Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/JG5F-3Qgb9Tm-n9NoV6p6R2pX-E.roa
File: JG5F-3Qgb9Tm-n9NoV6p6R2pX-E.roa (raw, json)
Hash identifier: eoaBRxj5GpCAFWW4d0yqPl7VHQf6wIc8vH8jEHQbnkk=
Subject key identifier: 24:6E:45:FB:74:20:6F:D4:E6:FA:7F:4D:A1:5E:A9:E9:1D:A9:5F:E1
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A2662E08956080C8E2A13D54F67386423
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/JG5F-3Qgb9Tm-n9NoV6p6R2pX-E.roa
Signing time: Thu 24 Aug 2023 07:12:08 +0000
ROA not before: Thu 24 Aug 2023 07:12:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 195.78.36.0/24 maxlen: 24
188.65.152.0/21 maxlen: 24
185.57.168.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
193.254.192.0/23 maxlen: 24
193.138.74.0/24 maxlen: 24
193.41.118.0/23 maxlen: 24
2a01:4400::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:62:e0:89:56:08:0c:8e:2a:13:d5:4f:67:38:64:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 24 07:12:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=246e45fb74206fd4e6fa7f4da15ea9e91da95fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7d:09:4b:07:b2:01:e1:33:c6:9d:af:2b:10:
d5:77:b1:24:37:d9:48:89:fd:b6:01:87:80:04:1d:
e6:5a:52:cb:3e:b9:7a:7d:8e:19:4b:9b:1c:02:9b:
12:ed:83:91:44:cb:a2:69:8b:47:a4:83:38:6b:e3:
f8:da:9f:e3:c1:cb:be:e2:d6:42:27:d4:3e:db:ae:
fb:8d:ff:8e:04:a8:7f:ff:43:85:10:e2:53:b1:5b:
49:ea:b9:90:b7:1c:97:e4:61:00:23:5f:75:6c:4b:
f1:76:40:80:16:1c:dd:75:78:dc:98:9d:d3:40:51:
56:fd:d1:2e:81:53:14:b0:98:f0:f2:f7:95:cf:4f:
c7:21:bf:3e:e6:9a:da:8a:60:a3:92:64:bc:15:52:
f7:48:f3:4d:61:2f:2f:27:80:f2:e7:19:23:67:45:
71:40:72:96:45:82:1b:5a:38:5c:84:cf:75:eb:3a:
df:2a:8f:b7:31:87:1e:80:32:86:ac:97:01:72:f5:
6c:74:c6:a4:67:e6:5e:23:6b:7c:44:40:c8:e7:7f:
2c:34:ee:7b:3d:4b:c5:8f:4e:3a:89:e4:da:5d:89:
d7:89:be:f0:93:43:4b:22:59:47:fd:02:b4:76:50:
c3:8e:3a:39:3e:ac:a4:f8:01:5f:43:31:12:53:65:
0a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:6E:45:FB:74:20:6F:D4:E6:FA:7F:4D:A1:5E:A9:E9:1D:A9:5F:E1
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/JG5F-3Qgb9Tm-n9NoV6p6R2pX-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.212.0/22
185.57.168.0/22
188.65.152.0/21
193.41.118.0/23
193.138.74.0/24
193.254.192.0/23
195.78.36.0/24
IPv6:
2a01:4400::/32
2a02:5120::/32
Signature Algorithm: sha256WithRSAEncryption
06:6e:14:52:69:e7:7c:36:c9:c3:e1:a6:6e:48:da:73:4b:cc:
6d:78:f9:8e:8b:2e:2a:08:a4:00:ac:69:0a:f9:6c:d8:f5:58:
58:45:8a:30:f3:6a:6b:32:cc:5c:77:9d:23:35:89:95:49:e3:
13:e0:dc:21:bc:ec:d5:9d:59:4e:dd:6a:6a:29:fb:c3:27:54:
d0:5c:c0:2d:6e:fd:e3:d7:04:3b:32:22:60:ca:7f:12:9a:c9:
cf:e8:e5:15:f2:aa:2c:9e:e5:bf:26:32:f7:82:a1:b5:ab:b3:
6d:13:aa:8a:20:19:b0:d9:09:60:52:10:f5:44:37:a8:4c:f4:
c9:af:df:6c:fa:9c:76:bd:0e:79:e1:f7:40:fc:a1:c1:7a:a2:
e6:21:26:06:0d:02:63:32:99:da:a6:d5:e7:87:14:d3:fa:49:
15:60:05:dd:f4:31:42:8b:36:be:21:74:63:29:00:14:37:91:
dc:ef:5e:ad:8c:8a:97:ed:85:95:3d:4e:3b:c5:1b:17:43:55:
8b:37:19:12:d2:e3:dd:4d:b5:4c:1f:f3:5e:3f:5d:90:87:5e:
76:33:93:8c:6f:25:db:1b:54:24:4f:b9:9d:20:c3:0e:83:60:
3c:1b:de:69:31:01:78:0d:98:31:e5:e6:39:bc:4d:b0:ea:33:
ef:ed:21:80
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYomYuCJVggMjioT1U9nOGQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODI0MDcxMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDZlNDVmYjc0MjA2ZmQ0ZTZmYTdmNGRhMTVlYTllOTFkYTk1ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy30JSweyAeEzxp2vKxDVd7EkN9lI
if22AYeABB3mWlLLPrl6fY4ZS5scApsS7YORRMuiaYtHpIM4a+P42p/jwcu+4tZC
J9Q+2677jf+OBKh//0OFEOJTsVtJ6rmQtxyX5GEAI191bEvxdkCAFhzddXjcmJ3T
QFFW/dEugVMUsJjw8veVz0/HIb8+5praimCjkmS8FVL3SPNNYS8vJ4Dy5xkjZ0Vx
QHKWRYIbWjhchM916zrfKo+3MYcegDKGrJcBcvVsdMakZ+ZeI2t8REDI538sNO57
PUvFj046ieTaXYnXib7wk0NLIllH/QK0dlDDjjo5Pqyk+AFfQzESU2UKlQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCRuRft0IG/U5vp/TaFeqekdqV/hMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvSkc1Ri0zUWdiOVRtLW45Tm9WNnA2UjJwWC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCuTjUAwQC
uTmoAwQDvEGYAwQBwSl2AwQAwYpKAwQBwf7AAwQAw04kMBQEAgACMA4DBQAqAUQA
AwUAKgJRIDANBgkqhkiG9w0BAQsFAAOCAQEABm4UUmnnfDbJw+Gmbkjac0vMbXj5
josuKgikAKxpCvls2PVYWEWKMPNqazLMXHedIzWJlUnjE+DcIbzs1Z1ZTt1qain7
wydU0FzALW7949cEOzIiYMp/EprJz+jlFfKqLJ7lvyYy94KhtauzbROqiiAZsNkJ
YFIQ9UQ3qEz0ya/fbPqcdr0OeeH3QPyhwXqi5iEmBg0CYzKZ2qbV54cU0/pJFWAF
3fQxQos2viF0YykAFDeR3O9erYyKl+2FlT1OO8UbF0NVizcZEtLj3U21TB/zXj9d
kIdedjOTjG8l2xtUJE+5nSDDDoNgPBveaTEBeA2YMeXmObxNsOoz7+0hgA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:35 2025 by rpki-client