Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/JZa1iJvBdscsNUkLuBAQ1YEYfJ8.roa
File: JZa1iJvBdscsNUkLuBAQ1YEYfJ8.roa (raw, json)
Hash identifier: 8MbaoLoKnP6yN5qXnV/IYAFQ+hNAooGn1IxN4Nl94/w=
Subject key identifier: 25:96:B5:88:9B:C1:76:C7:2C:35:49:0B:B8:10:10:D5:81:18:7C:9F
Certificate issuer: /CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Certificate serial: 0189FFFA5B0D2856465DB97A2D151B2DF9A7
Authority key identifier: 37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/JZa1iJvBdscsNUkLuBAQ1YEYfJ8.roa
Signing time: Wed 16 Aug 2023 20:12:24 +0000
ROA not before: Wed 16 Aug 2023 20:12:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207767
IP address blocks: 176.119.209.0/24 maxlen: 24
185.90.44.0/22 maxlen: 24
2a0f:ffc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ff:fa:5b:0d:28:56:46:5d:b9:7a:2d:15:1b:2d:f9:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37891a4724aac6b5da0005329aa3a5abe87779d6
Validity
Not Before: Aug 16 20:12:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2596b5889bc176c72c35490bb81010d581187c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0d:13:1a:e7:41:f3:5c:45:d3:c8:63:d3:ab:
53:82:2e:8e:03:53:c0:59:ea:41:96:fd:f6:94:b0:
e2:56:b8:f6:c3:5b:1f:c3:0b:65:f4:2c:c7:45:d1:
60:64:6d:7d:57:76:c3:31:cd:a8:4b:4f:af:e4:f5:
6a:ff:cb:e9:5c:38:11:0b:0c:ae:e3:7e:16:69:b6:
1d:88:21:86:ab:2a:f7:c2:cc:4e:99:c1:91:b3:f5:
46:83:0d:bb:9b:69:91:dd:52:bc:57:9a:32:01:10:
25:19:91:6b:59:6d:b6:15:46:7f:90:69:23:1e:ba:
71:fe:7e:1d:af:e6:7a:66:09:e7:ec:0d:e8:42:f2:
7d:3b:e8:c7:7f:d8:f3:07:c6:b2:7b:61:f1:8e:a4:
df:c6:47:02:c6:b2:61:74:32:a2:cd:40:01:b9:9e:
8a:5f:b9:42:26:8e:a1:3b:85:bd:d1:7a:07:72:8a:
00:4e:4e:f7:a8:61:b5:95:20:21:4f:55:c8:fa:c6:
6f:81:45:d0:e7:da:85:ba:12:2a:f5:e9:4b:9a:ad:
1e:87:08:e4:90:cf:52:15:a8:f0:1e:61:05:6f:62:
bc:2d:90:a1:77:61:03:14:68:09:af:f3:29:3d:c8:
cb:64:2a:7b:58:d8:aa:19:30:5f:38:bc:b4:3f:4b:
1e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:96:B5:88:9B:C1:76:C7:2C:35:49:0B:B8:10:10:D5:81:18:7C:9F
X509v3 Authority Key Identifier:
keyid:37:89:1A:47:24:AA:C6:B5:DA:00:05:32:9A:A3:A5:AB:E8:77:79:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N4kaRySqxrXaAAUymqOlq-h3edY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/JZa1iJvBdscsNUkLuBAQ1YEYfJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e128e0-00a6-4689-95be-524c2109cb05/1/N4kaRySqxrXaAAUymqOlq-h3edY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.209.0/24
185.90.44.0/22
IPv6:
2a0f:ffc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:78:f3:88:04:b4:f5:78:19:7c:f3:de:1d:2c:74:ff:b6:49:
ec:b2:3c:e2:bb:cb:ab:ee:c4:db:fa:d6:2e:d9:c7:0e:c7:42:
fb:32:6d:ec:cc:ca:50:fa:4b:25:4d:dc:a7:71:33:41:05:e3:
0c:25:8c:5b:fd:03:07:d0:8e:75:01:b8:83:4d:67:fd:a5:1d:
f2:e9:fa:f2:fc:35:86:fe:bb:77:9f:c3:0d:ab:6e:15:36:d0:
e2:71:29:47:d1:9c:cf:6e:42:74:5e:7a:f0:52:b8:99:16:d3:
fb:5e:72:f3:4c:0f:9a:ae:1d:da:4c:bf:d0:a2:81:0e:82:9a:
24:a2:8b:28:57:7a:0c:91:80:30:e8:d9:34:11:41:9d:9a:5e:
fb:3f:5b:20:0a:c2:f2:fd:b2:81:7f:b2:e6:58:7d:77:a0:e2:
4c:15:2e:9d:9c:e9:db:e2:0c:e8:c3:66:fd:79:c5:95:32:47:
b1:1b:0c:14:54:c8:8c:8c:a3:08:b9:77:b8:aa:28:6d:67:6d:
c6:70:8f:d5:9d:0a:b9:bd:24:5a:a5:f7:58:60:ea:5b:bd:c4:
aa:d1:98:3b:72:c0:4d:fc:90:d8:70:c4:99:9d:31:4a:68:e6:
c9:a2:95:9c:bc:8a:09:d8:f0:4a:8e:60:0c:aa:2c:c1:17:ef:
bf:d9:f4:82
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYn/+lsNKFZGXbl6LRUbLfmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ODkxYTQ3MjRhYWM2YjVkYTAwMDUzMjlhYTNhNWFiZTg3
Nzc5ZDYwHhcNMjMwODE2MjAxMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTk2YjU4ODliYzE3NmM3MmMzNTQ5MGJiODEwMTBkNTgxMTg3YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ0TGudB81xF08hj06tTgi6OA1PA
WepBlv32lLDiVrj2w1sfwwtl9CzHRdFgZG19V3bDMc2oS0+v5PVq/8vpXDgRCwyu
434WabYdiCGGqyr3wsxOmcGRs/VGgw27m2mR3VK8V5oyARAlGZFrWW22FUZ/kGkj
Hrpx/n4dr+Z6Zgnn7A3oQvJ9O+jHf9jzB8aye2HxjqTfxkcCxrJhdDKizUABuZ6K
X7lCJo6hO4W90XoHcooATk73qGG1lSAhT1XI+sZvgUXQ59qFuhIq9elLmq0ehwjk
kM9SFajwHmEFb2K8LZChd2EDFGgJr/MpPcjLZCp7WNiqGTBfOLy0P0senQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCWWtYibwXbHLDVJC7gQENWBGHyfMB8GA1UdIwQY
MBaAFDeJGkckqsa12gAFMpqjpavod3nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjRrYVJ5U3F4clhhQUFVeW1xT2xxLWgzZWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lMTI4ZTAtMDBhNi00Njg5LTk1YmUt
NTI0YzIxMDljYjA1LzEvSlphMWlKdkJkc2NzTlVrTHVCQVExWUVZZko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lMTI4ZTAtMDBhNi00Njg5LTk1YmUtNTI0YzIxMDljYjA1
LzEvTjRrYVJ5U3F4clhhQUFVeW1xT2xxLWgzZWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHfRAwQC
uVosMA0EAgACMAcDBQMqD//AMA0GCSqGSIb3DQEBCwUAA4IBAQCLePOIBLT1eBl8
894dLHT/tknssjziu8ur7sTb+tYu2ccOx0L7Mm3szMpQ+kslTdyncTNBBeMMJYxb
/QMH0I51AbiDTWf9pR3y6fry/DWG/rt3n8MNq24VNtDicSlH0ZzPbkJ0XnrwUriZ
FtP7XnLzTA+arh3aTL/QooEOgpokoosoV3oMkYAw6Nk0EUGdml77P1sgCsLy/bKB
f7LmWH13oOJMFS6dnOnb4gzow2b9ecWVMkexGwwUVMiMjKMIuXe4qihtZ23GcI/V
nQq5vSRapfdYYOpbvcSq0Zg7csBN/JDYcMSZnTFKaObJopWcvIoJ2PBKjmAMqizB
F++/2fSC
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:49 2025 by rpki-client