Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/Jp3sdRzSMaaYN52Gq1_lyLDm9U0.roa
File: Jp3sdRzSMaaYN52Gq1_lyLDm9U0.roa (raw, json)
Hash identifier: 9RJkxBQknmvY4hYqGTi4SyjOL8JX3Tm33Cug3OWgZ9Y=
Subject key identifier: 26:9D:EC:75:1C:D2:31:A6:98:37:9D:86:AB:5F:E5:C8:B0:E6:F5:4D
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 018B4D9BC514D88856E8FEF88C964349E29C
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/Jp3sdRzSMaaYN52Gq1_lyLDm9U0.roa
Signing time: Fri 20 Oct 2023 15:02:16 +0000
ROA not before: Fri 20 Oct 2023 15:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56958
IP address blocks: 201.46.112.0/23 maxlen: 24
178.211.133.0/24 maxlen: 24
2a12:d282::/31 maxlen: 31
2a12:d280::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:9b:c5:14:d8:88:56:e8:fe:f8:8c:96:43:49:e2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Oct 20 15:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=269dec751cd231a698379d86ab5fe5c8b0e6f54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:52:b6:28:43:c1:90:41:14:3b:8e:b3:1e:
2f:f1:3a:f2:95:ba:54:3b:54:f5:d5:8d:ff:50:65:
57:67:6d:df:81:ae:0c:3c:e3:78:77:4c:fa:98:8b:
e3:ca:2a:d1:41:42:0d:a9:9c:d7:e3:2c:04:18:c0:
a0:27:80:2c:a9:a4:5c:fa:7f:60:65:79:7d:05:aa:
d0:ac:0d:b9:54:da:38:ca:77:19:1a:08:01:bc:cf:
95:f0:18:88:1a:48:a7:c9:31:c5:a2:3b:3b:0f:6f:
f1:3d:6d:89:53:e5:a9:e6:38:d2:4c:3e:b0:c7:4a:
22:2f:05:20:cd:73:88:0a:54:53:a1:c2:64:b3:df:
15:81:c9:b5:2c:a7:34:e1:0f:4d:bf:a0:83:09:47:
8d:07:b9:26:3b:82:0e:44:5e:01:09:f5:f0:ff:2c:
0a:b5:72:66:1a:cd:17:fa:ac:77:87:59:43:f2:eb:
be:39:27:07:51:c1:64:99:0f:9e:ad:0f:c0:48:ab:
da:87:5b:43:64:ac:e9:93:ee:08:aa:af:60:f3:f7:
8f:72:5f:51:62:15:e2:cc:e4:99:8f:a8:cf:0b:bf:
83:29:1a:e4:7c:bf:77:e4:1c:d7:7d:61:2a:6f:cc:
73:58:ba:20:c8:f6:4e:ae:4e:ce:59:a3:fe:7f:fc:
0c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9D:EC:75:1C:D2:31:A6:98:37:9D:86:AB:5F:E5:C8:B0:E6:F5:4D
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/Jp3sdRzSMaaYN52Gq1_lyLDm9U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.133.0/24
201.46.112.0/23
IPv6:
2a12:d280::/30
Signature Algorithm: sha256WithRSAEncryption
40:79:af:1c:bb:6f:b8:0c:c2:ba:d3:30:bf:c9:f1:0e:63:80:
59:ec:f8:68:a9:81:d6:17:da:61:f9:e2:01:83:b5:92:36:23:
bf:d7:f5:1f:f7:14:b3:7b:9d:8d:0c:7c:8b:10:4e:4f:18:62:
48:0d:1c:84:b9:b7:89:9a:56:ef:f7:99:56:ad:cc:cb:7a:9b:
7b:36:76:2b:45:1d:89:eb:f5:ff:72:0b:d6:cf:45:f0:70:73:
de:a0:08:43:80:f9:20:0b:87:d0:9a:94:84:09:db:01:8a:87:
06:e0:84:ee:47:ce:f1:53:e2:c0:f9:ad:2b:9f:12:c2:4f:1f:
6f:fe:b1:7a:78:19:59:5e:67:d2:4a:00:6d:47:45:63:1c:ec:
7c:32:2f:3e:ef:6d:13:44:02:71:fe:c8:d3:78:6b:c4:34:46:
17:cb:e2:48:70:95:14:cb:46:0c:94:74:b9:e2:1c:5b:5e:9b:
55:9c:89:f6:f1:9f:7c:dd:22:de:ce:db:af:ae:34:6a:9d:26:
b6:66:30:bd:a4:17:c8:00:97:8d:76:ad:ca:f1:86:92:11:7c:
76:d3:9d:fa:8e:75:c3:03:fd:a2:39:1b:49:54:25:cc:a6:f6:
93:cb:b1:48:67:b5:ba:2b:0b:8f:5a:15:bb:8a:55:7b:a0:0f:
e8:2e:5b:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYtNm8UU2IhW6P74jJZDSeKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjMxMDIwMTUwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjlkZWM3NTFjZDIzMWE2OTgzNzlkODZhYjVmZTVjOGIwZTZmNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXpStihDwZBBFDuOsx4v8TrylbpU
O1T11Y3/UGVXZ23fga4MPON4d0z6mIvjyirRQUINqZzX4ywEGMCgJ4AsqaRc+n9g
ZXl9BarQrA25VNo4yncZGggBvM+V8BiIGkinyTHFojs7D2/xPW2JU+Wp5jjSTD6w
x0oiLwUgzXOIClRTocJks98Vgcm1LKc04Q9Nv6CDCUeNB7kmO4IORF4BCfXw/ywK
tXJmGs0X+qx3h1lD8uu+OScHUcFkmQ+erQ/ASKvah1tDZKzpk+4Iqq9g8/ePcl9R
YhXizOSZj6jPC7+DKRrkfL935BzXfWEqb8xzWLogyPZOrk7OWaP+f/wMfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCad7HUc0jGmmDedhqtf5ciw5vVNMB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvSnAzc2RSelNNYWFZTjUyR3ExX2x5TERtOVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAstOFAwQB
yS5wMA0EAgACMAcDBQIqEtKAMA0GCSqGSIb3DQEBCwUAA4IBAQBAea8cu2+4DMK6
0zC/yfEOY4BZ7PhoqYHWF9ph+eIBg7WSNiO/1/Uf9xSze52NDHyLEE5PGGJIDRyE
ubeJmlbv95lWrczLept7NnYrRR2J6/X/cgvWz0XwcHPeoAhDgPkgC4fQmpSECdsB
iocG4ITuR87xU+LA+a0rnxLCTx9v/rF6eBlZXmfSSgBtR0VjHOx8Mi8+720TRAJx
/sjTeGvENEYXy+JIcJUUy0YMlHS54hxbXptVnIn28Z983SLeztuvrjRqnSa2ZjC9
pBfIAJeNdq3K8YaSEXx20536jnXDA/2iORtJVCXMpvaTy7FIZ7W6KwuPWhW7ilV7
oA/oLlua
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:00:14 2025 by rpki-client