Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/JPhVILwpT2s75W6_A-0iIaAkFMk.roa
File: JPhVILwpT2s75W6_A-0iIaAkFMk.roa (raw, json)
Hash identifier: AK8YUaItYwh2AnlbXCfgAwp5uIdxMlMFOkx+xc4khkU=
Subject key identifier: 24:F8:55:20:BC:29:4F:6B:3B:E5:6E:BF:03:ED:22:21:A0:24:14:C9
Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Certificate serial: 075EC7E6
Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/JPhVILwpT2s75W6_A-0iIaAkFMk.roa
Signing time: Sat 01 Jan 2022 12:01:00 +0000
ROA not before: Sat 01 Jan 2022 12:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204506
IP address blocks: 93.157.207.0/24 maxlen: 24
45.152.23.0/24 maxlen: 24
2001:678:210::/48 maxlen: 48
2a0f:4507:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123652070 (0x75ec7e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3
Validity
Not Before: Jan 1 12:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24f85520bc294f6b3be56ebf03ed2221a02414c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4c:ab:76:6f:d5:7f:7c:f9:f1:29:8e:59:4e:
c5:c1:e4:84:15:de:f9:9b:0c:69:15:28:09:fa:b3:
9e:b2:0e:31:a7:68:d0:fb:de:af:c7:57:88:67:6b:
27:d7:37:87:9b:aa:8c:c3:38:68:f5:5b:fd:a7:e4:
a6:39:f8:70:2c:bc:70:f5:03:09:69:a3:b7:ab:97:
f4:d0:03:93:22:49:5e:4a:c2:ca:c3:60:6d:0a:0f:
4e:23:9f:75:58:d2:8c:73:a0:4e:3e:54:ba:f9:bf:
00:30:cb:ff:0f:ea:33:84:28:23:6c:fc:25:aa:75:
20:17:14:0c:e7:bc:a0:8a:d0:cb:b5:32:8d:1c:a0:
2d:0e:f5:34:38:55:38:70:cd:f1:53:f9:63:6b:82:
9e:b8:34:2b:c9:ee:6b:b9:43:b9:d6:11:2a:ad:55:
6d:65:d1:db:c1:1a:cb:a0:24:a0:ca:4c:ce:e4:5a:
07:77:13:c3:07:0b:5a:03:3d:a8:0b:46:40:04:6a:
62:3a:79:93:6e:2e:72:5c:dc:7c:8a:a1:02:54:f6:
22:d2:9a:df:d4:ce:23:1e:49:97:14:da:06:a0:fa:
fe:76:8a:e3:ee:3d:05:06:78:34:6f:f7:ba:f6:65:
97:29:37:97:44:a3:6e:d2:e2:85:16:27:08:ff:45:
cf:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F8:55:20:BC:29:4F:6B:3B:E5:6E:BF:03:ED:22:21:A0:24:14:C9
X509v3 Authority Key Identifier:
keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/JPhVILwpT2s75W6_A-0iIaAkFMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.23.0/24
93.157.207.0/24
IPv6:
2001:678:210::/48
2a0f:4507:8000::/33
Signature Algorithm: sha256WithRSAEncryption
96:f4:2e:1e:87:f7:2e:23:01:b5:12:64:2b:69:31:88:e7:70:
b9:ab:7b:69:06:3c:ee:ef:65:36:01:9d:f1:cd:ec:0f:37:ee:
e0:e7:86:5e:50:53:8c:19:d5:f3:7c:dc:75:76:68:50:33:b8:
e6:a7:01:18:d3:6b:a2:b3:38:4a:65:3b:ad:16:6f:a8:ae:fa:
06:01:21:94:fb:7b:dc:db:c1:df:88:83:a8:8d:4d:38:57:96:
85:35:e2:0a:2f:81:b3:23:1f:73:ba:14:d5:6e:2e:23:2a:e3:
5b:db:0f:c6:f1:57:62:3e:79:e9:75:9a:d8:89:a3:5a:a9:24:
82:e6:32:86:3a:96:e4:b1:41:7b:4f:7b:ff:73:9e:16:24:32:
fb:73:81:a4:89:9f:7f:99:d0:79:06:ea:7d:46:06:77:f8:86:
7c:6e:90:1e:43:59:be:99:2f:98:ae:51:43:8a:d6:20:3a:e2:
de:e1:03:c4:f2:ed:bd:92:8f:ae:f0:0b:36:a3:07:b2:0f:a6:
4a:46:69:6d:e4:e1:58:66:c0:1d:a5:dd:06:56:a3:34:18:77:
7b:66:7f:f7:ea:be:82:81:db:1a:a1:32:39:ae:fb:09:9b:10:
73:37:23:6b:0b:92:c9:9f:fc:73:47:08:27:5f:cb:4b:e2:e3:
da:8e:72:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEB17H5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDNiMmMzODcxMDY5MDAyYWQwYjJmNDJiMGNiZjVlOTJlM2JlNGIzMB4XDTIyMDEw
MTEyMDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRmODU1MjBiYzI5
NGY2YjNiZTU2ZWJmMDNlZDIyMjFhMDI0MTRjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO5Mq3Zv1X98+fEpjllOxcHkhBXe+ZsMaRUoCfqznrIOMado
0Pver8dXiGdrJ9c3h5uqjMM4aPVb/afkpjn4cCy8cPUDCWmjt6uX9NADkyJJXkrC
ysNgbQoPTiOfdVjSjHOgTj5Uuvm/ADDL/w/qM4QoI2z8Jap1IBcUDOe8oIrQy7Uy
jRygLQ71NDhVOHDN8VP5Y2uCnrg0K8nua7lDudYRKq1VbWXR28Eay6AkoMpMzuRa
B3cTwwcLWgM9qAtGQARqYjp5k24uclzcfIqhAlT2ItKa39TOIx5JlxTaBqD6/naK
4+49BQZ4NG/3uvZllyk3l0SjbtLihRYnCP9Fzw0CAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBQk+FUgvClPazvlbr8D7SIhoCQUyTAfBgNVHSMEGDAWgBQAOyw4cQaQAq0L
L0Kwy/XpLjvkszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FEc3NPSEVHa0FLdEN5OUNzTXYxNlM0NzVMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvZDk2Njg4LTJkOTgtNDYzNC04NmRiLWIzNWEwYTE0NTNmYi8x
L0pQaFZJTHdwVDJzNzVXNl9BLTBpSWFBa0ZNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
ZDk2Njg4LTJkOTgtNDYzNC04NmRiLWIzNWEwYTE0NTNmYi8xL0FEc3NPSEVHa0FL
dEN5OUNzTXYxNlM0NzVMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA+
BggrBgEFBQcBBwEB/wQvMC0wEgQCAAEwDAMEAC2YFwMEAF2dzzAXBAIAAjARAwcA
IAEGeAIQAwYHKg9FB4AwDQYJKoZIhvcNAQELBQADggEBAJb0Lh6H9y4jAbUSZCtp
MYjncLmre2kGPO7vZTYBnfHN7A837uDnhl5QU4wZ1fN83HV2aFAzuOanARjTa6Kz
OEplO60Wb6iu+gYBIZT7e9zbwd+Ig6iNTThXloU14govgbMjH3O6FNVuLiMq41vb
D8bxV2I+eel1mtiJo1qpJILmMoY6luSxQXtPe/9znhYkMvtzgaSJn3+Z0HkG6n1G
Bnf4hnxukB5DWb6ZL5iuUUOK1iA64t7hA8Ty7b2Sj67wCzajB7IPpkpGaW3k4Vhm
wB2l3QZWozQYd3tmf/fqvoKB2xqhMjmu+wmbEHM3I2sLksmf/HNHCCdfy0vi49qO
cvk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:29:21 2025 by rpki-client