Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rJsKB54nxmNbBZXK8tXrBkHfAts.roa
File: rJsKB54nxmNbBZXK8tXrBkHfAts.roa (raw, json)
Hash identifier: 2MlgBBJAU3AFmocB4DvwxGpi8fLBJpdkxg2pc3V1dZI=
Subject key identifier: AC:9B:0A:07:9E:27:C6:63:5B:05:95:CA:F2:D5:EB:06:41:DF:02:DB
Certificate issuer: /CN=91c2c2912e10581587052a5ca770910b26174f14
Certificate serial: 01856E141A98BB4459C3373B6A25E6821326
Authority key identifier: 91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rJsKB54nxmNbBZXK8tXrBkHfAts.roa
Signing time: Sun 01 Jan 2023 16:04:49 +0000
ROA not before: Sun 01 Jan 2023 16:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56577
IP address blocks: 31.41.40.0/21 maxlen: 21
185.68.92.0/22 maxlen: 22
2a05:1700:2::/48 maxlen: 48
2a05:1700::/48 maxlen: 48
2a05:1700:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:1a:98:bb:44:59:c3:37:3b:6a:25:e6:82:13:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91c2c2912e10581587052a5ca770910b26174f14
Validity
Not Before: Jan 1 16:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac9b0a079e27c6635b0595caf2d5eb0641df02db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:09:ec:10:fe:9b:5f:fc:41:69:f7:47:1c:28:
59:aa:f3:d5:4a:46:fa:cb:f7:3e:90:01:39:d6:1c:
27:db:48:cc:f2:74:a2:d6:97:98:df:a6:f1:18:63:
78:8a:d4:07:08:a3:18:11:ca:14:1f:65:1e:98:95:
c0:25:80:65:33:62:eb:ce:c8:7e:45:4d:9d:a3:1d:
7f:3c:cd:a1:d1:39:5b:6b:04:35:5c:ec:85:f7:e5:
c1:95:54:d7:d9:0c:24:24:4d:23:ae:d2:2a:bb:c1:
af:07:e3:11:14:d6:46:89:70:6c:01:da:44:a1:ca:
04:d5:5f:11:67:e4:c6:e5:53:55:d2:75:fc:59:8d:
48:ab:8b:fa:9d:e8:ab:0e:6f:4b:5f:25:e0:c6:17:
45:0a:9d:b0:c1:22:03:ac:fd:eb:8a:82:8f:c9:81:
25:4b:62:de:49:4b:7d:c7:95:91:58:92:fa:47:ba:
10:b6:cf:e2:23:04:ec:98:c6:4a:39:8f:0d:50:c4:
89:7d:6b:67:dd:48:9e:32:e5:a5:75:3b:5f:19:a6:
f6:1a:9e:b7:a0:97:e9:b0:a6:11:77:f0:d0:24:10:
1e:27:7e:55:0b:7e:23:33:22:f3:22:b3:f4:70:0a:
68:d0:e8:b4:29:b9:b5:33:d9:79:48:fd:48:29:ce:
f3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9B:0A:07:9E:27:C6:63:5B:05:95:CA:F2:D5:EB:06:41:DF:02:DB
X509v3 Authority Key Identifier:
keyid:91:C2:C2:91:2E:10:58:15:87:05:2A:5C:A7:70:91:0B:26:17:4F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/rJsKB54nxmNbBZXK8tXrBkHfAts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b30b57-e7e9-4b2f-99b6-90f97f746676/1/kcLCkS4QWBWHBSpcp3CRCyYXTxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.40.0/21
185.68.92.0/22
IPv6:
2a05:1700::/48
2a05:1700:2::/47
Signature Algorithm: sha256WithRSAEncryption
72:a5:31:5e:d4:5b:b7:b2:46:e3:c8:3e:05:b4:4f:f8:b0:31:
f0:e7:c6:7c:b3:59:54:10:f4:1c:b3:cd:83:1d:50:61:44:e7:
8b:36:56:45:d1:a7:a5:f7:71:4d:d6:bd:4d:ed:a1:f7:18:f0:
52:78:7d:52:06:f1:5f:00:8e:df:7e:5a:59:4d:bc:56:2d:d9:
a4:8d:cf:66:ea:95:40:b1:0e:4a:bd:cf:e3:1d:96:78:bc:33:
99:37:53:c6:6d:02:dd:11:35:4e:28:fc:ad:c6:77:f6:f9:a1:
ba:d9:0b:63:79:27:e3:41:81:47:1c:51:4b:9f:67:8e:93:7c:
fe:9a:74:41:b3:df:dd:5d:0b:25:c3:28:b0:86:be:33:a6:a1:
e4:d0:69:23:a2:f1:c8:62:aa:ac:59:d8:97:81:9f:67:5b:70:
ca:e1:15:10:75:21:3b:fe:19:1f:79:43:69:6e:e7:bf:89:87:
77:78:be:74:7e:09:91:a8:9d:a8:6b:8a:37:b6:bf:b4:38:32:
f5:6b:5e:b4:ad:02:14:91:9e:24:24:6c:91:1d:39:cf:01:40:
bb:00:7b:29:d0:18:1d:7f:2d:d4:e6:6e:af:92:42:22:5d:8b:
ea:36:59:8f:58:db:a2:d0:4a:09:eb:00:05:4b:30:47:c7:ec:
a3:d4:8f:18
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuFBqYu0RZwzc7aiXmghMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYzJjMjkxMmUxMDU4MTU4NzA1MmE1Y2E3NzA5MTBiMjYx
NzRmMTQwHhcNMjMwMTAxMTYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzliMGEwNzllMjdjNjYzNWIwNTk1Y2FmMmQ1ZWIwNjQxZGYwMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAignsEP6bX/xBafdHHChZqvPVSkb6
y/c+kAE51hwn20jM8nSi1peY36bxGGN4itQHCKMYEcoUH2UemJXAJYBlM2Lrzsh+
RU2dox1/PM2h0TlbawQ1XOyF9+XBlVTX2QwkJE0jrtIqu8GvB+MRFNZGiXBsAdpE
ocoE1V8RZ+TG5VNV0nX8WY1Iq4v6neirDm9LXyXgxhdFCp2wwSIDrP3rioKPyYEl
S2LeSUt9x5WRWJL6R7oQts/iIwTsmMZKOY8NUMSJfWtn3UieMuWldTtfGab2Gp63
oJfpsKYRd/DQJBAeJ35VC34jMyLzIrP0cApo0Oi0Kbm1M9l5SP1IKc7zJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKybCgeeJ8ZjWwWVyvLV6wZB3wLbMB8GA1UdIwQY
MBaAFJHCwpEuEFgVhwUqXKdwkQsmF08UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYt
OTBmOTdmNzQ2Njc2LzEvckpzS0I1NG54bU5iQlpYSzh0WHJCa0hmQXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMzBiNTctZTdlOS00YjJmLTk5YjYtOTBmOTdmNzQ2Njc2
LzEva2NMQ2tTNFFXQldIQlNwY3AzQ1JDeVlYVHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQDHykoAwQC
uURcMBgEAgACMBIDBwAqBRcAAAADBwEqBRcAAAIwDQYJKoZIhvcNAQELBQADggEB
AHKlMV7UW7eyRuPIPgW0T/iwMfDnxnyzWVQQ9ByzzYMdUGFE54s2VkXRp6X3cU3W
vU3tofcY8FJ4fVIG8V8Ajt9+WllNvFYt2aSNz2bqlUCxDkq9z+Mdlni8M5k3U8Zt
At0RNU4o/K3Gd/b5obrZC2N5J+NBgUccUUufZ46TfP6adEGz391dCyXDKLCGvjOm
oeTQaSOi8chiqqxZ2JeBn2dbcMrhFRB1ITv+GR95Q2lu57+Jh3d4vnR+CZGonahr
ije2v7Q4MvVrXrStAhSRniQkbJEdOc8BQLsAeynQGB1/LdTmbq+SQiJdi+o2WY9Y
26LQSgnrAAVLMEfH7KPUjxg=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:52:34 2025 by rpki-client