Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/807954-aa7e-48e9-87fa-5ebf2a54eb6d/1/jgppkeALfybuHYCERuJbfEFMKJk.roa
File: jgppkeALfybuHYCERuJbfEFMKJk.roa (raw, json)
Hash identifier: uTffU4Ax3LINtH23okZOR6aQGWRJLgmyp5T92WWydRI=
Subject key identifier: 8E:0A:69:91:E0:0B:7F:26:EE:1D:80:84:46:E2:5B:7C:41:4C:28:99
Certificate issuer: /CN=c27964aabf404dda3f5e0ecc1c706ab327c6f931
Certificate serial: 01857321CC45267382EC21648CDF70257D27
Authority key identifier: C2:79:64:AA:BF:40:4D:DA:3F:5E:0E:CC:1C:70:6A:B3:27:C6:F9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wnlkqr9ATdo_Xg7MHHBqsyfG-TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/807954-aa7e-48e9-87fa-5ebf2a54eb6d/1/jgppkeALfybuHYCERuJbfEFMKJk.roa
Signing time: Mon 02 Jan 2023 15:37:52 +0000
ROA not before: Mon 02 Jan 2023 15:37:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201494
IP address blocks: 185.73.40.0/22 maxlen: 24
2a05:3f80:43::/48 maxlen: 48
2a05:3f80:41::/48 maxlen: 48
2a05:3f80::/29 maxlen: 29
2a05:3f80:42::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:cc:45:26:73:82:ec:21:64:8c:df:70:25:7d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c27964aabf404dda3f5e0ecc1c706ab327c6f931
Validity
Not Before: Jan 2 15:37:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e0a6991e00b7f26ee1d808446e25b7c414c2899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fe:6d:b8:58:68:d5:3b:df:b9:ce:d7:da:0a:
83:f3:37:cd:b6:f5:5c:6c:ce:77:71:c3:7d:e5:45:
1d:a4:fa:0f:ba:b1:0a:01:14:82:81:4a:07:90:c8:
5a:d3:f8:67:6e:51:19:2b:d3:d9:ff:e4:59:b3:8e:
ef:1a:01:f2:a9:3c:f0:43:de:2c:8c:37:25:4d:5b:
50:fd:d0:af:5d:ab:69:a5:fe:44:d7:07:93:f9:74:
f4:1b:ae:cf:a8:45:e3:b7:d1:b8:38:12:de:61:7a:
08:11:a0:57:3c:64:21:06:8b:f4:e1:0d:87:91:fd:
91:1f:9b:c5:eb:8c:ec:f3:87:54:1e:21:60:fe:9c:
5d:e9:de:72:1c:3c:35:c1:3a:64:81:7d:9b:bd:4a:
cf:1b:c3:c6:cc:62:98:ee:52:fb:75:9c:4c:5e:84:
f8:cc:dd:8b:2e:58:78:6b:65:0e:d6:09:3b:bf:aa:
9f:3b:8c:c1:e8:2d:63:8c:e0:88:bb:6a:1d:f0:36:
14:b9:eb:18:d2:c3:af:50:47:6b:7a:f2:2a:e7:2b:
05:bd:c0:75:99:13:70:8a:72:19:00:27:b5:4c:6c:
93:c8:6f:a9:3a:7a:ff:6c:65:23:91:84:f7:80:ed:
23:35:cf:1d:ce:c6:64:95:49:29:27:0e:1e:32:6f:
81:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0A:69:91:E0:0B:7F:26:EE:1D:80:84:46:E2:5B:7C:41:4C:28:99
X509v3 Authority Key Identifier:
keyid:C2:79:64:AA:BF:40:4D:DA:3F:5E:0E:CC:1C:70:6A:B3:27:C6:F9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wnlkqr9ATdo_Xg7MHHBqsyfG-TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/807954-aa7e-48e9-87fa-5ebf2a54eb6d/1/jgppkeALfybuHYCERuJbfEFMKJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/807954-aa7e-48e9-87fa-5ebf2a54eb6d/1/wnlkqr9ATdo_Xg7MHHBqsyfG-TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.40.0/22
IPv6:
2a05:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
88:6b:76:7e:70:89:36:e4:c8:9a:00:e0:c8:d0:c2:19:80:88:
41:ba:80:37:59:67:14:4b:65:66:24:08:97:00:89:07:62:df:
bb:37:6c:a4:1f:47:e2:4b:00:02:01:f6:42:cb:3d:f9:e2:8d:
ec:8b:a8:d6:d0:d0:62:88:1c:2b:ce:ef:b0:d2:a6:7c:09:0d:
af:ca:6e:0b:2e:cf:17:bc:ff:c6:6f:13:65:22:23:2a:90:d6:
5d:71:06:10:e9:61:8a:f7:a3:10:fb:ca:c6:62:bb:22:bc:b2:
53:4e:15:ec:8a:35:68:99:85:55:d5:32:56:13:cd:2f:3c:eb:
62:35:78:85:da:b7:4c:0d:a4:f9:2a:73:51:d2:48:b0:d7:94:
b7:73:c1:4c:23:9f:d6:7b:67:14:38:51:c7:a8:ce:8e:6b:28:
92:f9:3d:77:25:42:68:74:c8:17:36:b2:45:95:23:0c:c4:8b:
33:b6:64:73:d5:e6:43:74:05:7a:bb:c7:78:6c:99:96:dd:ff:
c0:aa:f8:71:08:50:30:4b:30:77:9a:ae:f9:20:2c:5d:d2:54:
4b:cb:a0:6c:ea:32:37:87:5d:df:be:bc:06:00:23:95:24:d2:
68:28:2e:73:7a:a9:10:49:09:de:cc:ad:38:16:d5:14:c3:9e:
7d:9c:cb:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzIcxFJnOC7CFkjN9wJX0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzk2NGFhYmY0MDRkZGEzZjVlMGVjYzFjNzA2YWIzMjdj
NmY5MzEwHhcNMjMwMTAyMTUzNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBhNjk5MWUwMGI3ZjI2ZWUxZDgwODQ0NmUyNWI3YzQxNGMyODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/5tuFho1Tvfuc7X2gqD8zfNtvVc
bM53ccN95UUdpPoPurEKARSCgUoHkMha0/hnblEZK9PZ/+RZs47vGgHyqTzwQ94s
jDclTVtQ/dCvXatppf5E1weT+XT0G67PqEXjt9G4OBLeYXoIEaBXPGQhBov04Q2H
kf2RH5vF64zs84dUHiFg/pxd6d5yHDw1wTpkgX2bvUrPG8PGzGKY7lL7dZxMXoT4
zN2LLlh4a2UO1gk7v6qfO4zB6C1jjOCIu2od8DYUuesY0sOvUEdrevIq5ysFvcB1
mRNwinIZACe1TGyTyG+pOnr/bGUjkYT3gO0jNc8dzsZklUkpJw4eMm+BJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI4KaZHgC38m7h2AhEbiW3xBTCiZMB8GA1UdIwQY
MBaAFMJ5ZKq/QE3aP14OzBxwarMnxvkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25sa3FyOUFUZG9fWGc3TUhIQnFzeWZHLVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MDc5NTQtYWE3ZS00OGU5LTg3ZmEt
NWViZjJhNTRlYjZkLzEvamdwcGtlQUxmeWJ1SFlDRVJ1SmJmRUZNS0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MDc5NTQtYWE3ZS00OGU5LTg3ZmEtNWViZjJhNTRlYjZk
LzEvd25sa3FyOUFUZG9fWGc3TUhIQnFzeWZHLVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUkoMA0E
AgACMAcDBQMqBT+AMA0GCSqGSIb3DQEBCwUAA4IBAQCIa3Z+cIk25MiaAODI0MIZ
gIhBuoA3WWcUS2VmJAiXAIkHYt+7N2ykH0fiSwACAfZCyz354o3si6jW0NBiiBwr
zu+w0qZ8CQ2vym4LLs8XvP/GbxNlIiMqkNZdcQYQ6WGK96MQ+8rGYrsivLJTThXs
ijVomYVV1TJWE80vPOtiNXiF2rdMDaT5KnNR0kiw15S3c8FMI5/We2cUOFHHqM6O
ayiS+T13JUJodMgXNrJFlSMMxIsztmRz1eZDdAV6u8d4bJmW3f/AqvhxCFAwSzB3
mq75ICxd0lRLy6Bs6jI3h13fvrwGACOVJNJoKC5zeqkQSQnezK04FtUUw559nMtv
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:01 2025 by rpki-client