Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa
File: jb_Itwp6wKajqFN9cASmqt1qkjo.roa (raw, json)
Hash identifier: NeIWxD3dwra5c8QOCvqwrgMQScsVnC3+zNPR9EqOXIo=
Subject key identifier: 8D:BF:C8:B7:0A:7A:C0:A6:A3:A8:53:7D:70:04:A6:AA:DD:6A:92:3A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B5AAE197AEB0F10A0DD1170E14C1E433
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa
Signing time: Wed 02 Aug 2023 09:53:41 +0000
ROA not before: Wed 02 Aug 2023 09:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 89.213.7.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
82.153.4.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:aa:e1:97:ae:b0:f1:0a:0d:d1:17:0e:14:c1:e4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 09:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8dbfc8b70a7ac0a6a3a8537d7004a6aadd6a923a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8b:6f:86:86:b6:24:d1:48:37:1e:7f:ec:e0:
29:cd:82:7f:d2:ce:c3:7f:8c:24:34:bc:75:4f:68:
c3:49:be:6f:09:49:93:e3:16:a5:af:c0:c1:aa:79:
4b:eb:de:3f:38:2c:5d:c3:08:dd:bd:41:b3:49:04:
72:54:81:88:e4:b0:36:29:61:49:08:51:7b:12:be:
35:96:1f:d7:0e:ee:c3:47:7d:a2:ba:be:8e:a9:98:
36:95:ac:db:f2:9d:d7:02:47:fb:c3:fb:bd:1c:31:
61:50:5a:6a:71:be:a2:e5:e8:e1:fb:b4:4d:78:4d:
a4:fd:4f:fe:de:1b:eb:6b:85:71:69:db:ba:53:f1:
0a:be:2a:38:c0:fa:d0:21:7e:5f:bb:0c:59:f9:5e:
69:39:d8:4e:6e:9f:16:46:7d:64:c0:ea:f3:4b:81:
5f:03:e7:df:40:37:52:11:7f:f5:8c:94:75:eb:58:
46:d3:51:f1:62:df:5f:b1:96:35:01:16:a6:51:85:
6a:da:fa:6a:73:00:55:f5:cf:9d:ac:e3:c9:c0:1b:
ef:57:8c:68:f6:d6:31:fd:45:a1:7b:ec:23:63:fa:
d2:a5:ad:c8:88:f3:be:4c:d3:63:a7:bf:20:95:a0:
67:81:6b:fc:63:9e:ca:96:e0:9e:d1:66:ca:8d:fa:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BF:C8:B7:0A:7A:C0:A6:A3:A8:53:7D:70:04:A6:AA:DD:6A:92:3A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jb_Itwp6wKajqFN9cASmqt1qkjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.4.0/24
89.213.7.0/24
89.213.150.0/24
89.213.163.0/24
89.213.172.0/24
Signature Algorithm: sha256WithRSAEncryption
35:64:46:1f:22:13:1a:f6:ac:4e:08:42:9f:2b:90:00:2b:26:
60:12:e1:44:28:73:5b:7c:20:3a:51:3c:38:2d:6b:51:40:b5:
e3:3d:7e:6c:2b:58:64:5f:fa:3d:a2:c6:5f:ce:99:35:0f:53:
cd:e2:b6:09:e4:21:d6:d0:5e:1a:f2:30:fb:82:09:73:95:f1:
77:f7:aa:0f:e3:7d:b8:f9:2f:a9:8c:67:9b:d6:90:b9:b8:34:
89:e6:ee:31:e6:cb:92:26:6d:86:35:06:a9:b6:1d:d4:a5:24:
6d:46:6d:cf:df:f8:7c:02:8d:64:73:2b:02:3d:14:8d:5e:3a:
04:dd:c7:d6:86:30:e1:9d:23:08:8b:f1:44:cc:58:1f:ec:c6:
6a:16:eb:df:67:fa:13:b9:c8:41:60:7d:fb:c2:a6:0f:ff:2f:
7a:85:5c:3a:a9:45:8a:64:78:eb:3a:1c:e7:aa:2c:bb:11:55:
a5:3f:5f:64:22:c7:e7:7e:60:c2:aa:e6:c6:23:62:f3:51:59:
d6:3e:a0:de:ae:6b:90:01:9d:b3:ae:04:01:5e:b9:8b:82:a6:
b6:2b:98:c1:80:0a:0c:3e:80:87:a2:ea:48:1c:6a:ab:96:04:
df:b1:c1:24:9d:d1:77:93:be:fd:3f:82:86:c9:79:12:db:1c:
d2:0b:1d:24
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYm1quGXrrDxCg3RFw4UweQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAyMDk1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGJmYzhiNzBhN2FjMGE2YTNhODUzN2Q3MDA0YTZhYWRkNmE5MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYtvhoa2JNFINx5/7OApzYJ/0s7D
f4wkNLx1T2jDSb5vCUmT4xalr8DBqnlL694/OCxdwwjdvUGzSQRyVIGI5LA2KWFJ
CFF7Er41lh/XDu7DR32iur6OqZg2lazb8p3XAkf7w/u9HDFhUFpqcb6i5ejh+7RN
eE2k/U/+3hvra4Vxadu6U/EKvio4wPrQIX5fuwxZ+V5pOdhObp8WRn1kwOrzS4Ff
A+ffQDdSEX/1jJR161hG01HxYt9fsZY1ARamUYVq2vpqcwBV9c+drOPJwBvvV4xo
9tYx/UWhe+wjY/rSpa3IiPO+TNNjp78glaBngWv8Y57KluCe0WbKjfrYywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI2/yLcKesCmo6hTfXAEpqrdapI6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvamJfSXR3cDZ3S2FqcUZOOWNBU21xdDFxa2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpkEAwQA
WdUHAwQAWdWWAwQAWdWjAwQAWdWsMA0GCSqGSIb3DQEBCwUAA4IBAQA1ZEYfIhMa
9qxOCEKfK5AAKyZgEuFEKHNbfCA6UTw4LWtRQLXjPX5sK1hkX/o9osZfzpk1D1PN
4rYJ5CHW0F4a8jD7gglzlfF396oP4324+S+pjGeb1pC5uDSJ5u4x5suSJm2GNQap
th3UpSRtRm3P3/h8Ao1kcysCPRSNXjoE3cfWhjDhnSMIi/FEzFgf7MZqFuvfZ/oT
uchBYH37wqYP/y96hVw6qUWKZHjrOhznqiy7EVWlP19kIsfnfmDCqubGI2LzUVnW
PqDermuQAZ2zrgQBXrmLgqa2K5jBgAoMPoCHoupIHGqrlgTfscEkndF3k779P4KG
yXkS2xzSCx0k
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:57 2025 by rpki-client