Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jvxU7Fi3jMm1wycD9j-IV5rmBk8.roa
File: jvxU7Fi3jMm1wycD9j-IV5rmBk8.roa (raw, json)
Hash identifier: Bl8Dp13plpokzjPNm9s2i80BJMzsZxCVSiC5Cuhi5zg=
Subject key identifier: 8E:FC:54:EC:58:B7:8C:C9:B5:C3:27:03:F6:3F:88:57:9A:E6:06:4F
Certificate issuer: /CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Certificate serial: 01857315E581408C6AE22E2052F2D103AE6F
Authority key identifier: 8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jvxU7Fi3jMm1wycD9j-IV5rmBk8.roa
Signing time: Mon 02 Jan 2023 15:24:52 +0000
ROA not before: Mon 02 Jan 2023 15:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8838
IP address blocks: 212.42.0.0/19 maxlen: 19
194.50.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:e5:81:40:8c:6a:e2:2e:20:52:f2:d1:03:ae:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df51d0670715eb69efa2fbff1998c3bdbd8a9f5
Validity
Not Before: Jan 2 15:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8efc54ec58b78cc9b5c32703f63f88579ae6064f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:c3:88:cb:a7:8d:b4:2b:80:2c:9d:d8:87:
e9:85:7c:0f:96:58:46:5d:99:b5:1a:36:7b:c5:b4:
e4:16:75:63:20:0e:3c:18:c0:88:19:82:54:25:5d:
a7:28:f0:12:06:fe:f9:6f:16:9f:ac:f0:2f:10:f3:
af:60:22:35:0c:82:48:f9:02:a8:e3:3a:84:37:a5:
d4:aa:a0:0b:48:4d:fd:73:9c:ee:c6:22:97:d6:d2:
9d:33:64:96:a5:1f:45:81:10:31:8c:41:9a:37:5b:
91:91:44:91:8e:87:d7:06:1d:f8:e3:82:87:ab:f0:
39:9e:f9:05:90:d4:eb:db:3a:5e:c1:90:b1:e9:5d:
65:99:cc:e9:ec:5f:87:46:48:b8:50:6b:10:92:42:
11:96:f6:77:66:a4:0d:d9:63:c9:c5:30:15:55:4b:
fc:eb:49:3f:e7:d0:e9:70:eb:15:d7:c6:8e:fa:fa:
ef:97:7f:97:cd:5b:b2:3d:29:3d:37:06:f8:cb:d3:
3f:98:d4:0e:42:31:69:6f:17:c4:f9:a4:b8:57:f2:
e0:62:26:6c:02:6f:f9:fa:3a:f3:9b:f8:cd:84:88:
e5:ac:70:de:ca:14:0a:e5:18:88:90:a4:f2:b4:e4:
12:19:1f:b6:6d:42:37:21:71:42:2d:2c:b1:82:be:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FC:54:EC:58:B7:8C:C9:B5:C3:27:03:F6:3F:88:57:9A:E6:06:4F
X509v3 Authority Key Identifier:
keyid:8D:F5:1D:06:70:71:5E:B6:9E:FA:2F:BF:F1:99:8C:3B:DB:D8:A9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfUdBnBxXrae-i-_8ZmMO9vYqfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jvxU7Fi3jMm1wycD9j-IV5rmBk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/747113-591d-4808-92d9-7a794d5ced3d/1/jfUdBnBxXrae-i-_8ZmMO9vYqfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.108.0/24
212.42.0.0/19
Signature Algorithm: sha256WithRSAEncryption
70:e0:20:ae:67:ff:5d:1a:c5:5b:a0:3e:29:24:1a:23:42:d9:
e0:f8:e0:9e:ff:b4:da:6e:6d:45:b1:a3:27:b5:3a:a4:95:63:
c6:b1:7c:91:a5:bc:b8:6f:d6:16:04:c5:1a:e9:d8:1a:3c:ee:
7c:0a:4f:86:b5:4e:65:89:d3:86:a8:ec:3b:ec:30:ef:d2:0c:
6b:a8:62:c8:61:3f:7e:d5:8c:81:d7:65:f0:80:52:43:a3:aa:
da:d1:b0:60:00:4c:3c:a3:63:f7:36:e3:f7:f0:4b:7c:6a:23:
d3:49:c1:96:47:1a:53:4b:d0:39:28:70:26:1d:99:23:fc:e8:
e7:02:67:0a:4a:70:97:79:9e:05:7c:25:5a:2b:6f:d6:16:52:
c1:76:52:1b:32:7a:91:4a:74:c7:82:4b:52:60:15:35:bd:d0:
65:12:5d:c7:a0:c3:36:68:e6:e3:34:8e:b9:98:fd:d7:04:12:
2f:26:da:c9:24:de:11:1b:46:64:7d:cb:13:ab:50:4e:5b:8d:
5b:ab:57:5c:43:fd:02:4f:e4:b0:65:5d:fb:8b:ad:2b:39:14:
b0:33:8a:3e:fc:25:20:96:67:96:46:ba:7e:c4:d2:6e:e2:a2:
bf:c3:ab:4f:71:a7:5b:c7:ea:57:11:bd:17:48:45:b1:f6:b8:
d7:f6:21:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzFeWBQIxq4i4gUvLRA65vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjUxZDA2NzA3MTVlYjY5ZWZhMmZiZmYxOTk4YzNiZGJk
OGE5ZjUwHhcNMjMwMTAyMTUyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZjNTRlYzU4Yjc4Y2M5YjVjMzI3MDNmNjNmODg1NzlhZTYwNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+jDiMunjbQrgCyd2IfphXwPllhG
XZm1GjZ7xbTkFnVjIA48GMCIGYJUJV2nKPASBv75bxafrPAvEPOvYCI1DIJI+QKo
4zqEN6XUqqALSE39c5zuxiKX1tKdM2SWpR9FgRAxjEGaN1uRkUSRjofXBh3444KH
q/A5nvkFkNTr2zpewZCx6V1lmczp7F+HRki4UGsQkkIRlvZ3ZqQN2WPJxTAVVUv8
60k/59DpcOsV18aO+vrvl3+XzVuyPSk9Nwb4y9M/mNQOQjFpbxfE+aS4V/LgYiZs
Am/5+jrzm/jNhIjlrHDeyhQK5RiIkKTytOQSGR+2bUI3IXFCLSyxgr52QwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI78VOxYt4zJtcMnA/Y/iFea5gZPMB8GA1UdIwQY
MBaAFI31HQZwcV62nvovv/GZjDvb2Kn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDkt
N2E3OTRkNWNlZDNkLzEvanZ4VTdGaTNqTW0xd3ljRDlqLUlWNXJtQms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC83NDcxMTMtNTkxZC00ODA4LTkyZDktN2E3OTRkNWNlZDNk
LzEvamZVZEJuQnhYcmFlLWktXzhabU1POXZZcWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjJsAwQF
1CoAMA0GCSqGSIb3DQEBCwUAA4IBAQBw4CCuZ/9dGsVboD4pJBojQtng+OCe/7Ta
bm1FsaMntTqklWPGsXyRpby4b9YWBMUa6dgaPO58Ck+GtU5lidOGqOw77DDv0gxr
qGLIYT9+1YyB12XwgFJDo6ra0bBgAEw8o2P3NuP38Et8aiPTScGWRxpTS9A5KHAm
HZkj/OjnAmcKSnCXeZ4FfCVaK2/WFlLBdlIbMnqRSnTHgktSYBU1vdBlEl3HoMM2
aObjNI65mP3XBBIvJtrJJN4RG0ZkfcsTq1BOW41bq1dcQ/0CT+SwZV37i60rORSw
M4o+/CUglmeWRrp+xNJu4qK/w6tPcadbx+pXEb0XSEWx9rjX9iHJ
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:01:11 2025 by rpki-client