Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/jhaPcA5CMXGWSkYWvxp9IHswGiA.roa
File: jhaPcA5CMXGWSkYWvxp9IHswGiA.roa (raw, json)
Hash identifier: 3YNtUb0zOznPXJ3RTt9AG9R4mgtNNwKxl42CEaczcsQ=
Subject key identifier: 8E:16:8F:70:0E:42:31:71:96:4A:46:16:BF:1A:7D:20:7B:30:1A:20
Certificate issuer: /CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Certificate serial: 0186A311A8468A12C58C5CABCA04D456D4F8
Authority key identifier: 52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/jhaPcA5CMXGWSkYWvxp9IHswGiA.roa
Signing time: Thu 02 Mar 2023 16:04:48 +0000
ROA not before: Thu 02 Mar 2023 16:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48886
IP address blocks: 45.91.68.0/24 maxlen: 24
45.91.68.0/22 maxlen: 22
45.91.69.0/24 maxlen: 24
194.69.16.0/24 maxlen: 24
194.69.16.0/20 maxlen: 20
194.69.18.0/24 maxlen: 24
194.69.24.0/24 maxlen: 24
194.69.20.0/24 maxlen: 24
194.69.19.0/24 maxlen: 24
194.69.22.0/24 maxlen: 24
194.69.21.0/24 maxlen: 24
194.69.30.0/24 maxlen: 24
194.69.31.0/24 maxlen: 24
194.69.27.0/24 maxlen: 24
194.69.26.0/24 maxlen: 24
194.69.29.0/24 maxlen: 24
194.69.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:11:a8:46:8a:12:c5:8c:5c:ab:ca:04:d4:56:d4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52aaa0a6188c97aa742cc786e3b70bc909cac44c
Validity
Not Before: Mar 2 16:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e168f700e423171964a4616bf1a7d207b301a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:98:9b:a7:8a:50:5c:1b:1f:64:76:7e:3b:28:
91:b5:c9:52:4e:58:da:73:bf:63:f8:a7:f5:8a:3d:
d9:16:97:13:a2:60:e1:cc:c0:9e:61:51:ec:85:e8:
b7:b8:47:19:36:15:c8:af:21:2c:af:46:3f:c7:28:
0a:dc:cc:81:f1:d3:0d:e1:9d:28:0c:31:10:77:d8:
1c:db:df:9b:ca:b0:42:eb:ef:55:5c:a8:4c:87:4d:
f0:d2:ec:13:84:94:84:19:32:2b:b1:57:e1:12:8b:
c0:b0:bc:71:54:49:91:f4:af:14:76:e9:ee:b6:cd:
2b:b6:a0:ae:86:7a:d3:3b:45:5f:04:45:f6:4f:fc:
ab:7b:46:6c:73:2f:74:5e:58:cf:8b:bf:64:03:ad:
11:64:a2:b5:8f:45:03:e7:16:3c:27:d9:1b:70:2a:
1d:a9:23:3c:d2:db:55:3c:6d:23:08:ca:a7:38:23:
7c:89:30:61:0a:cd:2d:2b:1a:eb:09:ac:7c:0d:3c:
14:5d:d0:53:f7:dd:d6:9b:dc:22:77:fb:37:40:70:
fc:d0:65:88:15:8b:aa:59:1c:ab:ed:8d:24:e6:65:
94:2c:9b:2d:c4:b9:96:e1:3a:9b:6b:b3:e9:4d:61:
b8:6c:6e:f1:9d:5f:7f:bf:85:c7:07:80:fc:10:0e:
66:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:16:8F:70:0E:42:31:71:96:4A:46:16:BF:1A:7D:20:7B:30:1A:20
X509v3 Authority Key Identifier:
keyid:52:AA:A0:A6:18:8C:97:AA:74:2C:C7:86:E3:B7:0B:C9:09:CA:C4:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqqgphiMl6p0LMeG47cLyQnKxEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/jhaPcA5CMXGWSkYWvxp9IHswGiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/d937e0-4277-4e6a-b593-46a880425799/1/UqqgphiMl6p0LMeG47cLyQnKxEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.68.0/22
194.69.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7c:3b:70:67:c7:5f:7c:92:a4:5f:c3:4c:bb:47:e2:53:f3:a6:
39:90:5e:b6:41:29:c6:95:4b:e1:01:4a:05:be:09:14:ef:ed:
81:d6:20:e6:3b:ed:3e:ba:75:a7:49:8e:da:45:37:75:d0:09:
6d:47:19:3d:d9:d9:23:de:07:22:ea:59:94:f2:26:f3:81:a9:
2c:3d:e8:92:13:8f:37:69:1f:5b:e9:a2:4d:78:07:1b:2c:ff:
31:24:19:e6:c4:39:d6:0b:87:06:ff:bd:57:f8:a0:df:67:f3:
fb:be:56:84:50:25:df:83:b5:21:50:54:fb:41:45:3d:91:87:
be:2c:5a:bf:af:80:3c:7f:d3:2c:98:71:9a:1a:2e:5d:e8:6c:
98:a9:19:a5:43:f1:cf:50:60:5e:87:60:72:66:a5:45:d8:7a:
1f:b8:bf:47:77:97:87:ec:72:f8:8c:85:74:20:f8:11:6d:db:
2a:35:74:c1:8f:05:7d:4c:1b:a4:46:50:01:13:99:a6:69:ab:
21:30:d2:db:fa:6e:c8:5f:5c:aa:75:57:b4:dc:0c:b8:94:9a:
ea:c3:45:78:bf:0e:97:24:dd:ea:90:04:c5:81:86:52:c0:9a:
c2:a1:af:fa:5f:38:e6:1c:fb:59:f0:e0:b6:52:3c:8d:c0:8f:
69:50:0f:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYajEahGihLFjFyrygTUVtT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYWFhMGE2MTg4Yzk3YWE3NDJjYzc4NmUzYjcwYmM5MDlj
YWM0NGMwHhcNMjMwMzAyMTYwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE2OGY3MDBlNDIzMTcxOTY0YTQ2MTZiZjFhN2QyMDdiMzAxYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpibp4pQXBsfZHZ+OyiRtclSTlja
c79j+Kf1ij3ZFpcTomDhzMCeYVHshei3uEcZNhXIryEsr0Y/xygK3MyB8dMN4Z0o
DDEQd9gc29+byrBC6+9VXKhMh03w0uwThJSEGTIrsVfhEovAsLxxVEmR9K8Udunu
ts0rtqCuhnrTO0VfBEX2T/yre0Zscy90XljPi79kA60RZKK1j0UD5xY8J9kbcCod
qSM80ttVPG0jCMqnOCN8iTBhCs0tKxrrCax8DTwUXdBT993Wm9wid/s3QHD80GWI
FYuqWRyr7Y0k5mWULJstxLmW4Tqba7PpTWG4bG7xnV9/v4XHB4D8EA5mDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI4Wj3AOQjFxlkpGFr8afSB7MBogMB8GA1UdIwQY
MBaAFFKqoKYYjJeqdCzHhuO3C8kJysRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMt
NDZhODgwNDI1Nzk5LzEvamhhUGNBNUNNWEdXU2tZV3Z4cDlJSHN3R2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9kOTM3ZTAtNDI3Ny00ZTZhLWI1OTMtNDZhODgwNDI1Nzk5
LzEvVXFxZ3BoaU1sNnAwTE1lRzQ3Y0x5UW5LeEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVtEAwQE
wkUQMA0GCSqGSIb3DQEBCwUAA4IBAQB8O3Bnx198kqRfw0y7R+JT86Y5kF62QSnG
lUvhAUoFvgkU7+2B1iDmO+0+unWnSY7aRTd10AltRxk92dkj3gci6lmU8ibzgaks
PeiSE483aR9b6aJNeAcbLP8xJBnmxDnWC4cG/71X+KDfZ/P7vlaEUCXfg7UhUFT7
QUU9kYe+LFq/r4A8f9MsmHGaGi5d6GyYqRmlQ/HPUGBeh2ByZqVF2HofuL9Hd5eH
7HL4jIV0IPgRbdsqNXTBjwV9TBukRlABE5mmaashMNLb+m7IX1yqdVe03Ay4lJrq
w0V4vw6XJN3qkATFgYZSwJrCoa/6XzjmHPtZ8OC2UjyNwI9pUA+S
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:23 2025 by rpki-client