Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/JPTbQKqszta00n3ylzVDvDxDmyA.roa
File: JPTbQKqszta00n3ylzVDvDxDmyA.roa (raw, json)
Hash identifier: alPWGIubZYcuP9zdUBvRXd3RV0fr4fZYV/Pk9uYncYw=
Subject key identifier: 24:F4:DB:40:AA:AC:CE:D6:B4:D2:7D:F2:97:35:43:BC:3C:43:9B:20
Certificate issuer: /CN=52226f671c2643a5c04846264fee01f943ac2bfc
Certificate serial: 018572C3949A932D983C96D3D73603EE6B0F
Authority key identifier: 52:22:6F:67:1C:26:43:A5:C0:48:46:26:4F:EE:01:F9:43:AC:2B:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UiJvZxwmQ6XASEYmT-4B-UOsK_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/JPTbQKqszta00n3ylzVDvDxDmyA.roa
Signing time: Mon 02 Jan 2023 13:54:58 +0000
ROA not before: Mon 02 Jan 2023 13:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8896
IP address blocks: 80.86.208.0/20 maxlen: 20
81.29.32.0/20 maxlen: 20
2a03:9a00::/32 maxlen: 32
2a03:9a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:94:9a:93:2d:98:3c:96:d3:d7:36:03:ee:6b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52226f671c2643a5c04846264fee01f943ac2bfc
Validity
Not Before: Jan 2 13:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24f4db40aaacced6b4d27df2973543bc3c439b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bf:48:f5:e8:a8:b4:4a:df:2c:ef:a4:60:c3:
3f:7d:75:4e:cd:b2:47:3b:f2:48:9d:f2:24:99:a8:
bb:e2:1a:2a:8f:0d:2a:23:72:4d:72:7e:22:ac:ae:
03:a0:c4:5d:60:ef:7e:eb:46:e7:ca:18:0f:44:21:
ce:7d:04:98:b8:58:0f:15:e3:cd:31:56:5f:5a:1e:
41:02:45:e3:49:8a:6b:9f:8a:a0:08:5f:8b:3e:51:
f6:99:44:9a:22:70:dc:7c:82:da:31:d2:fe:5b:72:
69:2a:5a:23:dd:16:be:78:55:18:0c:22:8f:8c:c3:
15:0a:c2:89:10:46:be:a4:e0:04:ab:1d:d2:65:c3:
ca:f6:5f:6a:c4:9e:8f:00:ba:21:91:23:86:47:9b:
2f:8a:f5:a5:9f:12:31:cd:fa:cd:19:1c:89:cc:e0:
66:1a:26:51:d9:e8:0c:0e:c3:62:a5:5c:53:cb:ec:
db:29:b8:59:96:5b:e7:a9:b5:ab:a1:4d:68:65:a7:
82:5d:72:7c:74:42:d1:3d:87:77:02:5e:77:0a:86:
7c:e1:dc:ac:e6:9c:96:40:8a:b3:f6:a7:02:64:cd:
5c:76:f6:91:50:32:9d:8f:7d:c9:af:d1:d2:e3:15:
20:6a:4a:10:2a:0c:88:a2:bc:6e:0f:e4:40:84:75:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F4:DB:40:AA:AC:CE:D6:B4:D2:7D:F2:97:35:43:BC:3C:43:9B:20
X509v3 Authority Key Identifier:
keyid:52:22:6F:67:1C:26:43:A5:C0:48:46:26:4F:EE:01:F9:43:AC:2B:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UiJvZxwmQ6XASEYmT-4B-UOsK_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/JPTbQKqszta00n3ylzVDvDxDmyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2b4d0f-219f-4c00-8648-a12de3a33553/1/UiJvZxwmQ6XASEYmT-4B-UOsK_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.208.0/20
81.29.32.0/20
IPv6:
2a03:9a00::/29
Signature Algorithm: sha256WithRSAEncryption
20:25:91:b4:27:8b:54:0c:94:9a:ce:8d:f6:20:d0:a7:c7:fb:
b5:36:bb:82:73:0c:2b:2f:5f:6b:7e:bd:fb:0b:31:0c:57:7b:
48:ea:9c:78:56:2f:ca:9f:90:3e:66:56:76:04:7c:fc:27:a6:
92:37:05:f0:cc:4d:c2:19:9e:3e:75:15:71:85:ab:b5:62:c2:
38:25:52:a9:79:7f:8b:e2:25:fb:24:ef:79:4a:e5:fd:9b:32:
b6:cb:2f:43:cb:ad:ef:1c:b1:8c:b8:f6:47:87:05:4c:64:79:
69:e7:0e:bc:21:b4:50:7c:a9:dc:0b:88:c0:93:3e:9d:c0:d4:
29:3e:b5:4a:3e:ef:f6:5f:10:b4:55:f7:a6:de:24:de:c5:a5:
91:08:62:f5:a9:ad:8c:a7:5b:ce:c3:91:9d:3a:20:f2:7b:25:
1a:97:90:d7:29:d6:65:db:d1:31:37:10:38:e0:b6:57:58:53:
e7:af:14:82:2f:0d:71:97:7c:6e:11:93:b0:d6:26:4f:89:55:
cb:73:79:e2:a1:f4:1d:22:fe:5e:f7:73:5c:20:9a:13:5a:10:
64:5d:ae:b4:63:74:0d:67:51:48:ef:c2:7c:09:58:db:0e:16:
2b:62:59:8c:4c:75:85:61:a8:ce:53:dd:53:68:40:ee:6d:92:
3a:95:3d:a7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyw5Saky2YPJbT1zYD7msPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMjI2ZjY3MWMyNjQzYTVjMDQ4NDYyNjRmZWUwMWY5NDNh
YzJiZmMwHhcNMjMwMTAyMTM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGY0ZGI0MGFhYWNjZWQ2YjRkMjdkZjI5NzM1NDNiYzNjNDM5YjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA079I9eiotErfLO+kYMM/fXVOzbJH
O/JInfIkmai74hoqjw0qI3JNcn4irK4DoMRdYO9+60bnyhgPRCHOfQSYuFgPFePN
MVZfWh5BAkXjSYprn4qgCF+LPlH2mUSaInDcfILaMdL+W3JpKloj3Ra+eFUYDCKP
jMMVCsKJEEa+pOAEqx3SZcPK9l9qxJ6PALohkSOGR5svivWlnxIxzfrNGRyJzOBm
GiZR2egMDsNipVxTy+zbKbhZllvnqbWroU1oZaeCXXJ8dELRPYd3Al53CoZ84dys
5pyWQIqz9qcCZM1cdvaRUDKdj33Jr9HS4xUgakoQKgyIorxuD+RAhHXCPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCT020CqrM7WtNJ98pc1Q7w8Q5sgMB8GA1UdIwQY
MBaAFFIib2ccJkOlwEhGJk/uAflDrCv8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWlKdlp4d21RNlhBU0VZbVQtNEItVU9zS193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYjRkMGYtMjE5Zi00YzAwLTg2NDgt
YTEyZGUzYTMzNTUzLzEvSlBUYlFLcXN6dGEwMG4zeWx6VkR2RHhEbXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYjRkMGYtMjE5Zi00YzAwLTg2NDgtYTEyZGUzYTMzNTUz
LzEvVWlKdlp4d21RNlhBU0VZbVQtNEItVU9zS193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUFbQAwQE
UR0gMA0EAgACMAcDBQMqA5oAMA0GCSqGSIb3DQEBCwUAA4IBAQAgJZG0J4tUDJSa
zo32INCnx/u1NruCcwwrL19rfr37CzEMV3tI6px4Vi/Kn5A+ZlZ2BHz8J6aSNwXw
zE3CGZ4+dRVxhau1YsI4JVKpeX+L4iX7JO95SuX9mzK2yy9Dy63vHLGMuPZHhwVM
ZHlp5w68IbRQfKncC4jAkz6dwNQpPrVKPu/2XxC0Vfem3iTexaWRCGL1qa2Mp1vO
w5GdOiDyeyUal5DXKdZl29ExNxA44LZXWFPnrxSCLw1xl3xuEZOw1iZPiVXLc3ni
ofQdIv5e93NcIJoTWhBkXa60Y3QNZ1FI78J8CVjbDhYrYlmMTHWFYajOU91TaEDu
bZI6lT2n
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:22 2025 by rpki-client