Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/j0HSELX3q2nyTOwGfmDGD3eTXPE.roa
File: j0HSELX3q2nyTOwGfmDGD3eTXPE.roa (raw, json)
Hash identifier: /VFyUj7OQeZfvVv2GdMgZ3qB1vCbiTp0BfDe6KERil4=
Subject key identifier: 8F:41:D2:10:B5:F7:AB:69:F2:4C:EC:06:7E:60:C6:0F:77:93:5C:F1
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 018570705A76895773B138353B1922A96FED
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/j0HSELX3q2nyTOwGfmDGD3eTXPE.roa
Signing time: Mon 02 Jan 2023 03:04:49 +0000
ROA not before: Mon 02 Jan 2023 03:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207199
IP address blocks: 193.239.96.0/22 maxlen: 22
185.235.52.0/24 maxlen: 24
185.235.52.0/22 maxlen: 22
185.25.140.0/24 maxlen: 24
178.251.1.0/24 maxlen: 24
178.251.0.0/21 maxlen: 21
178.251.0.0/24 maxlen: 24
91.197.248.0/22 maxlen: 22
91.197.248.0/24 maxlen: 24
77.243.128.0/20 maxlen: 20
77.243.132.0/24 maxlen: 24
81.95.240.0/20 maxlen: 20
185.154.240.0/22 maxlen: 22
195.69.128.0/22 maxlen: 22
109.71.56.0/21 maxlen: 21
91.217.201.0/24 maxlen: 24
46.36.204.0/22 maxlen: 22
46.36.208.0/21 maxlen: 21
2a02:2339::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:5a:76:89:57:73:b1:38:35:3b:19:22:a9:6f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Jan 2 03:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f41d210b5f7ab69f24cec067e60c60f77935cf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e9:5c:8f:1d:d9:d7:0f:e3:f0:9d:94:9d:81:
4c:23:09:84:e7:a7:33:30:83:29:73:6c:3b:f8:8d:
ea:ae:3a:9a:a3:58:0a:8e:dd:67:ba:7a:5d:1e:cc:
1d:97:eb:7a:1c:19:df:e3:df:27:d4:c7:28:b8:e1:
c6:d9:a6:b3:23:0a:76:65:2d:ba:ba:a7:c6:16:1a:
35:3a:93:f1:69:01:52:0b:e4:05:c0:ca:f5:48:f1:
b4:65:df:d1:f5:68:08:1f:a0:69:ae:9f:70:6b:fb:
f8:4f:14:26:d8:04:25:da:8e:74:df:ec:4b:0a:a3:
ee:dc:2d:86:a4:1f:a8:34:78:79:ab:c6:02:3b:73:
17:1d:4d:2c:f9:c7:71:85:46:69:f7:36:b1:7b:77:
86:05:f0:bc:db:dd:11:5c:8b:5a:e4:38:8d:67:20:
a9:51:80:b8:b6:6b:b5:f2:64:9c:47:16:8a:2f:aa:
4e:9a:4c:0f:26:65:f9:2e:16:72:1b:38:2c:41:73:
90:81:7e:c1:ad:50:40:7d:49:5a:46:41:b5:c9:00:
74:90:e0:53:a3:fd:41:2e:f6:b9:ed:01:10:54:96:
ae:b6:de:29:27:2e:2e:8f:91:91:be:7d:26:92:01:
c5:9b:f2:bf:8f:89:bb:e6:0e:94:5d:f9:a1:dd:3f:
44:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:41:D2:10:B5:F7:AB:69:F2:4C:EC:06:7E:60:C6:0F:77:93:5C:F1
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/j0HSELX3q2nyTOwGfmDGD3eTXPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.204.0-46.36.215.255
77.243.128.0/20
81.95.240.0/20
91.197.248.0/22
91.217.201.0/24
109.71.56.0/21
178.251.0.0/21
185.25.140.0/24
185.154.240.0/22
185.235.52.0/22
193.239.96.0/22
195.69.128.0/22
IPv6:
2a02:2339::/36
Signature Algorithm: sha256WithRSAEncryption
66:78:2c:b5:9d:f0:4a:83:fe:4d:2e:20:f8:26:59:20:53:e3:
62:33:92:e0:22:74:68:33:fe:bf:d1:62:d4:2d:c0:f7:32:ae:
1b:f2:34:0d:00:89:4a:eb:0b:8e:e7:43:fe:6d:5d:5f:a2:8a:
4b:5f:b5:88:c8:55:57:91:e4:c9:5f:f2:f7:0d:a4:bf:e9:83:
e5:e1:d2:8d:fc:73:3b:bf:c4:5e:f0:f1:8a:63:76:31:b2:16:
2d:c1:94:fb:96:54:a9:0d:08:da:56:ce:8f:fa:f0:41:0f:bb:
42:51:40:15:ee:bf:8d:14:b8:9f:53:9f:60:c9:be:31:c7:01:
1b:5f:5c:7e:c5:13:a9:fc:6c:1f:ba:3c:54:e5:94:29:35:79:
7e:9e:7e:44:8b:d1:2f:52:ce:f7:b8:b8:7c:b8:74:52:63:15:
c3:aa:b8:36:c0:78:92:34:6e:5b:8f:24:d4:0d:c0:4d:cc:b4:
cf:24:3f:6a:85:fd:60:43:eb:97:3d:7f:16:91:40:8d:be:88:
c3:06:a4:78:7c:2a:a5:f8:f5:3c:da:14:31:6a:bb:9c:79:97:
ae:42:88:02:ea:91:26:81:ca:ff:57:9c:21:b1:3f:ae:f1:1f:
a3:5a:23:f0:a4:53:94:5f:24:17:df:99:81:71:38:f2:34:27:
fb:c8:df:5c
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVwcFp2iVdzsTg1OxkiqW/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMwMTAyMDMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjQxZDIxMGI1ZjdhYjY5ZjI0Y2VjMDY3ZTYwYzYwZjc3OTM1Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOlcjx3Z1w/j8J2UnYFMIwmE56cz
MIMpc2w7+I3qrjqao1gKjt1nunpdHswdl+t6HBnf498n1McouOHG2aazIwp2ZS26
uqfGFho1OpPxaQFSC+QFwMr1SPG0Zd/R9WgIH6Bprp9wa/v4TxQm2AQl2o503+xL
CqPu3C2GpB+oNHh5q8YCO3MXHU0s+cdxhUZp9zaxe3eGBfC8290RXIta5DiNZyCp
UYC4tmu18mScRxaKL6pOmkwPJmX5LhZyGzgsQXOQgX7BrVBAfUlaRkG1yQB0kOBT
o/1BLva57QEQVJautt4pJy4uj5GRvn0mkgHFm/K/j4m75g6UXfmh3T9ErQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFI9B0hC196tp8kzsBn5gxg93k1zxMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvajBIU0VMWDNxMm55VE93R2ZtREdEM2VUWFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBWBAIAATBQMAwDBAIuJMwD
BAMuJNADBARN84ADBARRX/ADBAJbxfgDBABb2ckDBANtRzgDBAOy+wADBAC5GYwD
BAK5mvADBAK56zQDBALB72ADBALDRYAwDgQCAAIwCAMGBCoCIzkAMA0GCSqGSIb3
DQEBCwUAA4IBAQBmeCy1nfBKg/5NLiD4JlkgU+NiM5LgInRoM/6/0WLULcD3Mq4b
8jQNAIlK6wuO50P+bV1foopLX7WIyFVXkeTJX/L3DaS/6YPl4dKN/HM7v8Re8PGK
Y3YxshYtwZT7llSpDQjaVs6P+vBBD7tCUUAV7r+NFLifU59gyb4xxwEbX1x+xROp
/GwfujxU5ZQpNXl+nn5Ei9EvUs73uLh8uHRSYxXDqrg2wHiSNG5bjyTUDcBNzLTP
JD9qhf1gQ+uXPX8WkUCNvojDBqR4fCql+PU82hQxaruceZeuQogC6pEmgcr/V5wh
sT+u8R+jWiPwpFOUXyQX35mBcTjyNCf7yN9c
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:19 2025 by rpki-client