Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/jRyRneT3CAMw6cNH_qJtza_3pj4.roa
File: jRyRneT3CAMw6cNH_qJtza_3pj4.roa (raw, json)
Hash identifier: DRZFbXRsWuSj1noBTFsTTFzurpvztzLRGt3b4gfGELQ=
Subject key identifier: 8D:1C:91:9D:E4:F7:08:03:30:E9:C3:47:FE:A2:6D:CD:AF:F7:A6:3E
Certificate issuer: /CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Certificate serial: 04FF175F
Authority key identifier: EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/jRyRneT3CAMw6cNH_qJtza_3pj4.roa
Signing time: Sat 01 Jan 2022 06:06:02 +0000
ROA not before: Sat 01 Jan 2022 06:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2613
IP address blocks: 193.135.150.0/24 maxlen: 24
91.218.38.0/24 maxlen: 24
2001:678:298::/48 maxlen: 48
2a07:e640::/29 maxlen: 29
2001:678:294::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83826527 (0x4ff175f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efd60cec53b3a0cfc8cb4543a2d0a8a59e6096ee
Validity
Not Before: Jan 1 06:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d1c919de4f7080330e9c347fea26dcdaff7a63e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:17:c1:3f:dc:dc:40:14:36:a6:1e:79:9f:3d:
a1:ad:6e:21:77:ba:75:64:07:64:15:7e:95:c0:d7:
23:66:1e:15:77:7d:81:b2:ef:91:8d:4e:4f:43:76:
04:d6:36:96:be:b7:3f:aa:1a:c1:74:2b:bd:ef:98:
10:0d:09:0a:da:41:c7:10:4d:1e:3f:1a:6b:88:d7:
39:fc:4d:c2:72:3b:de:d1:80:6c:31:12:25:1d:fd:
83:19:01:78:e7:0d:8b:ab:cf:0c:55:90:c3:55:4d:
d0:b6:cd:9b:7f:2e:c0:79:03:33:8f:83:6f:d4:42:
5c:90:15:b7:3c:13:fb:8d:1a:95:d0:ce:a8:af:73:
a1:de:8f:f2:78:d9:1d:b5:1a:0f:58:3a:6d:77:1d:
2d:bd:66:ba:84:f9:22:f9:af:79:f1:54:a9:46:4a:
a4:9c:d7:12:4c:39:b8:70:65:22:63:68:77:56:0a:
0e:4c:29:e7:c8:96:02:c2:7b:4b:8e:3b:a9:0f:ec:
7f:d9:2e:c3:b3:0e:e5:90:6a:9c:45:de:2c:34:07:
94:15:73:f5:58:7e:60:79:90:e0:84:97:28:f3:bd:
f7:74:07:7d:ed:21:0e:d2:30:7d:0a:4c:3c:ce:21:
c9:46:98:89:17:b8:7d:64:23:25:e3:fd:2b:f5:0d:
ce:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1C:91:9D:E4:F7:08:03:30:E9:C3:47:FE:A2:6D:CD:AF:F7:A6:3E
X509v3 Authority Key Identifier:
keyid:EF:D6:0C:EC:53:B3:A0:CF:C8:CB:45:43:A2:D0:A8:A5:9E:60:96:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/79YM7FOzoM_Iy0VDotCopZ5glu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/jRyRneT3CAMw6cNH_qJtza_3pj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/43e959-397e-4e95-9978-9e128cf3c3ad/1/79YM7FOzoM_Iy0VDotCopZ5glu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.38.0/24
193.135.150.0/24
IPv6:
2001:678:294::/48
2001:678:298::/48
2a07:e640::/29
Signature Algorithm: sha256WithRSAEncryption
8f:4a:c8:2a:84:0a:e7:f6:cd:6a:18:33:17:71:e7:9c:e5:e1:
4e:61:ad:47:f8:67:62:13:98:ae:4b:32:58:10:34:20:01:d7:
8e:14:09:d5:25:2e:d3:bc:8d:56:8e:65:e6:67:97:20:69:cb:
92:2a:6a:bf:00:57:69:9f:ac:aa:f7:33:3b:6f:7b:3f:62:c8:
62:09:f8:98:9d:ad:d8:b7:43:d8:17:dd:1d:f7:a2:98:b6:ba:
f4:0f:78:f2:60:57:ba:b2:9f:e2:21:b1:0f:be:bf:25:7c:8c:
18:9d:68:ab:ba:46:93:63:7f:f0:c4:f9:54:37:5c:a3:e3:42:
cc:9b:f2:80:08:a6:24:97:4c:e0:70:f8:15:6b:4a:49:cc:4f:
b6:fe:95:bb:9f:93:c0:6e:51:6c:ff:4a:f6:5d:39:1f:ef:93:
ae:89:51:c7:aa:8e:43:58:9a:0c:e1:63:55:23:4e:47:37:34:
35:8f:e1:44:c9:a7:a0:f5:10:cc:5b:19:f3:21:60:30:ec:a5:
24:3f:d6:f5:d4:28:52:42:9f:d5:03:ef:42:48:f9:3e:84:13:
a4:a6:12:ef:d6:74:ac:a9:4d:7b:e6:2e:b0:30:1c:85:8a:46:
62:2f:56:7a:36:fd:87:8d:60:cd:30:dd:32:a4:f7:e5:60:b0:
ac:53:73:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBP8XXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZmQ2MGNlYzUzYjNhMGNmYzhjYjQ1NDNhMmQwYThhNTllNjA5NmVlMB4XDTIyMDEw
MTA2MDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQxYzkxOWRlNGY3
MDgwMzMwZTljMzQ3ZmVhMjZkY2RhZmY3YTYzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4XwT/c3EAUNqYeeZ89oa1uIXe6dWQHZBV+lcDXI2YeFXd9
gbLvkY1OT0N2BNY2lr63P6oawXQrve+YEA0JCtpBxxBNHj8aa4jXOfxNwnI73tGA
bDESJR39gxkBeOcNi6vPDFWQw1VN0LbNm38uwHkDM4+Db9RCXJAVtzwT+40aldDO
qK9zod6P8njZHbUaD1g6bXcdLb1muoT5IvmvefFUqUZKpJzXEkw5uHBlImNod1YK
Dkwp58iWAsJ7S447qQ/sf9kuw7MO5ZBqnEXeLDQHlBVz9Vh+YHmQ4ISXKPO993QH
fe0hDtIwfQpMPM4hyUaYiRe4fWQjJeP9K/UNznkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSNHJGd5PcIAzDpw0f+om3Nr/emPjAfBgNVHSMEGDAWgBTv1gzsU7Ogz8jL
RUOi0KilnmCW7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc5WU03Rk96b01fSXkwVkRvdENvcFo1Z2x1NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvNDNlOTU5LTM5N2UtNGU5NS05OTc4LTllMTI4Y2YzYzNhZC8x
L2pSeVJuZVQzQ0FNdzZjTkhfcUp0emFfM3BqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
NDNlOTU5LTM5N2UtNGU5NS05OTc4LTllMTI4Y2YzYzNhZC8xLzc5WU03Rk96b01f
SXkwVkRvdENvcFo1Z2x1NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwEgQCAAEwDAMEAFvaJgMEAMGHljAfBAIAAjAZAwcA
IAEGeAKUAwcAIAEGeAKYAwUDKgfmQDANBgkqhkiG9w0BAQsFAAOCAQEAj0rIKoQK
5/bNahgzF3HnnOXhTmGtR/hnYhOYrksyWBA0IAHXjhQJ1SUu07yNVo5l5meXIGnL
kipqvwBXaZ+sqvczO297P2LIYgn4mJ2t2LdD2BfdHfeimLa69A948mBXurKf4iGx
D76/JXyMGJ1oq7pGk2N/8MT5VDdco+NCzJvygAimJJdM4HD4FWtKScxPtv6Vu5+T
wG5RbP9K9l05H++TrolRx6qOQ1iaDOFjVSNORzc0NY/hRMmnoPUQzFsZ8yFgMOyl
JD/W9dQoUkKf1QPvQkj5PoQTpKYS79Z0rKlNe+YusDAchYpGYi9Wejb9h41gzTDd
MqT35WCwrFNzjQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:48 2025 by rpki-client