Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa
File: JLAkxdbdkMpELresS3XXjpeWUwY.roa (raw, json)
Hash identifier: D++vYWPP5k8D5UWQPyIZolLJtKr0cV5CYfEveI2BhcA=
Subject key identifier: 24:B0:24:C5:D6:DD:90:CA:44:2E:B7:AC:4B:75:D7:8E:97:96:53:06
Certificate issuer: /CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Certificate serial: 091FDB82
Authority key identifier: A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa
Signing time: Sat 01 Jan 2022 09:56:41 +0000
ROA not before: Sat 01 Jan 2022 09:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207063
IP address blocks: 193.177.129.0/24 maxlen: 24
193.177.128.0/24 maxlen: 24
193.177.128.0/22 maxlen: 24
2a0c:dec0:3008::/48 maxlen: 48
2a0c:dec0:f100::/48 maxlen: 48
2a0c:dec0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153082754 (0x91fdb82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30f6fb6f5c80ca4a603827c96b3bdf60ad563aa
Validity
Not Before: Jan 1 09:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b024c5d6dd90ca442eb7ac4b75d78e97965306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:1a:ce:3a:d3:f7:04:37:0c:40:85:bf:af:04:
4a:bf:94:a9:27:06:ea:54:84:09:3b:d9:e1:d7:c8:
11:b2:a1:43:94:f3:32:fc:fb:d9:ff:22:a8:a1:b3:
f8:f3:25:50:d5:61:ec:b0:54:e8:c4:d5:94:5a:1b:
57:2e:fc:61:92:35:b2:61:a8:3d:46:f8:5e:12:2f:
59:9f:2b:5b:64:70:c2:5f:29:3e:29:5a:4e:89:89:
7c:b8:d8:68:41:03:fd:e5:c8:fe:9f:ae:ec:25:91:
1c:e6:f8:82:1e:73:33:df:af:5d:b2:45:98:b9:d9:
8c:e0:96:fe:aa:21:fa:08:78:b4:cb:f8:1e:46:71:
70:b0:f8:b7:58:44:32:76:af:7f:cc:be:6c:20:fe:
20:ec:93:1e:3e:e0:60:6c:1d:a9:fd:f9:a5:b3:49:
24:e5:1e:f7:b4:2d:85:fa:14:6f:bb:44:a7:fe:50:
cf:d2:a7:be:09:8f:ce:03:5c:71:3d:bc:b7:4c:de:
c4:20:d5:f6:8c:e0:1e:d2:fd:7b:3c:1f:38:a9:16:
59:05:26:fb:1c:23:e3:ac:76:60:c6:b3:93:15:37:
f0:2b:cc:c1:3d:bb:48:0d:80:6a:a3:cd:54:f0:63:
74:77:99:d8:5d:17:be:c1:d9:17:84:05:8c:3e:75:
ed:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B0:24:C5:D6:DD:90:CA:44:2E:B7:AC:4B:75:D7:8E:97:96:53:06
X509v3 Authority Key Identifier:
keyid:A3:0F:6F:B6:F5:C8:0C:A4:A6:03:82:7C:96:B3:BD:F6:0A:D5:63:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow9vtvXIDKSmA4J8lrO99grVY6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/JLAkxdbdkMpELresS3XXjpeWUwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/d7e668-f07e-438b-9fa8-80ab779eed10/1/ow9vtvXIDKSmA4J8lrO99grVY6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.128.0/22
IPv6:
2a0c:dec0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:36:db:27:48:4a:af:0d:87:fe:d5:91:78:eb:5f:a9:31:15:
11:70:aa:24:e3:da:71:42:ed:20:ba:75:08:6c:3b:e4:7f:73:
ed:fa:5b:ff:c3:c9:33:ce:59:ad:06:05:07:97:df:a8:0a:cc:
e2:dd:5a:61:ac:30:80:be:bd:f6:9f:96:5a:5b:26:00:ce:44:
6c:c0:30:28:bd:fe:a5:60:f2:5e:d0:0a:05:fd:45:bc:e9:0a:
e7:40:5c:27:99:39:cf:b5:81:5e:40:d9:ba:30:6c:f4:e2:e2:
b3:76:6b:98:71:cd:ee:fe:f0:ca:bc:9d:a9:bc:34:a8:42:a1:
98:45:14:86:7a:c9:4d:5f:88:f6:3d:58:c7:f7:fb:7c:35:47:
b5:f9:24:95:e8:8c:49:6d:b3:a6:d7:1c:33:da:95:c9:73:34:
d2:62:8b:f9:37:f6:a4:a4:2b:bf:20:c9:f5:cc:6e:e1:10:dc:
f3:83:69:43:3a:ad:87:59:2f:24:cb:42:c9:03:33:6e:6a:20:
a7:23:e9:ae:10:6e:b3:a5:1f:ee:a8:c2:63:9d:8b:94:c7:e7:
f5:80:a5:62:99:10:59:47:ba:d4:04:f3:ed:0f:51:f3:ba:4a:
95:13:a2:79:ea:b0:8d:3a:61:9b:5f:65:c4:0e:86:ec:52:a2:
9f:1c:d2:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECR/bgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzBmNmZiNmY1YzgwY2E0YTYwMzgyN2M5NmIzYmRmNjBhZDU2M2FhMB4XDTIyMDEw
MTA5NTY0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRiMDI0YzVkNmRk
OTBjYTQ0MmViN2FjNGI3NWQ3OGU5Nzk2NTMwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPkazjrT9wQ3DECFv68ESr+UqScG6lSECTvZ4dfIEbKhQ5Tz
Mvz72f8iqKGz+PMlUNVh7LBU6MTVlFobVy78YZI1smGoPUb4XhIvWZ8rW2Rwwl8p
PilaTomJfLjYaEED/eXI/p+u7CWRHOb4gh5zM9+vXbJFmLnZjOCW/qoh+gh4tMv4
HkZxcLD4t1hEMnavf8y+bCD+IOyTHj7gYGwdqf35pbNJJOUe97QthfoUb7tEp/5Q
z9KnvgmPzgNccT28t0zexCDV9ozgHtL9ezwfOKkWWQUm+xwj46x2YMazkxU38CvM
wT27SA2AaqPNVPBjdHeZ2F0XvsHZF4QFjD517Y8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQksCTF1t2QykQut6xLddeOl5ZTBjAfBgNVHSMEGDAWgBSjD2+29cgMpKYD
gnyWs732CtVjqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L293OXZ0dlhJREtTbUE0Sjhsck85OWdyVlk2by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvZDdlNjY4LWYwN2UtNDM4Yi05ZmE4LTgwYWI3NzllZWQxMC8x
L0pMQWt4ZGJka01wRUxyZXNTM1hYanBlV1V3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
ZDdlNjY4LWYwN2UtNDM4Yi05ZmE4LTgwYWI3NzllZWQxMC8xL293OXZ0dlhJREtT
bUE0Sjhsck85OWdyVlk2by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAsGxgDANBAIAAjAHAwUDKgzewDAN
BgkqhkiG9w0BAQsFAAOCAQEATDbbJ0hKrw2H/tWReOtfqTEVEXCqJOPacULtILp1
CGw75H9z7fpb/8PJM85ZrQYFB5ffqArM4t1aYawwgL699p+WWlsmAM5EbMAwKL3+
pWDyXtAKBf1FvOkK50BcJ5k5z7WBXkDZujBs9OLis3ZrmHHN7v7wyrydqbw0qEKh
mEUUhnrJTV+I9j1Yx/f7fDVHtfkkleiMSW2zptccM9qVyXM00mKL+Tf2pKQrvyDJ
9cxu4RDc84NpQzqth1kvJMtCyQMzbmogpyPprhBus6Uf7qjCY52LlMfn9YClYpkQ
WUe61ATz7Q9R87pKlROieeqwjTphm19lxA6G7FKinxzSHQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:20 2025 by rpki-client