Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/JkQbn79tyCIjrnqTLWy1qddIsy4.roa
File: JkQbn79tyCIjrnqTLWy1qddIsy4.roa (raw, json)
Hash identifier: dMd804xPgLhcmmVizsotI/p4ydtVo9Uz8ebNJTiNJ5c=
Subject key identifier: 26:44:1B:9F:BF:6D:C8:22:23:AE:7A:93:2D:6C:B5:A9:D7:48:B3:2E
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 01857270F52584961719D0DBFC3B6961BDDC
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/JkQbn79tyCIjrnqTLWy1qddIsy4.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47890
IP address blocks: 45.129.15.0/24 maxlen: 24
2.57.122.0/24 maxlen: 24
92.118.39.0/24 maxlen: 24
45.134.50.0/24 maxlen: 24
45.13.212.0/24 maxlen: 24
45.13.213.0/24 maxlen: 24
80.94.92.0/24 maxlen: 24
193.47.69.0/24 maxlen: 24
193.32.160.0/24 maxlen: 24
193.32.162.0/24 maxlen: 24
193.32.163.0/24 maxlen: 24
185.232.64.0/24 maxlen: 24
193.46.254.0/24 maxlen: 24
185.232.66.0/24 maxlen: 24
193.46.255.0/24 maxlen: 24
193.29.14.0/24 maxlen: 24
2a0c:9f00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f5:25:84:96:17:19:d0:db:fc:3b:69:61:bd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26441b9fbf6dc82223ae7a932d6cb5a9d748b32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ce:c8:a0:88:e2:ce:a6:77:ef:f6:04:48:3d:
45:e0:33:84:0b:53:d2:66:5f:e4:34:99:65:50:bf:
6f:f8:ea:9e:21:70:57:4e:72:07:b0:f1:f5:15:69:
10:cc:f5:82:ee:dd:eb:a3:cf:ff:75:e9:2c:bd:06:
79:b1:b3:b4:94:c4:20:3a:ff:f3:01:76:e9:45:39:
47:15:2d:da:73:66:eb:cd:47:6c:07:9d:a6:56:bf:
72:fe:6b:33:20:ea:2b:7a:8d:f3:f8:5d:86:18:9d:
52:63:e9:21:55:7e:ce:06:36:3a:3b:8b:00:16:8a:
39:fe:ee:45:fa:b6:0a:ff:65:5b:98:0f:92:a9:ba:
a4:0e:08:73:26:9a:88:37:54:e5:f7:e8:b7:dc:df:
a2:0a:ec:92:90:56:0c:df:4a:38:e6:97:62:4f:c0:
ce:f7:f7:f4:ab:4b:02:60:c0:66:13:fe:93:06:80:
56:2d:ec:6f:d6:9a:b8:2d:33:a7:4a:a4:cf:f7:4d:
eb:1e:ee:5e:bd:5e:61:8d:d0:f9:d0:af:b0:f1:00:
30:ef:bc:28:4e:d4:9b:4d:17:66:29:08:55:25:f6:
87:45:95:6f:ca:dd:06:a3:1c:36:f9:f0:02:62:5c:
73:20:93:9d:8f:4f:84:49:84:57:b2:1a:33:d5:04:
7e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:44:1B:9F:BF:6D:C8:22:23:AE:7A:93:2D:6C:B5:A9:D7:48:B3:2E
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/JkQbn79tyCIjrnqTLWy1qddIsy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.122.0/24
45.13.212.0/23
45.129.15.0/24
45.134.50.0/24
80.94.92.0/24
92.118.39.0/24
185.232.64.0/24
185.232.66.0/24
193.29.14.0/24
193.32.160.0/24
193.32.162.0/23
193.46.254.0/23
193.47.69.0/24
IPv6:
2a0c:9f00::/48
Signature Algorithm: sha256WithRSAEncryption
6c:b7:b0:34:f0:42:26:c8:c2:44:ff:3a:e5:a3:2e:97:49:c8:
a0:4f:a6:d4:22:50:a5:1a:1b:c5:6d:13:cf:18:39:4d:0b:91:
da:06:22:fe:ab:10:35:bd:f5:55:b1:85:1e:aa:68:a2:b8:2a:
59:5a:9e:72:61:45:9a:60:d6:b1:4d:19:db:16:a9:da:f7:c1:
a3:12:39:4d:5e:3b:38:78:cc:3c:d4:8b:36:92:94:ba:80:e1:
87:57:99:b8:6f:27:ee:92:f0:5a:ac:a1:fb:c0:e5:1a:54:06:
9b:ef:f5:e6:7c:bc:cb:1c:0d:b2:36:bb:35:6c:b3:6e:4a:1d:
2d:c7:9b:0e:c0:71:41:c1:1e:15:a6:15:7b:90:9d:4a:f0:b1:
32:45:ba:a6:0d:b0:ef:46:28:aa:58:3e:8a:92:62:39:35:01:
bd:ea:19:50:ae:89:ba:01:bb:46:7d:78:9a:e1:4d:ce:61:3a:
ee:e3:18:32:39:3d:95:f2:8b:e5:4c:fa:14:1a:16:35:35:ff:
29:dc:75:c9:e8:d1:cd:03:90:c2:90:ca:50:ce:cb:8f:e5:3b:
23:46:15:c5:d4:aa:7d:bf:49:57:2c:a7:29:2a:98:10:ff:d1:
9d:99:81:ff:74:e2:27:a4:48:3b:dc:a5:b8:f9:4e:cd:f1:55:
8a:66:84:80
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYVycPUlhJYXGdDb/DtpYb3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ0MWI5ZmJmNmRjODIyMjNhZTdhOTMyZDZjYjVhOWQ3NDhiMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA087IoIjizqZ37/YESD1F4DOEC1PS
Zl/kNJllUL9v+OqeIXBXTnIHsPH1FWkQzPWC7t3ro8//deksvQZ5sbO0lMQgOv/z
AXbpRTlHFS3ac2brzUdsB52mVr9y/mszIOoreo3z+F2GGJ1SY+khVX7OBjY6O4sA
Foo5/u5F+rYK/2VbmA+SqbqkDghzJpqIN1Tl9+i33N+iCuySkFYM30o45pdiT8DO
9/f0q0sCYMBmE/6TBoBWLexv1pq4LTOnSqTP903rHu5evV5hjdD50K+w8QAw77wo
TtSbTRdmKQhVJfaHRZVvyt0Goxw2+fACYlxzIJOdj0+ESYRXshoz1QR+ywIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFCZEG5+/bcgiI656ky1stanXSLMuMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvSmtRYm43OXR5Q0lqcm5xVExXeTFxZGRJc3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQAAjl6AwQB
LQ3UAwQALYEPAwQALYYyAwQAUF5cAwQAXHYnAwQAuehAAwQAuehCAwQAwR0OAwQA
wSCgAwQBwSCiAwQBwS7+AwQAwS9FMA8EAgACMAkDBwAqDJ8AAAAwDQYJKoZIhvcN
AQELBQADggEBAGy3sDTwQibIwkT/OuWjLpdJyKBPptQiUKUaG8VtE88YOU0LkdoG
Iv6rEDW99VWxhR6qaKK4KllannJhRZpg1rFNGdsWqdr3waMSOU1eOzh4zDzUizaS
lLqA4YdXmbhvJ+6S8FqsofvA5RpUBpvv9eZ8vMscDbI2uzVss25KHS3Hmw7AcUHB
HhWmFXuQnUrwsTJFuqYNsO9GKKpYPoqSYjk1Ab3qGVCuiboBu0Z9eJrhTc5hOu7j
GDI5PZXyi+VM+hQaFjU1/yncdcno0c0DkMKQylDOy4/lOyNGFcXUqn2/SVcspykq
mBD/0Z2Zgf904iekSDvcpbj5Ts3xVYpmhIA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:32 2025 by rpki-client