Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jaVS8m3mFLtk_k8u1OEpZJEVENI.roa
File: jaVS8m3mFLtk_k8u1OEpZJEVENI.roa (raw, json)
Hash identifier: y4x6VccoqveVWUqE2fkjR5D9qDwOt0KTPAYCSC/cBXI=
Subject key identifier: 8D:A5:52:F2:6D:E6:14:BB:64:FE:4F:2E:D4:E1:29:64:91:15:10:D2
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 3DC09E19
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jaVS8m3mFLtk_k8u1OEpZJEVENI.roa
Signing time: Sat 01 Jan 2022 08:56:50 +0000
ROA not before: Sat 01 Jan 2022 08:56:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 158
IP address blocks: 194.237.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1036033561 (0x3dc09e19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 1 08:56:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8da552f26de614bb64fe4f2ed4e12964911510d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:25:c4:d0:48:ee:15:39:ac:c9:3c:2c:0a:15:
e1:ce:8b:fd:df:3b:64:6e:3a:d0:8e:c1:2b:85:cc:
ab:97:f3:a2:b9:3f:56:29:27:f0:ad:f0:18:e8:4b:
b7:b3:52:7a:46:88:3c:e2:ff:d5:6d:cf:bc:75:a3:
77:91:58:c1:ef:33:37:cd:94:b0:e7:7a:0e:30:51:
0c:b9:ac:ed:40:44:d8:5d:6e:a7:77:97:0e:34:55:
43:b9:0b:f7:fa:83:f1:a0:95:e0:aa:ce:0d:35:8b:
d1:70:b5:e7:0e:2f:90:0d:f3:8e:5a:10:4c:67:63:
5f:2f:37:c1:46:48:f1:e7:aa:90:08:8e:0e:59:94:
30:43:37:30:c7:d4:2e:98:96:6f:ae:48:b2:97:7d:
83:e0:47:c6:06:30:a8:13:75:28:a8:e6:4d:b6:9a:
03:f9:20:e8:f1:6d:af:d2:01:5a:2a:f9:07:a6:e2:
41:30:d6:af:3a:8e:35:2f:cb:d7:4d:26:9e:e5:87:
e6:8d:7e:1c:31:c9:07:c0:ee:44:df:b8:70:d6:3d:
a2:b6:1c:46:ca:76:1a:b5:8f:ef:12:99:87:8e:1e:
21:32:49:f8:6c:49:8d:8c:a0:aa:d2:9a:07:a3:ca:
d4:f4:ae:23:89:bd:2c:81:ca:f2:2a:a8:eb:37:80:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A5:52:F2:6D:E6:14:BB:64:FE:4F:2E:D4:E1:29:64:91:15:10:D2
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/jaVS8m3mFLtk_k8u1OEpZJEVENI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.237.142.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:20:db:aa:78:2c:4c:cc:bf:e9:4d:7e:ad:30:77:f5:4c:ff:
61:4d:0d:f5:aa:04:87:c1:9c:1a:61:7b:20:6a:5d:17:84:5d:
37:79:fb:1d:7d:ee:70:f8:1c:b3:9f:52:d5:33:80:3e:22:e0:
a0:a0:63:48:3a:b6:4c:20:0f:de:62:1b:78:6e:f5:d9:b2:62:
f5:eb:db:6a:9c:92:23:59:bd:24:ef:ba:ef:67:0f:a8:69:33:
3b:60:52:c5:96:b1:99:55:48:65:af:87:b3:cd:a7:f8:65:b1:
c2:61:ce:21:97:4d:d1:ea:4e:ed:3a:87:73:6a:91:f9:0c:1f:
ee:55:93:4c:e2:f1:d9:0d:4f:c4:83:6b:6c:0b:4b:54:6e:cd:
5f:2c:65:08:f4:15:b9:ca:32:39:d8:82:d1:76:df:30:bb:44:
c1:f8:df:b2:f4:69:1d:c4:59:57:f1:72:73:85:0c:78:43:86:
ad:d0:c6:51:d6:c7:ea:a1:f4:f0:78:7a:4d:f1:c3:2a:9b:2e:
37:38:97:87:a7:07:e6:f4:b1:e2:2b:cd:04:8a:74:fe:9a:3d:
61:4c:a9:9b:7f:60:80:52:bc:12:b6:c4:7d:77:4e:a9:ca:1d:
44:30:3f:ca:e6:0b:72:4f:1c:88:2a:bb:98:56:8c:a9:f1:83:
de:1c:d5:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPcCeGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjY4MTM4ZDRlYzJlYTUxY2FjZWYwOWZmMTA1OGEzNzBhNWJlMTkwMB4XDTIyMDEw
MTA4NTY1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRhNTUyZjI2ZGU2
MTRiYjY0ZmU0ZjJlZDRlMTI5NjQ5MTE1MTBkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwlxNBI7hU5rMk8LAoV4c6L/d87ZG460I7BK4XMq5fzork/
Vikn8K3wGOhLt7NSekaIPOL/1W3PvHWjd5FYwe8zN82UsOd6DjBRDLms7UBE2F1u
p3eXDjRVQ7kL9/qD8aCV4KrODTWL0XC15w4vkA3zjloQTGdjXy83wUZI8eeqkAiO
DlmUMEM3MMfULpiWb65Ispd9g+BHxgYwqBN1KKjmTbaaA/kg6PFtr9IBWir5B6bi
QTDWrzqONS/L100mnuWH5o1+HDHJB8DuRN+4cNY9orYcRsp2GrWP7xKZh44eITJJ
+GxJjYygqtKaB6PK1PSuI4m9LIHK8iqo6zeAONECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNpVLybeYUu2T+Ty7U4SlkkRUQ0jAfBgNVHSMEGDAWgBQfaBONTsLqUcrO
8J/xBYo3ClvhkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0gyZ1RqVTdDNmxIS3p2Q2Y4UVdLTndwYjRaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvYjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8x
L2phVlM4bTNtRkx0a19rOHUxT0VwWkpFVkVOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
YjlhZGY0LWY5MTAtNDM1NS1iZmM4LTYwODU2NDgzOWZkMC8xL0gyZ1RqVTdDNmxI
S3p2Q2Y4UVdLTndwYjRaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMLtjjANBgkqhkiG9w0BAQsFAAOC
AQEArSDbqngsTMy/6U1+rTB39Uz/YU0N9aoEh8GcGmF7IGpdF4RdN3n7HX3ucPgc
s59S1TOAPiLgoKBjSDq2TCAP3mIbeG712bJi9evbapySI1m9JO+672cPqGkzO2BS
xZaxmVVIZa+Hs82n+GWxwmHOIZdN0epO7TqHc2qR+Qwf7lWTTOLx2Q1PxINrbAtL
VG7NXyxlCPQVucoyOdiC0XbfMLtEwfjfsvRpHcRZV/Fyc4UMeEOGrdDGUdbH6qH0
8Hh6TfHDKpsuNziXh6cH5vSx4ivNBIp0/po9YUypm39ggFK8ErbEfXdOqcodRDA/
yuYLck8ciCq7mFaMqfGD3hzVgg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:13 2025 by rpki-client