Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/JlTJh2DmkO1gwP10YyHrodvHDtc.roa
File: JlTJh2DmkO1gwP10YyHrodvHDtc.roa (raw, json)
Hash identifier: s2NxFteRu49VJIrp0w+CzzASkdy2ixFGh24Pzq3Xnv0=
Subject key identifier: 26:54:C9:87:60:E6:90:ED:60:C0:FD:74:63:21:EB:A1:DB:C7:0E:D7
Certificate issuer: /CN=ef584b511d96a4ae6c96300197f84f96a3afc246
Certificate serial: 018811FFFDA177D2B3DE9382867522828F20
Authority key identifier: EF:58:4B:51:1D:96:A4:AE:6C:96:30:01:97:F8:4F:96:A3:AF:C2:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71hLUR2WpK5sljABl_hPlqOvwkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/JlTJh2DmkO1gwP10YyHrodvHDtc.roa
Signing time: Fri 12 May 2023 22:06:09 +0000
ROA not before: Fri 12 May 2023 22:06:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41486
IP address blocks: 194.9.60.0/23 maxlen: 23
194.9.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:11:ff:fd:a1:77:d2:b3:de:93:82:86:75:22:82:8f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef584b511d96a4ae6c96300197f84f96a3afc246
Validity
Not Before: May 12 22:06:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2654c98760e690ed60c0fd746321eba1dbc70ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:26:ba:24:e9:24:b2:13:b9:e9:19:85:b6:
94:90:ac:ef:ca:1a:ab:53:2c:7c:a7:ef:17:e0:23:
a9:29:83:e5:7c:4b:a9:f5:7c:6f:f7:d6:3e:8e:48:
dd:bd:1a:b0:64:3e:aa:46:2a:d5:b8:cc:20:22:87:
ea:b2:d7:0a:3d:ff:53:97:46:6a:08:99:67:b1:6e:
28:cd:69:49:37:77:40:1a:91:34:43:45:73:5f:e8:
9a:82:66:3e:55:f2:fd:20:28:ec:a3:a7:48:c8:0a:
9e:1a:35:46:95:80:a4:e9:a9:23:b5:18:cf:25:50:
0e:42:af:53:23:6c:8f:c9:65:ef:91:e0:00:25:4b:
b9:bb:fc:3e:fc:7d:ed:81:50:bd:5b:c1:37:85:05:
55:5e:98:da:34:c4:8e:61:a0:32:fe:9c:b0:b8:e0:
35:45:32:cb:ab:e7:7b:a4:ec:32:7f:ab:92:42:4b:
02:c8:06:47:0f:03:a3:e5:0e:ce:53:66:7e:6c:82:
b8:09:50:7b:82:13:de:73:43:70:fe:be:c9:a5:52:
88:7e:12:4b:c3:f5:05:3c:79:3e:ed:9e:57:da:e3:
6a:f9:df:83:6d:e5:ab:ce:81:0b:6c:35:ff:67:a8:
d5:a1:a8:46:50:b9:d0:d8:21:ac:76:fa:51:e2:b4:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:54:C9:87:60:E6:90:ED:60:C0:FD:74:63:21:EB:A1:DB:C7:0E:D7
X509v3 Authority Key Identifier:
keyid:EF:58:4B:51:1D:96:A4:AE:6C:96:30:01:97:F8:4F:96:A3:AF:C2:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71hLUR2WpK5sljABl_hPlqOvwkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/JlTJh2DmkO1gwP10YyHrodvHDtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d6cb0-0396-4f2b-aec3-47e3049830b0/1/71hLUR2WpK5sljABl_hPlqOvwkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.60.0/23
Signature Algorithm: sha256WithRSAEncryption
76:3f:86:8c:a8:18:40:32:e0:ed:1c:6a:3e:0b:a5:47:1c:8c:
2d:54:ec:31:84:f7:ef:db:8e:68:cd:a1:21:42:8d:88:15:22:
63:4a:e8:f3:02:72:97:b3:7e:e7:81:7d:a9:27:49:c2:ba:b3:
7d:c3:9d:f8:a6:e4:cd:60:7a:bc:64:09:cb:de:04:f0:86:32:
bb:40:d5:30:f9:96:16:6e:60:9a:ed:a7:24:f4:85:16:61:a9:
53:2f:e2:5f:b6:ef:1b:69:14:3e:e4:f7:8b:f7:35:3a:c9:db:
d8:31:96:79:e4:af:2c:3e:eb:26:27:2b:4f:94:d7:f6:d6:85:
f6:8b:af:34:74:97:d1:37:23:c5:15:08:26:af:fa:00:ad:31:
cc:95:3a:ff:5e:08:44:de:bd:a8:45:32:4f:10:6a:98:a6:93:
99:1a:d1:84:e7:27:5e:9f:94:d1:e9:50:78:d6:fe:d3:9a:05:
bc:3f:3d:ff:0a:6b:fa:2f:8e:38:3f:41:57:0e:47:ca:cb:f6:
50:62:b7:ec:aa:9b:14:c3:e5:fd:ed:ce:2c:c3:05:d6:c1:76:
ce:09:ed:4b:56:6d:01:1d:35:9f:0c:b0:44:d1:6e:71:c8:d8:
ac:68:9d:d0:0b:e9:c1:7b:0a:ea:ea:da:36:ba:ab:b4:8b:d6:
b0:f1:97:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgR//2hd9Kz3pOChnUigo8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTg0YjUxMWQ5NmE0YWU2Yzk2MzAwMTk3Zjg0Zjk2YTNh
ZmMyNDYwHhcNMjMwNTEyMjIwNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjU0Yzk4NzYwZTY5MGVkNjBjMGZkNzQ2MzIxZWJhMWRiYzcwZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtREmuiTpJLITuekZhbaUkKzvyhqr
Uyx8p+8X4COpKYPlfEup9Xxv99Y+jkjdvRqwZD6qRirVuMwgIofqstcKPf9Tl0Zq
CJlnsW4ozWlJN3dAGpE0Q0VzX+iagmY+VfL9ICjso6dIyAqeGjVGlYCk6akjtRjP
JVAOQq9TI2yPyWXvkeAAJUu5u/w+/H3tgVC9W8E3hQVVXpjaNMSOYaAy/pywuOA1
RTLLq+d7pOwyf6uSQksCyAZHDwOj5Q7OU2Z+bIK4CVB7ghPec0Nw/r7JpVKIfhJL
w/UFPHk+7Z5X2uNq+d+DbeWrzoELbDX/Z6jVoahGULnQ2CGsdvpR4rT7uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCZUyYdg5pDtYMD9dGMh66Hbxw7XMB8GA1UdIwQY
MBaAFO9YS1EdlqSubJYwAZf4T5ajr8JGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFoTFVSMldwSzVzbGpBQmxfaFBscU92d2tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84ZDZjYjAtMDM5Ni00ZjJiLWFlYzMt
NDdlMzA0OTgzMGIwLzEvSmxUSmgyRG1rTzFnd1AxMFl5SHJvZHZIRHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84ZDZjYjAtMDM5Ni00ZjJiLWFlYzMtNDdlMzA0OTgzMGIw
LzEvNzFoTFVSMldwSzVzbGpBQmxfaFBscU92d2tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwgk8MA0G
CSqGSIb3DQEBCwUAA4IBAQB2P4aMqBhAMuDtHGo+C6VHHIwtVOwxhPfv245ozaEh
Qo2IFSJjSujzAnKXs37ngX2pJ0nCurN9w534puTNYHq8ZAnL3gTwhjK7QNUw+ZYW
bmCa7ack9IUWYalTL+Jftu8baRQ+5PeL9zU6ydvYMZZ55K8sPusmJytPlNf21oX2
i680dJfRNyPFFQgmr/oArTHMlTr/XghE3r2oRTJPEGqYppOZGtGE5yden5TR6VB4
1v7TmgW8Pz3/Cmv6L444P0FXDkfKy/ZQYrfsqpsUw+X97c4swwXWwXbOCe1LVm0B
HTWfDLBE0W5xyNisaJ3QC+nBewrq6to2uqu0i9aw8Ze4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:09 2025 by rpki-client