Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/jpi5bPDJavsZN_xjYAmsrHw34R0.roa
File: jpi5bPDJavsZN_xjYAmsrHw34R0.roa (raw, json)
Hash identifier: CcdvW+bv8YzRufSvRbMW2j52P9HWBqVzev2ibHDF0Mw=
Subject key identifier: 8E:98:B9:6C:F0:C9:6A:FB:19:37:FC:63:60:09:AC:AC:7C:37:E1:1D
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 0185710C1239420B8C3014A1C020FD3F0B43
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/jpi5bPDJavsZN_xjYAmsrHw34R0.roa
Signing time: Mon 02 Jan 2023 05:54:54 +0000
ROA not before: Mon 02 Jan 2023 05:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20776
IP address blocks: 89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.24.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
82.197.112.0/20 maxlen: 20
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
92.49.125.0/24 maxlen: 24
92.49.120.0/21 maxlen: 21
82.197.126.0/24 maxlen: 24
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 19
92.49.96.0/20 maxlen: 20
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.107.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
188.115.96.0/21 maxlen: 21
188.115.96.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.0.0/19 maxlen: 19
188.115.104.0/21 maxlen: 21
93.176.16.0/20 maxlen: 20
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.26.0/24 maxlen: 24
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.60.0/22 maxlen: 22
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.76.0/22 maxlen: 22
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.0.0/17 maxlen: 24
109.62.4.0/22 maxlen: 22
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.10.0/23 maxlen: 23
109.62.9.0/24 maxlen: 24
109.62.8.0/24 maxlen: 24
109.62.12.0/23 maxlen: 23
80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
109.62.16.0/21 maxlen: 21
109.62.15.0/24 maxlen: 24
109.62.14.0/24 maxlen: 24
109.62.24.0/23 maxlen: 23
80.243.248.0/21 maxlen: 21
188.115.64.0/20 maxlen: 20
188.115.64.0/19 maxlen: 19
188.115.64.0/18 maxlen: 18
188.115.80.0/20 maxlen: 20
217.175.160.0/19 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:12:39:42:0b:8c:30:14:a1:c0:20:fd:3f:0b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: Jan 2 05:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e98b96cf0c96afb1937fc636009acac7c37e11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:5d:b0:5f:5b:7b:2a:73:0d:1e:d1:08:6f:
70:4c:07:9b:e2:1a:23:cb:a3:c0:27:ff:63:03:65:
9a:6f:49:be:50:b0:42:f5:88:97:c8:87:c1:a2:3f:
c5:9a:73:8e:94:21:f7:dc:5e:a4:e3:8c:2c:df:a8:
a6:4b:0e:3a:e9:bb:a7:0b:5d:fc:8d:72:90:5a:66:
d2:d9:2f:17:59:6e:26:8c:c0:cf:d2:b3:f7:99:a6:
43:6a:96:de:9e:04:41:81:b3:29:6d:91:d9:1e:db:
05:57:03:0f:5d:24:6a:a4:bc:44:bd:a5:dd:98:20:
75:9e:e6:bc:d5:6e:1f:e7:33:ca:78:3f:a2:20:a4:
6e:55:fa:e9:ec:a1:3c:72:7f:11:45:8a:3c:bb:42:
b6:eb:4b:b0:da:e1:84:98:b5:60:31:d3:ed:9f:83:
37:a8:59:4d:27:f6:f4:29:04:af:ca:18:55:58:10:
9e:c9:79:17:10:bb:b9:a4:c8:e0:e0:f6:3d:77:37:
60:1d:04:16:ea:bf:b9:3b:3f:4f:d1:61:fa:0e:a1:
59:35:b6:08:ee:37:64:71:ba:e3:fa:f1:47:cd:c1:
66:01:7a:c5:05:1b:ea:08:22:ae:1d:e0:cd:54:bb:
ff:da:08:72:b2:2f:77:87:3a:91:1e:b2:90:55:11:
a4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:98:B9:6C:F0:C9:6A:FB:19:37:FC:63:60:09:AC:AC:7C:37:E1:1D
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/jpi5bPDJavsZN_xjYAmsrHw34R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/19
109.62.0.0/17
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
53:7c:c7:e3:e2:e7:7c:45:cf:f9:86:57:49:4b:f6:46:80:26:
8f:53:a5:3a:90:b1:48:cf:97:95:31:ff:3c:81:38:a7:58:9e:
fa:56:43:14:5c:fa:8a:48:cc:4e:89:26:ee:bd:31:2f:a6:12:
96:d1:6c:bc:80:40:f9:33:0c:f4:93:9c:16:d2:f1:4a:f3:1b:
9d:34:8f:77:7a:49:06:a1:40:62:a4:02:37:d3:c5:e2:89:01:
50:e5:1d:07:5e:58:38:a9:f4:46:19:f4:3f:76:95:5d:36:8f:
30:ec:aa:2b:89:62:41:40:c9:59:c7:98:21:01:5a:c1:7c:42:
6b:8f:4d:68:50:73:d5:87:d0:67:18:cf:02:e2:82:e3:80:2a:
92:84:98:07:b7:43:e2:27:8a:26:e5:e7:47:e5:be:4f:e7:8e:
dd:4a:7c:65:82:73:33:b4:de:79:77:b5:e0:7c:a3:db:76:2c:
da:e7:b6:c9:ec:ce:44:ef:95:a6:f8:c9:cf:61:1c:32:c6:0a:
4b:e7:c8:e8:93:d2:85:9c:f8:1d:2d:27:81:11:c4:01:6c:32:
2f:c2:7a:db:06:0e:37:2a:8a:5c:c4:6c:d3:9f:9b:7e:f2:7d:
59:ea:9b:fc:a1:b1:b8:46:24:ec:43:23:48:f8:39:d9:e1:6d:
e3:2e:1c:2f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVxDBI5QguMMBShwCD9PwtDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjMwMTAyMDU1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTk4Yjk2Y2YwYzk2YWZiMTkzN2ZjNjM2MDA5YWNhYzdjMzdlMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDtdsF9beypzDR7RCG9wTAeb4hoj
y6PAJ/9jA2Wab0m+ULBC9YiXyIfBoj/FmnOOlCH33F6k44ws36imSw466bunC138
jXKQWmbS2S8XWW4mjMDP0rP3maZDapbengRBgbMpbZHZHtsFVwMPXSRqpLxEvaXd
mCB1nua81W4f5zPKeD+iIKRuVfrp7KE8cn8RRYo8u0K260uw2uGEmLVgMdPtn4M3
qFlNJ/b0KQSvyhhVWBCeyXkXELu5pMjg4PY9dzdgHQQW6r+5Oz9P0WH6DqFZNbYI
7jdkcbrj+vFHzcFmAXrFBRvqCCKuHeDNVLv/2ghysi93hzqRHrKQVRGkpwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFI6YuWzwyWr7GTf8Y2AJrKx8N+EdMB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvanBpNWJQREphdnNaTl94allBbXNySHczNFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQFXbAAAwQHbT4AAwQGvHNAAwQF2a+gMA0GCSqGSIb3
DQEBCwUAA4IBAQBTfMfj4ud8Rc/5hldJS/ZGgCaPU6U6kLFIz5eVMf88gTinWJ76
VkMUXPqKSMxOiSbuvTEvphKW0Wy8gED5Mwz0k5wW0vFK8xudNI93ekkGoUBipAI3
08XiiQFQ5R0HXlg4qfRGGfQ/dpVdNo8w7KoriWJBQMlZx5ghAVrBfEJrj01oUHPV
h9BnGM8C4oLjgCqShJgHt0PiJ4om5edH5b5P547dSnxlgnMztN55d7XgfKPbdiza
57bJ7M5E75Wm+MnPYRwyxgpL58jok9KFnPgdLSeBEcQBbDIvwnrbBg43KopcxGzT
n5t+8n1Z6pv8obG4RiTsQyNI+DnZ4W3jLhwv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:38 2025 by rpki-client