Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/JHItaHn_m_VnH_WQFpwGRG99Kj8.roa
File: JHItaHn_m_VnH_WQFpwGRG99Kj8.roa (raw, json)
Hash identifier: 8H/NJWqX+1d21PHF1c4QPu4j0PFQmBVAeTZjkUjAdB8=
Subject key identifier: 24:72:2D:68:79:FF:9B:F5:67:1F:F5:90:16:9C:06:44:6F:7D:2A:3F
Certificate issuer: /CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Certificate serial: 018B3D4668FD32FB8305832472395CBCAAEA
Authority key identifier: 61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/JHItaHn_m_VnH_WQFpwGRG99Kj8.roa
Signing time: Tue 17 Oct 2023 10:55:06 +0000
ROA not before: Tue 17 Oct 2023 10:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211186
IP address blocks: 91.218.22.0/24 maxlen: 24
185.14.96.0/24 maxlen: 24
195.95.189.0/24 maxlen: 24
2a0c:2580:1000::/36 maxlen: 36
2a0c:2580::/36 maxlen: 36
2a0c:2580:2000::/36 maxlen: 36
2a0c:2580::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:46:68:fd:32:fb:83:05:83:24:72:39:5c:bc:aa:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e565562d3e3f565e9c0a41946ea53d45d5d657
Validity
Not Before: Oct 17 10:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24722d6879ff9bf5671ff590169c06446f7d2a3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cc:73:f6:a1:4e:d5:e0:67:58:64:0d:44:d9:
aa:f4:51:7a:2d:3f:21:ed:dd:35:97:3b:4d:a2:6d:
d8:e9:78:d8:04:54:c3:80:6f:c3:94:ce:ef:90:f3:
0c:66:fc:0a:9d:60:35:3b:da:ec:6e:0c:74:ef:e3:
49:09:6c:93:65:75:42:53:f5:04:38:cb:d5:ec:aa:
9a:42:d3:59:c9:e4:2d:c2:7a:be:d9:27:fd:bb:6e:
95:7a:13:c4:8b:d3:69:a1:48:f3:37:a7:02:11:61:
d6:99:53:24:2f:48:58:c0:1a:e1:31:c7:da:a2:10:
65:a7:25:e2:8f:9e:00:b6:09:42:d0:71:81:81:4e:
b6:b6:24:cb:b8:4a:72:19:29:68:a1:28:a3:12:c5:
8c:bb:3d:c3:86:14:6e:12:05:30:86:42:33:8d:c4:
7a:e2:e4:d4:78:f4:43:72:d7:d5:d4:9c:09:73:6e:
25:d8:77:05:c9:e5:91:7a:40:a5:f8:0e:10:98:78:
ce:57:b2:5d:37:33:84:9e:5b:c0:29:15:b1:54:8d:
8f:c6:3f:b4:ff:f7:5d:dd:e6:ef:22:12:c3:07:cb:
a9:e0:0c:16:86:0b:45:ce:12:01:fe:8b:3d:43:7a:
5d:1e:9d:46:f0:36:42:1a:c0:7a:1b:15:5d:6c:b6:
df:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:72:2D:68:79:FF:9B:F5:67:1F:F5:90:16:9C:06:44:6F:7D:2A:3F
X509v3 Authority Key Identifier:
keyid:61:E5:65:56:2D:3E:3F:56:5E:9C:0A:41:94:6E:A5:3D:45:D5:D6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeVlVi0-P1ZenApBlG6lPUXV1lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/JHItaHn_m_VnH_WQFpwGRG99Kj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66214b-01df-4b01-ba76-f4cbd6ba6c0f/1/YeVlVi0-P1ZenApBlG6lPUXV1lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.22.0/24
185.14.96.0/24
195.95.189.0/24
IPv6:
2a0c:2580::/30
Signature Algorithm: sha256WithRSAEncryption
b0:ca:96:0f:96:77:50:68:3d:2f:50:5d:e5:b0:cc:f1:a3:72:
94:ce:c6:df:5b:3a:da:30:d2:55:86:bc:41:15:b4:8d:22:be:
bb:8e:22:21:ca:de:8c:ef:bc:20:06:b7:3b:8e:7c:31:f3:6c:
90:57:29:57:9c:98:b9:f7:e6:fc:ab:c7:b1:b2:a5:d6:cd:b4:
66:2b:e0:68:ec:05:88:18:de:b3:eb:b1:6b:c1:c8:27:b6:1e:
c5:d2:ae:2e:41:45:c9:cb:60:87:07:81:d4:9d:87:40:56:bf:
e2:e9:08:59:4d:a7:fb:bb:b2:07:c9:ba:80:95:47:e5:fb:f2:
42:27:0f:44:61:0a:e5:bb:65:9b:00:62:ff:7e:e1:7d:e8:38:
43:2f:44:58:71:f8:bc:51:c7:7e:7e:48:fc:03:27:8a:95:71:
61:b0:8e:5d:2c:da:91:76:d3:d0:2a:3e:a2:4a:8e:bd:d5:60:
ab:b6:4f:b1:88:51:20:f1:dd:b0:82:7c:f7:fd:04:ab:f7:45:
cc:67:e8:35:a0:4a:65:39:dd:31:2a:a0:f0:ec:09:f5:39:87:
a2:18:05:e6:5d:aa:35:a7:1c:dd:67:20:95:90:99:26:69:8f:
81:bb:b2:d1:09:3b:8a:da:f1:6e:d4:37:98:43:dd:27:cc:ee:
87:42:07:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYs9Rmj9MvuDBYMkcjlcvKrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxZTU2NTU2MmQzZTNmNTY1ZTljMGE0MTk0NmVhNTNkNDVk
NWQ2NTcwHhcNMjMxMDE3MTA1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDcyMmQ2ODc5ZmY5YmY1NjcxZmY1OTAxNjljMDY0NDZmN2QyYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMxz9qFO1eBnWGQNRNmq9FF6LT8h
7d01lztNom3Y6XjYBFTDgG/DlM7vkPMMZvwKnWA1O9rsbgx07+NJCWyTZXVCU/UE
OMvV7KqaQtNZyeQtwnq+2Sf9u26VehPEi9NpoUjzN6cCEWHWmVMkL0hYwBrhMcfa
ohBlpyXij54AtglC0HGBgU62tiTLuEpyGSlooSijEsWMuz3DhhRuEgUwhkIzjcR6
4uTUePRDctfV1JwJc24l2HcFyeWRekCl+A4QmHjOV7JdNzOEnlvAKRWxVI2Pxj+0
//dd3ebvIhLDB8up4AwWhgtFzhIB/os9Q3pdHp1G8DZCGsB6GxVdbLbfrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCRyLWh5/5v1Zx/1kBacBkRvfSo/MB8GA1UdIwQY
MBaAFGHlZVYtPj9WXpwKQZRupT1F1dZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYt
ZjRjYmQ2YmE2YzBmLzEvSkhJdGFIbl9tX1ZuSF9XUUZwd0dSRzk5S2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NjIxNGItMDFkZi00YjAxLWJhNzYtZjRjYmQ2YmE2YzBm
LzEvWWVWbFZpMC1QMVplbkFwQmxHNmxQVVhWMWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW9oWAwQA
uQ5gAwQAw1+9MA0EAgACMAcDBQIqDCWAMA0GCSqGSIb3DQEBCwUAA4IBAQCwypYP
lndQaD0vUF3lsMzxo3KUzsbfWzraMNJVhrxBFbSNIr67jiIhyt6M77wgBrc7jnwx
82yQVylXnJi59+b8q8exsqXWzbRmK+Bo7AWIGN6z67Frwcgnth7F0q4uQUXJy2CH
B4HUnYdAVr/i6QhZTaf7u7IHybqAlUfl+/JCJw9EYQrlu2WbAGL/fuF96DhDL0RY
cfi8Ucd+fkj8AyeKlXFhsI5dLNqRdtPQKj6iSo691WCrtk+xiFEg8d2wgnz3/QSr
90XMZ+g1oEplOd0xKqDw7An1OYeiGAXmXao1pxzdZyCVkJkmaY+Bu7LRCTuK2vFu
1DeYQ90nzO6HQgd3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:33 2025 by rpki-client