Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/JOhNMUrD71b9XA3B1Rn6J2Bvo5w.roa
File: JOhNMUrD71b9XA3B1Rn6J2Bvo5w.roa (raw, json)
Hash identifier: 8vVYQImfdKDkJxXcRI6kJvSKb4/w/3ZlDU/+x0HGoEY=
Subject key identifier: 24:E8:4D:31:4A:C3:EF:56:FD:5C:0D:C1:D5:19:FA:27:60:6F:A3:9C
Certificate issuer: /CN=675fbe4b1f00233ed767990071f04590c90c887d
Certificate serial: 01856DD4037EF9EC6021FA37B5F3C8BE4B83
Authority key identifier: 67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/JOhNMUrD71b9XA3B1Rn6J2Bvo5w.roa
Signing time: Sun 01 Jan 2023 14:54:49 +0000
ROA not before: Sun 01 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198479
IP address blocks: 37.128.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:03:7e:f9:ec:60:21:fa:37:b5:f3:c8:be:4b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=675fbe4b1f00233ed767990071f04590c90c887d
Validity
Not Before: Jan 1 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24e84d314ac3ef56fd5c0dc1d519fa27606fa39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8e:96:59:7d:07:15:da:33:7f:2c:b0:d4:b6:
ba:45:88:d8:6a:31:ca:37:26:fd:75:c4:42:30:c5:
e0:81:d5:c8:96:fe:e4:47:b3:b3:b0:cd:d4:80:2e:
a5:16:0f:db:2f:57:01:93:20:85:8b:76:9f:d0:22:
06:82:b7:da:18:8c:39:d1:a0:1a:7f:b5:6f:a7:b0:
d2:74:4e:26:8f:f4:0c:94:71:e1:65:e3:c5:a6:5d:
df:e6:db:92:e9:83:38:f9:e3:74:b2:7c:a1:df:eb:
37:ea:3b:96:13:b3:b2:e9:ae:11:1b:78:9c:0c:fb:
08:7c:ec:8d:24:2f:20:83:3a:45:1c:f6:9c:46:c0:
3b:ce:45:78:dd:ea:d0:3c:5b:09:78:5a:94:59:f0:
66:25:14:22:18:1e:9d:ff:a8:51:90:df:8f:23:92:
2f:aa:3b:40:d1:66:bc:de:f2:61:22:4b:99:fd:d8:
24:c8:4f:93:d3:3b:32:dd:ee:a3:bd:d8:7d:56:66:
91:26:60:af:16:dc:4b:19:7d:85:78:3f:44:80:27:
0f:b2:00:6c:94:3b:42:ee:d4:d0:89:53:cb:a5:da:
f1:8f:47:43:f6:da:08:2e:e0:63:02:76:4b:78:cd:
b3:d0:75:d5:1f:18:1c:f8:62:13:3d:cf:fd:72:0b:
cb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E8:4D:31:4A:C3:EF:56:FD:5C:0D:C1:D5:19:FA:27:60:6F:A3:9C
X509v3 Authority Key Identifier:
keyid:67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/JOhNMUrD71b9XA3B1Rn6J2Bvo5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.168.0/24
Signature Algorithm: sha256WithRSAEncryption
06:61:e8:49:cb:55:f9:a8:80:52:31:e0:41:c2:75:ca:f0:0f:
3d:f3:22:09:83:f8:9c:cd:76:9a:6a:c7:69:0b:f8:34:f4:6e:
07:2d:b5:31:95:2c:0e:b6:02:7c:4d:ee:7f:9e:f5:ee:76:cb:
6a:4e:f1:83:2c:cf:90:8f:40:bb:ef:82:e8:47:28:6e:fe:9b:
ed:74:bf:df:5f:71:0f:b0:38:cc:83:3f:34:a6:e4:76:12:31:
3e:76:f3:ec:5a:5b:b5:b9:ef:99:a9:8b:dc:d7:9f:31:e8:ac:
3d:14:02:5e:59:9e:fc:f8:84:96:60:5a:ca:e4:46:7a:bd:29:
93:d2:6f:49:52:91:22:77:06:f6:91:f8:b2:37:c9:41:b7:9e:
f9:32:36:4d:c0:cb:37:c9:af:ac:92:c8:76:25:bb:6e:06:59:
23:4e:f5:a5:85:1c:19:43:ef:5e:83:b2:87:20:9f:0a:24:8e:
1b:24:a0:e4:80:0a:f6:c5:48:a9:1f:79:a7:03:4a:a2:4c:c3:
a0:2f:7a:e4:a8:29:08:ef:19:b6:09:de:47:d9:2c:2a:59:33:
8d:4b:20:7b:f5:b8:cf:33:70:a2:77:f7:c7:63:91:d7:28:a2:
af:96:64:5a:e0:0f:f2:44:bd:c9:5e:2d:08:02:c9:cb:e0:e3:
6e:f9:2c:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AN++exgIfo3tfPIvkuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NWZiZTRiMWYwMDIzM2VkNzY3OTkwMDcxZjA0NTkwYzkw
Yzg4N2QwHhcNMjMwMTAxMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGU4NGQzMTRhYzNlZjU2ZmQ1YzBkYzFkNTE5ZmEyNzYwNmZhMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko6WWX0HFdozfyyw1La6RYjYajHK
Nyb9dcRCMMXggdXIlv7kR7OzsM3UgC6lFg/bL1cBkyCFi3af0CIGgrfaGIw50aAa
f7Vvp7DSdE4mj/QMlHHhZePFpl3f5tuS6YM4+eN0snyh3+s36juWE7Oy6a4RG3ic
DPsIfOyNJC8ggzpFHPacRsA7zkV43erQPFsJeFqUWfBmJRQiGB6d/6hRkN+PI5Iv
qjtA0Wa83vJhIkuZ/dgkyE+T0zsy3e6jvdh9VmaRJmCvFtxLGX2FeD9EgCcPsgBs
lDtC7tTQiVPLpdrxj0dD9toILuBjAnZLeM2z0HXVHxgc+GITPc/9cgvLxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCToTTFKw+9W/VwNwdUZ+idgb6OcMB8GA1UdIwQY
MBaAFGdfvksfACM+12eZAHHwRZDJDIh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYt
NGY5ZDA0MDEwNzEwLzEvSk9oTk1VckQ3MWI5WEEzQjFSbjZKMkJ2bzV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYtNGY5ZDA0MDEwNzEw
LzEvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYCoMA0G
CSqGSIb3DQEBCwUAA4IBAQAGYehJy1X5qIBSMeBBwnXK8A898yIJg/iczXaaasdp
C/g09G4HLbUxlSwOtgJ8Te5/nvXudstqTvGDLM+Qj0C774LoRyhu/pvtdL/fX3EP
sDjMgz80puR2EjE+dvPsWlu1ue+ZqYvc158x6Kw9FAJeWZ78+ISWYFrK5EZ6vSmT
0m9JUpEidwb2kfiyN8lBt575MjZNwMs3ya+sksh2JbtuBlkjTvWlhRwZQ+9eg7KH
IJ8KJI4bJKDkgAr2xUipH3mnA0qiTMOgL3rkqCkI7xm2Cd5H2SwqWTONSyB79bjP
M3Cid/fHY5HXKKKvlmRa4A/yRL3JXi0IAsnL4ONu+Sxq
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:53:19 2025 by rpki-client