Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/JxSsTreYgbStrzt33PWjU7uQfEo.roa
File: JxSsTreYgbStrzt33PWjU7uQfEo.roa (raw, json)
Hash identifier: +kU2RQeUWLcnNVkBJWopwDLm3SYpzqqj59DCgGOxB5s=
Subject key identifier: 27:14:AC:4E:B7:98:81:B4:AD:AF:3B:77:DC:F5:A3:53:BB:90:7C:4A
Certificate issuer: /CN=4c71b147eb8737abcc335f8020951b25ff2656a6
Certificate serial: 018499100986AD60C3A1737C7D0FEA855351
Authority key identifier: 4C:71:B1:47:EB:87:37:AB:CC:33:5F:80:20:95:1B:25:FF:26:56:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THGxR-uHN6vMM1-AIJUbJf8mVqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/JxSsTreYgbStrzt33PWjU7uQfEo.roa
Signing time: Mon 21 Nov 2022 07:21:15 +0000
ROA not before: Mon 21 Nov 2022 07:21:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43766
IP address blocks: 82.197.52.0/27 maxlen: 27
82.197.52.32/27 maxlen: 27
82.197.52.128/27 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:10:09:86:ad:60:c3:a1:73:7c:7d:0f:ea:85:53:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c71b147eb8737abcc335f8020951b25ff2656a6
Validity
Not Before: Nov 21 07:21:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2714ac4eb79881b4adaf3b77dcf5a353bb907c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:39:2e:c2:a2:38:79:d1:a5:45:fd:d0:2c:b0:
36:c2:a1:0f:b3:6f:78:4f:1b:4f:ae:b3:63:c8:ce:
36:58:e0:85:ac:85:38:8d:06:c8:9b:b3:8a:e4:ba:
ff:23:57:28:16:8a:2c:e1:59:b2:2c:a8:bc:d4:cc:
95:84:78:95:d9:89:a6:d4:83:34:69:e0:53:28:5d:
f4:36:53:7f:2d:6c:ff:00:9b:95:6d:58:96:78:2f:
f6:fe:f5:f8:66:01:98:82:d5:47:e6:21:b9:0a:c5:
57:13:f9:15:03:19:d1:dd:9f:11:f5:0d:43:e5:2d:
5f:ca:9d:a5:ba:fb:dd:4a:eb:50:25:5c:bd:d4:90:
8b:5a:7f:3c:08:31:94:ef:3e:40:24:d8:ac:70:74:
45:cd:3e:67:0a:39:f8:8b:bf:9b:d9:c6:8a:a8:28:
c4:c5:7b:64:84:28:d3:4d:e3:c9:f7:cf:77:ec:01:
91:2a:52:8a:be:39:1d:a7:ae:9d:fd:55:96:c4:78:
0a:22:d0:f6:ea:a5:0b:95:08:75:07:2a:89:49:07:
f7:8e:f8:18:d2:ca:da:d9:87:4e:80:8e:0f:46:3a:
ce:68:8d:c8:be:b1:39:d2:d2:5d:8d:e4:de:ec:52:
97:d6:26:e5:43:fb:20:cf:d5:bb:65:e3:4b:69:1e:
47:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:14:AC:4E:B7:98:81:B4:AD:AF:3B:77:DC:F5:A3:53:BB:90:7C:4A
X509v3 Authority Key Identifier:
keyid:4C:71:B1:47:EB:87:37:AB:CC:33:5F:80:20:95:1B:25:FF:26:56:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THGxR-uHN6vMM1-AIJUbJf8mVqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/JxSsTreYgbStrzt33PWjU7uQfEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/f92871-0d3a-4d87-afdc-071b991af01f/1/THGxR-uHN6vMM1-AIJUbJf8mVqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.52.0/26
82.197.52.128/27
Signature Algorithm: sha256WithRSAEncryption
2c:5d:1a:d3:c2:8d:36:43:2d:b4:17:98:a8:21:e5:58:dc:86:
3b:e0:6e:f3:ab:aa:25:ca:a8:b1:ac:d7:e9:b1:28:74:fc:bc:
c5:9a:8b:ad:e9:59:34:d2:b5:fc:9f:44:b5:6a:4e:6d:eb:e0:
8f:42:e9:73:97:c0:46:5c:de:2f:0a:d3:83:30:c6:b4:c0:fe:
a8:cf:d0:b6:1f:e7:c1:9b:b1:88:a2:97:6e:4a:0c:a7:99:e0:
03:8a:14:03:ee:2f:89:bc:01:4f:c4:fc:9e:4b:79:47:b2:85:
1e:ca:45:66:70:da:d7:06:ab:f2:be:c9:94:42:d8:aa:3a:7f:
41:c7:42:67:e7:ec:c3:e2:1a:ce:d3:0e:5b:a1:bb:ea:09:f3:
4b:8a:92:e8:bc:fd:ee:ba:15:2c:69:f8:b5:57:70:b8:02:ca:
f4:fd:1f:91:1c:7b:f2:a4:d3:80:b0:0c:3f:dc:5f:52:96:c5:
2a:e8:be:e7:66:8f:22:09:78:af:62:45:ee:c5:90:be:91:11:
72:3c:ca:95:19:43:47:a8:0c:5b:e7:29:7b:99:81:17:42:44:
67:17:5b:59:bb:62:f6:8d:0e:05:71:80:e4:9a:28:36:0f:1f:
1f:cb:32:d9:9e:8e:da:44:f4:39:18:0e:79:6d:e5:ef:c2:41:
67:70:9b:f1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYSZEAmGrWDDoXN8fQ/qhVNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNzFiMTQ3ZWI4NzM3YWJjYzMzNWY4MDIwOTUxYjI1ZmYy
NjU2YTYwHhcNMjIxMTIxMDcyMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzE0YWM0ZWI3OTg4MWI0YWRhZjNiNzdkY2Y1YTM1M2JiOTA3YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9TkuwqI4edGlRf3QLLA2wqEPs294
TxtPrrNjyM42WOCFrIU4jQbIm7OK5Lr/I1coFoos4VmyLKi81MyVhHiV2Ymm1IM0
aeBTKF30NlN/LWz/AJuVbViWeC/2/vX4ZgGYgtVH5iG5CsVXE/kVAxnR3Z8R9Q1D
5S1fyp2luvvdSutQJVy91JCLWn88CDGU7z5AJNiscHRFzT5nCjn4i7+b2caKqCjE
xXtkhCjTTePJ98937AGRKlKKvjkdp66d/VWWxHgKItD26qULlQh1ByqJSQf3jvgY
0sra2YdOgI4PRjrOaI3IvrE50tJdjeTe7FKX1iblQ/sgz9W7ZeNLaR5HKwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCcUrE63mIG0ra87d9z1o1O7kHxKMB8GA1UdIwQY
MBaAFExxsUfrhzerzDNfgCCVGyX/JlamMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEhHeFItdUhONnZNTTEtQUlKVWJKZjhtVnFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mOTI4NzEtMGQzYS00ZDg3LWFmZGMt
MDcxYjk5MWFmMDFmLzEvSnhTc1RyZVlnYlN0cnp0MzNQV2pVN3VRZkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mOTI4NzEtMGQzYS00ZDg3LWFmZGMtMDcxYjk5MWFmMDFm
LzEvVEhHeFItdUhONnZNTTEtQUlKVWJKZjhtVnFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUGUsU0AAMF
BVLFNIAwDQYJKoZIhvcNAQELBQADggEBACxdGtPCjTZDLbQXmKgh5VjchjvgbvOr
qiXKqLGs1+mxKHT8vMWai63pWTTStfyfRLVqTm3r4I9C6XOXwEZc3i8K04MwxrTA
/qjP0LYf58GbsYiil25KDKeZ4AOKFAPuL4m8AU/E/J5LeUeyhR7KRWZw2tcGq/K+
yZRC2Ko6f0HHQmfn7MPiGs7TDluhu+oJ80uKkui8/e66FSxp+LVXcLgCyvT9H5Ec
e/Kk04CwDD/cX1KWxSrovudmjyIJeK9iRe7FkL6REXI8ypUZQ0eoDFvnKXuZgRdC
RGcXW1m7YvaNDgVxgOSaKDYPHx/LMtmejtpE9DkYDnlt5e/CQWdwm/E=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:18 2025 by rpki-client