Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/jnyw65PFOsMfpeUPNFWXy5l-nxg.roa
File: jnyw65PFOsMfpeUPNFWXy5l-nxg.roa (raw, json)
Hash identifier: RWy/o3qpTbVh/kXhLtQ8fwp9hJEC9RIzgaUDZBMEJ3s=
Subject key identifier: 8E:7C:B0:EB:93:C5:3A:C3:1F:A5:E5:0F:34:55:97:CB:99:7E:9F:18
Certificate issuer: /CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Certificate serial: 0189FDA56E938B65BFE649F0141DD1488CA1
Authority key identifier: 11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/jnyw65PFOsMfpeUPNFWXy5l-nxg.roa
Signing time: Wed 16 Aug 2023 09:20:24 +0000
ROA not before: Wed 16 Aug 2023 09:20:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5598
IP address blocks: 176.101.96.96/27 maxlen: 27
176.101.96.0/19 maxlen: 20
176.101.104.0/23 maxlen: 23
176.101.102.0/23 maxlen: 23
176.101.106.0/23 maxlen: 23
176.101.110.0/24 maxlen: 24
176.101.108.0/23 maxlen: 23
176.101.112.0/20 maxlen: 20
176.101.97.128/28 maxlen: 28
176.101.97.144/28 maxlen: 28
176.101.125.0/24 maxlen: 24
176.101.127.0/24 maxlen: 24
176.101.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:a5:6e:93:8b:65:bf:e6:49:f0:14:1d:d1:48:8c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11d19f88b0dc1b890254db94a9b62046d6be794b
Validity
Not Before: Aug 16 09:20:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e7cb0eb93c53ac31fa5e50f345597cb997e9f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:29:5e:db:4f:36:e0:38:92:f3:47:33:c8:64:
b0:ba:b3:83:e0:27:93:62:a3:d5:4f:b7:3b:08:a7:
fe:d2:58:87:40:64:62:f5:76:73:58:1a:97:6c:fa:
52:7e:1a:0f:f9:d2:c2:1a:68:70:d3:9c:37:02:64:
cf:ad:f3:ac:a0:54:b9:9e:7d:31:32:f0:a0:95:04:
57:36:fa:57:0e:42:67:fd:f2:7b:94:cf:58:06:07:
11:18:d6:c4:b0:06:98:23:09:50:a9:b6:fd:3d:23:
e0:79:61:ce:92:77:c7:97:0d:32:13:ff:6c:75:a0:
93:92:7d:f0:8c:4e:1b:32:fa:fc:c1:5d:ad:ea:d1:
09:d2:dc:cd:da:da:a8:20:89:37:1e:aa:d4:cf:60:
84:0e:3c:f3:1c:38:29:fc:17:3d:cb:b7:27:ce:1f:
ff:9b:b2:15:21:64:ce:43:d2:4d:3e:63:0f:b5:84:
66:a8:a4:5b:00:7d:92:68:ab:b1:a4:33:de:8b:8f:
69:52:ee:d1:66:1b:29:2a:ca:60:27:69:78:c0:64:
f3:c4:8a:51:ac:a3:58:f7:e0:e2:70:7e:ed:c8:8c:
36:04:a9:de:27:7d:05:7c:1c:27:1a:b8:c4:e5:3e:
e9:9c:9f:bd:2b:11:c2:c5:69:0d:78:ff:61:a0:59:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7C:B0:EB:93:C5:3A:C3:1F:A5:E5:0F:34:55:97:CB:99:7E:9F:18
X509v3 Authority Key Identifier:
keyid:11:D1:9F:88:B0:DC:1B:89:02:54:DB:94:A9:B6:20:46:D6:BE:79:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EdGfiLDcG4kCVNuUqbYgRta-eUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/jnyw65PFOsMfpeUPNFWXy5l-nxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9b783c-9f59-4696-82c4-48b4955f0600/1/EdGfiLDcG4kCVNuUqbYgRta-eUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.96.0/19
Signature Algorithm: sha256WithRSAEncryption
c7:db:9f:fd:34:87:08:d8:f2:09:f0:7f:77:2e:f7:27:7f:35:
c8:35:0c:f3:25:0b:78:04:fc:29:59:12:d6:49:07:ef:d2:e7:
bf:c8:02:61:2d:08:0d:32:e1:4b:ae:c5:e7:ce:f3:1c:a7:1f:
36:cb:af:61:85:4b:8e:19:41:62:96:db:73:60:58:a1:e7:ae:
db:2e:bb:25:8d:d5:a7:d6:a6:02:e0:ca:4d:c6:b8:1f:98:1e:
82:a7:ad:e1:7d:9e:81:72:eb:a3:6c:88:7d:34:1a:66:e6:07:
67:ab:12:64:34:16:4c:35:af:e8:7f:99:1a:d0:ef:d2:05:2f:
38:8a:cb:65:26:1c:1c:13:60:9b:00:0e:1d:3a:bc:01:b4:62:
e7:5d:2c:91:a0:c6:5c:c2:66:8e:53:ca:74:2c:a0:de:7c:87:
b7:6d:1e:7c:b2:34:99:66:cc:94:21:73:b8:e8:d8:16:a0:c7:
a7:38:e6:bb:5f:39:b2:a5:30:16:12:d8:f0:65:61:97:3d:d9:
33:10:fc:d9:cc:fe:b4:97:0b:b2:8d:63:c1:92:1a:35:14:95:
8e:c4:cc:d7:69:d0:a3:82:9c:0a:f6:7f:0e:0d:e3:a7:ef:bf:
de:3d:ba:54:4d:36:ee:5d:69:99:1e:fb:e5:61:69:68:e3:54:
21:45:61:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn9pW6Ti2W/5knwFB3RSIyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZDE5Zjg4YjBkYzFiODkwMjU0ZGI5NGE5YjYyMDQ2ZDZi
ZTc5NGIwHhcNMjMwODE2MDkyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdjYjBlYjkzYzUzYWMzMWZhNWU1MGYzNDU1OTdjYjk5N2U5ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyile20824DiS80czyGSwurOD4CeT
YqPVT7c7CKf+0liHQGRi9XZzWBqXbPpSfhoP+dLCGmhw05w3AmTPrfOsoFS5nn0x
MvCglQRXNvpXDkJn/fJ7lM9YBgcRGNbEsAaYIwlQqbb9PSPgeWHOknfHlw0yE/9s
daCTkn3wjE4bMvr8wV2t6tEJ0tzN2tqoIIk3HqrUz2CEDjzzHDgp/Bc9y7cnzh//
m7IVIWTOQ9JNPmMPtYRmqKRbAH2SaKuxpDPei49pUu7RZhspKspgJ2l4wGTzxIpR
rKNY9+DicH7tyIw2BKneJ30FfBwnGrjE5T7pnJ+9KxHCxWkNeP9hoFncVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI58sOuTxTrDH6XlDzRVl8uZfp8YMB8GA1UdIwQY
MBaAFBHRn4iw3BuJAlTblKm2IEbWvnlLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQt
NDhiNDk1NWYwNjAwLzEvam55dzY1UEZPc01mcGVVUE5GV1h5NWwtbnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85Yjc4M2MtOWY1OS00Njk2LTgyYzQtNDhiNDk1NWYwNjAw
LzEvRWRHZmlMRGNHNGtDVk51VXFiWWdSdGEtZVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGVgMA0G
CSqGSIb3DQEBCwUAA4IBAQDH25/9NIcI2PIJ8H93LvcnfzXINQzzJQt4BPwpWRLW
SQfv0ue/yAJhLQgNMuFLrsXnzvMcpx82y69hhUuOGUFilttzYFih567bLrsljdWn
1qYC4MpNxrgfmB6Cp63hfZ6BcuujbIh9NBpm5gdnqxJkNBZMNa/of5ka0O/SBS84
istlJhwcE2CbAA4dOrwBtGLnXSyRoMZcwmaOU8p0LKDefIe3bR58sjSZZsyUIXO4
6NgWoMenOOa7XzmypTAWEtjwZWGXPdkzEPzZzP60lwuyjWPBkho1FJWOxMzXadCj
gpwK9n8ODeOn77/ePbpUTTbuXWmZHvvlYWlo41QhRWHV
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:44 2025 by rpki-client