Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/27fb48-d066-42d9-9432-a05bd228337c/1/JaiTqVbaGNfmzuFu5ruJLPL07fk.roa
File: JaiTqVbaGNfmzuFu5ruJLPL07fk.roa (raw, json)
Hash identifier: HU+0Qi8L/L64LzXNKLqti5GXAbuHyNl3p0/rcThVKgA=
Subject key identifier: 25:A8:93:A9:56:DA:18:D7:E6:CE:E1:6E:E6:BB:89:2C:F2:F4:ED:F9
Certificate issuer: /CN=99fe67f4bf4dd26ae315b31a7b472ce4d5c1ae6a
Certificate serial: 018572D5CC3D1788B81F5852EBFD34CFEFCC
Authority key identifier: 99:FE:67:F4:BF:4D:D2:6A:E3:15:B3:1A:7B:47:2C:E4:D5:C1:AE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mf5n9L9N0mrjFbMae0cs5NXBrmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/27fb48-d066-42d9-9432-a05bd228337c/1/JaiTqVbaGNfmzuFu5ruJLPL07fk.roa
Signing time: Mon 02 Jan 2023 14:14:52 +0000
ROA not before: Mon 02 Jan 2023 14:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42009
IP address blocks: 176.98.44.0/22 maxlen: 24
91.103.176.0/21 maxlen: 24
2a01:308::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:cc:3d:17:88:b8:1f:58:52:eb:fd:34:cf:ef:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99fe67f4bf4dd26ae315b31a7b472ce4d5c1ae6a
Validity
Not Before: Jan 2 14:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25a893a956da18d7e6cee16ee6bb892cf2f4edf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9b:ce:1d:6c:14:9e:cb:9c:98:b0:e5:c5:18:
92:06:fe:40:59:b7:f1:38:d6:1e:99:8f:cf:15:c4:
75:ab:db:92:2d:5e:a1:7e:d2:59:46:24:64:26:4a:
8f:3e:f3:e4:54:85:22:9c:80:01:ec:49:e8:74:d3:
1b:df:82:e7:81:ae:79:48:3c:11:8f:7d:f2:84:60:
59:f2:c2:23:1e:b3:ec:6f:c4:bf:6a:ad:45:73:5f:
4e:34:0b:92:11:d4:88:da:0c:c0:1f:d5:09:4d:c9:
cc:97:7a:41:17:7e:ae:02:00:07:25:9b:f5:f6:a7:
b8:fd:d4:cc:7b:a1:e2:14:b1:b5:59:f2:e8:96:b7:
f5:fc:52:13:77:30:fd:6b:b5:d9:f3:22:1f:20:d4:
bb:4e:3e:71:ce:0e:81:48:4c:02:e2:28:3b:98:79:
d5:4e:d9:3d:84:67:65:fe:8d:39:d7:e8:45:a4:d2:
ea:d5:c1:1b:c8:bc:da:cf:cd:bd:63:9d:e4:53:38:
a9:bb:ab:cf:18:44:da:ea:45:04:bc:55:48:af:25:
86:49:cb:a8:0a:93:60:71:67:0f:4a:5c:26:8c:39:
66:7b:09:86:17:b0:78:ef:1f:f2:9a:80:fa:11:bc:
05:83:de:3a:93:10:d5:ab:04:e8:29:a9:c5:c2:48:
e5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A8:93:A9:56:DA:18:D7:E6:CE:E1:6E:E6:BB:89:2C:F2:F4:ED:F9
X509v3 Authority Key Identifier:
keyid:99:FE:67:F4:BF:4D:D2:6A:E3:15:B3:1A:7B:47:2C:E4:D5:C1:AE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mf5n9L9N0mrjFbMae0cs5NXBrmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/27fb48-d066-42d9-9432-a05bd228337c/1/JaiTqVbaGNfmzuFu5ruJLPL07fk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/27fb48-d066-42d9-9432-a05bd228337c/1/mf5n9L9N0mrjFbMae0cs5NXBrmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.176.0/21
176.98.44.0/22
IPv6:
2a01:308::/32
Signature Algorithm: sha256WithRSAEncryption
69:7e:fd:cd:30:1b:44:48:6f:c8:9a:48:99:a4:0b:b3:72:e4:
01:52:ff:c4:74:79:8f:f7:29:38:a5:b8:9b:54:31:65:68:c4:
e5:98:3a:87:c1:cf:ff:a8:5d:79:e1:73:44:28:eb:6c:82:64:
c4:d6:59:60:72:10:1f:68:89:56:9f:84:cd:4c:cf:9c:9d:00:
c1:8c:60:7a:a7:6c:e8:c4:86:f2:04:4e:11:72:df:b0:90:5b:
b3:4c:0b:70:63:06:b5:19:d6:77:ac:63:c8:2d:d3:38:73:b9:
d6:b2:70:56:aa:be:99:31:ef:8a:fc:3a:94:95:db:b1:d3:cf:
1f:84:4a:85:91:6a:1c:68:86:eb:29:fe:f7:ea:f7:ea:4f:54:
ec:7b:03:9e:3c:53:81:3a:d5:ff:7e:7d:33:01:b6:6f:7d:cb:
4f:55:16:82:e4:4f:db:19:29:0e:cb:b6:b5:a9:11:20:96:9b:
98:c1:53:00:ab:07:24:31:19:94:44:04:6f:80:ef:82:fc:39:
c2:4d:67:ab:40:12:46:5b:fb:3b:a7:24:ca:7f:81:b1:73:43:
a9:2e:ff:67:d5:fb:cd:4a:67:7e:f9:39:b1:76:8a:f2:35:62:
3b:86:dc:87:ed:59:2a:5c:77:65:2b:fa:22:e9:ca:e8:a3:70:
5b:3c:49:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy1cw9F4i4H1hS6/00z+/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZmU2N2Y0YmY0ZGQyNmFlMzE1YjMxYTdiNDcyY2U0ZDVj
MWFlNmEwHhcNMjMwMTAyMTQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWE4OTNhOTU2ZGExOGQ3ZTZjZWUxNmVlNmJiODkyY2YyZjRlZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpvOHWwUnsucmLDlxRiSBv5AWbfx
ONYemY/PFcR1q9uSLV6hftJZRiRkJkqPPvPkVIUinIAB7EnodNMb34Lnga55SDwR
j33yhGBZ8sIjHrPsb8S/aq1Fc19ONAuSEdSI2gzAH9UJTcnMl3pBF36uAgAHJZv1
9qe4/dTMe6HiFLG1WfLolrf1/FITdzD9a7XZ8yIfINS7Tj5xzg6BSEwC4ig7mHnV
Ttk9hGdl/o051+hFpNLq1cEbyLzaz829Y53kUzipu6vPGETa6kUEvFVIryWGScuo
CpNgcWcPSlwmjDlmewmGF7B47x/ymoD6EbwFg946kxDVqwToKanFwkjl4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCWok6lW2hjX5s7hbua7iSzy9O35MB8GA1UdIwQY
MBaAFJn+Z/S/TdJq4xWzGntHLOTVwa5qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWY1bjlMOU4wbXJqRmJNYWUwY3M1TlhCcm1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8yN2ZiNDgtZDA2Ni00MmQ5LTk0MzIt
YTA1YmQyMjgzMzdjLzEvSmFpVHFWYmFHTmZtenVGdTVydUpMUEwwN2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8yN2ZiNDgtZDA2Ni00MmQ5LTk0MzItYTA1YmQyMjgzMzdj
LzEvbWY1bjlMOU4wbXJqRmJNYWUwY3M1TlhCcm1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW2ewAwQC
sGIsMA0EAgACMAcDBQAqAQMIMA0GCSqGSIb3DQEBCwUAA4IBAQBpfv3NMBtESG/I
mkiZpAuzcuQBUv/EdHmP9yk4pbibVDFlaMTlmDqHwc//qF154XNEKOtsgmTE1llg
chAfaIlWn4TNTM+cnQDBjGB6p2zoxIbyBE4Rct+wkFuzTAtwYwa1GdZ3rGPILdM4
c7nWsnBWqr6ZMe+K/DqUldux088fhEqFkWocaIbrKf736vfqT1TsewOePFOBOtX/
fn0zAbZvfctPVRaC5E/bGSkOy7a1qREglpuYwVMAqwckMRmURARvgO+C/DnCTWer
QBJGW/s7pyTKf4Gxc0OpLv9n1fvNSmd++TmxdoryNWI7htyH7VkqXHdlK/oi6cro
o3BbPEmY
-----END CERTIFICATE-----
Generated at Sat Apr 19 11:12:38 2025 by rpki-client