Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/JaPzIDrmBEStFMPYrNV3_3tmrRY.roa
File: JaPzIDrmBEStFMPYrNV3_3tmrRY.roa (raw, json)
Hash identifier: DVvBDvwdSk4YKYTnFvSPDcQJZ1XxsPXlgxGXNd7ojZE=
Subject key identifier: 25:A3:F3:20:3A:E6:04:44:AD:14:C3:D8:AC:D5:77:FF:7B:66:AD:16
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018BC99A245F80A373A5C8FB8BE084E72372
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/JaPzIDrmBEStFMPYrNV3_3tmrRY.roa
Signing time: Mon 13 Nov 2023 16:53:24 +0000
ROA not before: Mon 13 Nov 2023 16:53:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 176.118.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:9a:24:5f:80:a3:73:a5:c8:fb:8b:e0:84:e7:23:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Nov 13 16:53:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a3f3203ae60444ad14c3d8acd577ff7b66ad16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:96:6b:e0:79:53:08:e2:65:81:76:e1:58:b2:
a3:99:3c:e1:a6:6f:86:ad:47:24:cf:9b:27:3e:98:
66:ea:9e:af:41:ae:f4:f4:e3:37:83:5c:cd:c0:70:
8c:d4:8b:8b:a3:c9:6b:66:eb:2e:e5:05:57:bb:53:
57:7e:5f:57:69:c7:37:e3:99:9f:2f:f5:8e:a8:75:
49:03:ef:61:67:30:a4:a0:82:2e:0e:bd:bc:5b:70:
c8:c0:2a:d1:bb:5e:74:1d:16:0f:e9:2d:c4:78:53:
ee:c8:5d:e5:13:2d:45:0e:d0:03:9a:88:0a:e2:5c:
4c:07:fe:18:89:fb:4c:94:bb:91:11:c7:e2:18:82:
03:7b:bb:9f:b2:83:29:74:6b:17:f5:81:04:b8:16:
05:cc:d7:1c:04:60:c2:5a:15:cb:26:b3:81:fb:c8:
40:f2:e2:c4:e5:9d:de:74:7b:cb:93:c7:4b:78:dd:
c3:30:78:cb:aa:28:2f:0b:bc:40:d3:ee:3d:d2:27:
52:fe:d7:e0:5b:06:ad:42:74:06:be:b6:74:9b:dd:
4e:23:a9:65:10:fa:fd:ef:cd:58:23:4b:eb:26:2b:
2e:9a:0c:1a:fc:5a:f1:0d:9a:aa:67:06:77:67:1e:
d1:d8:1e:26:41:db:db:da:4d:f6:5a:53:65:68:3e:
12:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A3:F3:20:3A:E6:04:44:AD:14:C3:D8:AC:D5:77:FF:7B:66:AD:16
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/JaPzIDrmBEStFMPYrNV3_3tmrRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.33.0/24
Signature Algorithm: sha256WithRSAEncryption
30:31:0a:f4:cf:79:46:70:d6:97:e0:76:e0:6d:e1:b4:20:ac:
c5:f0:8f:26:77:6d:2e:9e:dd:90:ee:7c:c4:77:42:3d:60:35:
c4:5c:85:99:e2:6f:4b:75:14:9a:00:1d:44:a1:f0:19:00:42:
44:d9:08:cf:96:17:a4:bb:c0:e8:69:8c:a2:26:7c:0a:f3:6d:
4f:1e:bc:ee:9b:b1:ec:e9:f7:38:b0:47:dd:12:f7:2e:bc:56:
71:2a:2d:11:23:5a:3b:3a:af:da:dd:71:ce:8d:6f:63:3e:23:
e3:68:de:03:25:b9:26:b3:d9:3f:ae:69:0b:1a:ae:36:c3:8a:
58:b2:97:a1:e8:fc:40:49:5c:06:f0:fb:10:68:e8:c6:be:67:
70:13:7e:0d:6c:43:71:77:80:5d:54:b3:e6:fc:33:c5:83:f1:
c2:d2:b4:5c:9b:48:41:ab:8a:34:9d:15:05:da:93:94:94:3a:
42:2a:67:ef:09:ac:03:2d:e0:8f:f1:32:bb:98:17:0f:2a:5f:
6b:83:76:fe:65:fd:ed:9f:fe:7e:c1:82:4d:7f:57:d1:5c:ef:
ba:80:95:b4:7e:77:d3:19:d1:8e:81:1d:9e:26:e7:90:08:10:
a9:8a:2c:9e:a8:35:99:e2:4b:65:ce:89:bf:92:7b:79:18:c4:
09:00:9d:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvJmiRfgKNzpcj7i+CE5yNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjMxMTEzMTY1MzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWEzZjMyMDNhZTYwNDQ0YWQxNGMzZDhhY2Q1NzdmZjdiNjZhZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJZr4HlTCOJlgXbhWLKjmTzhpm+G
rUckz5snPphm6p6vQa709OM3g1zNwHCM1IuLo8lrZusu5QVXu1NXfl9Xacc345mf
L/WOqHVJA+9hZzCkoIIuDr28W3DIwCrRu150HRYP6S3EeFPuyF3lEy1FDtADmogK
4lxMB/4YiftMlLuREcfiGIIDe7ufsoMpdGsX9YEEuBYFzNccBGDCWhXLJrOB+8hA
8uLE5Z3edHvLk8dLeN3DMHjLqigvC7xA0+490idS/tfgWwatQnQGvrZ0m91OI6ll
EPr9781YI0vrJisumgwa/FrxDZqqZwZ3Zx7R2B4mQdvb2k32WlNlaD4S9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCWj8yA65gRErRTD2KzVd/97Zq0WMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvSmFQeklEcm1CRVN0Rk1QWXJOVjNfM3RtclJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHYhMA0G
CSqGSIb3DQEBCwUAA4IBAQAwMQr0z3lGcNaX4HbgbeG0IKzF8I8md20unt2Q7nzE
d0I9YDXEXIWZ4m9LdRSaAB1EofAZAEJE2QjPlheku8DoaYyiJnwK821PHrzum7Hs
6fc4sEfdEvcuvFZxKi0RI1o7Oq/a3XHOjW9jPiPjaN4DJbkms9k/rmkLGq42w4pY
speh6PxASVwG8PsQaOjGvmdwE34NbENxd4BdVLPm/DPFg/HC0rRcm0hBq4o0nRUF
2pOUlDpCKmfvCawDLeCP8TK7mBcPKl9rg3b+Zf3tn/5+wYJNf1fRXO+6gJW0fnfT
GdGOgR2eJueQCBCpiiyeqDWZ4ktlzom/knt5GMQJAJ3E
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:40 2025 by rpki-client