Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/JUErfmEFtU07HLNld-mw4p7aeq8.roa
File: JUErfmEFtU07HLNld-mw4p7aeq8.roa (raw, json)
Hash identifier: yhb+VlbXnOBBx9h8IjX5XBAK35qmXQZSpMYw/SM92NY=
Subject key identifier: 25:41:2B:7E:61:05:B5:4D:3B:1C:B3:65:77:E9:B0:E2:9E:DA:7A:AF
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018571B0FB80066891FA02EA8F79A6BC050B
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/JUErfmEFtU07HLNld-mw4p7aeq8.roa
Signing time: Mon 02 Jan 2023 08:55:02 +0000
ROA not before: Mon 02 Jan 2023 08:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51441
IP address blocks: 89.46.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:fb:80:06:68:91:fa:02:ea:8f:79:a6:bc:05:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 2 08:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25412b7e6105b54d3b1cb36577e9b0e29eda7aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e0:bc:15:be:be:b9:84:95:32:f8:ac:42:26:
ce:45:b0:b7:c0:e7:2e:e0:a2:c8:b6:0b:bf:b4:06:
1b:07:03:7c:97:60:7e:df:8c:8a:f5:04:40:82:98:
b4:d1:2e:82:b7:e4:36:1f:6a:8c:c1:62:60:e7:08:
a4:02:09:d4:f5:eb:b5:a2:a0:4f:37:bf:29:f5:08:
50:6a:a3:69:b4:27:58:e4:34:3b:d7:12:8a:4e:7b:
98:c4:de:a8:0d:2f:77:a1:2d:98:f7:b7:8c:4d:5c:
ae:b4:52:47:01:60:42:b5:1a:f3:1f:35:90:33:74:
8b:77:ee:92:b5:6c:0a:ed:d5:05:e6:52:4e:2a:8d:
a0:e6:6d:7c:98:ba:93:23:a1:e6:ac:82:18:94:37:
42:48:24:a2:af:d7:43:fc:43:d4:02:c0:87:42:57:
31:6a:03:62:85:66:9e:43:70:f7:6d:d1:ee:13:b8:
6e:8d:31:66:1a:cc:02:e6:9e:16:c5:bf:a3:e5:9c:
e3:45:6a:94:7a:25:c8:06:83:34:8f:5c:ba:f7:b4:
7d:8c:71:ff:ba:07:07:ad:b4:e5:39:af:6a:7c:7d:
d2:3e:83:0c:a7:3a:5b:6d:04:c0:d7:97:49:ed:66:
14:ed:37:c6:00:ef:39:15:ff:a7:ef:ad:c1:4b:81:
2c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:41:2B:7E:61:05:B5:4D:3B:1C:B3:65:77:E9:B0:E2:9E:DA:7A:AF
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/JUErfmEFtU07HLNld-mw4p7aeq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.244.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:9e:f7:fd:10:a3:25:a1:8a:5f:ac:71:4f:02:7e:7c:5f:75:
dd:6f:de:d0:0e:4c:c1:f8:5a:7a:23:77:cd:3c:70:e1:69:05:
1b:e9:79:79:13:1a:a3:ce:13:97:18:c8:8c:24:09:e4:87:35:
ff:4b:b0:4f:48:ef:7b:f6:10:db:26:33:df:6c:60:10:d7:8e:
c4:95:11:41:cc:7b:2d:79:18:ab:d0:85:d2:78:34:3d:5c:bf:
ab:5e:c7:c5:d7:35:b4:1f:0a:c1:ba:42:e7:86:d1:e8:1a:4e:
ed:a9:f2:31:be:02:35:69:a0:ca:34:02:8d:a0:c4:16:34:64:
04:73:2d:d2:85:6e:cb:c3:e9:20:d2:8c:be:72:57:6c:4d:be:
9c:3f:dc:93:f9:4f:11:fa:a7:71:a2:37:12:f4:bb:98:a4:17:
af:cb:fb:f2:df:69:c8:fa:fa:52:68:f7:6e:bb:3f:16:6f:72:
e8:68:dd:84:6e:e1:7e:a1:13:56:2b:61:c6:8e:6b:e4:0a:35:
1d:3f:f1:13:18:cc:65:c0:eb:c6:f3:12:5e:06:60:f8:aa:a7:
3a:f9:57:c0:4f:ce:a8:e1:fb:59:ee:68:62:fe:20:85:bb:9b:
85:f2:cb:23:20:c0:b7:f4:48:d2:a8:30:23:13:5f:4e:88:e7:
e0:64:f6:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPuABmiR+gLqj3mmvAULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjMwMTAyMDg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQxMmI3ZTYxMDViNTRkM2IxY2IzNjU3N2U5YjBlMjllZGE3YWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveC8Fb6+uYSVMvisQibORbC3wOcu
4KLItgu/tAYbBwN8l2B+34yK9QRAgpi00S6Ct+Q2H2qMwWJg5wikAgnU9eu1oqBP
N78p9QhQaqNptCdY5DQ71xKKTnuYxN6oDS93oS2Y97eMTVyutFJHAWBCtRrzHzWQ
M3SLd+6StWwK7dUF5lJOKo2g5m18mLqTI6HmrIIYlDdCSCSir9dD/EPUAsCHQlcx
agNihWaeQ3D3bdHuE7hujTFmGswC5p4Wxb+j5ZzjRWqUeiXIBoM0j1y697R9jHH/
ugcHrbTlOa9qfH3SPoMMpzpbbQTA15dJ7WYU7TfGAO85Ff+n763BS4EstwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVBK35hBbVNOxyzZXfpsOKe2nqvMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvSlVFcmZtRUZ0VTA3SExObGQtbXc0cDdhZXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS70MA0G
CSqGSIb3DQEBCwUAA4IBAQBanvf9EKMloYpfrHFPAn58X3Xdb97QDkzB+Fp6I3fN
PHDhaQUb6Xl5ExqjzhOXGMiMJAnkhzX/S7BPSO979hDbJjPfbGAQ147ElRFBzHst
eRir0IXSeDQ9XL+rXsfF1zW0HwrBukLnhtHoGk7tqfIxvgI1aaDKNAKNoMQWNGQE
cy3ShW7Lw+kg0oy+cldsTb6cP9yT+U8R+qdxojcS9LuYpBevy/vy32nI+vpSaPdu
uz8Wb3LoaN2EbuF+oRNWK2HGjmvkCjUdP/ETGMxlwOvG8xJeBmD4qqc6+VfAT86o
4ftZ7mhi/iCFu5uF8ssjIMC39EjSqDAjE19OiOfgZPat
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:01 2025 by rpki-client