Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/JEXNj_Hn67gPNr9V-1hR4uFb9JU.roa
File: JEXNj_Hn67gPNr9V-1hR4uFb9JU.roa (raw, json)
Hash identifier: QmZspt9CIZWlsjyBBLqETpE4MLwh8jg7fy6TQKFgook=
Subject key identifier: 24:45:CD:8F:F1:E7:EB:B8:0F:36:BF:55:FB:58:51:E2:E1:5B:F4:95
Certificate issuer: /CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Certificate serial: 37EACC7D
Authority key identifier: BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/JEXNj_Hn67gPNr9V-1hR4uFb9JU.roa
Signing time: Sat 01 Jan 2022 09:59:57 +0000
ROA not before: Sat 01 Jan 2022 09:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28704
IP address blocks: 91.190.208.0/24 maxlen: 24
193.243.136.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938134653 (0x37eacc7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfa3af839aa1dce758f489e2d31ae22092fc99a
Validity
Not Before: Jan 1 09:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2445cd8ff1e7ebb80f36bf55fb5851e2e15bf495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:f2:f6:d7:33:83:4f:cf:62:44:12:1d:4a:
af:8e:1d:8c:ef:75:17:bb:5a:32:06:6c:0e:9a:66:
c4:fa:42:33:a4:00:69:ac:29:19:8b:54:50:08:e8:
dc:2b:89:68:61:f3:64:c1:44:01:3d:37:fe:7e:d3:
c7:bf:fc:e0:2f:a1:ba:ec:ea:83:dc:6c:c7:ca:b8:
0c:a1:00:49:84:b8:c5:9f:96:5c:83:53:24:03:41:
c7:17:8d:5a:23:69:de:19:ca:9b:3d:5f:e1:fa:9d:
0b:57:ca:98:57:9f:92:9b:03:89:fc:b2:92:2b:83:
e9:a0:f3:bf:94:48:00:bc:eb:e0:bc:4f:3c:5f:77:
00:09:af:b3:af:e9:58:a9:de:bd:66:59:30:20:a1:
b9:54:9b:85:44:bb:e4:04:2d:46:1c:cf:06:af:69:
19:24:fa:14:fa:41:61:27:00:22:6d:6c:7b:18:a7:
f3:80:12:f2:68:e2:d6:ae:4c:03:00:c2:fd:48:85:
bc:9e:95:a7:8a:94:fd:59:25:4d:a9:db:4b:39:c6:
5d:71:7b:23:e3:67:23:3a:44:67:48:2a:50:70:44:
3d:c8:a5:0b:80:7a:ed:24:eb:7d:c8:4a:f6:a6:35:
33:7e:4d:45:7a:7c:84:99:f7:de:af:bb:c0:32:d0:
24:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:45:CD:8F:F1:E7:EB:B8:0F:36:BF:55:FB:58:51:E2:E1:5B:F4:95
X509v3 Authority Key Identifier:
keyid:BD:FA:3A:F8:39:AA:1D:CE:75:8F:48:9E:2D:31:AE:22:09:2F:C9:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfo6-DmqHc51j0ieLTGuIgkvyZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/JEXNj_Hn67gPNr9V-1hR4uFb9JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8cdbc5-9365-4a0c-b9a3-ae7746f09630/1/vfo6-DmqHc51j0ieLTGuIgkvyZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.208.0/24
193.243.136.0/23
Signature Algorithm: sha256WithRSAEncryption
d4:b2:10:3f:4f:7a:00:5a:59:e6:0b:a4:bb:cc:af:bb:ae:24:
5f:b3:18:0e:de:50:1e:2a:77:1c:66:86:26:7d:2c:84:62:92:
50:2c:1d:36:68:38:3c:fc:39:c2:b3:74:34:20:32:29:4c:47:
33:1d:76:9a:be:cb:db:bb:19:e1:21:15:cd:be:68:db:8d:ca:
0d:59:61:d8:93:aa:98:86:b8:ce:51:2e:a1:75:93:0f:6b:8e:
3b:f5:e1:50:43:ba:fd:81:ca:37:1c:9b:cf:9e:f9:2f:ad:a7:
67:d9:0d:ea:5e:b6:82:0f:62:08:41:68:d1:71:6d:ea:f8:6f:
19:4a:08:1b:5f:2d:d0:ff:1c:e3:2f:1d:f9:e0:6a:ae:6d:20:
17:63:c6:c1:cb:f2:56:89:e4:37:83:97:2a:aa:0d:1b:ea:e7:
a0:62:31:2d:1c:54:93:1f:08:5c:c2:20:77:57:2e:e9:f4:6b:
b8:aa:ab:88:d5:47:c3:9b:0d:ff:2f:6b:b2:b2:9c:b9:0f:91:
bb:15:5d:68:c3:be:b1:93:67:99:25:b7:b6:d1:0d:1d:07:a0:
ee:01:bd:f1:a8:86:6d:b8:b6:64:2f:66:0b:e0:b1:2a:65:25:
54:45:08:3b:87:20:57:29:4a:82:ad:eb:c0:63:48:27:e7:34:
6c:d4:96:b6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEN+rMfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhM2FmODM5YWExZGNlNzU4ZjQ4OWUyZDMxYWUyMjA5MmZjOTlhMB4XDTIyMDEw
MTA5NTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ0NWNkOGZmMWU3
ZWJiODBmMzZiZjU1ZmI1ODUxZTJlMTViZjQ5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsE8vbXM4NPz2JEEh1Kr44djO91F7taMgZsDppmxPpCM6QA
aawpGYtUUAjo3CuJaGHzZMFEAT03/n7Tx7/84C+huuzqg9xsx8q4DKEASYS4xZ+W
XINTJANBxxeNWiNp3hnKmz1f4fqdC1fKmFefkpsDifyykiuD6aDzv5RIALzr4LxP
PF93AAmvs6/pWKnevWZZMCChuVSbhUS75AQtRhzPBq9pGST6FPpBYScAIm1sexin
84AS8mji1q5MAwDC/UiFvJ6Vp4qU/VklTanbSznGXXF7I+NnIzpEZ0gqUHBEPcil
C4B67STrfchK9qY1M35NRXp8hJn33q+7wDLQJG8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQkRc2P8efruA82v1X7WFHi4Vv0lTAfBgNVHSMEGDAWgBS9+jr4OaodznWP
SJ4tMa4iCS/JmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmbzYtRG1xSGM1MWowaWVMVEd1SWdrdnlaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvOGNkYmM1LTkzNjUtNGEwYy1iOWEzLWFlNzc0NmYwOTYzMC8x
L0pFWE5qX0huNjdnUE5yOVYtMWhSNHVGYjlKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
OGNkYmM1LTkzNjUtNGEwYy1iOWEzLWFlNzc0NmYwOTYzMC8xL3ZmbzYtRG1xSGM1
MWowaWVMVEd1SWdrdnlaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFu+0AMEAcHziDANBgkqhkiG9w0B
AQsFAAOCAQEA1LIQP096AFpZ5guku8yvu64kX7MYDt5QHip3HGaGJn0shGKSUCwd
Nmg4PPw5wrN0NCAyKUxHMx12mr7L27sZ4SEVzb5o243KDVlh2JOqmIa4zlEuoXWT
D2uOO/XhUEO6/YHKNxybz575L62nZ9kN6l62gg9iCEFo0XFt6vhvGUoIG18t0P8c
4y8d+eBqrm0gF2PGwcvyVonkN4OXKqoNG+rnoGIxLRxUkx8IXMIgd1cu6fRruKqr
iNVHw5sN/y9rsrKcuQ+RuxVdaMO+sZNnmSW3ttENHQeg7gG98aiGbbi2ZC9mC+Cx
KmUlVEUIO4cgVylKgq3rwGNIJ+c0bNSWtg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:11 2025 by rpki-client