Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a5b999-f1c7-4b0e-a3de-5383aa626726/1/JHPpKd_fKS_124YNrFTm-E7W0E4.roa
File: JHPpKd_fKS_124YNrFTm-E7W0E4.roa (raw, json)
Hash identifier: bZgDCUuR8FP8V1oJhRCMJksi+cFiX/Tq5qAuh0aU08c=
Subject key identifier: 24:73:E9:29:DF:DF:29:2F:F5:DB:86:0D:AC:54:E6:F8:4E:D6:D0:4E
Certificate issuer: /CN=c3e0e9f57c3b083cb68a98630f8a661584468e3d
Certificate serial: 018A1840F77EDB97ECBB381BC834B4981C14
Authority key identifier: C3:E0:E9:F5:7C:3B:08:3C:B6:8A:98:63:0F:8A:66:15:84:46:8E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w-Dp9Xw7CDy2iphjD4pmFYRGjj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a5b999-f1c7-4b0e-a3de-5383aa626726/1/JHPpKd_fKS_124YNrFTm-E7W0E4.roa
Signing time: Mon 21 Aug 2023 13:20:25 +0000
ROA not before: Mon 21 Aug 2023 13:20:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8851
IP address blocks: 91.235.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:40:f7:7e:db:97:ec:bb:38:1b:c8:34:b4:98:1c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3e0e9f57c3b083cb68a98630f8a661584468e3d
Validity
Not Before: Aug 21 13:20:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2473e929dfdf292ff5db860dac54e6f84ed6d04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e7:86:61:e2:01:a0:02:9d:fe:ff:1e:72:85:
aa:63:a7:3e:a7:4b:43:08:a1:9e:4e:e2:10:d7:3a:
cd:8c:ea:c1:eb:9a:db:89:b7:29:f7:aa:cb:91:64:
44:ab:08:17:8f:58:33:0d:ea:c3:bc:d4:28:da:aa:
56:25:8b:63:95:8d:ef:a2:3f:1a:57:c8:dc:02:82:
ed:fa:de:52:42:87:28:8a:3a:18:b4:13:1c:0c:ce:
31:d7:64:78:bd:d7:63:d9:d5:0f:eb:5e:2e:98:f0:
3c:99:ae:f8:27:43:12:30:17:80:50:a1:a7:dc:39:
75:32:c5:9e:3f:92:4b:0a:35:82:8d:61:d4:a2:71:
45:1f:0f:b5:fc:07:4b:67:45:27:63:cd:40:5d:39:
ee:65:42:78:be:14:2c:fc:46:aa:5d:12:f5:3b:c1:
91:36:12:11:12:ed:5e:0e:c5:b1:08:f2:a3:e8:e2:
7c:75:21:b8:c2:0b:08:cf:7e:40:4b:82:fa:0e:c0:
ec:26:ce:7b:0d:04:c3:7f:ce:6d:b3:03:12:89:5c:
29:6e:2d:2b:59:37:15:08:3d:a9:57:a0:7b:ae:0a:
94:f5:b5:7b:55:d8:f4:84:5d:8f:de:9a:6c:5f:d2:
42:1c:d3:f7:30:db:c7:af:55:49:f5:4f:7a:5f:8d:
5c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:73:E9:29:DF:DF:29:2F:F5:DB:86:0D:AC:54:E6:F8:4E:D6:D0:4E
X509v3 Authority Key Identifier:
keyid:C3:E0:E9:F5:7C:3B:08:3C:B6:8A:98:63:0F:8A:66:15:84:46:8E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w-Dp9Xw7CDy2iphjD4pmFYRGjj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a5b999-f1c7-4b0e-a3de-5383aa626726/1/JHPpKd_fKS_124YNrFTm-E7W0E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a5b999-f1c7-4b0e-a3de-5383aa626726/1/w-Dp9Xw7CDy2iphjD4pmFYRGjj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.214.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:43:15:f5:19:63:de:8f:62:fc:20:e0:46:52:6f:73:93:4f:
f1:ee:39:a7:ed:87:25:91:e5:71:a4:2f:48:fa:4a:89:fd:85:
e1:80:ee:d0:a1:69:70:87:d0:75:87:b5:9c:2e:5d:7f:54:e9:
e4:e0:7f:cf:13:8b:78:d4:ae:52:db:29:41:da:c4:4e:3b:0d:
ac:98:85:62:15:a1:92:ee:93:99:66:fa:c2:0f:b4:0d:3b:b4:
95:50:86:5a:d0:61:dc:b2:ed:28:0e:90:27:dc:de:81:52:7b:
e6:a2:a1:86:b3:89:9b:d9:5c:df:74:dc:6d:95:f3:54:07:93:
54:8c:cc:36:06:2f:41:00:e4:3f:e6:ba:a5:61:cb:f9:71:03:
e9:d1:40:51:9e:8e:0d:9d:89:e6:16:30:8d:62:55:0d:88:cf:
5e:74:ac:f7:4d:d1:87:68:10:ce:73:8d:14:88:60:b1:f6:66:
b6:1e:59:04:b0:26:a7:cb:e2:a5:f3:ca:10:2c:1a:5d:d1:03:
d5:1b:c0:89:2b:0f:d2:93:18:c2:c2:49:32:b5:d5:5f:1d:75:
92:34:bb:64:ac:ea:5d:7d:9d:3f:3f:fa:9d:4c:a2:b1:6e:06:
9d:58:58:85:23:63:60:c6:ec:ef:4d:4b:d0:1f:f0:05:82:57:
90:e7:96:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoYQPd+25fsuzgbyDS0mBwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZTBlOWY1N2MzYjA4M2NiNjhhOTg2MzBmOGE2NjE1ODQ0
NjhlM2QwHhcNMjMwODIxMTMyMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDczZTkyOWRmZGYyOTJmZjVkYjg2MGRhYzU0ZTZmODRlZDZkMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjueGYeIBoAKd/v8ecoWqY6c+p0tD
CKGeTuIQ1zrNjOrB65rbibcp96rLkWREqwgXj1gzDerDvNQo2qpWJYtjlY3voj8a
V8jcAoLt+t5SQocoijoYtBMcDM4x12R4vddj2dUP614umPA8ma74J0MSMBeAUKGn
3Dl1MsWeP5JLCjWCjWHUonFFHw+1/AdLZ0UnY81AXTnuZUJ4vhQs/EaqXRL1O8GR
NhIREu1eDsWxCPKj6OJ8dSG4wgsIz35AS4L6DsDsJs57DQTDf85tswMSiVwpbi0r
WTcVCD2pV6B7rgqU9bV7Vdj0hF2P3ppsX9JCHNP3MNvHr1VJ9U96X41cOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRz6Snf3ykv9duGDaxU5vhO1tBOMB8GA1UdIwQY
MBaAFMPg6fV8Owg8toqYYw+KZhWERo49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdy1EcDlYdzdDRHkyaXBoakQ0cG1GWVJHamowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hNWI5OTktZjFjNy00YjBlLWEzZGUt
NTM4M2FhNjI2NzI2LzEvSkhQcEtkX2ZLU18xMjRZTnJGVG0tRTdXMEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hNWI5OTktZjFjNy00YjBlLWEzZGUtNTM4M2FhNjI2NzI2
LzEvdy1EcDlYdzdDRHkyaXBoakQ0cG1GWVJHamowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+vWMA0G
CSqGSIb3DQEBCwUAA4IBAQCaQxX1GWPej2L8IOBGUm9zk0/x7jmn7YclkeVxpC9I
+kqJ/YXhgO7QoWlwh9B1h7WcLl1/VOnk4H/PE4t41K5S2ylB2sROOw2smIViFaGS
7pOZZvrCD7QNO7SVUIZa0GHcsu0oDpAn3N6BUnvmoqGGs4mb2VzfdNxtlfNUB5NU
jMw2Bi9BAOQ/5rqlYcv5cQPp0UBRno4NnYnmFjCNYlUNiM9edKz3TdGHaBDOc40U
iGCx9ma2HlkEsCany+Kl88oQLBpd0QPVG8CJKw/SkxjCwkkytdVfHXWSNLtkrOpd
fZ0/P/qdTKKxbgadWFiFI2NgxuzvTUvQH/AFgleQ55Y3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:49 2025 by rpki-client