Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/JNkS3wwtnYFSS8Y2NeyvbJNnUzI.roa
File: JNkS3wwtnYFSS8Y2NeyvbJNnUzI.roa (raw, json)
Hash identifier: vB014tSnBuyRualqgmOLXAWhI+i3fnRAezeEJfPxUbI=
Subject key identifier: 24:D9:12:DF:0C:2D:9D:81:52:4B:C6:36:35:EC:AF:6C:93:67:53:32
Certificate issuer: /CN=acef4da56cb940d9f2f7d021af2a61fbd3b14ea8
Certificate serial: 018925B5AF4F60CF3C6CFA525CC709CB8989
Authority key identifier: AC:EF:4D:A5:6C:B9:40:D9:F2:F7:D0:21:AF:2A:61:FB:D3:B1:4E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rO9NpWy5QNny99Ahryph-9OxTqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/JNkS3wwtnYFSS8Y2NeyvbJNnUzI.roa
Signing time: Wed 05 Jul 2023 11:00:11 +0000
ROA not before: Wed 05 Jul 2023 11:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49844
IP address blocks: 91.206.28.0/24 maxlen: 24
2a12:f840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:25:b5:af:4f:60:cf:3c:6c:fa:52:5c:c7:09:cb:89:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acef4da56cb940d9f2f7d021af2a61fbd3b14ea8
Validity
Not Before: Jul 5 11:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24d912df0c2d9d81524bc63635ecaf6c93675332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1f:ac:0a:3c:7e:0f:b9:56:4b:17:8b:3f:80:
8f:91:f2:0f:4b:cc:2f:37:3b:b8:ed:4f:50:c8:c4:
ce:f8:3e:26:9a:28:dc:30:e1:45:69:c1:78:7f:9a:
55:e7:fe:83:dc:61:72:c0:fa:5e:e5:90:d2:36:dc:
73:ba:5c:4f:ce:59:cd:5c:81:66:38:a2:01:62:76:
59:ab:66:a0:b2:32:3e:b3:a0:1b:8d:da:20:18:42:
13:4d:ce:88:d6:35:c0:7a:53:ed:4c:e2:6e:41:5d:
39:3f:bc:8d:1c:78:bd:aa:6d:2c:be:d0:cd:92:06:
7c:30:fc:77:7e:79:74:1b:24:2f:96:b5:9e:1e:c0:
18:84:da:97:f3:76:c4:ab:8d:bb:02:41:e6:b9:da:
ac:a1:df:a1:40:23:6c:1a:e5:3c:36:a1:48:ae:b3:
e8:77:23:28:1c:16:70:29:62:37:c2:19:5c:6a:30:
e9:58:e1:8c:09:62:e3:74:96:a7:3e:4a:2a:97:98:
69:08:0f:a0:50:c3:93:4f:4b:47:ce:cc:f1:2d:ff:
7f:64:15:d5:03:74:37:33:6c:ab:a3:0a:98:b5:f7:
1d:4c:68:90:2e:00:f7:c8:45:06:e2:40:4b:d9:ae:
fc:0c:20:18:f4:fd:f6:cd:6c:41:32:00:1f:a0:32:
2b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D9:12:DF:0C:2D:9D:81:52:4B:C6:36:35:EC:AF:6C:93:67:53:32
X509v3 Authority Key Identifier:
keyid:AC:EF:4D:A5:6C:B9:40:D9:F2:F7:D0:21:AF:2A:61:FB:D3:B1:4E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rO9NpWy5QNny99Ahryph-9OxTqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/JNkS3wwtnYFSS8Y2NeyvbJNnUzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a5c088-cfdc-4b95-abf4-3911bbc54747/1/rO9NpWy5QNny99Ahryph-9OxTqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.28.0/24
IPv6:
2a12:f840::/29
Signature Algorithm: sha256WithRSAEncryption
1f:28:d3:b7:e5:46:53:fa:df:ea:ac:c8:a0:af:16:51:dc:38:
72:de:d9:6a:0b:ab:3a:27:47:13:22:60:03:d9:61:64:6d:ff:
8c:a4:5a:70:49:3a:ed:fa:a6:e9:89:5e:25:5e:0f:f4:02:ae:
8f:98:6b:6f:03:5d:cc:43:3d:4e:4f:7b:67:4f:5c:11:86:54:
8e:c4:ad:d7:48:3e:5d:ba:d7:71:83:db:34:2e:dd:b7:cc:70:
e8:98:bb:ca:71:ed:d6:b0:71:0e:5b:c6:3c:bc:ad:4e:35:8a:
c4:27:83:9e:fd:16:b3:31:25:cf:92:dd:ab:c3:e1:77:ea:fa:
08:ee:ad:b6:af:69:74:7a:6d:8a:29:77:f0:25:53:54:db:c2:
c5:44:25:b2:2b:6d:ee:e3:30:87:73:b8:8b:30:92:99:c3:10:
e7:b9:12:56:83:ea:a4:d5:62:f7:46:a6:01:cf:8a:88:4e:82:
be:d2:20:4b:29:91:c9:8b:96:3b:b7:39:fa:2f:aa:7a:c1:db:
87:79:b1:44:f9:5c:17:26:4c:f1:c2:99:34:5f:7b:5d:f7:cf:
1c:dc:bf:5b:44:f6:fd:38:4c:80:a6:d9:3b:07:6c:08:fd:b1:
fc:2a:37:b2:1a:65:bd:ad:ed:55:aa:2c:29:22:87:1b:b2:1a:
ca:f9:c4:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYklta9PYM88bPpSXMcJy4mJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZWY0ZGE1NmNiOTQwZDlmMmY3ZDAyMWFmMmE2MWZiZDNi
MTRlYTgwHhcNMjMwNzA1MTEwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQ5MTJkZjBjMmQ5ZDgxNTI0YmM2MzYzNWVjYWY2YzkzNjc1MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB+sCjx+D7lWSxeLP4CPkfIPS8wv
Nzu47U9QyMTO+D4mmijcMOFFacF4f5pV5/6D3GFywPpe5ZDSNtxzulxPzlnNXIFm
OKIBYnZZq2agsjI+s6AbjdogGEITTc6I1jXAelPtTOJuQV05P7yNHHi9qm0svtDN
kgZ8MPx3fnl0GyQvlrWeHsAYhNqX83bEq427AkHmudqsod+hQCNsGuU8NqFIrrPo
dyMoHBZwKWI3whlcajDpWOGMCWLjdJanPkoql5hpCA+gUMOTT0tHzszxLf9/ZBXV
A3Q3M2yrowqYtfcdTGiQLgD3yEUG4kBL2a78DCAY9P32zWxBMgAfoDIrDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTZEt8MLZ2BUkvGNjXsr2yTZ1MyMB8GA1UdIwQY
MBaAFKzvTaVsuUDZ8vfQIa8qYfvTsU6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck85TnBXeTVRTm55OTlBaHJ5cGgtOU94VHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNWMwODgtY2ZkYy00Yjk1LWFiZjQt
MzkxMWJiYzU0NzQ3LzEvSk5rUzN3d3RuWUZTUzhZMk5leXZiSk5uVXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNWMwODgtY2ZkYy00Yjk1LWFiZjQtMzkxMWJiYzU0NzQ3
LzEvck85TnBXeTVRTm55OTlBaHJ5cGgtOU94VHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW84cMA0E
AgACMAcDBQMqEvhAMA0GCSqGSIb3DQEBCwUAA4IBAQAfKNO35UZT+t/qrMigrxZR
3Dhy3tlqC6s6J0cTImAD2WFkbf+MpFpwSTrt+qbpiV4lXg/0Aq6PmGtvA13MQz1O
T3tnT1wRhlSOxK3XSD5dutdxg9s0Lt23zHDomLvKce3WsHEOW8Y8vK1ONYrEJ4Oe
/RazMSXPkt2rw+F36voI7q22r2l0em2KKXfwJVNU28LFRCWyK23u4zCHc7iLMJKZ
wxDnuRJWg+qk1WL3RqYBz4qIToK+0iBLKZHJi5Y7tzn6L6p6wduHebFE+VwXJkzx
wpk0X3td988c3L9bRPb9OEyAptk7B2wI/bH8KjeyGmW9re1VqiwpIocbshrK+cTb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:10 2025 by rpki-client