Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jhdLqUGPi1Z3vJxgMv2X6ndqgqg.roa
File: jhdLqUGPi1Z3vJxgMv2X6ndqgqg.roa (raw, json)
Hash identifier: sGFRBi//MvjDhXRQt3e6Ly1RtHh4NsbJx8C3v5D2Eb0=
Subject key identifier: 8E:17:4B:A9:41:8F:8B:56:77:BC:9C:60:32:FD:97:EA:77:6A:82:A8
Certificate issuer: /CN=8ec95aff78bd21dd8e9bd5f451dfc8f802ef6916
Certificate serial: 01857039AEB828EBF92A24B8FF99311D6312
Authority key identifier: 8E:C9:5A:FF:78:BD:21:DD:8E:9B:D5:F4:51:DF:C8:F8:02:EF:69:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsla_3i9Id2Om9X0Ud_I-ALvaRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jhdLqUGPi1Z3vJxgMv2X6ndqgqg.roa
Signing time: Mon 02 Jan 2023 02:05:06 +0000
ROA not before: Mon 02 Jan 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44513
IP address blocks: 195.181.176.0/22 maxlen: 22
195.181.176.0/20 maxlen: 20
213.32.208.0/20 maxlen: 20
80.69.240.0/20 maxlen: 20
185.129.88.0/22 maxlen: 22
31.15.72.0/21 maxlen: 21
92.43.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ae:b8:28:eb:f9:2a:24:b8:ff:99:31:1d:63:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec95aff78bd21dd8e9bd5f451dfc8f802ef6916
Validity
Not Before: Jan 2 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e174ba9418f8b5677bc9c6032fd97ea776a82a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:72:8f:06:e9:61:03:f1:07:f4:27:3c:84:99:
f5:e7:a8:d8:c0:0a:59:2b:71:75:1c:95:97:a4:ac:
55:14:73:f1:3d:b0:0a:88:a2:41:e2:8c:f8:3c:ac:
28:dd:14:ee:fa:7e:24:7b:d1:86:3c:85:2e:a0:2f:
5c:97:cd:52:88:44:68:c4:73:7e:5e:e4:ad:1f:7e:
7e:cb:92:98:fd:70:74:d5:a1:e3:bb:db:56:01:1e:
74:15:9d:20:58:f9:9a:dc:73:6b:26:2d:9d:0d:2a:
0e:a3:2d:51:f8:ef:f6:ff:75:27:6b:36:1b:4f:73:
d6:70:3a:b2:ba:dd:f0:a3:d4:cc:3c:1a:96:20:ec:
e6:05:15:08:cf:3d:3f:27:4e:32:19:d6:ec:9f:e6:
65:66:fc:84:bb:12:7c:ef:e1:81:ca:10:d1:c7:ee:
de:77:fc:44:cb:0e:a6:ec:93:c0:a7:5e:a5:e2:fe:
8e:9b:da:74:29:f5:de:36:6d:c8:fa:a6:ea:bd:da:
a8:c3:17:f0:61:93:f4:44:b3:25:38:e5:4a:ba:23:
59:10:5d:e5:6a:4e:14:da:75:c4:52:a4:6a:d8:25:
ef:e0:9e:58:4f:1f:a4:cc:a8:9a:1a:e4:db:44:9b:
3b:27:00:9a:e7:92:c8:34:b3:2e:e9:36:80:0a:cc:
ce:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:17:4B:A9:41:8F:8B:56:77:BC:9C:60:32:FD:97:EA:77:6A:82:A8
X509v3 Authority Key Identifier:
keyid:8E:C9:5A:FF:78:BD:21:DD:8E:9B:D5:F4:51:DF:C8:F8:02:EF:69:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsla_3i9Id2Om9X0Ud_I-ALvaRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jhdLqUGPi1Z3vJxgMv2X6ndqgqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e5c483-44bf-41ad-9e8f-93d0b00e7e04/1/jsla_3i9Id2Om9X0Ud_I-ALvaRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.72.0/21
80.69.240.0/20
92.43.240.0/21
185.129.88.0/22
195.181.176.0/20
213.32.208.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:dc:a4:e6:48:89:a3:d0:05:7d:26:62:82:2e:b2:8c:1b:9c:
3c:4f:ac:4d:55:f0:04:18:66:dc:33:17:6e:ff:00:1e:0b:61:
b2:c8:5d:14:72:21:3b:67:20:ec:79:2f:42:8e:eb:e9:10:e1:
a3:a5:aa:8f:48:8f:e9:60:de:d8:1d:e7:5b:7f:68:13:35:fe:
30:fd:f1:7c:74:a3:e0:c2:f2:fb:f5:2e:0d:f3:93:29:1e:c7:
f4:71:fa:29:9d:a4:32:1d:bd:47:62:0d:9f:80:64:18:1d:c2:
8e:e5:1d:08:9a:a1:27:f3:89:68:2d:2f:f7:ec:29:5d:91:82:
7e:8c:06:0b:6c:7e:df:0c:28:c9:b7:38:c8:2a:86:57:67:cb:
e2:f7:95:ee:fd:37:9c:97:49:98:21:40:42:b5:9d:48:90:b7:
11:59:06:4d:7b:f4:7e:09:c8:9f:8c:21:b8:6a:f6:74:df:ad:
a4:ab:d3:73:45:8c:5e:b9:ba:48:47:7f:71:4e:1a:e0:37:a5:
97:fb:12:d8:d6:41:75:45:2c:c7:5e:46:6d:6c:e5:ad:43:7f:
21:8f:56:4d:58:9b:69:9f:43:54:93:77:51:57:fd:c5:32:dc:
b8:4b:07:4b:a4:7a:6f:90:11:11:27:91:bc:59:2f:fc:44:b8:
43:67:9d:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwOa64KOv5KiS4/5kxHWMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzk1YWZmNzhiZDIxZGQ4ZTliZDVmNDUxZGZjOGY4MDJl
ZjY5MTYwHhcNMjMwMTAyMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE3NGJhOTQxOGY4YjU2NzdiYzljNjAzMmZkOTdlYTc3NmE4MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3KPBulhA/EH9Cc8hJn156jYwApZ
K3F1HJWXpKxVFHPxPbAKiKJB4oz4PKwo3RTu+n4ke9GGPIUuoC9cl81SiERoxHN+
XuStH35+y5KY/XB01aHju9tWAR50FZ0gWPma3HNrJi2dDSoOoy1R+O/2/3UnazYb
T3PWcDqyut3wo9TMPBqWIOzmBRUIzz0/J04yGdbsn+ZlZvyEuxJ87+GByhDRx+7e
d/xEyw6m7JPAp16l4v6Om9p0KfXeNm3I+qbqvdqowxfwYZP0RLMlOOVKuiNZEF3l
ak4U2nXEUqRq2CXv4J5YTx+kzKiaGuTbRJs7JwCa55LINLMu6TaACszOwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFI4XS6lBj4tWd7ycYDL9l+p3aoKoMB8GA1UdIwQY
MBaAFI7JWv94vSHdjpvV9FHfyPgC72kWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNsYV8zaTlJZDJPbTlYMFVkX0ktQUx2YVJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNWM0ODMtNDRiZi00MWFkLTllOGYt
OTNkMGIwMGU3ZTA0LzEvamhkTHFVR1BpMVozdkp4Z012Mlg2bmRxZ3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lNWM0ODMtNDRiZi00MWFkLTllOGYtOTNkMGIwMGU3ZTA0
LzEvanNsYV8zaTlJZDJPbTlYMFVkX0ktQUx2YVJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDHw9IAwQE
UEXwAwQDXCvwAwQCuYFYAwQEw7WwAwQE1SDQMA0GCSqGSIb3DQEBCwUAA4IBAQBe
3KTmSImj0AV9JmKCLrKMG5w8T6xNVfAEGGbcMxdu/wAeC2GyyF0UciE7ZyDseS9C
juvpEOGjpaqPSI/pYN7YHedbf2gTNf4w/fF8dKPgwvL79S4N85MpHsf0cfopnaQy
Hb1HYg2fgGQYHcKO5R0ImqEn84loLS/37CldkYJ+jAYLbH7fDCjJtzjIKoZXZ8vi
95Xu/Tecl0mYIUBCtZ1IkLcRWQZNe/R+CcifjCG4avZ0362kq9NzRYxeubpIR39x
ThrgN6WX+xLY1kF1RSzHXkZtbOWtQ38hj1ZNWJtpn0NUk3dRV/3FMty4SwdLpHpv
kBERJ5G8WS/8RLhDZ50A
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:32 2025 by rpki-client