Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/JEj0TxDvSDhkitSRz3EFGn5V_pM.roa
File: JEj0TxDvSDhkitSRz3EFGn5V_pM.roa (raw, json)
Hash identifier: u/rvQlNX2dGTE9k+uj/clAhCOGfFuH1/GSwCfVHkkTk=
Subject key identifier: 24:48:F4:4F:10:EF:48:38:64:8A:D4:91:CF:71:05:1A:7E:55:FE:93
Certificate issuer: /CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Certificate serial: 01857230DF0FA1B9FF04018E42FFBD5A6C8D
Authority key identifier: 8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/JEj0TxDvSDhkitSRz3EFGn5V_pM.roa
Signing time: Mon 02 Jan 2023 11:14:43 +0000
ROA not before: Mon 02 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59639
IP address blocks: 91.199.199.0/24 maxlen: 24
2a11:1bc0::/29 maxlen: 29
2a11:1bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:df:0f:a1:b9:ff:04:01:8e:42:ff:bd:5a:6c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb2f81b8c47c2b588f451d4037c6837870b397f
Validity
Not Before: Jan 2 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2448f44f10ef4838648ad491cf71051a7e55fe93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3e:67:3f:83:ec:bd:ec:1e:13:53:4e:8f:81:
88:9f:64:de:e5:4c:cb:a3:2e:43:41:26:b3:7d:b8:
a8:95:d2:cb:4d:d9:b6:8f:df:c5:4e:3d:e7:df:bc:
51:78:7e:e8:dc:66:fe:9f:88:de:c3:8b:3b:10:2c:
fb:49:ab:3d:27:f1:c9:9a:b4:89:cf:02:5d:04:c3:
d1:b7:a2:cd:5d:a1:f1:aa:de:a5:0f:8f:12:bb:50:
49:7c:5e:8f:f9:02:28:67:65:af:72:cd:dd:0c:63:
34:03:c2:69:c5:a0:45:f9:9e:46:ca:3f:86:af:e8:
f9:7b:bb:11:ef:93:b7:70:df:42:20:74:fa:be:59:
69:fb:6b:c0:3a:fd:a7:3e:1c:3c:95:94:85:3e:03:
e3:6d:05:b4:51:9c:2d:b3:41:cc:62:2b:69:c2:1a:
39:97:5f:bf:26:71:a7:40:68:03:2d:bc:03:6e:b9:
d4:c4:bb:b2:fd:64:dd:63:54:64:ef:8e:35:10:6c:
9d:2f:95:1c:21:7e:7b:5c:50:a9:a3:86:25:c9:b8:
ab:f0:2a:6e:5e:65:00:0c:2d:de:e6:7f:7a:77:2c:
ba:d8:82:e5:7f:28:69:b8:5e:82:8d:be:e4:d3:19:
81:62:6f:44:a3:9a:51:99:3c:7a:06:a3:57:ac:48:
56:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:48:F4:4F:10:EF:48:38:64:8A:D4:91:CF:71:05:1A:7E:55:FE:93
X509v3 Authority Key Identifier:
keyid:8E:B2:F8:1B:8C:47:C2:B5:88:F4:51:D4:03:7C:68:37:87:0B:39:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrL4G4xHwrWI9FHUA3xoN4cLOX8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/JEj0TxDvSDhkitSRz3EFGn5V_pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/9e1f46-802b-49d1-91b8-483fc90708d5/1/jrL4G4xHwrWI9FHUA3xoN4cLOX8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.199.0/24
IPv6:
2a11:1bc0::/29
Signature Algorithm: sha256WithRSAEncryption
ba:43:0f:20:c2:fd:88:86:47:47:8f:af:46:59:a7:40:b0:c6:
df:a3:6a:de:f2:48:4a:42:cf:e8:a3:7e:6e:ec:6f:8c:65:54:
d4:16:6e:38:1f:53:e7:c9:fb:0a:a4:e4:46:fd:de:f5:36:4a:
2a:c2:d1:cc:80:2b:94:24:82:03:eb:07:2a:43:eb:f5:75:3e:
3a:4c:d0:30:07:8d:ca:bf:d3:e4:fd:a1:81:f1:36:cd:61:ad:
c8:34:b6:df:e3:85:ab:fc:22:f3:df:88:b0:92:78:be:33:f9:
e9:f3:0f:65:5a:8d:78:dc:69:86:06:09:c4:1f:2c:e4:7f:34:
e1:02:4c:7d:b8:04:47:1c:38:c6:54:f7:8c:b9:38:39:1d:bf:
44:33:13:dd:81:8d:d0:c6:73:f0:16:f3:42:a5:36:e8:75:44:
2d:49:af:96:09:ec:45:f5:c7:68:ee:43:0b:44:24:79:6c:c8:
72:a6:df:b3:ec:74:0f:58:7c:eb:9b:52:c2:bc:1a:14:f3:d8:
d9:cf:12:71:9f:a5:78:00:af:eb:9f:bc:ce:b4:0f:28:f3:7d:
c8:ad:c3:79:4e:c2:c4:5a:3f:41:7b:12:9e:e5:88:8e:c6:79:
ba:e0:cf:ad:56:08:2e:9c:17:8e:bd:83:be:d5:cb:01:7f:c3:
73:c3:84:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMN8Pobn/BAGOQv+9WmyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjJmODFiOGM0N2MyYjU4OGY0NTFkNDAzN2M2ODM3ODcw
YjM5N2YwHhcNMjMwMTAyMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQ4ZjQ0ZjEwZWY0ODM4NjQ4YWQ0OTFjZjcxMDUxYTdlNTVmZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT5nP4PsveweE1NOj4GIn2Te5UzL
oy5DQSazfbioldLLTdm2j9/FTj3n37xReH7o3Gb+n4jew4s7ECz7Sas9J/HJmrSJ
zwJdBMPRt6LNXaHxqt6lD48Su1BJfF6P+QIoZ2Wvcs3dDGM0A8JpxaBF+Z5Gyj+G
r+j5e7sR75O3cN9CIHT6vllp+2vAOv2nPhw8lZSFPgPjbQW0UZwts0HMYitpwho5
l1+/JnGnQGgDLbwDbrnUxLuy/WTdY1Rk7441EGydL5UcIX57XFCpo4Ylybir8Cpu
XmUADC3e5n96dyy62ILlfyhpuF6Cjb7k0xmBYm9Eo5pRmTx6BqNXrEhWewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCRI9E8Q70g4ZIrUkc9xBRp+Vf6TMB8GA1UdIwQY
MBaAFI6y+BuMR8K1iPRR1AN8aDeHCzl/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgt
NDgzZmM5MDcwOGQ1LzEvSkVqMFR4RHZTRGhraXRTUnozRUZHbjVWX3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS85ZTFmNDYtODAyYi00OWQxLTkxYjgtNDgzZmM5MDcwOGQ1
LzEvanJMNEc0eEh3cldJOUZIVUEzeG9ONGNMT1g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8fHMA0E
AgACMAcDBQMqERvAMA0GCSqGSIb3DQEBCwUAA4IBAQC6Qw8gwv2IhkdHj69GWadA
sMbfo2re8khKQs/oo35u7G+MZVTUFm44H1PnyfsKpORG/d71NkoqwtHMgCuUJIID
6wcqQ+v1dT46TNAwB43Kv9Pk/aGB8TbNYa3INLbf44Wr/CLz34iwkni+M/np8w9l
Wo143GmGBgnEHyzkfzThAkx9uARHHDjGVPeMuTg5Hb9EMxPdgY3QxnPwFvNCpTbo
dUQtSa+WCexF9cdo7kMLRCR5bMhypt+z7HQPWHzrm1LCvBoU89jZzxJxn6V4AK/r
n7zOtA8o833IrcN5TsLEWj9BexKe5YiOxnm64M+tVggunBeOvYO+1csBf8Nzw4ST
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:53 2025 by rpki-client