Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/JGgXAVFGrl--RVeuHm9zXa1Y114.roa
File: JGgXAVFGrl--RVeuHm9zXa1Y114.roa (raw, json)
Hash identifier: QIRotO+sffwC+SAYG8g8hVuvr3SIovLc2MMZucZzFS4=
Subject key identifier: 24:68:17:01:51:46:AE:5F:BE:45:57:AE:1E:6F:73:5D:AD:58:D7:5E
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 0181EC050FD13336DF06B7817999A3AC89E8
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/JGgXAVFGrl--RVeuHm9zXa1Y114.roa
Signing time: Mon 11 Jul 2022 06:49:23 +0000
ROA not before: Mon 11 Jul 2022 06:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51025
IP address blocks: 185.115.3.0/24 maxlen: 24
185.115.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:05:0f:d1:33:36:df:06:b7:81:79:99:a3:ac:89:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jul 11 06:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=246817015146ae5fbe4557ae1e6f735dad58d75e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c3:e7:d2:b1:a3:41:31:f7:ac:be:68:d5:d6:
af:52:52:22:07:20:ac:a0:a4:c3:d9:a6:f2:a1:b5:
14:26:1c:cf:8b:6c:e4:89:70:62:47:11:87:ef:fc:
cd:da:2a:d7:58:d1:67:59:d6:70:f4:76:f9:8d:87:
0b:fc:53:dc:15:38:08:07:50:fb:1b:72:f1:b9:e2:
79:b9:26:8b:dc:8d:51:9c:5f:2d:02:81:ad:3e:ad:
d2:89:1f:a8:42:30:c5:e5:19:cc:a3:97:6a:78:83:
f3:d9:ac:d9:41:01:84:11:aa:47:ff:77:a0:ca:7b:
60:ae:73:5b:34:64:a7:32:f5:b0:a4:5f:d0:b9:03:
94:9e:22:9a:e9:d1:b5:8e:b3:46:33:99:34:5e:d9:
0a:84:f9:12:94:d5:0f:17:8b:83:e4:22:3e:d6:96:
76:e6:f1:38:9f:c0:82:1b:f4:c6:bb:3d:a7:07:05:
d0:36:bd:c5:41:2c:7c:e1:79:22:cf:80:34:f5:9e:
a2:7a:16:c3:6a:5f:ef:c3:2b:7c:03:c7:22:b5:01:
be:68:35:56:db:09:32:66:32:17:36:16:0b:6c:e4:
72:8d:95:a1:2e:d3:e2:13:1e:bf:f4:25:2a:a4:8b:
f9:27:da:0e:6a:a3:38:14:ae:91:4f:4f:27:ae:1d:
5e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:68:17:01:51:46:AE:5F:BE:45:57:AE:1E:6F:73:5D:AD:58:D7:5E
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/JGgXAVFGrl--RVeuHm9zXa1Y114.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.0.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:c4:fd:3a:43:ad:6d:98:d2:45:de:42:11:0e:e1:17:79:a6:
81:ff:8e:fa:85:d7:d0:e1:55:c4:4d:5b:8c:81:0d:e5:37:62:
01:bf:83:2c:6b:7d:b1:4e:00:1b:6e:e6:b4:b7:21:5b:59:b2:
3c:2c:f6:c7:f4:f3:69:6e:29:6f:49:8d:b8:8c:a9:26:a2:32:
3b:03:c4:1e:40:e5:90:9e:07:66:89:da:12:80:58:c6:c5:27:
26:be:cb:29:26:ba:9f:56:ac:7b:db:f3:3b:fb:24:10:4b:0f:
93:3a:82:4e:9f:22:29:5d:70:5f:2e:72:2d:2a:03:45:d9:9c:
72:65:6c:39:d6:ea:a7:ba:ec:1d:cf:94:61:bf:52:a6:d9:42:
99:94:20:4b:3a:c5:b9:30:86:dc:55:b6:c7:86:68:36:bc:08:
85:01:56:8e:06:33:89:bd:14:8a:53:e4:fc:33:80:6c:5d:cf:
cf:27:b2:3a:6c:6e:48:e9:c7:0b:59:27:f6:84:6a:9d:94:9c:
12:d7:96:ad:8a:19:c8:6f:b2:0a:07:b8:13:e7:13:4d:f9:21:
cc:52:ca:bc:97:db:b2:ef:23:24:74:a2:2f:ec:99:24:35:e4:
31:93:05:03:84:4a:1c:13:c8:a7:42:67:47:a4:67:54:ee:be:
1b:98:fd:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHsBQ/RMzbfBreBeZmjrInoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNjVkYWIyMzk0MGNiMzk0ZjlhYWE2NjRmZWE0ZDZmOGY0
MmUzMTgwHhcNMjIwNzExMDY0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDY4MTcwMTUxNDZhZTVmYmU0NTU3YWUxZTZmNzM1ZGFkNThkNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsPn0rGjQTH3rL5o1davUlIiByCs
oKTD2abyobUUJhzPi2zkiXBiRxGH7/zN2irXWNFnWdZw9Hb5jYcL/FPcFTgIB1D7
G3LxueJ5uSaL3I1RnF8tAoGtPq3SiR+oQjDF5RnMo5dqeIPz2azZQQGEEapH/3eg
yntgrnNbNGSnMvWwpF/QuQOUniKa6dG1jrNGM5k0XtkKhPkSlNUPF4uD5CI+1pZ2
5vE4n8CCG/TGuz2nBwXQNr3FQSx84Xkiz4A09Z6iehbDal/vwyt8A8citQG+aDVW
2wkyZjIXNhYLbORyjZWhLtPiEx6/9CUqpIv5J9oOaqM4FK6RT08nrh1eTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRoFwFRRq5fvkVXrh5vc12tWNdeMB8GA1UdIwQY
MBaAFH5l2rI5QMs5T5qqZk/qTW+PQuMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYt
ODQ5Y2ZjYWJiNjU3LzEvSkdnWEFWRkdybC0tUlZldUhtOXpYYTFZMTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC81OGViYjEtZGJlYy00N2Y5LWJiOTYtODQ5Y2ZjYWJiNjU3
LzEvZm1YYXNqbEF5emxQbXFwbVQtcE5iNDlDNHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXMAMA0G
CSqGSIb3DQEBCwUAA4IBAQAdxP06Q61tmNJF3kIRDuEXeaaB/476hdfQ4VXETVuM
gQ3lN2IBv4Msa32xTgAbbua0tyFbWbI8LPbH9PNpbilvSY24jKkmojI7A8QeQOWQ
ngdmidoSgFjGxScmvsspJrqfVqx72/M7+yQQSw+TOoJOnyIpXXBfLnItKgNF2Zxy
ZWw51uqnuuwdz5Rhv1Km2UKZlCBLOsW5MIbcVbbHhmg2vAiFAVaOBjOJvRSKU+T8
M4BsXc/PJ7I6bG5I6ccLWSf2hGqdlJwS15atihnIb7IKB7gT5xNN+SHMUsq8l9uy
7yMkdKIv7JkkNeQxkwUDhEocE8inQmdHpGdU7r4bmP3Q
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:14 2025 by rpki-client