Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JwQIy9xXM6xuztQ2qVPwmXDZBT8.roa
File: JwQIy9xXM6xuztQ2qVPwmXDZBT8.roa (raw, json)
Hash identifier: f9Br+h8ImCgbIgLibBgukp8ojlAeSPh5MCZpCTGU/Jw=
Subject key identifier: 27:04:08:CB:DC:57:33:AC:6E:CE:D4:36:A9:53:F0:99:70:D9:05:3F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BD70D094F0826918623649135D4395026
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JwQIy9xXM6xuztQ2qVPwmXDZBT8.roa
Signing time: Thu 16 Nov 2023 07:33:57 +0000
ROA not before: Thu 16 Nov 2023 07:33:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 89.213.157.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:0d:09:4f:08:26:91:86:23:64:91:35:d4:39:50:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 16 07:33:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=270408cbdc5733ac6eced436a953f09970d9053f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:73:80:19:53:f2:38:6b:8c:07:19:9c:3d:fa:
c2:f7:f1:37:fd:7c:c6:3c:11:ca:06:5d:cd:ff:dd:
3f:09:24:dc:9c:66:f4:bf:05:af:f1:24:58:6f:ff:
b4:a3:f7:32:c4:10:d3:f0:5e:4b:e7:2a:82:01:08:
35:19:59:e6:91:f6:d6:8a:32:96:4d:9c:b7:e2:79:
a4:5c:b5:71:54:5a:18:46:59:e5:10:e9:c7:48:96:
e4:d2:b9:da:4d:66:a1:a9:fe:25:12:4a:3b:90:6b:
49:b1:90:24:fd:ce:82:4e:52:f2:2e:a4:34:e6:75:
c9:cb:2f:ed:57:c2:44:59:43:0c:94:69:5b:a9:26:
29:b6:25:7c:7a:5a:22:03:0b:3a:43:1a:38:7e:ca:
ed:8a:00:42:d0:e2:76:d8:6b:bb:b4:b6:0b:9f:c4:
15:cf:6e:50:ae:5e:f0:fa:66:76:5f:be:bc:17:aa:
24:ac:ae:42:bf:f8:73:6d:be:db:3f:75:21:2c:e7:
4c:b1:99:36:da:28:cc:f5:23:f2:c4:4e:5e:61:6f:
b0:7a:ee:46:be:48:ec:7c:5a:39:8c:25:73:de:be:
d2:b0:ec:71:99:c2:32:59:7d:31:f4:89:8f:29:3c:
cc:87:af:d7:51:d0:69:13:43:7b:1a:78:87:fc:7c:
62:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:04:08:CB:DC:57:33:AC:6E:CE:D4:36:A9:53:F0:99:70:D9:05:3F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JwQIy9xXM6xuztQ2qVPwmXDZBT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
89.213.157.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:d5:72:b7:5b:f9:02:1f:49:4e:ce:cd:74:90:46:9a:8c:19:
c4:ce:cc:33:06:b0:e2:6f:cf:b5:93:5c:dd:4d:41:01:bd:d3:
6c:c0:e5:dc:b0:91:89:5b:db:8e:06:3f:56:83:83:b2:17:1b:
d8:48:4f:d5:20:f3:93:ec:f7:0a:50:62:98:9c:35:23:40:10:
6e:ca:21:66:f3:c3:9d:74:ac:9e:97:fb:39:fd:7d:62:c2:a7:
5b:07:57:50:c0:7b:83:d4:1d:e8:7d:1b:89:ca:17:c0:01:ec:
08:bd:0b:03:bf:c8:4e:79:8b:db:83:20:83:79:df:1b:1b:84:
f1:70:b9:7b:eb:22:7a:f0:8f:b0:95:ff:1d:be:1c:12:c7:e7:
f2:b0:bb:0c:9b:eb:49:18:c3:fd:c1:36:c5:0b:64:f0:96:7e:
fa:c3:b0:ef:79:a8:cc:f7:0a:9f:9f:ae:b2:29:52:07:b9:8f:
69:b8:29:2c:8f:a4:82:7a:34:1f:86:8d:15:d3:c1:e9:f4:be:
ff:19:2b:11:50:2d:e9:c8:f2:1a:57:6f:9d:15:c6:3b:66:a8:
92:25:1a:fd:23:d9:cd:0a:24:73:bd:fb:23:85:04:27:98:31:
50:18:fb:bd:09:5f:f7:fe:3c:df:f9:9c:70:f9:50:94:49:ac:
f3:67:2e:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvXDQlPCCaRhiNkkTXUOVAmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTE2MDczMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzA0MDhjYmRjNTczM2FjNmVjZWQ0MzZhOTUzZjA5OTcwZDkwNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXOAGVPyOGuMBxmcPfrC9/E3/XzG
PBHKBl3N/90/CSTcnGb0vwWv8SRYb/+0o/cyxBDT8F5L5yqCAQg1GVnmkfbWijKW
TZy34nmkXLVxVFoYRlnlEOnHSJbk0rnaTWahqf4lEko7kGtJsZAk/c6CTlLyLqQ0
5nXJyy/tV8JEWUMMlGlbqSYptiV8eloiAws6Qxo4fsrtigBC0OJ22Gu7tLYLn8QV
z25Qrl7w+mZ2X768F6okrK5Cv/hzbb7bP3UhLOdMsZk22ijM9SPyxE5eYW+weu5G
vkjsfFo5jCVz3r7SsOxxmcIyWX0x9ImPKTzMh6/XUdBpE0N7GniH/HxiAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCcECMvcVzOsbs7UNqlT8Jlw2QU/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSndRSXk5eFhNNnh1enRRMnFWUHdtWERaQlQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpncAwQA
WdWdMA0GCSqGSIb3DQEBCwUAA4IBAQBv1XK3W/kCH0lOzs10kEaajBnEzswzBrDi
b8+1k1zdTUEBvdNswOXcsJGJW9uOBj9Wg4OyFxvYSE/VIPOT7PcKUGKYnDUjQBBu
yiFm88OddKyel/s5/X1iwqdbB1dQwHuD1B3ofRuJyhfAAewIvQsDv8hOeYvbgyCD
ed8bG4TxcLl76yJ68I+wlf8dvhwSx+fysLsMm+tJGMP9wTbFC2Twln76w7DveajM
9wqfn66yKVIHuY9puCksj6SCejQfho0V08Hp9L7/GSsRUC3pyPIaV2+dFcY7ZqiS
JRr9I9nNCiRzvfsjhQQnmDFQGPu9CV/3/jzf+Zxw+VCUSazzZy4b
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:51 2025 by rpki-client