Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/rj5YxrgLh9cm3dkwiKcf75P9GLY.roa
File: rj5YxrgLh9cm3dkwiKcf75P9GLY.roa (raw, json)
Hash identifier: 0jWmMsldYTFTllT8IWXm/efS/EBYU/VSkeLkwNR1rXA=
Subject key identifier: AE:3E:58:C6:B8:0B:87:D7:26:DD:D9:30:88:A7:1F:EF:93:FD:18:B6
Certificate issuer: /CN=24b086f4824266384e078cf777375f21bd370b70
Certificate serial: 01856BD3753F837823278EBF7D43937E0F22
Authority key identifier: 24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/rj5YxrgLh9cm3dkwiKcf75P9GLY.roa
Signing time: Sun 01 Jan 2023 05:34:58 +0000
ROA not before: Sun 01 Jan 2023 05:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62382
IP address blocks: 193.143.96.0/24 maxlen: 24
185.37.191.0/24 maxlen: 24
185.37.188.0/22 maxlen: 22
185.37.189.0/24 maxlen: 24
185.37.188.0/24 maxlen: 24
80.72.219.0/24 maxlen: 24
80.72.218.0/24 maxlen: 24
80.72.217.0/24 maxlen: 24
80.72.216.0/21 maxlen: 21
80.72.216.0/24 maxlen: 24
80.72.221.0/24 maxlen: 24
80.72.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:75:3f:83:78:23:27:8e:bf:7d:43:93:7e:0f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b086f4824266384e078cf777375f21bd370b70
Validity
Not Before: Jan 1 05:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae3e58c6b80b87d726ddd93088a71fef93fd18b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6e:59:bc:d3:e0:bb:cd:7e:cb:45:17:8b:80:
e6:98:c8:4a:29:25:6d:81:d7:6b:bd:ac:74:4a:7c:
a8:4d:8f:cd:00:52:b2:93:e3:8e:95:c2:36:cc:de:
21:b8:db:cb:80:ea:38:8e:f0:ab:35:01:36:d1:e7:
08:5b:00:cc:11:ea:78:26:6f:35:42:5a:5f:cc:ed:
cf:65:be:c5:f6:bc:00:da:32:11:9f:dd:5d:70:3e:
22:75:dd:e0:6e:51:4c:a5:eb:d1:0c:26:60:44:5b:
4a:f0:0f:d1:ec:ec:77:27:fc:72:ae:d9:aa:63:c5:
70:01:b5:b7:fc:00:88:76:48:b7:38:dc:b6:bf:9a:
10:ee:dc:86:23:a1:93:e3:6b:63:44:be:4d:8a:27:
52:81:58:eb:f4:5b:62:1c:db:9b:af:f8:f8:9a:59:
3b:b9:56:a4:27:30:af:b7:b3:79:e5:27:6c:83:94:
6a:82:f6:36:46:1a:cd:2f:fb:08:c3:e7:f2:9f:f6:
72:e0:02:39:c5:34:83:21:1a:3e:8f:35:d8:65:b8:
2c:f9:bc:8d:87:b1:7a:11:7e:d3:1a:fe:b4:a5:03:
d5:39:a1:2c:c2:bd:ac:f0:2e:14:8d:71:21:96:96:
ec:30:de:a8:ef:32:17:25:db:a1:ab:3c:04:16:6e:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3E:58:C6:B8:0B:87:D7:26:DD:D9:30:88:A7:1F:EF:93:FD:18:B6
X509v3 Authority Key Identifier:
keyid:24:B0:86:F4:82:42:66:38:4E:07:8C:F7:77:37:5F:21:BD:37:0B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLCG9IJCZjhOB4z3dzdfIb03C3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/rj5YxrgLh9cm3dkwiKcf75P9GLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/ee138f-5e63-4cc4-8e75-decb188a000d/1/JLCG9IJCZjhOB4z3dzdfIb03C3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.216.0/21
185.37.188.0/22
193.143.96.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:cd:d5:38:28:36:25:38:20:e7:29:55:bc:8d:1a:d9:26:24:
99:f2:a5:24:5f:d4:d8:04:d7:fd:78:57:c4:7d:64:26:69:94:
c2:11:00:c7:63:ef:89:8b:f7:81:21:24:51:0d:41:7b:59:ac:
4e:85:dd:93:28:ed:37:68:c3:d2:c5:78:9e:38:71:f2:d9:34:
63:5a:74:d3:65:aa:7e:41:27:76:9f:11:b1:ba:65:f9:61:6e:
11:ba:9d:db:70:70:fb:5e:8f:af:40:7e:a2:0f:c4:14:15:f2:
a3:1a:58:81:00:7e:cc:79:4b:3f:0c:2b:92:bb:5e:a8:75:e5:
a2:26:fc:ac:4f:52:8d:9f:2f:cf:35:b1:dd:8a:dc:f3:84:d1:
86:11:fb:2a:c4:97:10:1f:77:78:29:9e:eb:45:e1:7b:38:f3:
43:df:af:36:84:ca:1f:d8:7e:91:b4:22:9a:d0:fe:44:b9:a2:
e7:f1:01:47:36:7f:c7:a9:fa:fa:9c:b5:42:89:86:5e:91:28:
38:9b:9b:b8:05:86:d7:58:4b:cc:48:a1:03:ab:7e:c3:ba:40:
1c:cf:17:7b:81:45:9c:77:a7:2d:a2:85:90:8d:5d:92:81:0a:
49:d4:ac:c5:ed:2a:54:0a:49:de:e9:30:b0:2c:f2:7b:d0:99:
8f:b8:bb:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr03U/g3gjJ46/fUOTfg8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjA4NmY0ODI0MjY2Mzg0ZTA3OGNmNzc3Mzc1ZjIxYmQz
NzBiNzAwHhcNMjMwMTAxMDUzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTNlNThjNmI4MGI4N2Q3MjZkZGQ5MzA4OGE3MWZlZjkzZmQxOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi25ZvNPgu81+y0UXi4DmmMhKKSVt
gddrvax0SnyoTY/NAFKyk+OOlcI2zN4huNvLgOo4jvCrNQE20ecIWwDMEep4Jm81
QlpfzO3PZb7F9rwA2jIRn91dcD4idd3gblFMpevRDCZgRFtK8A/R7Ox3J/xyrtmq
Y8VwAbW3/ACIdki3ONy2v5oQ7tyGI6GT42tjRL5NiidSgVjr9FtiHNubr/j4mlk7
uVakJzCvt7N55Sdsg5RqgvY2RhrNL/sIw+fyn/Zy4AI5xTSDIRo+jzXYZbgs+byN
h7F6EX7TGv60pQPVOaEswr2s8C4UjXEhlpbsMN6o7zIXJduhqzwEFm5TywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK4+WMa4C4fXJt3ZMIinH++T/Ri2MB8GA1UdIwQY
MBaAFCSwhvSCQmY4TgeM93c3XyG9NwtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUt
ZGVjYjE4OGEwMDBkLzEvcmo1WXhyZ0xoOWNtM2Rrd2lLY2Y3NVA5R0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9lZTEzOGYtNWU2My00Y2M0LThlNzUtZGVjYjE4OGEwMDBk
LzEvSkxDRzlJSkNaamhPQjR6M2R6ZGZJYjAzQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUEjYAwQC
uSW8AwQAwY9gMA0GCSqGSIb3DQEBCwUAA4IBAQC4zdU4KDYlOCDnKVW8jRrZJiSZ
8qUkX9TYBNf9eFfEfWQmaZTCEQDHY++Ji/eBISRRDUF7WaxOhd2TKO03aMPSxXie
OHHy2TRjWnTTZap+QSd2nxGxumX5YW4Rup3bcHD7Xo+vQH6iD8QUFfKjGliBAH7M
eUs/DCuSu16odeWiJvysT1KNny/PNbHditzzhNGGEfsqxJcQH3d4KZ7rReF7OPND
3682hMof2H6RtCKa0P5EuaLn8QFHNn/Hqfr6nLVCiYZekSg4m5u4BYbXWEvMSKED
q37DukAczxd7gUWcd6ctooWQjV2SgQpJ1KzF7SpUCkne6TCwLPJ70JmPuLuE
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:16 2025 by rpki-client