Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/JiGiUMNw19An3fP1pUHRY4LNxBY.roa
File: JiGiUMNw19An3fP1pUHRY4LNxBY.roa (raw, json)
Hash identifier: RpfSk8ZCT+Gpvx2fI/tXj8M+kLkR0UpNQgYU5U9PkFY=
Subject key identifier: 26:21:A2:50:C3:70:D7:D0:27:DD:F3:F5:A5:41:D1:63:82:CD:C4:16
Certificate issuer: /CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Certificate serial: 01857328118CA4BABE95FD19909B3DAABA31
Authority key identifier: 1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/JiGiUMNw19An3fP1pUHRY4LNxBY.roa
Signing time: Mon 02 Jan 2023 15:44:43 +0000
ROA not before: Mon 02 Jan 2023 15:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209211
IP address blocks: 92.118.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:11:8c:a4:ba:be:95:fd:19:90:9b:3d:aa:ba:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb8a70f909ae3e1fc1dbd6bdc425e08eec81b9
Validity
Not Before: Jan 2 15:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2621a250c370d7d027ddf3f5a541d16382cdc416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:14:67:5a:62:70:97:91:14:3e:ca:30:fc:de:
4c:4c:80:50:15:70:27:1e:1f:0b:d5:b4:aa:a6:91:
d9:a1:2b:3b:16:73:b7:9d:21:90:cb:7f:15:47:05:
1e:6a:db:71:8e:74:7e:df:e5:79:24:1a:fc:60:27:
f4:3d:8c:b3:04:53:35:cf:46:d7:2c:50:34:78:0a:
ff:d1:4d:e4:38:81:ed:be:6e:56:95:f1:63:87:77:
ce:89:2a:f0:20:0f:fd:56:78:46:bc:d4:aa:64:8b:
d7:04:ec:d0:dd:b7:ba:95:eb:b2:4f:32:9b:f3:53:
6d:79:81:cb:aa:61:3d:a5:9a:96:4b:2b:d9:7d:f2:
80:54:54:1c:b4:5a:db:bb:8b:c9:ac:4c:68:7d:f8:
14:f9:27:c2:91:91:02:d9:58:ec:61:a7:7d:6f:44:
d8:22:77:60:2f:b0:a6:39:29:f0:9c:df:35:c7:a6:
f8:ce:42:53:50:13:cf:15:a7:8b:2d:7e:b8:e7:dd:
26:10:a6:30:9b:ca:59:c2:17:d5:fa:f1:1b:e2:d9:
85:5c:62:92:f4:9c:81:b0:1a:57:cb:c6:5c:77:f5:
ab:27:6b:88:fc:eb:23:b3:fc:16:90:b7:b7:79:02:
6b:5f:7d:c3:37:f1:05:99:ce:4c:7b:87:66:2f:11:
d6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:21:A2:50:C3:70:D7:D0:27:DD:F3:F5:A5:41:D1:63:82:CD:C4:16
X509v3 Authority Key Identifier:
keyid:1A:CB:8A:70:F9:09:AE:3E:1F:C1:DB:D6:BD:C4:25:E0:8E:EC:81:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GsuKcPkJrj4fwdvWvcQl4I7sgbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/JiGiUMNw19An3fP1pUHRY4LNxBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b9456e-4e52-4de5-bbd6-60de224cfa4b/1/GsuKcPkJrj4fwdvWvcQl4I7sgbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.20.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:0c:5b:d6:d3:59:14:c9:be:3d:12:68:d7:23:23:5a:6a:e3:
fe:f3:ff:03:8e:08:c0:ec:6b:11:e7:92:3a:22:04:08:a8:80:
62:22:ce:5a:57:54:0f:2f:87:a7:f0:48:69:13:cd:ed:f4:94:
e4:78:45:71:b5:a5:a3:0e:0d:cd:60:a8:ed:58:eb:b3:37:fa:
73:ce:2a:f7:87:fb:c7:ea:f5:ef:fb:b6:27:95:7d:61:90:d8:
51:3c:21:84:5e:94:81:2e:44:ee:6a:1d:56:ec:f3:3e:58:bb:
8b:93:c3:a4:09:b9:99:05:25:2b:4c:67:15:71:58:7f:68:3d:
83:c0:85:bb:99:76:5c:0d:cd:c6:44:8b:79:25:a8:90:b3:0a:
3f:ec:f4:3b:06:2d:70:af:2f:56:d5:d5:4a:cb:67:b0:6b:f1:
13:a4:1d:3d:6d:87:0c:b4:64:34:ac:db:32:81:4d:f2:b5:2b:
b5:e6:60:8d:2c:97:16:01:8c:2c:8d:e4:ad:ce:30:64:d7:4e:
a2:ca:3e:33:0e:af:31:3d:e0:84:88:b6:e8:7b:ab:de:30:6a:
c9:46:0b:1b:f4:94:41:eb:77:27:d4:83:e9:05:36:c6:c6:b4:
de:24:ff:fd:66:83:4e:52:64:d4:ec:34:4d:30:e6:15:f5:5f:
c8:94:96:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBGMpLq+lf0ZkJs9qroxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I4YTcwZjkwOWFlM2UxZmMxZGJkNmJkYzQyNWUwOGVl
YzgxYjkwHhcNMjMwMTAyMTU0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIxYTI1MGMzNzBkN2QwMjdkZGYzZjVhNTQxZDE2MzgyY2RjNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRRnWmJwl5EUPsow/N5MTIBQFXAn
Hh8L1bSqppHZoSs7FnO3nSGQy38VRwUeattxjnR+3+V5JBr8YCf0PYyzBFM1z0bX
LFA0eAr/0U3kOIHtvm5WlfFjh3fOiSrwIA/9VnhGvNSqZIvXBOzQ3be6leuyTzKb
81NteYHLqmE9pZqWSyvZffKAVFQctFrbu4vJrExoffgU+SfCkZEC2VjsYad9b0TY
IndgL7CmOSnwnN81x6b4zkJTUBPPFaeLLX64590mEKYwm8pZwhfV+vEb4tmFXGKS
9JyBsBpXy8Zcd/WrJ2uI/Osjs/wWkLe3eQJrX33DN/EFmc5Me4dmLxHWOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCYholDDcNfQJ93z9aVB0WOCzcQWMB8GA1UdIwQY
MBaAFBrLinD5Ca4+H8Hb1r3EJeCO7IG5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N1S2NQa0pyajRmd2R2V3ZjUWw0STdzZ2JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTQ1NmUtNGU1Mi00ZGU1LWJiZDYt
NjBkZTIyNGNmYTRiLzEvSmlHaVVNTncxOUFuM2ZQMXBVSFJZNExOeEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTQ1NmUtNGU1Mi00ZGU1LWJiZDYtNjBkZTIyNGNmYTRi
LzEvR3N1S2NQa0pyajRmd2R2V3ZjUWw0STdzZ2JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXHYUMA0G
CSqGSIb3DQEBCwUAA4IBAQCqDFvW01kUyb49EmjXIyNaauP+8/8DjgjA7GsR55I6
IgQIqIBiIs5aV1QPL4en8EhpE83t9JTkeEVxtaWjDg3NYKjtWOuzN/pzzir3h/vH
6vXv+7YnlX1hkNhRPCGEXpSBLkTuah1W7PM+WLuLk8OkCbmZBSUrTGcVcVh/aD2D
wIW7mXZcDc3GRIt5JaiQswo/7PQ7Bi1wry9W1dVKy2ewa/ETpB09bYcMtGQ0rNsy
gU3ytSu15mCNLJcWAYwsjeStzjBk106iyj4zDq8xPeCEiLboe6veMGrJRgsb9JRB
63cn1IPpBTbGxrTeJP/9ZoNOUmTU7DRNMOYV9V/IlJaW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:46 2025 by rpki-client