Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/jKq5XIYdvuUHZXbjWWLxHJ1XhG0.roa
File: jKq5XIYdvuUHZXbjWWLxHJ1XhG0.roa (raw, json)
Hash identifier: gjckyqkaDJxNgn630AG6OEK9kEMLmWy602TgqJf2uRI=
Subject key identifier: 8C:AA:B9:5C:86:1D:BE:E5:07:65:76:E3:59:62:F1:1C:9D:57:84:6D
Certificate issuer: /CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Certificate serial: 0FFD0ECA
Authority key identifier: 2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/jKq5XIYdvuUHZXbjWWLxHJ1XhG0.roa
Signing time: Sat 01 Jan 2022 04:55:41 +0000
ROA not before: Sat 01 Jan 2022 04:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30801
IP address blocks: 82.98.0.0/18 maxlen: 22
85.203.64.0/18 maxlen: 24
82.98.0.0/19 maxlen: 19
82.98.32.0/20 maxlen: 20
92.61.128.0/20 maxlen: 20
82.98.48.0/21 maxlen: 21
178.16.240.0/20 maxlen: 24
82.98.56.0/22 maxlen: 22
82.98.60.0/22 maxlen: 22
217.67.144.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268242634 (0xffd0eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ec121e1545df3e5bb86e9188f2825fad7477f75
Validity
Not Before: Jan 1 04:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8caab95c861dbee5076576e35962f11c9d57846d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:7f:17:aa:82:73:b2:95:28:b9:70:bd:61:26:
cf:4b:ad:64:c9:79:22:b6:77:f9:80:da:62:c6:e0:
02:73:54:74:ce:a5:55:0a:dd:1c:3b:c1:bb:c8:fc:
7d:af:ca:fd:67:a1:7f:f9:67:c3:09:d8:3f:86:81:
b1:cc:77:36:14:fc:6d:f6:87:2e:23:7f:2c:82:16:
01:aa:04:01:02:2e:4d:0a:5b:4d:17:93:05:be:d5:
be:11:3b:92:86:c3:02:76:1b:ce:e7:28:6b:f8:4d:
71:ca:0d:41:c6:a9:15:76:5c:29:f5:15:a1:cc:3b:
17:fe:a0:56:aa:cb:b5:e0:42:54:c9:0f:43:c2:cd:
4d:f7:20:07:36:99:9c:7a:c3:ce:fb:d7:a5:11:02:
9b:a9:80:ce:0c:e9:68:62:2c:21:10:c0:c1:ac:07:
f3:0f:84:1d:d1:4e:2b:4d:d2:ae:88:92:94:8f:70:
0e:56:96:0a:90:8c:4a:99:da:e7:52:7b:b6:3f:f1:
8c:af:6c:02:7c:75:55:ad:0c:7c:14:fd:cb:38:9c:
12:cf:04:58:50:c7:26:2c:b2:7d:34:b1:44:68:c5:
2c:1e:8a:7e:ab:43:07:63:78:8a:80:21:60:16:75:
cd:5f:56:23:08:27:2b:ea:c4:93:23:25:60:12:3b:
c0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AA:B9:5C:86:1D:BE:E5:07:65:76:E3:59:62:F1:1C:9D:57:84:6D
X509v3 Authority Key Identifier:
keyid:2E:C1:21:E1:54:5D:F3:E5:BB:86:E9:18:8F:28:25:FA:D7:47:7F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsEh4VRd8-W7hukYjygl-tdHf3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/jKq5XIYdvuUHZXbjWWLxHJ1XhG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1ed27c-2d8c-4080-a458-9f522a284595/1/LsEh4VRd8-W7hukYjygl-tdHf3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.0.0/18
85.203.64.0/18
92.61.128.0/20
178.16.240.0/20
217.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:62:17:97:59:41:32:03:1a:62:e0:17:62:68:16:c5:93:fa:
1e:7c:cb:13:34:59:d5:dd:ff:82:12:70:6c:87:c9:b1:1a:b0:
89:ab:5e:4d:69:69:ea:d2:af:05:3d:11:f3:13:f1:c0:1c:41:
65:c6:4f:5d:4c:d2:2f:74:0b:f1:f2:06:de:76:83:d7:bf:dc:
fd:62:2f:d1:10:ae:a7:2c:ff:f2:eb:5f:7f:0e:22:63:e4:6a:
89:03:ae:c4:b4:a4:7b:a6:9a:9a:15:45:8f:ea:84:fc:0d:0d:
6d:c9:63:6c:c3:2a:d6:eb:88:48:ea:06:dd:a3:5b:7b:3a:c0:
b3:12:30:43:9a:bd:bb:8e:42:ec:e6:69:cf:8c:ea:f6:6c:86:
cb:5d:b1:1c:ef:89:33:11:15:4b:ac:26:4f:02:1e:99:ac:b7:
e5:2c:e2:b7:a3:c9:0c:57:6c:d5:28:fa:4e:c9:63:bd:86:83:
d5:a7:b0:73:d8:6e:1a:3e:47:65:f2:97:4e:bc:df:d4:1e:64:
3c:21:d6:c2:62:b7:20:39:ec:d1:f8:d3:10:25:a0:5b:91:c5:
bb:38:6f:d2:6f:ed:73:cd:f5:2c:8f:4d:d7:91:e2:cc:d4:9e:
ec:86:cb:96:75:0e:03:ef:76:e0:5a:e8:23:53:04:db:6c:e8:
c5:51:25:8c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIED/0OyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZWMxMjFlMTU0NWRmM2U1YmI4NmU5MTg4ZjI4MjVmYWQ3NDc3Zjc1MB4XDTIyMDEw
MTA0NTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGNhYWI5NWM4NjFk
YmVlNTA3NjU3NmUzNTk2MmYxMWM5ZDU3ODQ2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMl/F6qCc7KVKLlwvWEmz0utZMl5IrZ3+YDaYsbgAnNUdM6l
VQrdHDvBu8j8fa/K/Wehf/lnwwnYP4aBscx3NhT8bfaHLiN/LIIWAaoEAQIuTQpb
TReTBb7VvhE7kobDAnYbzucoa/hNccoNQcapFXZcKfUVocw7F/6gVqrLteBCVMkP
Q8LNTfcgBzaZnHrDzvvXpRECm6mAzgzpaGIsIRDAwawH8w+EHdFOK03SroiSlI9w
DlaWCpCMSpna51J7tj/xjK9sAnx1Va0MfBT9yzicEs8EWFDHJiyyfTSxRGjFLB6K
fqtDB2N4ioAhYBZ1zV9WIwgnK+rEkyMlYBI7wBECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSMqrlchh2+5QdlduNZYvEcnVeEbTAfBgNVHSMEGDAWgBQuwSHhVF3z5buG
6RiPKCX610d/dTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xzRWg0VlJkOC1XN2h1a1lqeWdsLXRkSGYzVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMWVkMjdjLTJkOGMtNDA4MC1hNDU4LTlmNTIyYTI4NDU5NS8x
L2pLcTVYSVlkdnVVSFpYYmpXV0x4SEoxWGhHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MWVkMjdjLTJkOGMtNDA4MC1hNDU4LTlmNTIyYTI4NDU5NS8xL0xzRWg0VlJkOC1X
N2h1a1lqeWdsLXRkSGYzVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEBlJiAAMEBlXLQAMEBFw9gAMEBLIQ
8AMEBNlDkDANBgkqhkiG9w0BAQsFAAOCAQEALmIXl1lBMgMaYuAXYmgWxZP6HnzL
EzRZ1d3/ghJwbIfJsRqwiateTWlp6tKvBT0R8xPxwBxBZcZPXUzSL3QL8fIG3naD
17/c/WIv0RCupyz/8utffw4iY+RqiQOuxLSke6aamhVFj+qE/A0NbcljbMMq1uuI
SOoG3aNbezrAsxIwQ5q9u45C7OZpz4zq9myGy12xHO+JMxEVS6wmTwIemay35Szi
t6PJDFds1Sj6TsljvYaD1aewc9huGj5HZfKXTrzf1B5kPCHWwmK3IDns0fjTECWg
W5HFuzhv0m/tc831LI9N15HizNSe7IbLlnUOA+924FroI1ME22zoxVEljA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:17 2025 by rpki-client