Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/jQ338_gj5V_h9FQqZF-X5NDVRNU.roa
File: jQ338_gj5V_h9FQqZF-X5NDVRNU.roa (raw, json)
Hash identifier: rI5Tc0dwdkam6fH+oaZ11z8eCE5U/Rhx/YEPbOA9DPs=
Subject key identifier: 8D:0D:F7:F3:F8:23:E5:5F:E1:F4:54:2A:64:5F:97:E4:D0:D5:44:D5
Certificate issuer: /CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Certificate serial: 01890BB5E8D53FD6E62A0580CBFE874CA9E1
Authority key identifier: D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/jQ338_gj5V_h9FQqZF-X5NDVRNU.roa
Signing time: Fri 30 Jun 2023 09:50:18 +0000
ROA not before: Fri 30 Jun 2023 09:50:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5517
IP address blocks: 194.245.0.0/16 maxlen: 16
194.176.0.0/19 maxlen: 19
159.25.0.0/16 maxlen: 16
2a01:4fc0::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0b:b5:e8:d5:3f:d6:e6:2a:05:80:cb:fe:87:4c:a9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07dff547eacbe81dc3465598446d3b027dcb76d
Validity
Not Before: Jun 30 09:50:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d0df7f3f823e55fe1f4542a645f97e4d0d544d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9e:e2:20:db:c9:86:77:fa:9f:cb:89:ee:16:
eb:96:ca:40:78:d5:66:02:ce:9d:7a:25:a5:72:3c:
0b:80:5d:53:31:ed:1e:06:ea:c3:cd:29:53:82:0f:
e0:4e:c2:19:3c:8c:81:d7:82:a4:74:15:86:f8:98:
19:54:03:0a:f4:6d:63:5b:46:7a:ad:b3:04:09:63:
27:11:4c:50:a4:a5:5c:05:56:eb:10:47:51:6d:7a:
f5:b1:bc:e3:c2:dd:46:f3:26:8c:19:cf:63:dc:44:
24:11:d2:92:c2:11:19:24:c2:f0:3e:88:7f:4f:02:
21:c7:39:c0:eb:70:65:e4:10:5e:e0:fc:73:67:a4:
a6:57:95:08:b1:47:6c:ce:a6:a2:b2:b8:e6:2c:6a:
03:23:78:83:56:1c:e7:06:a6:ea:a4:9c:20:09:1e:
3e:63:a1:8d:bb:c7:f5:dc:41:3d:e2:32:e8:91:00:
01:aa:1c:b8:44:d3:5d:6e:17:f3:8e:a6:a6:20:03:
46:f5:02:93:a8:3d:68:3d:b9:d7:bd:ed:c0:a5:5e:
05:91:66:d2:f1:e1:e3:9a:1c:b6:23:2f:e6:28:36:
d7:65:ba:1f:eb:78:ee:e4:63:2c:10:61:86:1f:80:
29:d1:2e:0d:a2:16:c0:98:b9:42:f8:5b:2d:05:5b:
c9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0D:F7:F3:F8:23:E5:5F:E1:F4:54:2A:64:5F:97:E4:D0:D5:44:D5
X509v3 Authority Key Identifier:
keyid:D0:7D:FF:54:7E:AC:BE:81:DC:34:65:59:84:46:D3:B0:27:DC:B7:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H3_VH6svoHcNGVZhEbTsCfct20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/jQ338_gj5V_h9FQqZF-X5NDVRNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e0e829-1284-4db1-ba48-785ac191b31a/1/0H3_VH6svoHcNGVZhEbTsCfct20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.25.0.0/16
194.176.0.0/19
194.245.0.0/16
IPv6:
2a01:4fc0::/34
Signature Algorithm: sha256WithRSAEncryption
8a:53:48:ea:4f:ec:10:9f:58:cc:79:a3:70:67:cf:83:34:d2:
aa:ce:05:1f:ef:e4:6b:a4:3a:05:89:d8:35:ea:50:d8:96:c0:
9e:f1:40:91:13:c3:84:f0:1f:29:72:d6:c2:5e:92:fa:ce:ba:
33:dc:84:23:79:74:9c:9b:be:df:4a:87:ed:70:ef:39:6d:b3:
3c:9d:2e:80:19:e9:ae:8b:15:44:11:d3:52:49:66:79:1e:ce:
44:f8:55:24:98:ec:63:d1:4a:aa:5e:64:7a:64:43:d6:61:98:
4d:b9:91:76:50:57:bb:9a:8d:7a:40:b4:95:0a:29:5c:47:de:
9a:50:78:a8:8b:b5:8e:27:45:8f:b8:2c:bd:b1:16:f9:a6:d1:
59:d6:54:9f:a5:b7:eb:39:df:01:03:be:32:22:5d:9c:15:5b:
28:0c:e2:9f:bb:3e:61:2d:26:ac:ca:f4:41:0b:ca:f5:13:c4:
eb:fb:cc:9f:77:d7:a5:23:21:59:24:39:1c:d4:03:a8:d0:83:
cd:58:3d:7a:f1:b2:dc:c6:25:7d:1f:fc:b1:ee:b4:c8:f2:6e:
92:d0:21:e4:14:88:78:e8:7b:17:20:06:65:e4:64:7b:9f:d0:
57:81:13:f8:fd:f0:e1:4c:78:dc:4f:3b:b4:f6:ba:6e:4c:6b:
50:83:b9:01
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYkLtejVP9bmKgWAy/6HTKnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2RmZjU0N2VhY2JlODFkYzM0NjU1OTg0NDZkM2IwMjdk
Y2I3NmQwHhcNMjMwNjMwMDk1MDE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDBkZjdmM2Y4MjNlNTVmZTFmNDU0MmE2NDVmOTdlNGQwZDU0NGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ7iINvJhnf6n8uJ7hbrlspAeNVm
As6deiWlcjwLgF1TMe0eBurDzSlTgg/gTsIZPIyB14KkdBWG+JgZVAMK9G1jW0Z6
rbMECWMnEUxQpKVcBVbrEEdRbXr1sbzjwt1G8yaMGc9j3EQkEdKSwhEZJMLwPoh/
TwIhxznA63Bl5BBe4PxzZ6SmV5UIsUdszqaisrjmLGoDI3iDVhznBqbqpJwgCR4+
Y6GNu8f13EE94jLokQABqhy4RNNdbhfzjqamIANG9QKTqD1oPbnXve3ApV4FkWbS
8eHjmhy2Iy/mKDbXZbof63ju5GMsEGGGH4Ap0S4NohbAmLlC+FstBVvJcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI0N9/P4I+Vf4fRUKmRfl+TQ1UTVMB8GA1UdIwQY
MBaAFNB9/1R+rL6B3DRlWYRG07An3LdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgt
Nzg1YWMxOTFiMzFhLzEvalEzMzhfZ2o1Vl9oOUZRcVpGLVg1TkRWUk5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9lMGU4MjktMTI4NC00ZGIxLWJhNDgtNzg1YWMxOTFiMzFh
LzEvMEgzX1ZINnN2b0hjTkdWWmhFYlRzQ2ZjdDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAWBAIAATAQAwMAnxkDBAXC
sAADAwDC9TAOBAIAAjAIAwYGKgFPwAAwDQYJKoZIhvcNAQELBQADggEBAIpTSOpP
7BCfWMx5o3Bnz4M00qrOBR/v5GukOgWJ2DXqUNiWwJ7xQJETw4TwHyly1sJekvrO
ujPchCN5dJybvt9Kh+1w7zltszydLoAZ6a6LFUQR01JJZnkezkT4VSSY7GPRSqpe
ZHpkQ9ZhmE25kXZQV7uajXpAtJUKKVxH3ppQeKiLtY4nRY+4LL2xFvmm0VnWVJ+l
t+s53wEDvjIiXZwVWygM4p+7PmEtJqzK9EELyvUTxOv7zJ9316UjIVkkORzUA6jQ
g81YPXrxstzGJX0f/LHutMjybpLQIeQUiHjoexcgBmXkZHuf0FeBE/j98OFMeNxP
O7T2um5Ma1CDuQE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:12:29 2025 by rpki-client