Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/Jc9-1okWxI0NgFKMIpwkhXKc9vY.roa
File: Jc9-1okWxI0NgFKMIpwkhXKc9vY.roa (raw, json)
Hash identifier: fIEbbXH/JdrkJukFISfVzZuf24P1u1ugC3PoX5o3+FM=
Subject key identifier: 25:CF:7E:D6:89:16:C4:8D:0D:80:52:8C:22:9C:24:85:72:9C:F6:F6
Certificate issuer: /CN=c67e9de8e826cdee0e65f622583434b81cf37bad
Certificate serial: 01856D4AC398476C126B67C7722F2219FD85
Authority key identifier: C6:7E:9D:E8:E8:26:CD:EE:0E:65:F6:22:58:34:34:B8:1C:F3:7B:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xn6d6Ogmze4OZfYiWDQ0uBzze60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/Jc9-1okWxI0NgFKMIpwkhXKc9vY.roa
Signing time: Sun 01 Jan 2023 12:24:54 +0000
ROA not before: Sun 01 Jan 2023 12:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1136
IP address blocks: 193.177.141.0/24 maxlen: 24
193.177.144.0/22 maxlen: 22
193.177.140.0/24 maxlen: 24
193.177.142.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:c3:98:47:6c:12:6b:67:c7:72:2f:22:19:fd:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c67e9de8e826cdee0e65f622583434b81cf37bad
Validity
Not Before: Jan 1 12:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25cf7ed68916c48d0d80528c229c2485729cf6f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0c:4f:f9:8d:92:c9:d5:bd:5d:2d:fe:96:dc:
0f:92:87:f9:c4:12:4a:3b:f6:cc:43:68:39:b2:a7:
a2:d5:a0:6d:de:ae:7e:40:fe:7d:b3:1a:93:4d:cd:
4a:74:6e:f8:c6:d8:0f:77:0f:21:f5:a2:ba:d5:46:
8a:19:8d:2a:eb:ac:a8:37:91:52:62:7e:cb:a8:21:
56:8c:3e:17:53:f8:46:62:c3:bb:5e:78:56:68:b4:
2d:55:94:30:43:12:7a:96:e4:e6:ae:07:d8:01:c8:
4c:81:71:1d:2f:f0:9b:75:9d:d6:f7:cc:00:2d:c2:
a6:0b:9e:49:bf:70:0f:0e:17:f6:1c:68:92:81:a0:
a5:a7:5f:4c:35:a4:77:39:4b:94:37:b7:b7:53:06:
ec:1b:5d:67:99:72:f0:e2:d6:7a:33:d4:91:fd:69:
3d:bc:15:4a:0b:d5:95:21:22:c0:a2:9e:be:6a:28:
19:e7:79:cd:01:16:ac:c4:3a:0f:2a:d7:91:b7:a4:
a7:22:57:e6:dc:a3:67:04:3d:30:09:bd:7d:58:4a:
93:a1:df:94:d0:99:a9:98:a2:b3:76:1a:62:77:7a:
4e:3b:eb:a2:45:02:c4:b3:70:00:86:6f:fd:98:ce:
7d:dc:2d:c2:54:cd:fa:e7:2f:aa:ea:bf:94:85:03:
d7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:CF:7E:D6:89:16:C4:8D:0D:80:52:8C:22:9C:24:85:72:9C:F6:F6
X509v3 Authority Key Identifier:
keyid:C6:7E:9D:E8:E8:26:CD:EE:0E:65:F6:22:58:34:34:B8:1C:F3:7B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xn6d6Ogmze4OZfYiWDQ0uBzze60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/Jc9-1okWxI0NgFKMIpwkhXKc9vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/0b0c1c-e5ea-4558-bbdd-199e056a6800/1/xn6d6Ogmze4OZfYiWDQ0uBzze60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.140.0-193.177.147.255
Signature Algorithm: sha256WithRSAEncryption
83:93:56:dd:30:74:b4:21:cd:a7:a2:10:43:4d:8a:27:a4:0c:
52:ab:61:0f:ea:f7:99:cc:1d:0c:7e:66:17:8a:0f:07:2e:92:
b3:19:ff:ab:79:ba:c9:6b:e4:b1:dc:7a:ac:bb:e3:00:2b:c0:
8e:8f:ab:0d:f0:c9:ee:82:8a:20:01:a1:cd:40:83:8a:ba:a1:
a6:a2:6f:1b:a1:82:91:ac:ed:fb:4e:9b:ee:f6:42:0e:be:f9:
18:cd:42:fe:59:95:5f:41:d2:e7:69:98:2a:e6:59:9d:47:34:
39:53:3c:a0:96:46:93:6e:17:99:57:47:df:32:5e:04:2c:e5:
ff:df:e7:df:64:4c:a9:55:03:ab:db:ae:7e:be:8d:c3:5c:50:
49:3e:f3:10:15:7b:b5:2f:fa:84:08:17:cd:99:c8:85:76:a9:
4c:db:fd:fe:3e:6f:4c:fd:23:1f:c2:4a:db:a6:77:56:ac:88:
6a:9d:7d:94:8a:fe:7a:c3:7d:96:f9:e1:1b:91:37:42:bd:5c:
17:f6:c1:85:4a:7b:09:06:3c:d7:0d:f6:1f:09:25:28:d0:94:
d9:41:1b:ef:46:58:cf:3a:67:61:37:64:f5:3a:46:57:13:24:
57:a7:5d:a5:76:d5:e5:b3:21:95:50:f5:bd:02:10:07:6b:47:
d7:f7:9b:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtSsOYR2wSa2fHci8iGf2FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2N2U5ZGU4ZTgyNmNkZWUwZTY1ZjYyMjU4MzQzNGI4MWNm
MzdiYWQwHhcNMjMwMTAxMTIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNmN2VkNjg5MTZjNDhkMGQ4MDUyOGMyMjljMjQ4NTcyOWNmNmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAxP+Y2SydW9XS3+ltwPkof5xBJK
O/bMQ2g5sqei1aBt3q5+QP59sxqTTc1KdG74xtgPdw8h9aK61UaKGY0q66yoN5FS
Yn7LqCFWjD4XU/hGYsO7XnhWaLQtVZQwQxJ6luTmrgfYAchMgXEdL/CbdZ3W98wA
LcKmC55Jv3APDhf2HGiSgaClp19MNaR3OUuUN7e3UwbsG11nmXLw4tZ6M9SR/Wk9
vBVKC9WVISLAop6+aigZ53nNARasxDoPKteRt6SnIlfm3KNnBD0wCb19WEqTod+U
0JmpmKKzdhpid3pOO+uiRQLEs3AAhm/9mM593C3CVM365y+q6r+UhQPXTwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCXPftaJFsSNDYBSjCKcJIVynPb2MB8GA1UdIwQY
MBaAFMZ+nejoJs3uDmX2Ilg0NLgc83utMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG42ZDZPZ216ZTRPWmZZaVdEUTB1Qnp6ZTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8wYjBjMWMtZTVlYS00NTU4LWJiZGQt
MTk5ZTA1NmE2ODAwLzEvSmM5LTFva1d4STBOZ0ZLTUlwd2toWEtjOXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8wYjBjMWMtZTVlYS00NTU4LWJiZGQtMTk5ZTA1NmE2ODAw
LzEveG42ZDZPZ216ZTRPWmZZaVdEUTB1Qnp6ZTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALBsYwD
BALBsZAwDQYJKoZIhvcNAQELBQADggEBAIOTVt0wdLQhzaeiEENNiiekDFKrYQ/q
95nMHQx+ZheKDwcukrMZ/6t5uslr5LHceqy74wArwI6Pqw3wye6CiiABoc1Ag4q6
oaaibxuhgpGs7ftOm+72Qg6++RjNQv5ZlV9B0udpmCrmWZ1HNDlTPKCWRpNuF5lX
R98yXgQs5f/f599kTKlVA6vbrn6+jcNcUEk+8xAVe7Uv+oQIF82ZyIV2qUzb/f4+
b0z9Ix/CStumd1asiGqdfZSK/nrDfZb54RuRN0K9XBf2wYVKewkGPNcN9h8JJSjQ
lNlBG+9GWM86Z2E3ZPU6RlcTJFenXaV21eWzIZVQ9b0CEAdrR9f3m+0=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:40:23 2025 by rpki-client