Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J15Pr3ML2dK6ElItO1pSZggSLdI.roa
File: J15Pr3ML2dK6ElItO1pSZggSLdI.roa (raw, json)
Hash identifier: d8zUk9V2eq+ZAmcpraJXApbJ790Z+29lq2VZj5CCW08=
Subject key identifier: 27:5E:4F:AF:73:0B:D9:D2:BA:12:52:2D:3B:5A:52:66:08:12:2D:D2
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0185E907B19F2DEEE2A005454FD9528E9FFC
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J15Pr3ML2dK6ElItO1pSZggSLdI.roa
Signing time: Wed 25 Jan 2023 13:04:33 +0000
ROA not before: Wed 25 Jan 2023 13:04:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 212.221.0.0/17 maxlen: 24
46.33.64.0/19 maxlen: 24
77.77.128.0/18 maxlen: 24
213.251.0.0/18 maxlen: 24
212.115.128.0/18 maxlen: 24
185.160.40.0/22 maxlen: 22
213.200.64.0/18 maxlen: 18
195.143.0.0/16 maxlen: 24
141.136.96.0/20 maxlen: 20
213.254.192.0/18 maxlen: 24
89.149.128.0/18 maxlen: 24
77.67.0.0/17 maxlen: 24
87.119.64.0/18 maxlen: 24
134.222.0.0/16 maxlen: 16
212.222.0.0/16 maxlen: 24
2001:668::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:07:b1:9f:2d:ee:e2:a0:05:45:4f:d9:52:8e:9f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jan 25 13:04:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=275e4faf730bd9d2ba12522d3b5a526608122dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5e:f9:06:53:dd:4f:46:03:df:1f:05:a0:66:
fe:07:d4:68:22:17:fa:a3:fd:a1:20:47:4f:6b:cb:
d6:5b:e1:f6:76:48:a8:2f:65:a3:f6:9d:bc:37:f2:
47:ac:cb:67:cd:9f:69:24:31:03:95:dd:77:85:b2:
49:c9:2c:24:ed:d1:dd:13:af:ea:1e:cf:88:e8:12:
18:db:72:94:25:76:6b:ca:0a:c4:c6:06:0d:fc:f1:
52:73:78:a5:c6:9e:9e:e3:22:5a:a0:5c:7d:2f:3f:
a3:7d:f6:e9:c3:2b:90:88:19:18:28:d2:9a:72:86:
ec:e7:43:49:83:ce:9c:f4:d3:9b:62:f8:89:5b:c8:
cc:1d:c6:0b:66:fd:b2:c2:95:58:bd:6c:59:b1:61:
a5:29:bf:10:2c:09:bc:bc:23:b0:81:34:94:ea:a8:
cd:cd:d7:ea:d1:2c:b1:9a:87:7b:f2:80:f7:bf:52:
f0:a9:93:0b:73:05:be:ce:e3:37:5e:0e:53:66:84:
f9:ce:65:da:11:83:c4:c4:45:e1:d0:6d:ea:de:9a:
0a:00:f5:7e:82:4a:e8:78:48:2b:3d:c5:f7:3d:40:
c2:9e:af:d3:4f:33:dc:f5:1c:a2:53:c4:f3:f6:9a:
b3:3d:06:34:a4:e1:ab:d5:4f:fa:9d:5f:69:e9:c7:
d7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:5E:4F:AF:73:0B:D9:D2:BA:12:52:2D:3B:5A:52:66:08:12:2D:D2
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J15Pr3ML2dK6ElItO1pSZggSLdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.64.0/19
77.67.0.0/17
77.77.128.0/18
87.119.64.0/18
89.149.128.0/18
134.222.0.0/16
141.136.96.0/20
185.160.40.0/22
195.143.0.0/16
212.115.128.0/18
212.221.0.0/17
212.222.0.0/16
213.200.64.0/18
213.251.0.0/18
213.254.192.0/18
IPv6:
2001:668::/29
Signature Algorithm: sha256WithRSAEncryption
3f:21:c1:29:14:94:9c:36:67:52:a6:73:52:b8:0a:e5:11:c1:
f0:d2:14:ef:5b:39:ba:00:ca:c8:b4:6f:fb:3e:1c:29:24:9b:
a0:17:41:b1:cb:6f:b1:8c:b3:ed:a6:0b:bc:c0:69:44:a6:8c:
bb:8b:ae:65:4a:c3:9b:97:c0:23:d7:29:b6:c0:04:eb:92:81:
6f:94:1c:d9:9a:12:15:c2:14:a5:f1:7e:d0:0f:79:f1:03:60:
57:85:3e:64:76:be:7b:e5:f7:73:45:dd:f3:4f:b7:2a:f5:d4:
f9:c2:71:e7:f3:f3:20:65:5c:cb:96:f2:9c:2e:74:63:85:53:
3e:d7:2a:53:8f:aa:a5:7e:c1:5b:46:56:7e:6d:7c:f1:3d:34:
bf:80:44:cc:72:da:8d:39:0a:5a:64:f6:ef:c6:ce:8f:d1:7a:
04:d5:d4:89:c4:e1:8d:da:b2:f8:36:5c:7a:7a:71:5f:fe:ba:
ba:ae:92:0e:a5:14:a6:68:cc:0e:34:ee:ac:88:1b:bf:34:bc:
3e:25:e7:1c:02:1b:c8:49:a5:18:1f:37:2a:e1:60:ee:f4:04:
44:77:eb:cf:e2:eb:66:a2:6f:1f:25:f2:f5:79:11:60:db:3b:
39:7c:5d:7b:58:cf:c6:24:27:0a:6e:98:0a:ed:43:15:19:39:
2b:fd:4b:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYXpB7GfLe7ioAVFT9lSjp/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwMTI1MTMwNDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzVlNGZhZjczMGJkOWQyYmExMjUyMmQzYjVhNTI2NjA4MTIyZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF75BlPdT0YD3x8FoGb+B9RoIhf6
o/2hIEdPa8vWW+H2dkioL2Wj9p28N/JHrMtnzZ9pJDEDld13hbJJySwk7dHdE6/q
Hs+I6BIY23KUJXZrygrExgYN/PFSc3ilxp6e4yJaoFx9Lz+jffbpwyuQiBkYKNKa
cobs50NJg86c9NObYviJW8jMHcYLZv2ywpVYvWxZsWGlKb8QLAm8vCOwgTSU6qjN
zdfq0Syxmod78oD3v1LwqZMLcwW+zuM3Xg5TZoT5zmXaEYPExEXh0G3q3poKAPV+
gkroeEgrPcX3PUDCnq/TTzPc9RyiU8Tz9pqzPQY0pOGr1U/6nV9p6cfXHQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCdeT69zC9nSuhJSLTtaUmYIEi3SMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvSjE1UHIzTUwyZEs2RWxJdE8xcFNaZ2dTTGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwQFLiFAAwQH
TUMAAwQGTU2AAwQGV3dAAwQGWZWAAwMAht4DBASNiGADBAK5oCgDAwDDjwMEBtRz
gAMEB9TdAAMDANTeAwQG1chAAwQG1fsAAwQG1f7AMA0EAgACMAcDBQMgAQZoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/IcEpFJScNmdSpnNSuArlEcHw0hTvWzm6AMrItG/7
PhwpJJugF0Gxy2+xjLPtpgu8wGlEpoy7i65lSsObl8Aj1ym2wATrkoFvlBzZmhIV
whSl8X7QD3nxA2BXhT5kdr575fdzRd3zT7cq9dT5wnHn8/MgZVzLlvKcLnRjhVM+
1ypTj6qlfsFbRlZ+bXzxPTS/gETMctqNOQpaZPbvxs6P0XoE1dSJxOGN2rL4Nlx6
enFf/rq6rpIOpRSmaMwONO6siBu/NLw+JeccAhvISaUYHzcq4WDu9AREd+vP4utm
om8fJfL1eRFg2zs5fF17WM/GJCcKbpgK7UMVGTkr/UvO
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:54 2025 by rpki-client