Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JOxd2Za1bsIBuUeSyNJToqD526E.roa
File: JOxd2Za1bsIBuUeSyNJToqD526E.roa (raw, json)
Hash identifier: Jvjc5idAj5Jx0JhieHvgfitqCpTqnMMp9qeBhFXId70=
Subject key identifier: 24:EC:5D:D9:96:B5:6E:C2:01:B9:47:92:C8:D2:53:A2:A0:F9:DB:A1
Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Certificate serial: 018572D5DD05FB62D0DC895A33D8704EEBEE
Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JOxd2Za1bsIBuUeSyNJToqD526E.roa
Signing time: Mon 02 Jan 2023 14:14:56 +0000
ROA not before: Mon 02 Jan 2023 14:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209609
IP address blocks: 195.210.38.0/24 maxlen: 24
195.210.39.0/24 maxlen: 24
109.71.76.0/24 maxlen: 24
2001:678:900::/48 maxlen: 48
2a0c:3340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:dd:05:fb:62:d0:dc:89:5a:33:d8:70:4e:eb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6
Validity
Not Before: Jan 2 14:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24ec5dd996b56ec201b94792c8d253a2a0f9dba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:5d:73:3b:67:50:15:ea:3a:6f:77:2f:c2:
59:b3:27:df:54:45:21:a0:99:9d:ff:43:ce:a8:2f:
c3:b0:4c:24:e0:a6:31:94:cb:a8:7d:4b:5c:89:2e:
29:50:8f:47:ac:4a:16:3a:2d:be:58:de:c1:28:11:
0b:6d:d8:de:5c:cb:89:48:b9:42:7a:51:60:73:eb:
0e:f3:b6:90:d1:2b:3e:12:e7:27:9e:78:2f:95:c2:
a0:72:9c:fd:80:84:94:cf:fc:1e:57:02:ea:a7:53:
c0:fe:86:40:66:1d:8b:7b:9f:9a:ee:59:cf:02:02:
41:f4:1a:b2:79:2b:77:54:0f:bb:a6:be:43:ce:a8:
f8:4a:46:80:c4:18:f2:9c:d9:d2:f8:10:85:f9:f2:
22:67:e2:20:e9:b3:11:14:4b:f7:51:a6:68:8d:a4:
2a:2f:1a:e7:e6:18:29:ca:41:1e:ec:a1:3f:32:31:
2d:eb:19:bc:5f:d9:65:1e:dc:a1:a8:a8:13:b8:77:
ce:97:4c:04:ea:c1:b7:d1:b5:80:b8:89:76:27:bf:
11:2a:01:f1:2b:01:b4:d6:f9:45:d5:f0:22:a7:2a:
2f:94:97:be:c5:f2:08:86:c4:46:ab:1d:cf:ea:00:
06:02:84:83:8f:e1:c0:36:a5:53:ff:03:bb:5c:9d:
04:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EC:5D:D9:96:B5:6E:C2:01:B9:47:92:C8:D2:53:A2:A0:F9:DB:A1
X509v3 Authority Key Identifier:
keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/JOxd2Za1bsIBuUeSyNJToqD526E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.76.0/24
195.210.38.0/23
IPv6:
2001:678:900::/48
2a0c:3340::/29
Signature Algorithm: sha256WithRSAEncryption
95:59:1c:63:8a:2f:92:e8:27:ec:30:07:8a:78:6b:f5:c9:61:
a7:48:34:f1:cf:a0:29:ed:84:90:ad:5c:1b:13:c9:04:28:84:
74:c8:77:84:44:4f:33:7c:af:f5:50:ac:ea:a1:73:c8:59:68:
91:4a:4b:a0:a8:ad:83:99:a3:a8:03:f6:c8:17:4a:90:b3:d9:
f8:0d:91:f8:5d:7f:55:5f:32:43:b0:9b:42:59:c9:1f:7d:53:
40:73:3a:79:24:4f:d0:d7:a9:10:bd:be:20:9c:49:6b:9e:24:
bb:87:5a:0f:ec:57:0c:bd:8b:0e:1f:65:c3:50:65:86:b4:0f:
dd:f7:c0:5d:e5:65:4d:3c:83:23:ab:b4:55:64:55:3b:6d:c8:
fe:c0:ec:c2:00:90:b0:87:9c:86:65:c3:bc:b6:f1:97:11:97:
a6:b1:66:71:83:45:18:76:96:61:14:e8:25:61:79:fc:9f:3c:
6d:8d:15:a2:18:6b:e8:d8:8a:e3:80:a5:32:2f:77:38:6c:03:
32:53:ea:b5:c7:cf:eb:9d:93:bb:35:c0:2d:5b:60:78:9e:1f:
64:f3:ad:86:f9:d2:e7:91:99:c8:a0:39:15:5f:22:cd:83:e3:
cd:a2:11:96:31:65:ae:0b:9a:17:98:2f:9b:6b:a5:7d:1c:64:
ea:d9:ff:9f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVy1d0F+2LQ3IlaM9hwTuvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyOGQ1ODE0YzcxNTY0MjBkZWMzYTNmN2U1MjZlZjBmODMz
M2VlZjYwHhcNMjMwMTAyMTQxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVjNWRkOTk2YjU2ZWMyMDFiOTQ3OTJjOGQyNTNhMmEwZjlkYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm25dcztnUBXqOm93L8JZsyffVEUh
oJmd/0POqC/DsEwk4KYxlMuofUtciS4pUI9HrEoWOi2+WN7BKBELbdjeXMuJSLlC
elFgc+sO87aQ0Ss+EucnnngvlcKgcpz9gISUz/weVwLqp1PA/oZAZh2Le5+a7lnP
AgJB9BqyeSt3VA+7pr5Dzqj4SkaAxBjynNnS+BCF+fIiZ+Ig6bMRFEv3UaZojaQq
Lxrn5hgpykEe7KE/MjEt6xm8X9llHtyhqKgTuHfOl0wE6sG30bWAuIl2J78RKgHx
KwG01vlF1fAipyovlJe+xfIIhsRGqx3P6gAGAoSDj+HANqVT/wO7XJ0EQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCTsXdmWtW7CAblHksjSU6Kg+duhMB8GA1UdIwQY
MBaAFFKNWBTHFWQg3sOj9+Um7w+DM+72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgt
NDMxYzM5YmI3YjM4LzEvSk94ZDJaYTFic0lCdVVlU3lOSlRvcUQ1MjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgtNDMxYzM5YmI3YjM4
LzEvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbUdMAwQB
w9ImMBYEAgACMBADBwAgAQZ4CQADBQMqDDNAMA0GCSqGSIb3DQEBCwUAA4IBAQCV
WRxjii+S6CfsMAeKeGv1yWGnSDTxz6Ap7YSQrVwbE8kEKIR0yHeERE8zfK/1UKzq
oXPIWWiRSkugqK2DmaOoA/bIF0qQs9n4DZH4XX9VXzJDsJtCWckffVNAczp5JE/Q
16kQvb4gnElrniS7h1oP7FcMvYsOH2XDUGWGtA/d98Bd5WVNPIMjq7RVZFU7bcj+
wOzCAJCwh5yGZcO8tvGXEZemsWZxg0UYdpZhFOglYXn8nzxtjRWiGGvo2IrjgKUy
L3c4bAMyU+q1x8/rnZO7NcAtW2B4nh9k862G+dLnkZnIoDkVXyLNg+PNohGWMWWu
C5oXmC+ba6V9HGTq2f+f
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:01:34 2025 by rpki-client