Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/JhKaQ3heg7TLVlpljXIIrIYhK5s.roa
File: JhKaQ3heg7TLVlpljXIIrIYhK5s.roa (raw, json)
Hash identifier: m66yihowwbhYptpchBLBOae+GzIroTxLADFTupsZYCQ=
Subject key identifier: 26:12:9A:43:78:5E:83:B4:CB:56:5A:65:8D:72:08:AC:86:21:2B:9B
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 025A7508
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/JhKaQ3heg7TLVlpljXIIrIYhK5s.roa
Signing time: Wed 25 May 2022 13:32:13 +0000
ROA not before: Wed 25 May 2022 13:32:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206352
IP address blocks: 185.217.50.0/23 maxlen: 23
185.217.48.0/23 maxlen: 23
185.188.253.0/24 maxlen: 24
185.188.254.0/23 maxlen: 23
185.248.0.0/23 maxlen: 23
185.248.2.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39482632 (0x25a7508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: May 25 13:32:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26129a43785e83b4cb565a658d7208ac86212b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:d2:d1:c1:f0:b1:8e:9f:4d:a5:6e:2c:e1:
e6:ee:f0:13:9f:40:89:a5:03:e6:53:c5:17:06:42:
7d:39:4b:32:0e:c2:04:d6:55:19:a6:15:30:1d:5a:
7c:25:af:66:44:4d:e9:cd:d2:df:07:00:92:34:b7:
b7:eb:14:3b:9d:b8:93:84:cd:98:bb:61:9a:5f:de:
d5:a9:0b:df:0a:f6:4f:02:77:fd:4d:59:5e:18:e1:
d1:70:c7:71:06:3f:30:7c:9b:f0:30:d2:b1:be:1b:
6a:ad:04:f2:f3:43:10:db:19:72:a2:c1:8d:97:e3:
54:f7:68:e5:46:0b:c2:48:7c:a8:5c:9a:cd:88:62:
95:b7:cd:31:70:57:a3:75:ac:38:f8:53:09:80:28:
25:55:34:77:6d:eb:6c:6f:35:8a:8c:1f:a0:fa:67:
7f:05:7d:e0:33:28:78:41:b3:be:55:bd:7e:34:63:
7e:d1:df:9c:62:88:26:40:8a:e0:da:ab:75:ca:ef:
a2:9e:43:16:f1:c4:63:33:92:6f:d6:74:69:2c:4f:
ea:25:d9:1e:5b:e8:f9:5d:cf:b8:a3:59:ca:52:88:
7a:25:af:d6:96:b7:1f:fb:7d:59:a3:20:7d:70:6b:
5e:e0:0a:d6:16:b5:6c:4c:95:53:56:3f:7f:9b:69:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:12:9A:43:78:5E:83:B4:CB:56:5A:65:8D:72:08:AC:86:21:2B:9B
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/JhKaQ3heg7TLVlpljXIIrIYhK5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.253.0-185.188.255.255
185.217.48.0/22
185.248.0.0/22
Signature Algorithm: sha256WithRSAEncryption
65:94:1a:b5:0f:37:50:9a:41:c1:54:06:08:df:87:bd:aa:45:
e4:60:35:4c:66:5e:3b:00:7b:61:52:44:d5:e1:4e:c6:59:dc:
10:86:9e:f1:59:65:57:27:4a:8d:a7:2e:3d:e0:51:a1:0d:ac:
31:8d:19:c2:fa:f6:71:c5:37:7f:0a:f5:d9:e2:f9:6e:bc:9e:
3d:51:e6:62:25:f0:77:8e:f2:1a:92:16:d7:7b:e9:a4:08:4d:
8e:60:95:81:73:55:fa:5e:87:5f:52:12:40:e5:b2:84:4b:cb:
c3:e8:96:76:a5:98:75:a2:b6:3d:9a:71:4b:17:ae:97:55:38:
0b:7b:7a:7d:98:27:dc:6f:73:6d:b0:51:b2:6f:ab:c5:ad:d3:
ae:1d:4b:26:38:4b:ea:c0:56:51:20:f1:2b:11:53:fe:30:32:
c6:46:95:72:d1:d9:dd:b3:f3:5e:fb:5b:26:d6:fc:95:61:4b:
53:e0:4c:01:8f:8b:8b:bc:57:ee:ce:63:67:7f:23:26:be:bb:
b5:45:fe:29:35:7c:2e:bc:bd:ad:2a:60:a9:a8:76:06:c5:19:
7c:4e:50:81:c1:e9:20:59:0c:47:fe:ba:18:ea:6e:bd:69:56:
6b:2d:56:59:d4:5d:b6:1d:a9:4b:cb:bc:03:85:ea:b7:03:c0:
02:7d:b3:cf
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIEAlp1CDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWRjYmRmMDYzMmExMDE2MTNhOGY2Yzk0NDliMjllZDQ1YzFhODcyMB4XDTIyMDUy
NTEzMzIxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjYxMjlhNDM3ODVl
ODNiNGNiNTY1YTY1OGQ3MjA4YWM4NjIxMmI5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+N0tHB8LGOn02lbizh5u7wE59AiaUD5lPFFwZCfTlLMg7C
BNZVGaYVMB1afCWvZkRN6c3S3wcAkjS3t+sUO524k4TNmLthml/e1akL3wr2TwJ3
/U1ZXhjh0XDHcQY/MHyb8DDSsb4baq0E8vNDENsZcqLBjZfjVPdo5UYLwkh8qFya
zYhilbfNMXBXo3WsOPhTCYAoJVU0d23rbG81iowfoPpnfwV94DMoeEGzvlW9fjRj
ftHfnGKIJkCK4Nqrdcrvop5DFvHEYzOSb9Z0aSxP6iXZHlvo+V3PuKNZylKIeiWv
1pa3H/t9WaMgfXBrXuAK1ha1bEyVU1Y/f5tp5D8CAwEAAaOCAhwwggIYMB0GA1Ud
DgQWBBQmEppDeF6DtMtWWmWNcgishiErmzAfBgNVHSMEGDAWgBSZ3L3wYyoQFhOo
9slEmyntRcGocjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21keTk4R01xRUJZVHFQYkpSSnNwN1VYQnFISS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTMvNGYzZDFiLTgzNjEtNDExZS1hMTQ4LTg4NThhNTU5ZjI1MS8x
L0poS2FRM2hlZzdUTFZscGxqWElJcklZaEs1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTMv
NGYzZDFiLTgzNjEtNDExZS1hMTQ4LTg4NThhNTU5ZjI1MS8xL21keTk4R01xRUJZ
VHFQYkpSSnNwN1VYQnFISS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAy
BggrBgEFBQcBBwEB/wQjMCEwHwQCAAEwGTALAwQAubz9AwMAubwDBAK52TADBAK5
+AAwDQYJKoZIhvcNAQELBQADggEBAGWUGrUPN1CaQcFUBgjfh72qReRgNUxmXjsA
e2FSRNXhTsZZ3BCGnvFZZVcnSo2nLj3gUaENrDGNGcL69nHFN38K9dni+W68nj1R
5mIl8HeO8hqSFtd76aQITY5glYFzVfpeh19SEkDlsoRLy8PolnalmHWitj2acUsX
rpdVOAt7en2YJ9xvc22wUbJvq8Wt064dSyY4S+rAVlEg8SsRU/4wMsZGlXLR2d2z
8177WybW/JVhS1PgTAGPi4u8V+7OY2d/Iya+u7VF/ik1fC68va0qYKmodgbFGXxO
UIHB6SBZDEf+uhjqbr1pVmstVlnUXbYdqUvLvAOF6rcDwAJ9s88=
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:26:13 2025 by rpki-client