Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/J-0LzaqDhyNCJ7FHb0hWLm5dOyk.roa
File: J-0LzaqDhyNCJ7FHb0hWLm5dOyk.roa (raw, json)
Hash identifier: HBZ08papHsdJngYd33ga7JibEDHUTBCQVeYMyA2gj+I=
Subject key identifier: 27:ED:0B:CD:AA:83:87:23:42:27:B1:47:6F:48:56:2E:6E:5D:3B:29
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018649500B8BEED0F5B6E7F1DA3380D21BFC
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/J-0LzaqDhyNCJ7FHb0hWLm5dOyk.roa
Signing time: Mon 13 Feb 2023 05:47:07 +0000
ROA not before: Mon 13 Feb 2023 05:47:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48851
IP address blocks: 94.188.222.0/24 maxlen: 24
94.188.233.0/24 maxlen: 24
94.188.232.0/24 maxlen: 24
94.188.234.0/24 maxlen: 24
94.188.235.0/24 maxlen: 24
94.188.236.0/24 maxlen: 24
94.188.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:50:0b:8b:ee:d0:f5:b6:e7:f1:da:33:80:d2:1b:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:47:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27ed0bcdaa8387234227b1476f48562e6e5d3b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ec:aa:46:33:5b:32:52:2f:40:79:3f:2a:33:
cb:ab:1a:b8:68:c0:88:fa:bc:8f:bf:55:54:bd:ad:
ac:48:87:57:c8:fd:9a:79:9d:0c:ca:3e:a9:c7:40:
a9:f5:73:3b:e1:c1:45:3e:a2:56:a7:0b:7a:d2:44:
44:fc:3a:00:ed:56:13:db:fc:9e:ca:9e:d7:c5:ec:
31:f7:8b:81:d4:32:91:38:78:71:09:3a:46:b6:9e:
bd:db:c6:2b:df:ab:b0:1b:57:32:c7:e4:1f:10:b7:
e9:02:14:93:67:8e:67:9e:eb:ee:d6:e4:e2:6e:25:
dc:97:09:77:8d:32:20:bf:87:ef:c7:0e:f2:5f:dc:
b9:4c:aa:01:38:7f:93:2a:38:6e:f5:94:ad:92:21:
91:a0:a2:14:7d:30:12:0c:7c:d8:e6:85:c0:f3:20:
9d:9b:3c:c4:37:0b:52:28:d4:db:71:ed:cb:14:84:
e8:16:a1:a5:02:cf:c0:a5:8f:17:11:29:45:b4:32:
a3:98:64:08:c3:d5:c5:b7:62:21:58:4d:69:ff:1b:
a0:43:54:16:45:71:38:b0:0d:ee:df:89:15:fb:39:
2d:47:53:6f:1f:0d:ef:8d:b7:58:58:b9:63:6b:69:
7c:0b:4f:dd:6b:e7:71:a0:21:72:09:30:c3:de:fe:
e3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:ED:0B:CD:AA:83:87:23:42:27:B1:47:6F:48:56:2E:6E:5D:3B:29
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/J-0LzaqDhyNCJ7FHb0hWLm5dOyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.210.0/24
94.188.222.0/24
94.188.232.0-94.188.236.255
Signature Algorithm: sha256WithRSAEncryption
21:07:9f:f4:a6:d9:40:38:6d:38:30:35:1b:a0:d3:5d:76:8f:
b7:06:a8:9c:68:d6:0d:60:cc:bd:a9:86:68:74:1c:2c:7f:f4:
4c:22:a7:77:e4:c2:d1:4d:22:2d:4b:43:95:97:a9:be:2a:d4:
3e:48:a7:6b:e9:b8:66:95:64:9f:fd:d3:5e:73:1f:32:e9:ce:
69:c0:1e:a7:bc:2d:d9:24:e2:68:d5:56:5d:a4:a5:fb:ff:0f:
5e:eb:32:49:ea:c6:c0:7f:62:26:73:59:71:11:ad:0e:dc:11:
bb:3b:0f:7b:bc:4c:18:93:a4:a6:88:d6:f8:c6:9c:31:4e:f4:
6e:fd:a0:a9:58:84:84:b5:13:5d:21:55:1f:cc:2a:e5:06:1f:
59:35:5b:b0:9c:25:15:79:35:14:55:7f:42:22:13:1a:85:18:
6a:75:95:ce:7c:10:b0:b4:0c:26:79:1c:9c:c8:97:34:26:81:
a3:6e:c7:a7:a6:03:d1:f8:bc:8f:2e:d8:8e:ce:81:99:6a:71:
72:7f:48:04:71:e8:82:4e:e5:74:a2:96:52:6b:6f:0e:7c:11:
de:2b:8d:19:0b:6d:cb:d7:65:ba:f7:20:76:df:2e:ae:40:2e:
d9:b8:6e:a4:6e:eb:1c:b2:a1:6b:18:e2:fc:4e:e0:35:06:e9:
0e:e7:ee:84
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYZJUAuL7tD1tufx2jOA0hv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU0NzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2VkMGJjZGFhODM4NzIzNDIyN2IxNDc2ZjQ4NTYyZTZlNWQzYjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruyqRjNbMlIvQHk/KjPLqxq4aMCI
+ryPv1VUva2sSIdXyP2aeZ0Myj6px0Cp9XM74cFFPqJWpwt60kRE/DoA7VYT2/ye
yp7Xxewx94uB1DKROHhxCTpGtp6928Yr36uwG1cyx+QfELfpAhSTZ45nnuvu1uTi
biXclwl3jTIgv4fvxw7yX9y5TKoBOH+TKjhu9ZStkiGRoKIUfTASDHzY5oXA8yCd
mzzENwtSKNTbce3LFIToFqGlAs/ApY8XESlFtDKjmGQIw9XFt2IhWE1p/xugQ1QW
RXE4sA3u34kV+zktR1NvHw3vjbdYWLlja2l8C0/da+dxoCFyCTDD3v7jGQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCftC82qg4cjQiexR29IVi5uXTspMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvSi0wTHphcURoeU5DSjdGSGIwaFdMbTVkT3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXrzSAwQA
XrzeMAwDBANevOgDBABevOwwDQYJKoZIhvcNAQELBQADggEBACEHn/Sm2UA4bTgw
NRug0112j7cGqJxo1g1gzL2phmh0HCx/9Ewip3fkwtFNIi1LQ5WXqb4q1D5Ip2vp
uGaVZJ/9015zHzLpzmnAHqe8Ldkk4mjVVl2kpfv/D17rMknqxsB/YiZzWXERrQ7c
Ebs7D3u8TBiTpKaI1vjGnDFO9G79oKlYhIS1E10hVR/MKuUGH1k1W7CcJRV5NRRV
f0IiExqFGGp1lc58ELC0DCZ5HJzIlzQmgaNux6emA9H4vI8u2I7OgZlqcXJ/SARx
6IJO5XSillJrbw58Ed4rjRkLbcvXZbr3IHbfLq5ALtm4bqRu6xyyoWsY4vxO4DUG
6Q7n7oQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:14 2025 by rpki-client