Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JpMibZ8AbRT-2l0kdK0iDlrtRZI.roa
File: JpMibZ8AbRT-2l0kdK0iDlrtRZI.roa (raw, json)
Hash identifier: KE3p5Mj2ktTI6t6TONWSIfLaSpSfb620GoAoyGM9C/M=
Subject key identifier: 26:93:22:6D:9F:00:6D:14:FE:DA:5D:24:74:AD:22:0E:5A:ED:45:92
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018632FF28121A30D57EABB699BA0E297FF1
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JpMibZ8AbRT-2l0kdK0iDlrtRZI.roa
Signing time: Wed 08 Feb 2023 21:47:08 +0000
ROA not before: Wed 08 Feb 2023 21:47:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31102
IP address blocks: 86.107.52.0/24 maxlen: 24
188.241.134.0/23 maxlen: 23
89.42.9.0/24 maxlen: 24
86.107.182.0/24 maxlen: 24
188.240.202.0/23 maxlen: 23
89.47.255.0/24 maxlen: 24
92.114.39.0/24 maxlen: 24
92.114.52.0/24 maxlen: 24
188.215.70.0/23 maxlen: 23
86.107.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:32:ff:28:12:1a:30:d5:7e:ab:b6:99:ba:0e:29:7f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Feb 8 21:47:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2693226d9f006d14feda5d2474ad220e5aed4592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c1:03:af:9e:98:64:aa:c1:a7:bc:df:91:ca:
55:5e:46:bb:aa:bd:ba:4c:c0:d6:74:a2:f4:c3:21:
bd:65:e7:28:58:60:00:eb:97:4b:68:c0:09:99:96:
6d:73:8e:2e:a6:77:8f:77:e0:c5:11:db:22:a7:c9:
f4:d3:15:da:de:48:71:b9:50:09:92:3d:57:ed:19:
ed:78:ad:8c:a9:77:02:fe:1f:b4:35:cd:cd:be:59:
ec:fb:b8:bb:e0:da:32:92:6c:93:1a:9e:8a:e3:60:
41:a1:2e:cd:b7:11:d7:36:51:41:8f:12:c4:87:d4:
09:eb:ed:6d:36:f6:43:8b:40:a2:99:99:25:d4:9c:
56:94:6b:01:6f:89:6c:f3:3f:4b:a8:ea:5c:4f:f5:
2a:0e:08:95:43:48:5f:3e:19:23:37:cf:b1:8f:45:
9f:b9:33:4a:81:88:cf:b1:48:01:26:84:c8:45:7d:
f4:89:88:51:c8:a7:08:47:91:22:dd:9c:3b:24:3b:
51:cc:7b:ca:8d:c0:45:e2:c6:89:e8:0d:7e:35:6c:
4b:47:7b:a3:95:99:ac:f8:c9:71:b7:24:56:e8:f4:
88:71:4e:f4:74:53:a4:68:8c:2f:0a:c5:57:11:c1:
cb:f7:6f:71:78:37:f6:59:ab:35:73:fd:46:18:f2:
e6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:93:22:6D:9F:00:6D:14:FE:DA:5D:24:74:AD:22:0E:5A:ED:45:92
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/JpMibZ8AbRT-2l0kdK0iDlrtRZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.20.0/24
86.107.52.0/24
86.107.182.0/24
89.42.9.0/24
89.47.255.0/24
92.114.39.0/24
92.114.52.0/24
188.215.70.0/23
188.240.202.0/23
188.241.134.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:d9:91:11:d6:64:be:09:5c:1b:1c:bd:fe:af:a1:8c:01:fc:
39:94:9a:07:e8:84:b3:aa:cb:0a:3f:85:6a:ec:10:55:f8:eb:
a5:96:67:cf:57:93:16:75:a0:0d:03:ec:a4:99:db:63:35:52:
25:e5:ff:df:11:0b:f1:6f:6e:54:3b:65:d1:ba:d5:bc:1d:45:
27:6d:64:1b:cc:c1:9a:79:55:c6:a8:04:35:16:45:c3:4f:ad:
74:9c:38:e4:d5:b1:e3:f1:7f:64:80:2e:2e:42:41:5f:0c:2c:
f3:ca:5a:6d:48:2c:26:94:b1:77:cd:1a:f7:37:16:96:fe:50:
a6:08:1b:a9:d9:9d:cb:76:9c:41:22:44:e8:ac:cf:84:92:23:
1f:eb:16:c3:bd:c1:9d:cb:20:0b:8d:02:67:c4:99:b8:81:81:
06:49:3a:d6:ed:7d:a5:41:cb:c2:a0:44:42:5a:80:b0:4c:75:
f7:6f:7b:23:e1:49:70:58:e4:9f:a0:c9:20:3a:73:41:3c:9d:
ce:4d:7c:28:3b:22:f9:9f:16:c2:98:b2:3d:9b:fb:52:96:25:
a3:7f:29:98:6e:b6:6d:b1:1e:39:a8:4f:6d:48:00:c6:e8:b9:
1f:7f:71:8d:f3:fe:aa:33:c0:9e:64:b2:d3:01:d3:f9:74:76:
fb:4f:89:ec
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYYy/ygSGjDVfqu2mboOKX/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMjA4MjE0NzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjkzMjI2ZDlmMDA2ZDE0ZmVkYTVkMjQ3NGFkMjIwZTVhZWQ0NTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8EDr56YZKrBp7zfkcpVXka7qr26
TMDWdKL0wyG9ZecoWGAA65dLaMAJmZZtc44upnePd+DFEdsip8n00xXa3khxuVAJ
kj1X7RnteK2MqXcC/h+0Nc3Nvlns+7i74NoykmyTGp6K42BBoS7NtxHXNlFBjxLE
h9QJ6+1tNvZDi0CimZkl1JxWlGsBb4ls8z9LqOpcT/UqDgiVQ0hfPhkjN8+xj0Wf
uTNKgYjPsUgBJoTIRX30iYhRyKcIR5Ei3Zw7JDtRzHvKjcBF4saJ6A1+NWxLR3uj
lZms+MlxtyRW6PSIcU70dFOkaIwvCsVXEcHL929xeDf2Was1c/1GGPLmMQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCaTIm2fAG0U/tpdJHStIg5a7UWSMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvSnBNaWJaOEFiUlQtMmwwa2RLMGlEbHJ0UlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVmsUAwQA
Vms0AwQAVmu2AwQAWSoJAwQAWS//AwQAXHInAwQAXHI0AwQBvNdGAwQBvPDKAwQB
vPGGMA0GCSqGSIb3DQEBCwUAA4IBAQA92ZER1mS+CVwbHL3+r6GMAfw5lJoH6ISz
qssKP4Vq7BBV+OullmfPV5MWdaANA+ykmdtjNVIl5f/fEQvxb25UO2XRutW8HUUn
bWQbzMGaeVXGqAQ1FkXDT610nDjk1bHj8X9kgC4uQkFfDCzzylptSCwmlLF3zRr3
NxaW/lCmCBup2Z3LdpxBIkTorM+EkiMf6xbDvcGdyyALjQJnxJm4gYEGSTrW7X2l
QcvCoERCWoCwTHX3b3sj4UlwWOSfoMkgOnNBPJ3OTXwoOyL5nxbCmLI9m/tSliWj
fymYbrZtsR45qE9tSADG6Lkff3GN8/6qM8CeZLLTAdP5dHb7T4ns
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:56:39 2025 by rpki-client