Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/JLs3MMWJsisMtQcObu-CBeB6S8E.roa
File: JLs3MMWJsisMtQcObu-CBeB6S8E.roa (raw, json)
Hash identifier: nnFXQpqecgAMiKTJUVzejgExePoBrMXqvXBdR+hOxLI=
Subject key identifier: 24:BB:37:30:C5:89:B2:2B:0C:B5:07:0E:6E:EF:82:05:E0:7A:4B:C1
Certificate issuer: /CN=63a759b06e6fed03b0930749153fc16a12a501e0
Certificate serial: 018B298A5F086F1C632D7784CC72033BB03D
Authority key identifier: 63:A7:59:B0:6E:6F:ED:03:B0:93:07:49:15:3F:C1:6A:12:A5:01:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y6dZsG5v7QOwkwdJFT_BahKlAeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/JLs3MMWJsisMtQcObu-CBeB6S8E.roa
Signing time: Fri 13 Oct 2023 14:56:55 +0000
ROA not before: Fri 13 Oct 2023 14:56:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207589
IP address blocks: 89.40.210.0/24 maxlen: 24
91.205.43.0/24 maxlen: 24
185.109.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:29:8a:5f:08:6f:1c:63:2d:77:84:cc:72:03:3b:b0:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63a759b06e6fed03b0930749153fc16a12a501e0
Validity
Not Before: Oct 13 14:56:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24bb3730c589b22b0cb5070e6eef8205e07a4bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:00:f2:be:21:72:55:4e:76:18:2e:11:2a:8b:
00:94:79:06:36:be:12:26:d9:1c:bc:33:78:ee:8f:
e5:95:05:31:be:a4:db:6c:b3:77:1f:81:f7:6b:1d:
04:75:a5:c6:21:cf:99:45:70:10:87:61:c6:e0:e3:
5a:2f:b4:05:53:b0:6d:72:24:d7:15:39:0c:72:f5:
63:22:13:03:b0:3f:3f:25:75:3c:2e:f5:87:5a:83:
4a:14:64:b9:fb:fb:66:4e:d2:32:b9:42:3f:65:88:
58:a2:79:7c:55:83:74:af:9e:98:eb:6f:53:7a:f0:
1e:5f:b3:9e:6f:64:da:d5:d6:79:ab:31:cf:0d:d4:
9d:22:69:48:fd:89:56:2e:3d:c7:c4:37:4c:04:3b:
b7:bd:d7:18:52:97:71:e5:84:8b:2d:c7:65:61:0a:
43:a1:17:26:ac:7a:b1:f4:a8:94:f1:c8:cc:12:b8:
7e:f4:c4:dd:c4:b4:12:6c:4c:ee:12:5e:74:2d:2c:
ae:cb:fe:42:e5:2e:14:94:da:9f:ec:dd:58:21:11:
aa:6c:d5:58:e3:b1:e8:b3:42:f6:68:97:b8:58:bf:
7c:9e:50:cf:2a:a7:36:29:8e:4d:8e:e5:1c:bf:19:
0f:d6:26:8b:b5:13:64:85:78:5b:09:27:a9:1c:75:
b9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BB:37:30:C5:89:B2:2B:0C:B5:07:0E:6E:EF:82:05:E0:7A:4B:C1
X509v3 Authority Key Identifier:
keyid:63:A7:59:B0:6E:6F:ED:03:B0:93:07:49:15:3F:C1:6A:12:A5:01:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6dZsG5v7QOwkwdJFT_BahKlAeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/JLs3MMWJsisMtQcObu-CBeB6S8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/13150c-85da-458d-bc6c-9e24968e6664/1/Y6dZsG5v7QOwkwdJFT_BahKlAeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.210.0/24
91.205.43.0/24
185.109.254.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f7:7d:4d:2b:60:b9:7a:d6:d5:31:6a:25:2d:e0:7e:8b:2a:
3b:5f:69:cb:55:f0:0a:dd:0d:b7:bd:e4:8c:6c:2d:9a:a0:c1:
2c:3d:77:a5:a6:78:0a:43:dd:4a:15:44:07:7b:66:61:21:e0:
0b:0f:fc:c2:b0:41:e5:92:5c:1e:ba:d0:74:4b:1b:4b:84:ee:
f2:ba:88:dd:9f:fa:9a:b1:fe:0b:c4:a2:0b:cf:a8:d5:b8:13:
43:96:29:a2:48:8a:8b:34:a8:9f:f0:08:d0:8f:4c:b7:f7:fc:
55:af:58:5e:63:b9:61:1e:c1:3b:98:2d:01:20:f7:dc:f7:22:
64:52:9a:8c:49:53:e6:b6:08:2a:9e:8a:09:de:61:45:92:7d:
3f:e8:3d:7a:b9:6c:2d:bf:3c:d6:63:81:0a:a9:26:d6:75:07:
bb:bb:c5:fa:c1:9b:56:6f:0d:31:b8:35:4b:06:a2:47:f6:bf:
34:4e:1e:34:cd:78:ad:58:28:6a:a4:06:d7:2b:fd:72:07:f3:
7d:64:5f:a6:2a:f6:0a:38:f5:88:01:1f:bb:3d:1e:fb:85:5c:
9f:5a:0c:b2:aa:64:af:cb:6f:f4:50:6d:6a:ea:d9:0e:fc:77:
1f:06:63:a0:9f:f2:58:27:e0:d5:54:65:07:1e:8d:80:20:10:
03:32:e7:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYspil8IbxxjLXeEzHIDO7A9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYTc1OWIwNmU2ZmVkMDNiMDkzMDc0OTE1M2ZjMTZhMTJh
NTAxZTAwHhcNMjMxMDEzMTQ1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGJiMzczMGM1ODliMjJiMGNiNTA3MGU2ZWVmODIwNWUwN2E0YmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqADyviFyVU52GC4RKosAlHkGNr4S
JtkcvDN47o/llQUxvqTbbLN3H4H3ax0EdaXGIc+ZRXAQh2HG4ONaL7QFU7BtciTX
FTkMcvVjIhMDsD8/JXU8LvWHWoNKFGS5+/tmTtIyuUI/ZYhYonl8VYN0r56Y629T
evAeX7Oeb2Ta1dZ5qzHPDdSdImlI/YlWLj3HxDdMBDu3vdcYUpdx5YSLLcdlYQpD
oRcmrHqx9KiU8cjMErh+9MTdxLQSbEzuEl50LSyuy/5C5S4UlNqf7N1YIRGqbNVY
47Hos0L2aJe4WL98nlDPKqc2KY5NjuUcvxkP1iaLtRNkhXhbCSepHHW5uwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCS7NzDFibIrDLUHDm7vggXgekvBMB8GA1UdIwQY
MBaAFGOnWbBub+0DsJMHSRU/wWoSpQHgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZkWnNHNXY3UU93a3dkSkZUX0JhaEtsQWVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8xMzE1MGMtODVkYS00NThkLWJjNmMt
OWUyNDk2OGU2NjY0LzEvSkxzM01NV0pzaXNNdFFjT2J1LUNCZUI2UzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8xMzE1MGMtODVkYS00NThkLWJjNmMtOWUyNDk2OGU2NjY0
LzEvWTZkWnNHNXY3UU93a3dkSkZUX0JhaEtsQWVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSjSAwQA
W80rAwQAuW3+MA0GCSqGSIb3DQEBCwUAA4IBAQBB931NK2C5etbVMWolLeB+iyo7
X2nLVfAK3Q23veSMbC2aoMEsPXelpngKQ91KFUQHe2ZhIeALD/zCsEHlklweutB0
SxtLhO7yuojdn/qasf4LxKILz6jVuBNDlimiSIqLNKif8AjQj0y39/xVr1heY7lh
HsE7mC0BIPfc9yJkUpqMSVPmtggqnooJ3mFFkn0/6D16uWwtvzzWY4EKqSbWdQe7
u8X6wZtWbw0xuDVLBqJH9r80Th40zXitWChqpAbXK/1yB/N9ZF+mKvYKOPWIAR+7
PR77hVyfWgyyqmSvy2/0UG1q6tkO/HcfBmOgn/JYJ+DVVGUHHo2AIBADMueS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:24 2025 by rpki-client