Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jT2II7NiGS72zn_nEmpnLVuVxz0.roa
File: jT2II7NiGS72zn_nEmpnLVuVxz0.roa (raw, json)
Hash identifier: 0BDr6uSNnKGw+C3ZoevDHZIu9G9/J0AiXdJkFnqNtfM=
Subject key identifier: 8D:3D:88:23:B3:62:19:2E:F6:CE:7F:E7:12:6A:67:2D:5B:95:C7:3D
Certificate issuer: /CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Certificate serial: 0185729F0A19F278BA2F2D6FC6CE0589F7FC
Authority key identifier: 8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jT2II7NiGS72zn_nEmpnLVuVxz0.roa
Signing time: Mon 02 Jan 2023 13:15:03 +0000
ROA not before: Mon 02 Jan 2023 13:15:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208727
IP address blocks: 194.48.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9f:0a:19:f2:78:ba:2f:2d:6f:c6:ce:05:89:f7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Validity
Not Before: Jan 2 13:15:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d3d8823b362192ef6ce7fe7126a672d5b95c73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c8:26:c4:2d:bb:6d:33:e6:ee:6e:b0:86:18:
ac:5b:65:55:df:5e:31:a2:d8:74:0a:3c:62:9b:d9:
2e:20:3e:c4:81:f8:5e:d3:55:d4:18:4f:4d:3c:97:
68:97:4b:3f:56:97:4f:2f:56:a6:13:34:7b:3f:70:
67:88:a8:1c:f8:6f:08:ef:ad:17:d9:07:24:d2:b7:
83:10:00:be:bf:98:a4:b0:27:7d:6b:76:ba:27:5f:
94:5f:42:b1:56:7c:b4:a7:b2:45:71:9e:17:09:8d:
ef:9a:78:b0:16:fa:66:cc:66:f2:23:92:02:dc:1c:
5b:bb:ff:79:98:48:50:79:21:ee:7a:52:96:be:3b:
93:4d:00:da:c3:7b:5b:14:21:07:08:7a:b6:ce:33:
79:f9:aa:a2:a6:1d:c3:2e:92:62:99:c0:04:09:4f:
29:65:57:5d:75:34:f7:4c:52:29:c9:ef:66:43:6a:
da:68:72:74:a6:71:b7:57:2e:7f:c9:1c:3a:52:f5:
12:f4:19:5e:22:90:f9:d0:e8:88:af:7f:de:59:ea:
37:ab:27:82:7b:0e:fc:01:7b:ec:c2:d8:bf:94:2e:
89:bb:51:c7:7c:9b:8b:c0:80:43:f2:8c:87:54:33:
bc:4e:52:28:64:04:18:c3:11:32:3b:c2:1b:9b:d4:
a8:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:3D:88:23:B3:62:19:2E:F6:CE:7F:E7:12:6A:67:2D:5B:95:C7:3D
X509v3 Authority Key Identifier:
keyid:8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jT2II7NiGS72zn_nEmpnLVuVxz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.230.0/24
Signature Algorithm: sha256WithRSAEncryption
01:34:ae:39:68:13:be:37:cc:5d:ef:17:27:3c:42:22:5c:81:
70:de:9b:23:71:d6:5f:f9:63:10:8e:b3:c6:08:27:a5:43:b8:
d4:3c:56:87:96:2d:48:a5:94:8c:3f:24:2a:78:31:58:35:ff:
c9:a4:af:9e:ca:da:13:3a:e0:7e:8b:20:97:af:37:c0:2c:0c:
aa:cd:da:c6:03:b6:cf:29:6c:93:63:e8:44:66:81:f2:2c:07:
15:37:28:34:f7:a1:2e:d4:81:6a:f2:84:4d:c4:a0:f3:95:b0:
08:93:e4:5e:d4:fc:77:c4:84:7e:18:34:2a:b0:e4:48:39:4c:
9e:86:38:71:26:bc:e5:8f:8a:24:1a:e3:25:35:d6:a3:45:b0:
d6:51:be:fa:09:41:f8:c4:d5:bf:81:35:2e:e4:a3:f5:48:49:
60:bb:4c:70:0c:37:8a:f2:92:8d:8a:b8:ef:db:cf:65:ce:29:
22:6f:57:6e:08:80:63:ee:8b:00:fe:1a:3d:83:75:26:41:a9:
d2:b0:50:10:66:54:1d:f2:59:72:22:03:33:c6:0f:99:5c:ee:
38:cb:f4:86:cc:e4:b5:7e:24:7f:2a:80:fc:24:13:3e:f7:49:
f1:75:d6:b0:1f:a4:2f:86:94:0a:4f:5b:23:54:15:88:6b:c4:
b6:59:f5:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVynwoZ8ni6Ly1vxs4Fiff8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZDUyNDM5Y2FjMjcxOWI2NGU4NWIyNmZmMGVhODQ2OGQ1
Nzk2MGUwHhcNMjMwMTAyMTMxNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDNkODgyM2IzNjIxOTJlZjZjZTdmZTcxMjZhNjcyZDViOTVjNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcgmxC27bTPm7m6whhisW2VV314x
oth0Cjxim9kuID7Egfhe01XUGE9NPJdol0s/VpdPL1amEzR7P3BniKgc+G8I760X
2Qck0reDEAC+v5iksCd9a3a6J1+UX0KxVny0p7JFcZ4XCY3vmniwFvpmzGbyI5IC
3Bxbu/95mEhQeSHuelKWvjuTTQDaw3tbFCEHCHq2zjN5+aqiph3DLpJimcAECU8p
ZVdddTT3TFIpye9mQ2raaHJ0pnG3Vy5/yRw6UvUS9BleIpD50OiIr3/eWeo3qyeC
ew78AXvswti/lC6Ju1HHfJuLwIBD8oyHVDO8TlIoZAQYwxEyO8Ibm9SowQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI09iCOzYhku9s5/5xJqZy1blcc9MB8GA1UdIwQY
MBaAFIzVJDnKwnGbZOhbJv8OqEaNV5YOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUt
M2U0YTAyNmRmMDAwLzEvalQySUk3TmlHUzcyem5fbkVtcG5MVnVWeHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jZDM3MTEtNzA4NC00YjE1LWJjMjUtM2U0YTAyNmRmMDAw
LzEvak5Va09jckNjWnRrNkZzbV93Nm9SbzFYbGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjDmMA0G
CSqGSIb3DQEBCwUAA4IBAQABNK45aBO+N8xd7xcnPEIiXIFw3psjcdZf+WMQjrPG
CCelQ7jUPFaHli1IpZSMPyQqeDFYNf/JpK+eytoTOuB+iyCXrzfALAyqzdrGA7bP
KWyTY+hEZoHyLAcVNyg096Eu1IFq8oRNxKDzlbAIk+Re1Px3xIR+GDQqsORIOUye
hjhxJrzlj4okGuMlNdajRbDWUb76CUH4xNW/gTUu5KP1SElgu0xwDDeK8pKNirjv
289lzikib1duCIBj7osA/ho9g3UmQanSsFAQZlQd8llyIgMzxg+ZXO44y/SGzOS1
fiR/KoD8JBM+90nxddawH6QvhpQKT1sjVBWIa8S2WfWI
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:32:29 2025 by rpki-client