Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/jSWLo3GZVtaTTP0DyhEpOHOi46o.roa
File: jSWLo3GZVtaTTP0DyhEpOHOi46o.roa (raw, json)
Hash identifier: 0GpDAl7nMWIAyAzlq3v5/OSQdp73jzIW2WYh/9P5qN4=
Subject key identifier: 8D:25:8B:A3:71:99:56:D6:93:4C:FD:03:CA:11:29:38:73:A2:E3:AA
Certificate issuer: /CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Certificate serial: 08875736
Authority key identifier: 63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/jSWLo3GZVtaTTP0DyhEpOHOi46o.roa
Signing time: Sat 01 Jan 2022 06:06:01 +0000
ROA not before: Sat 01 Jan 2022 06:06:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 185.206.244.0/22 maxlen: 22
91.138.64.0/18 maxlen: 18
2a0a:d1c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143087414 (0x8875736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63427c535873e4c4ead8042d67bbf3f1f47b26b1
Validity
Not Before: Jan 1 06:06:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d258ba3719956d6934cfd03ca11293873a2e3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:18:52:90:92:34:ee:9b:b8:ff:50:59:fa:
8c:31:d6:89:29:21:64:db:b2:8a:dc:e6:f2:5b:25:
c5:32:2e:39:ca:5b:00:01:28:1f:97:cf:37:50:2d:
e6:c9:0d:dc:9f:6c:79:bd:01:5f:ca:4b:eb:6f:69:
8f:91:c1:63:42:01:d7:26:c7:9c:93:8b:67:ff:7b:
26:b2:b5:81:eb:c0:10:7d:f4:12:fb:63:5f:f1:15:
80:46:63:63:97:68:2e:ea:78:08:fd:13:5a:34:25:
5b:be:d7:25:7c:b4:f6:78:d0:c7:0e:3f:e8:f7:72:
85:0d:3f:47:d9:1a:7c:f8:06:9a:9c:ab:04:c7:c1:
f5:61:6f:63:1e:e6:8b:3b:fc:ae:96:12:ba:3c:69:
76:12:55:c7:bb:72:45:8e:31:21:a4:f1:b7:50:7f:
f1:e0:fb:6f:9d:e7:46:25:2a:52:e2:6b:c0:be:cd:
53:cb:98:b1:54:2f:6f:f9:94:2e:6b:d3:b3:f4:c6:
fe:ed:2c:18:97:43:41:ab:02:2a:43:fa:75:52:0f:
15:8d:33:25:5d:5f:78:f1:92:dc:4e:86:86:c8:a2:
0c:c7:d7:ac:ce:b6:49:73:19:1a:e1:e0:b0:f9:dc:
01:e0:55:43:fd:ea:7a:69:32:01:47:b0:ef:4d:78:
07:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:25:8B:A3:71:99:56:D6:93:4C:FD:03:CA:11:29:38:73:A2:E3:AA
X509v3 Authority Key Identifier:
keyid:63:42:7C:53:58:73:E4:C4:EA:D8:04:2D:67:BB:F3:F1:F4:7B:26:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/jSWLo3GZVtaTTP0DyhEpOHOi46o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/61083c-4b3d-46d8-82aa-b2997bc61474/1/Y0J8U1hz5MTq2AQtZ7vz8fR7JrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.138.64.0/18
185.206.244.0/22
IPv6:
2a0a:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:4b:d4:76:f5:86:2f:05:9f:6a:48:0a:84:1a:c1:f3:03:e5:
06:dd:57:5f:93:0a:ca:fb:2f:3d:a1:d8:4f:71:eb:67:a6:3c:
d0:10:14:66:ba:aa:b4:54:d9:4e:3f:2c:e0:a9:c2:fe:1f:0c:
04:e4:73:e5:4f:c9:56:f7:03:90:40:73:69:f4:7f:7b:85:e5:
66:f3:c3:ec:0c:4f:f1:7d:65:ae:41:55:5b:fb:9f:bf:ea:e8:
a0:a5:d6:63:ef:d7:fb:d8:c0:14:cd:3c:6a:40:af:12:be:ca:
2d:ba:c3:4d:67:fc:c9:03:b9:cc:1c:64:11:4f:94:53:f7:9d:
9a:03:56:75:fd:b8:15:df:cc:14:a2:ce:22:d6:f9:c0:58:c8:
63:9d:09:68:9f:19:8d:91:38:58:29:c1:ec:33:af:8a:e6:77:
86:5d:df:a3:1c:76:83:a9:1a:75:49:30:68:86:4e:1b:49:07:
c6:db:fc:72:f4:8a:9e:f3:da:68:aa:d2:fb:b8:a7:25:6e:13:
24:e9:52:68:5f:94:d7:98:c9:d3:33:2a:00:de:97:66:26:fe:
2e:54:87:fb:dd:2d:3d:22:3c:d1:7c:00:df:5c:4d:5a:74:8b:
15:ca:b6:8f:03:4e:23:25:ca:d7:70:40:0f:9c:93:1f:8b:89:
a6:65:6d:2e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECIdXNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MzQyN2M1MzU4NzNlNGM0ZWFkODA0MmQ2N2JiZjNmMWY0N2IyNmIxMB4XDTIyMDEw
MTA2MDYwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQyNThiYTM3MTk5
NTZkNjkzNGNmZDAzY2ExMTI5Mzg3M2EyZTNhYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMV7GFKQkjTum7j/UFn6jDHWiSkhZNuyitzm8lslxTIuOcpb
AAEoH5fPN1At5skN3J9seb0BX8pL629pj5HBY0IB1ybHnJOLZ/97JrK1gevAEH30
EvtjX/EVgEZjY5doLup4CP0TWjQlW77XJXy09njQxw4/6PdyhQ0/R9kafPgGmpyr
BMfB9WFvYx7mizv8rpYSujxpdhJVx7tyRY4xIaTxt1B/8eD7b53nRiUqUuJrwL7N
U8uYsVQvb/mULmvTs/TG/u0sGJdDQasCKkP6dVIPFY0zJV1fePGS3E6GhsiiDMfX
rM62SXMZGuHgsPncAeBVQ/3qemkyAUew7014BwkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSNJYujcZlW1pNM/QPKESk4c6LjqjAfBgNVHSMEGDAWgBRjQnxTWHPkxOrY
BC1nu/Px9HsmsTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1kwSjhVMWh6NU1UcTJBUXRaN3Z6OGZSN0pyRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNjEwODNjLTRiM2QtNDZkOC04MmFhLWIyOTk3YmM2MTQ3NC8x
L2pTV0xvM0daVnRhVFRQMER5aEVwT0hPaTQ2by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NjEwODNjLTRiM2QtNDZkOC04MmFhLWIyOTk3YmM2MTQ3NC8xL1kwSjhVMWh6NU1U
cTJBUXRaN3Z6OGZSN0pyRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBluKQAMEArnO9DANBAIAAjAHAwUD
KgrRwDANBgkqhkiG9w0BAQsFAAOCAQEAXEvUdvWGLwWfakgKhBrB8wPlBt1XX5MK
yvsvPaHYT3HrZ6Y80BAUZrqqtFTZTj8s4KnC/h8MBORz5U/JVvcDkEBzafR/e4Xl
ZvPD7AxP8X1lrkFVW/ufv+rooKXWY+/X+9jAFM08akCvEr7KLbrDTWf8yQO5zBxk
EU+UU/edmgNWdf24Fd/MFKLOItb5wFjIY50JaJ8ZjZE4WCnB7DOviuZ3hl3foxx2
g6kadUkwaIZOG0kHxtv8cvSKnvPaaKrS+7inJW4TJOlSaF+U15jJ0zMqAN6XZib+
LlSH+90tPSI80XwA31xNWnSLFcq2jwNOIyXK13BAD5yTH4uJpmVtLg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:21 2025 by rpki-client