Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JoApVcmKs9e9IO3ePPqxnMuDClE.roa
File: JoApVcmKs9e9IO3ePPqxnMuDClE.roa (raw, json)
Hash identifier: mHolntX+FYgOHSNCQFg2WcPZ5Zrwib35bVgShuK2f+Q=
Subject key identifier: 26:80:29:55:C9:8A:B3:D7:BD:20:ED:DE:3C:FA:B1:9C:CB:83:0A:51
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018456E2F2FC4213B851CC96455F7ED2A010
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JoApVcmKs9e9IO3ePPqxnMuDClE.roa
Signing time: Tue 08 Nov 2022 10:57:04 +0000
ROA not before: Tue 08 Nov 2022 10:57:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 192.124.191.0/24 maxlen: 24
192.124.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:e2:f2:fc:42:13:b8:51:cc:96:45:5f:7e:d2:a0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 8 10:57:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26802955c98ab3d7bd20edde3cfab19ccb830a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:4e:ea:57:d4:46:64:3d:33:c6:f3:d2:7f:
28:78:46:4e:7b:1a:a4:c7:ba:9d:67:a9:85:d1:71:
54:f9:66:c2:28:1b:b7:20:37:61:39:fc:b3:25:75:
ae:59:c7:73:41:25:d2:a7:1f:ec:02:60:44:1b:db:
53:3c:a5:d3:b6:84:72:cc:53:4e:8e:e7:58:3c:d3:
d2:82:3a:e2:9a:e2:2c:7f:c3:d8:dd:2d:5d:81:c7:
55:5f:f0:7f:aa:e4:0e:9a:98:20:4f:3b:cb:8c:27:
4e:6e:37:09:9b:09:12:00:b2:a9:4e:be:94:6f:a0:
71:4e:f3:84:e1:99:d6:9e:29:e3:0c:e7:e6:83:36:
f5:1a:59:ad:ba:86:92:f1:73:01:6f:4c:ba:8c:a8:
f1:75:34:d5:86:6b:9d:6f:2c:54:cb:c5:24:dd:8b:
3f:a8:cf:27:41:5e:b3:0e:b5:26:dc:69:54:34:b4:
b7:83:f9:82:a6:d9:2a:33:e1:c2:32:1a:7d:c9:20:
57:26:cd:3c:21:2f:9d:97:88:be:46:fb:39:ad:68:
99:79:57:11:ba:ab:5e:79:dd:9c:fb:bf:9f:69:24:
2f:c0:7f:47:32:98:a3:f4:46:a2:94:a0:1b:69:a2:
ff:93:cf:0b:49:64:d2:1b:ca:86:a3:1b:9e:fa:a2:
2e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:80:29:55:C9:8A:B3:D7:BD:20:ED:DE:3C:FA:B1:9C:CB:83:0A:51
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/JoApVcmKs9e9IO3ePPqxnMuDClE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.189.0/24
192.124.191.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:01:05:64:c0:f6:46:4a:1f:bf:6f:28:72:05:cb:8b:95:c2:
88:54:e5:96:bb:36:5e:0f:ac:63:77:cb:bc:93:e0:f5:8e:58:
db:af:d2:d1:00:1f:75:73:5f:df:20:c0:c4:f4:0b:b8:46:80:
4f:93:df:6d:39:34:9a:96:c8:26:2f:1e:7e:b6:f1:67:e4:82:
d4:04:1a:c1:34:72:9f:c6:a2:8b:c5:84:ca:85:67:d8:f7:61:
dd:04:91:9a:7b:9a:89:08:ec:c2:a5:b9:8c:1d:a0:df:86:ee:
81:4c:9c:62:c2:b4:3b:c5:a6:45:e6:65:97:47:01:cf:ce:d6:
dd:61:20:c0:b7:d3:78:43:76:04:63:14:f6:0b:d8:cb:02:f0:
96:7d:15:d3:ce:8a:67:4a:50:14:87:30:44:17:76:5d:17:e7:
e6:fd:d8:0c:26:3b:8b:74:eb:65:76:9a:44:1d:a2:15:0f:93:
6f:64:a7:5a:61:a2:fb:a3:99:75:e1:d0:16:9e:72:d6:eb:1e:
68:a3:68:3b:91:4d:47:f9:83:77:13:39:ba:a6:ba:f8:07:47:
55:26:f0:a0:ce:6d:c4:7e:47:35:91:1a:01:e7:71:7b:66:28:
70:ee:b3:04:1a:3b:a0:06:3f:a2:46:50:a3:7f:9e:5d:94:1f:
0a:75:c0:de
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRW4vL8QhO4UcyWRV9+0qAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMTA4MTA1NzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgwMjk1NWM5OGFiM2Q3YmQyMGVkZGUzY2ZhYjE5Y2NiODMwYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVdO6lfURmQ9M8bz0n8oeEZOexqk
x7qdZ6mF0XFU+WbCKBu3IDdhOfyzJXWuWcdzQSXSpx/sAmBEG9tTPKXTtoRyzFNO
judYPNPSgjrimuIsf8PY3S1dgcdVX/B/quQOmpggTzvLjCdObjcJmwkSALKpTr6U
b6BxTvOE4ZnWninjDOfmgzb1GlmtuoaS8XMBb0y6jKjxdTTVhmudbyxUy8Uk3Ys/
qM8nQV6zDrUm3GlUNLS3g/mCptkqM+HCMhp9ySBXJs08IS+dl4i+Rvs5rWiZeVcR
uqteed2c+7+faSQvwH9HMpij9EailKAbaaL/k88LSWTSG8qGoxue+qIunwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCaAKVXJirPXvSDt3jz6sZzLgwpRMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSm9BcFZjbUtzOWU5SU8zZVBQcXhuTXVEQ2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwHy9AwQA
wHy/MA0GCSqGSIb3DQEBCwUAA4IBAQB6AQVkwPZGSh+/byhyBcuLlcKIVOWWuzZe
D6xjd8u8k+D1jljbr9LRAB91c1/fIMDE9Au4RoBPk99tOTSalsgmLx5+tvFn5ILU
BBrBNHKfxqKLxYTKhWfY92HdBJGae5qJCOzCpbmMHaDfhu6BTJxiwrQ7xaZF5mWX
RwHPztbdYSDAt9N4Q3YEYxT2C9jLAvCWfRXTzopnSlAUhzBEF3ZdF+fm/dgMJjuL
dOtldppEHaIVD5NvZKdaYaL7o5l14dAWnnLW6x5oo2g7kU1H+YN3Ezm6prr4B0dV
JvCgzm3Efkc1kRoB53F7Zihw7rMEGjugBj+iRlCjf55dlB8KdcDe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:00 2023 by rpki-client on console-fra.rpki-client.org