Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JJLPBMLhNk3XwOaDQVNCwCazgwc.roa
File: JJLPBMLhNk3XwOaDQVNCwCazgwc.roa (raw, json)
Hash identifier: UVnMNC7JIvkay1409IdsfghE+yBZkWtJCfoRzh3hugY=
Subject key identifier: 24:92:CF:04:C2:E1:36:4D:D7:C0:E6:83:41:53:42:C0:26:B3:83:07
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018BA9D9FE8FE65BCF6AA14F9FD02E07501C
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JJLPBMLhNk3XwOaDQVNCwCazgwc.roa
Signing time: Tue 07 Nov 2023 12:55:17 +0000
ROA not before: Tue 07 Nov 2023 12:55:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 176.221.24.0/22 maxlen: 22
176.221.20.0/22 maxlen: 22
109.111.56.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:d9:fe:8f:e6:5b:cf:6a:a1:4f:9f:d0:2e:07:50:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Nov 7 12:55:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2492cf04c2e1364dd7c0e683415342c026b38307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e4:3a:64:83:fb:fd:d5:2a:bf:9d:3f:55:14:
b2:38:f4:7f:8a:99:85:a7:b6:bb:ca:41:25:2e:f9:
a4:2c:01:1e:bd:42:85:66:53:e0:4e:f6:e0:c7:40:
f1:82:bd:6c:45:60:8c:b4:57:62:ff:67:e6:cc:2f:
2e:ac:e7:51:b3:4e:96:aa:cd:a5:fe:68:3e:15:bd:
11:11:29:65:4b:4e:6b:b5:8e:e9:35:a5:23:f8:97:
7c:ad:31:c4:97:ad:d5:cd:3c:81:a6:03:0e:72:bd:
cd:df:b4:bf:0b:c7:ab:66:d3:c1:44:36:43:90:d1:
25:fc:f9:71:d3:e3:35:b8:f6:4b:98:e8:96:15:3b:
db:82:57:9a:44:83:33:62:d6:35:b1:45:9b:06:7f:
1d:05:ba:d0:4b:16:0d:b3:ca:c9:f3:f7:b3:3e:4f:
da:91:e4:61:b2:8e:4f:0f:ca:4a:0b:21:4b:25:b5:
86:0e:85:a5:5c:85:56:c9:67:65:98:27:bd:9f:6e:
5a:4a:ae:b6:c9:c2:b6:7a:00:2c:1b:14:87:7f:a6:
27:a9:62:77:78:5c:c7:8e:d8:74:10:c9:ef:75:a9:
44:eb:13:fb:93:ae:97:ac:1e:f3:36:e8:ae:5b:74:
5f:17:70:fe:03:72:74:7f:40:a6:ab:52:e1:e1:83:
34:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:92:CF:04:C2:E1:36:4D:D7:C0:E6:83:41:53:42:C0:26:B3:83:07
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/JJLPBMLhNk3XwOaDQVNCwCazgwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.56.0/22
176.221.20.0-176.221.27.255
Signature Algorithm: sha256WithRSAEncryption
74:d8:68:57:53:58:6c:56:f0:d1:ba:38:48:f4:94:1d:4d:eb:
6c:9c:d2:95:6c:40:5c:4d:3a:59:25:3c:87:6a:72:21:a6:b3:
df:fa:c9:df:ca:61:27:1c:57:03:d2:cc:ab:c2:2c:00:f3:8e:
a7:83:3c:3c:fd:50:88:c7:e0:01:d2:da:43:0c:b8:cd:d4:a9:
05:2b:e7:48:4b:67:3d:86:5e:03:20:9c:8c:75:c8:ab:1c:a9:
74:de:da:4f:83:40:71:81:c7:7e:e1:37:0e:fb:ec:fa:07:ca:
e2:4d:ce:e8:66:0e:9c:a8:14:c4:93:1f:aa:e0:46:bb:89:86:
5d:7b:73:9f:34:13:fd:1c:b1:39:e3:b6:b2:27:db:86:d4:b6:
b4:6b:d2:d9:bd:26:2d:0a:c6:6c:5c:3c:24:22:76:0f:f9:c1:
fa:e3:19:e1:7f:4b:cc:66:d7:93:cd:87:8b:7d:7c:6a:e5:cf:
96:32:da:ad:14:3a:8e:9e:5e:24:d5:04:94:26:8d:36:1a:7b:
a9:18:1b:40:87:f4:f1:7f:d3:b3:29:35:7e:31:5e:36:5e:52:
68:9e:4c:a4:39:60:13:d7:3f:31:76:4e:f3:2e:cd:72:84:fb:
9f:bb:f8:d8:38:55:30:79:79:f3:d5:7e:24:e5:b7:65:93:a2:
b3:7a:5d:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYup2f6P5lvPaqFPn9AuB1AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMTA3MTI1NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDkyY2YwNGMyZTEzNjRkZDdjMGU2ODM0MTUzNDJjMDI2YjM4MzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluQ6ZIP7/dUqv50/VRSyOPR/ipmF
p7a7ykElLvmkLAEevUKFZlPgTvbgx0Dxgr1sRWCMtFdi/2fmzC8urOdRs06Wqs2l
/mg+Fb0RESllS05rtY7pNaUj+Jd8rTHEl63VzTyBpgMOcr3N37S/C8erZtPBRDZD
kNEl/Plx0+M1uPZLmOiWFTvbgleaRIMzYtY1sUWbBn8dBbrQSxYNs8rJ8/ezPk/a
keRhso5PD8pKCyFLJbWGDoWlXIVWyWdlmCe9n25aSq62ycK2egAsGxSHf6YnqWJ3
eFzHjth0EMnvdalE6xP7k66XrB7zNuiuW3RfF3D+A3J0f0Cmq1Lh4YM06QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCSSzwTC4TZN18Dmg0FTQsAms4MHMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvSkpMUEJNTGhOazNYd09hRFFWTkN3Q2F6Z3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCbW84MAwD
BAKw3RQDBAKw3RgwDQYJKoZIhvcNAQELBQADggEBAHTYaFdTWGxW8NG6OEj0lB1N
62yc0pVsQFxNOlklPIdqciGms9/6yd/KYSccVwPSzKvCLADzjqeDPDz9UIjH4AHS
2kMMuM3UqQUr50hLZz2GXgMgnIx1yKscqXTe2k+DQHGBx37hNw777PoHyuJNzuhm
DpyoFMSTH6rgRruJhl17c580E/0csTnjtrIn24bUtrRr0tm9Ji0KxmxcPCQidg/5
wfrjGeF/S8xm15PNh4t9fGrlz5Yy2q0UOo6eXiTVBJQmjTYae6kYG0CH9PF/07Mp
NX4xXjZeUmieTKQ5YBPXPzF2TvMuzXKE+5+7+Ng4VTB5efPVfiTlt2WTorN6XZg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:15:41 2025 by rpki-client