Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/JPvjlM5S2AV-vLoU1zAQklTCIBs.roa
File: JPvjlM5S2AV-vLoU1zAQklTCIBs.roa (raw, json)
Hash identifier: 9sxsNrjPPCzgsXX+FaSmgCGuR8EiN9XoBfi4pSVaz1s=
Subject key identifier: 24:FB:E3:94:CE:52:D8:05:7E:BC:BA:14:D7:30:10:92:54:C2:20:1B
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018B1261765561F5A932C4034B7C7FEB04FE
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/JPvjlM5S2AV-vLoU1zAQklTCIBs.roa
Signing time: Mon 09 Oct 2023 03:00:58 +0000
ROA not before: Mon 09 Oct 2023 03:00:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35285
IP address blocks: 193.189.122.0/24 maxlen: 24
193.189.123.0/24 maxlen: 24
2001:678:b1::/48 maxlen: 48
2001:14e8:c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:12:61:76:55:61:f5:a9:32:c4:03:4b:7c:7f:eb:04:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Oct 9 03:00:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24fbe394ce52d8057ebcba14d730109254c2201b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:03:39:4d:6a:23:01:23:d7:12:31:0d:ef:
40:0e:b5:5b:ee:90:ea:49:01:53:42:48:c6:19:a7:
a7:de:73:56:70:eb:c8:a2:7b:bb:8b:d7:a8:c8:bb:
be:45:c8:e0:2c:97:3f:da:39:eb:71:35:f6:50:14:
30:6f:7a:8a:d6:ab:41:77:ef:be:89:64:24:7f:28:
80:da:04:a1:28:e9:f1:29:d8:b1:6c:1a:63:b3:1c:
7d:fa:8b:14:6c:cb:72:a3:3c:fe:18:05:1c:bd:1a:
c5:90:04:99:b9:bb:41:e2:c1:6c:54:69:5d:30:0d:
00:55:c0:fd:fe:6d:12:e9:e2:f7:f9:e3:78:b7:28:
ca:0c:33:16:ad:77:de:78:4c:cf:82:97:27:0a:37:
88:d5:f3:28:ef:2d:b7:1d:96:a2:ec:1c:f9:73:39:
e6:e6:bb:63:32:a9:6a:56:d6:00:8d:cb:86:82:54:
e6:05:0a:05:9f:59:de:22:15:36:cc:9d:10:8f:2c:
92:2a:8a:7f:cf:f7:d7:f8:24:c9:7d:70:8f:65:06:
8e:71:a5:49:a0:b7:2b:db:b2:80:c9:48:8c:ec:73:
19:92:d9:47:95:f2:df:3a:55:d0:55:3d:fc:4b:dc:
51:30:68:2e:22:41:e3:db:30:db:8e:ea:eb:3b:4b:
4e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:FB:E3:94:CE:52:D8:05:7E:BC:BA:14:D7:30:10:92:54:C2:20:1B
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/JPvjlM5S2AV-vLoU1zAQklTCIBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.122.0/23
IPv6:
2001:678:b1::/48
2001:14e8:c::/48
Signature Algorithm: sha256WithRSAEncryption
33:f7:7c:42:4e:65:37:0a:f7:2d:79:05:13:8f:84:2f:66:9c:
6a:93:70:4a:0b:57:50:30:99:f7:09:e6:69:b2:d3:27:0a:71:
22:4e:d1:24:86:13:78:c1:da:62:1b:5f:61:5c:13:0f:82:45:
0a:66:72:5a:46:fc:ad:9b:af:14:d6:3a:74:e7:d8:ff:b8:6c:
a1:81:c0:ae:c0:20:78:08:5d:c1:e5:e3:48:f7:8e:cd:b1:b8:
a5:54:35:70:2e:d8:2e:cb:b7:ad:b9:48:31:b7:0f:97:a0:74:
af:62:81:eb:ba:4f:9c:62:4b:4a:91:f7:19:79:46:33:23:f4:
b4:1d:df:be:37:30:07:34:5b:dc:75:7c:be:9f:5e:70:04:59:
4e:29:cd:da:3e:75:ce:35:68:b3:c9:76:e3:39:ee:c5:ba:b6:
d0:fd:94:dd:e6:0d:75:1e:a8:f9:3b:3e:41:0a:dc:22:2b:9c:
53:0d:1f:de:13:0a:9f:cc:d1:3a:ae:92:99:41:9f:76:b9:72:
e2:0e:c8:08:c9:e7:46:69:06:25:44:07:74:f3:f6:47:f3:d1:
f5:a0:87:21:5a:fd:af:55:65:3a:a8:08:b5:30:e4:11:a5:6a:
42:16:cf:cc:46:03:74:8e:ca:4b:aa:7c:06:3c:60:20:b8:c7:
84:c8:f3:0e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYsSYXZVYfWpMsQDS3x/6wT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMxMDA5MDMwMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGZiZTM5NGNlNTJkODA1N2ViY2JhMTRkNzMwMTA5MjU0YzIyMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdcDOU1qIwEj1xIxDe9ADrVb7pDq
SQFTQkjGGaen3nNWcOvIonu7i9eoyLu+RcjgLJc/2jnrcTX2UBQwb3qK1qtBd+++
iWQkfyiA2gShKOnxKdixbBpjsxx9+osUbMtyozz+GAUcvRrFkASZubtB4sFsVGld
MA0AVcD9/m0S6eL3+eN4tyjKDDMWrXfeeEzPgpcnCjeI1fMo7y23HZai7Bz5cznm
5rtjMqlqVtYAjcuGglTmBQoFn1neIhU2zJ0QjyySKop/z/fX+CTJfXCPZQaOcaVJ
oLcr27KAyUiM7HMZktlHlfLfOlXQVT38S9xRMGguIkHj2zDbjurrO0tOuQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCT745TOUtgFfry6FNcwEJJUwiAbMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvSlB2amxNNVMyQVYtdkxvVTF6QVFrbFRDSUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwb16MBgE
AgACMBIDBwAgAQZ4ALEDBwAgARToAAwwDQYJKoZIhvcNAQELBQADggEBADP3fEJO
ZTcK9y15BROPhC9mnGqTcEoLV1AwmfcJ5mmy0ycKcSJO0SSGE3jB2mIbX2FcEw+C
RQpmclpG/K2brxTWOnTn2P+4bKGBwK7AIHgIXcHl40j3js2xuKVUNXAu2C7Lt625
SDG3D5egdK9igeu6T5xiS0qR9xl5RjMj9LQd3743MAc0W9x1fL6fXnAEWU4pzdo+
dc41aLPJduM57sW6ttD9lN3mDXUeqPk7PkEK3CIrnFMNH94TCp/M0TqukplBn3a5
cuIOyAjJ50ZpBiVEB3Tz9kfz0fWghyFa/a9VZTqoCLUw5BGlakIWz8xGA3SOykuq
fAY8YCC4x4TI8w4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:10 2025 by rpki-client