Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/JmfO4s6SJN2fdN3916FiVjqJYUU.roa
File: JmfO4s6SJN2fdN3916FiVjqJYUU.roa (raw, json)
Hash identifier: zQlKmDcfxDDtOpbxiXbf/AUFK9TMM69t4jkqZlts7dM=
Subject key identifier: 26:67:CE:E2:CE:92:24:DD:9F:74:DD:FD:D7:A1:62:56:3A:89:61:45
Certificate issuer: /CN=d0f6cd30b4cfa193e226bba9282e366a22a3110f
Certificate serial: 01857030762D6C51D4EE96D75337BD267F3A
Authority key identifier: D0:F6:CD:30:B4:CF:A1:93:E2:26:BB:A9:28:2E:36:6A:22:A3:11:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0PbNMLTPoZPiJrupKC42aiKjEQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/JmfO4s6SJN2fdN3916FiVjqJYUU.roa
Signing time: Mon 02 Jan 2023 01:55:02 +0000
ROA not before: Mon 02 Jan 2023 01:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51760
IP address blocks: 93.191.88.0/21 maxlen: 21
93.191.88.0/24 maxlen: 24
93.191.89.0/24 maxlen: 24
2a02:2820::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:76:2d:6c:51:d4:ee:96:d7:53:37:bd:26:7f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0f6cd30b4cfa193e226bba9282e366a22a3110f
Validity
Not Before: Jan 2 01:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2667cee2ce9224dd9f74ddfdd7a162563a896145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c9:ac:78:cd:3e:6a:15:4d:96:b7:cf:8f:21:
42:bb:88:4c:4d:3c:ed:08:7d:b2:cb:04:fa:88:a2:
24:18:c4:c4:61:18:a1:4d:42:a2:07:b5:21:ec:2c:
04:24:ab:4f:4e:9c:df:62:18:f1:92:7a:4f:fc:df:
47:d7:6e:dd:1f:96:f2:24:e8:62:1c:03:4a:71:76:
60:11:75:bc:07:fc:c3:c4:e6:25:23:11:ed:75:94:
24:61:ad:03:99:ad:5d:45:bd:21:6e:92:ff:8e:b4:
07:6f:1c:cb:3a:ee:6a:82:80:57:5a:05:96:42:0c:
65:de:ad:cb:6e:0b:9a:d5:15:8f:9e:c7:ef:b4:64:
73:c6:91:e6:0e:5f:d9:48:2b:ab:9a:c7:b1:7f:16:
fe:2b:08:68:ac:de:cd:48:dd:30:0f:d8:a3:3f:16:
96:a7:0a:c3:27:7c:92:1f:94:ea:2e:b0:00:24:ca:
b2:f4:95:f7:d1:37:26:f6:7e:96:fd:0b:15:d6:6f:
be:e4:cf:cb:89:16:00:a3:75:7c:96:71:8a:f0:bb:
f2:cf:8a:84:a0:59:72:b6:15:13:5d:3d:2b:70:e5:
71:9a:98:6a:6c:c9:3b:92:36:6e:34:93:4c:09:ee:
fa:3c:bd:07:e4:39:9a:f1:15:fe:33:9f:67:5b:57:
ea:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:67:CE:E2:CE:92:24:DD:9F:74:DD:FD:D7:A1:62:56:3A:89:61:45
X509v3 Authority Key Identifier:
keyid:D0:F6:CD:30:B4:CF:A1:93:E2:26:BB:A9:28:2E:36:6A:22:A3:11:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PbNMLTPoZPiJrupKC42aiKjEQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/JmfO4s6SJN2fdN3916FiVjqJYUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/0PbNMLTPoZPiJrupKC42aiKjEQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.88.0/21
IPv6:
2a02:2820::/32
Signature Algorithm: sha256WithRSAEncryption
1c:c2:b4:88:10:da:ca:59:28:de:08:11:cf:de:dc:90:57:42:
e6:2a:4d:59:f8:2e:38:59:24:bc:5d:1a:52:be:44:61:37:1a:
10:77:e1:89:84:64:df:56:ec:47:f0:ab:36:4b:1f:71:7a:f8:
71:bc:0d:a6:6a:f3:95:05:66:10:24:a1:fa:aa:45:1d:a1:3b:
34:ce:5d:f2:c2:87:f3:79:3b:96:d9:83:21:9b:e0:d7:3d:2d:
fd:0f:04:3c:96:7f:8a:44:ac:36:fc:3b:03:86:b6:c7:d1:77:
6c:b2:92:b5:f5:0d:59:ed:b3:a6:ee:36:69:84:3d:df:42:56:
16:f1:34:03:bb:0f:9f:a2:fd:b5:59:90:b4:e8:09:69:ff:25:
43:fb:e4:d7:9c:52:2b:2e:97:bd:58:ea:95:ca:ba:68:51:39:
de:cd:cf:b3:16:db:89:c1:ff:da:12:4b:c5:ad:58:3e:37:89:
b3:b9:db:77:50:64:ff:85:da:a8:38:3b:a8:fb:1d:c0:17:2f:
53:bf:f2:47:39:0b:41:b0:9d:82:db:02:dc:8e:49:66:2d:38:
a0:b0:24:6f:60:e4:bd:09:69:b5:d9:cf:ed:af:18:a9:79:64:
d9:e2:77:8d:e2:e7:77:16:c1:0f:e7:c8:ba:db:de:ce:9d:97:
2d:70:61:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwMHYtbFHU7pbXUze9Jn86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZjZjZDMwYjRjZmExOTNlMjI2YmJhOTI4MmUzNjZhMjJh
MzExMGYwHhcNMjMwMTAyMDE1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjY3Y2VlMmNlOTIyNGRkOWY3NGRkZmRkN2ExNjI1NjNhODk2MTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMmseM0+ahVNlrfPjyFCu4hMTTzt
CH2yywT6iKIkGMTEYRihTUKiB7Uh7CwEJKtPTpzfYhjxknpP/N9H127dH5byJOhi
HANKcXZgEXW8B/zDxOYlIxHtdZQkYa0Dma1dRb0hbpL/jrQHbxzLOu5qgoBXWgWW
Qgxl3q3Lbgua1RWPnsfvtGRzxpHmDl/ZSCurmsexfxb+KwhorN7NSN0wD9ijPxaW
pwrDJ3ySH5TqLrAAJMqy9JX30Tcm9n6W/QsV1m++5M/LiRYAo3V8lnGK8Lvyz4qE
oFlythUTXT0rcOVxmphqbMk7kjZuNJNMCe76PL0H5Dma8RX+M59nW1fqQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCZnzuLOkiTdn3Td/dehYlY6iWFFMB8GA1UdIwQY
MBaAFND2zTC0z6GT4ia7qSguNmoioxEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFBiTk1MVFBvWlBpSnJ1cEtDNDJhaUtqRVE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yZjY5ZGYtNmYyMy00YWE3LTg4ZjQt
ZTI5OWU5MTAwMzllLzEvSm1mTzRzNlNKTjJmZE4zOTE2RmlWanFKWVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yZjY5ZGYtNmYyMy00YWE3LTg4ZjQtZTI5OWU5MTAwMzll
LzEvMFBiTk1MVFBvWlBpSnJ1cEtDNDJhaUtqRVE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXb9YMA0E
AgACMAcDBQAqAiggMA0GCSqGSIb3DQEBCwUAA4IBAQAcwrSIENrKWSjeCBHP3tyQ
V0LmKk1Z+C44WSS8XRpSvkRhNxoQd+GJhGTfVuxH8Ks2Sx9xevhxvA2mavOVBWYQ
JKH6qkUdoTs0zl3ywofzeTuW2YMhm+DXPS39DwQ8ln+KRKw2/DsDhrbH0XdsspK1
9Q1Z7bOm7jZphD3fQlYW8TQDuw+fov21WZC06Alp/yVD++TXnFIrLpe9WOqVyrpo
UTnezc+zFtuJwf/aEkvFrVg+N4mzudt3UGT/hdqoODuo+x3AFy9Tv/JHOQtBsJ2C
2wLcjklmLTigsCRvYOS9CWm12c/trxipeWTZ4neN4ud3FsEP58i6297OnZctcGEP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:04 2025 by rpki-client