Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/J89MZJKUIRe2NPyT6bQyoV9IKgk.roa
File: J89MZJKUIRe2NPyT6bQyoV9IKgk.roa (raw, json)
Hash identifier: 2FvOiZjhXkolpfH2P6vG7gqIUhlhJVExuIaRraQLA+4=
Subject key identifier: 27:CF:4C:64:92:94:21:17:B6:34:FC:93:E9:B4:32:A1:5F:48:2A:09
Certificate issuer: /CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Certificate serial: 0185729EC4E5065EC6BE35CF14D8DB07EFF4
Authority key identifier: 09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/J89MZJKUIRe2NPyT6bQyoV9IKgk.roa
Signing time: Mon 02 Jan 2023 13:14:45 +0000
ROA not before: Mon 02 Jan 2023 13:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25591
IP address blocks: 5.188.144.0/22 maxlen: 22
185.104.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:c4:e5:06:5e:c6:be:35:cf:14:d8:db:07:ef:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Validity
Not Before: Jan 2 13:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=27cf4c6492942117b634fc93e9b432a15f482a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8e:1d:75:2a:19:a1:bc:8b:6f:d9:2b:dc:f1:
8c:df:0a:79:ea:ee:9c:87:fc:06:06:87:10:dc:f0:
a3:d7:0a:09:d4:0a:e7:e1:ca:d3:ce:c9:3f:73:5a:
e1:ef:17:98:5d:45:ae:55:14:a4:3f:41:f0:cd:40:
1d:2a:06:17:21:ab:2b:84:2c:4c:86:15:5e:c9:b0:
81:f2:ab:fe:70:c6:83:29:1d:f6:7b:47:66:db:1e:
d7:8e:b3:cc:df:05:70:52:ca:26:8d:4e:7e:ae:00:
d4:78:4c:a1:df:99:38:de:d0:d7:ff:17:ea:78:c7:
8b:20:cd:c9:b5:59:ff:eb:53:09:65:b4:d1:89:19:
12:00:f2:bf:af:3a:0e:0a:33:7c:15:b9:2a:48:c2:
8b:cf:13:ee:0b:7b:aa:ca:fe:f4:e3:cd:c2:47:63:
06:64:22:0c:bc:19:c0:02:33:f2:22:9d:bf:3a:4e:
8f:ef:e3:69:3b:54:25:3a:8b:72:b8:68:94:5d:9f:
60:cb:40:79:29:01:29:73:69:49:4b:41:f4:b6:ab:
f8:45:86:d1:0d:ec:d2:6f:86:3f:63:b5:34:3b:e6:
43:1f:55:1d:b8:f6:fd:17:f9:d4:c4:95:20:85:4e:
39:7f:18:2e:77:66:be:0f:02:aa:8e:f5:ab:97:a7:
bf:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CF:4C:64:92:94:21:17:B6:34:FC:93:E9:B4:32:A1:5F:48:2A:09
X509v3 Authority Key Identifier:
keyid:09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/J89MZJKUIRe2NPyT6bQyoV9IKgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.144.0/22
185.104.4.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:28:93:6a:ff:f6:e2:87:56:e7:6c:1c:62:c2:76:1b:93:fc:
be:2b:de:85:22:75:2b:a2:4a:d9:93:43:19:da:a1:26:bc:30:
52:af:df:69:14:0d:10:ff:45:4a:b1:39:66:ef:1d:54:9d:a5:
b8:fa:10:f1:f6:99:76:19:6c:5f:05:c0:46:a9:bc:bc:ea:cf:
0c:65:52:55:f4:92:91:8d:43:2d:2b:8b:6f:b8:bb:5c:9d:40:
34:7f:15:1e:a1:87:3a:47:d4:8b:68:94:7b:9e:9e:84:74:7d:
4c:e5:ab:e8:b5:00:12:63:59:c7:bf:73:f8:ed:d0:2a:08:4d:
6f:bf:df:3f:50:63:a3:04:12:41:dc:67:29:33:2c:4b:5c:ef:
d3:3c:71:45:dd:cd:d0:bf:4f:9d:d9:4d:39:61:bc:30:b1:ae:
23:8f:a4:87:01:77:08:c1:d5:7b:c9:5b:9e:c4:c3:77:38:26:
73:a0:91:1a:65:ec:e2:71:d8:49:2a:7c:57:07:58:f4:f4:61:
29:2e:a3:78:14:30:4d:6f:15:d5:e7:a3:f5:ca:32:3e:0c:fd:
cc:60:52:fd:06:49:cf:f0:74:1f:e3:72:41:76:04:9e:0e:a8:
f9:fa:af:ec:35:e9:b7:41:49:00:f2:3e:1a:7b:9d:2e:e6:4b:
d3:ac:9f:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVynsTlBl7GvjXPFNjbB+/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NmJmN2U2YjMyYTU2MjNmNTRiYjljNzM3ZGI4ZjgxNGU5
M2FkMzkwHhcNMjMwMTAyMTMxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NmNGM2NDkyOTQyMTE3YjYzNGZjOTNlOWI0MzJhMTVmNDgyYTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg44ddSoZobyLb9kr3PGM3wp56u6c
h/wGBocQ3PCj1woJ1Arn4crTzsk/c1rh7xeYXUWuVRSkP0HwzUAdKgYXIasrhCxM
hhVeybCB8qv+cMaDKR32e0dm2x7XjrPM3wVwUsomjU5+rgDUeEyh35k43tDX/xfq
eMeLIM3JtVn/61MJZbTRiRkSAPK/rzoOCjN8FbkqSMKLzxPuC3uqyv70483CR2MG
ZCIMvBnAAjPyIp2/Ok6P7+NpO1QlOotyuGiUXZ9gy0B5KQEpc2lJS0H0tqv4RYbR
DezSb4Y/Y7U0O+ZDH1UduPb9F/nUxJUghU45fxgud2a+DwKqjvWrl6e/+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCfPTGSSlCEXtjT8k+m0MqFfSCoJMB8GA1UdIwQY
MBaAFAlr9+azKlYj9Uu5xzfbj4FOk605MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTIt
YmNkNmFkYTFiOWRhLzEvSjg5TVpKS1VJUmUyTlB5VDZiUXlvVjlJS2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9iNTZiMDEtMjkyZi00YTFkLWJhYTItYmNkNmFkYTFiOWRh
LzEvQ1d2MzVyTXFWaVAxUzduSE45dVBnVTZUclRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbyQAwQC
uWgEMA0GCSqGSIb3DQEBCwUAA4IBAQAuKJNq//bih1bnbBxiwnYbk/y+K96FInUr
okrZk0MZ2qEmvDBSr99pFA0Q/0VKsTlm7x1UnaW4+hDx9pl2GWxfBcBGqby86s8M
ZVJV9JKRjUMtK4tvuLtcnUA0fxUeoYc6R9SLaJR7np6EdH1M5avotQASY1nHv3P4
7dAqCE1vv98/UGOjBBJB3GcpMyxLXO/TPHFF3c3Qv0+d2U05Ybwwsa4jj6SHAXcI
wdV7yVuexMN3OCZzoJEaZezicdhJKnxXB1j09GEpLqN4FDBNbxXV56P1yjI+DP3M
YFL9BknP8HQf43JBdgSeDqj5+q/sNem3QUkA8j4ae50u5kvTrJ+b
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:45 2025 by rpki-client