a:bc:8d:50:38:b1:31:85:d9:1a:26:a8:5b:33:0a:
06:51:ef:b5:b7:a4:80:b6:f8:8d:f9:a3:02:e4:39:c9:7c:53:
e8:0c:6f:2c:e9:6f:78:a1:54:cd:3f:a1:52:a7:2e:60:97:2e:
94:2c:f1:84:80:b2:36:98:6c:61:31:de:ff:bd:80:d8:6c:3b:
28:cf:33:44:98:55:25:a1:b2:f1:db:57:ec:7d:d5:17:74:9c:
4d:2a:05:28:5a:17:56:16:9b:e8:70:cb:a3:16:ff:9f:bd:5a:
65:bd:b8:89:e9:28:54:e7:9c:cf:8f:12:b2:2a:88:4a:29:72:
a8:17:3c:d2:74:78:9a:db:60:31:c8:1e:c6:8c:49:14:f4:e1:
23:f2:34:ce:45:b1:37:21:a7:f0:ee:35:f9:c4:0e:5e:40:d4:
3e:0d:b0:32:c4:9f:ce:44:54:67:c3:16:5e:56:d5:ec:d0:eb:
fa:6e:b6:b3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZPO1xWGLw8L2Tm3DIpceQ+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjkwMzI4NGExZDE1ZGMxNThhZDcxODJlYTBiY2U3ODZj
ZWIyYWQwHhcNMjQxMjE2MDk0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJmZWYxNDU4YzA4NDdkYmZiMzcxY2NjNzQ1ODNmMzE3YmFjM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCZ5FtImrYNZdvgA6sB3qJlCg2/s
D1Fb9iGOysszVUqWBiR9cfLmOXDayMxtF1C7IDK3U3Kq3RDHuoCLYiFsU+zy61hI
LI0R+opsnHN5cR/4v5p1EfcibXv5uZgAnqRAKKLCZKG5WUjiWSYYPk41lU6zpCOz
R20d+16iR/66aOrGIAesfOs7EFaq4gmkCNa6q3g+eCFu4kIpE5fW2TiSapGm4gyl
nLfW4vATf80Gv23zGWP5XcANwN2Mw+BzBr1XfuZTisMcsJZ0rOP7ujO0lYEbuvb5
SWPZLfGIsONrOJ+xtYwvD0lF/qqDZCq7grD9z+enKSZ5vBWyp15rxTUhjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFI2/7xRYwIR9v7NxzMdFg/MXusO5MB8GA1UdIwQY
MBaAFD65AyhKHRXcFYrXGC6gvOeGzrKtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJrREtFb2RGZHdWaXRjWUxxQzg1NGJPc3EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85MmVhOWYtYjEyZS00ZGQ1LTliZDMt
Yjc3ZGM4ZGMxYzdlLzEvamJfdkZGakFoSDJfczNITXgwV0Q4eGU2dzdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85MmVhOWYtYjEyZS00ZGQ1LTliZDMtYjc3ZGM4ZGMxYzdl
LzEvUHJrREtFb2RGZHdWaXRjWUxxQzg1NGJPc3EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDJYCYAwQF
1CFAMA4EAgACMAgDBgcqAhdwADANBgkqhkiG9w0BAQsFAAOCAQEATK7AIi1lnqb3
QngAHcRPbvLr51YHNEJX6RVvCXxJNPsgfPj2sf9ulyfoinw8IMlNoZ48mPOxy1Zd
bmFzkhs6/3K94Bk60cvKGoFnmryNUDixMYXZGiaoWzMKBlHvtbekgLb4jfmjAuQ5
yXxT6AxvLOlveKFUzT+hUqcuYJculCzxhICyNphsYTHe/72A2Gw7KM8zRJhVJaGy
8dtX7H3VF3ScTSoFKFoXVhab6HDLoxb/n71aZb24iekoVOecz48SsiqISilyqBc8
0nR4mttgMcgexoxJFPThI/I0zkWxNyGn8O41+cQOXkDUPg2wMsSfzkRUZ8MWXlbV
7NDr+m62sw==
-----END CERTIFICATE-----
Generated at Tue Jul 29 03:25:25 2025 by rpki-client