Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/pJjixcaOEoKXtpnKXQWxtDtE-cg.roa
File: pJjixcaOEoKXtpnKXQWxtDtE-cg.roa (raw, json)
Hash identifier: YzAh0O3hzHIGmTFvKHb1d1v23nWIadP6881cRCCSDz0=
Subject key identifier: A4:98:E2:C5:C6:8E:12:82:97:B6:99:CA:5D:05:B1:B4:3B:44:F9:C8
Certificate issuer: /CN=b0847250b3a77127df7c3c7b8def8c9d919dc4b9
Certificate serial: 01884D74DE135D29384E86D86CB3667FB925
Authority key identifier: B0:84:72:50:B3:A7:71:27:DF:7C:3C:7B:8D:EF:8C:9D:91:9D:C4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sIRyULOncSfffDx7je-MnZGdxLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/pJjixcaOEoKXtpnKXQWxtDtE-cg.roa
Signing time: Wed 24 May 2023 11:11:24 +0000
ROA not before: Wed 24 May 2023 11:11:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60823
IP address blocks: 185.25.124.0/22 maxlen: 22
195.191.254.0/23 maxlen: 23
2a04:3180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:74:de:13:5d:29:38:4e:86:d8:6c:b3:66:7f:b9:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0847250b3a77127df7c3c7b8def8c9d919dc4b9
Validity
Not Before: May 24 11:11:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a498e2c5c68e128297b699ca5d05b1b43b44f9c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4f:e6:c7:98:e3:3f:8b:44:85:c7:8b:92:51:
27:e1:79:d4:7b:e0:95:15:fe:af:0e:ab:eb:42:4f:
44:69:e2:50:2c:68:95:f4:fc:80:30:de:6d:f7:82:
0a:5c:3d:02:cb:a1:7a:b0:7d:fc:c8:50:15:a4:4c:
bc:00:ee:1b:88:6b:82:57:54:53:da:2d:55:56:9b:
f9:03:19:a6:87:86:5f:56:46:1a:34:af:bd:6a:ea:
d3:84:b1:53:11:7c:f0:40:a3:cb:0a:2f:bf:66:7a:
d6:c4:2f:2a:45:b1:fa:6d:50:da:09:80:01:5c:17:
77:72:bd:6c:39:cc:61:8d:08:20:df:3f:4d:db:7f:
d5:16:b5:eb:4e:5a:e9:94:8f:2a:34:ed:91:fc:2e:
c1:6a:47:c7:11:a1:93:30:1e:ab:9e:d5:95:69:68:
f7:d2:8e:1d:be:74:73:a9:d5:6d:7c:02:64:2a:59:
15:29:2f:bd:bb:1d:d6:4f:ac:07:c6:8c:c7:75:4f:
9b:95:f3:bf:e9:a6:62:6c:3d:57:48:61:5f:a3:f4:
aa:20:56:b1:ce:62:d6:9b:c2:16:e6:9d:45:90:4e:
b3:80:7c:66:3c:6e:ad:42:ef:d0:5f:16:e7:e0:e1:
7d:1e:3e:03:a3:ef:b6:f7:aa:d1:2e:81:03:80:76:
d6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:98:E2:C5:C6:8E:12:82:97:B6:99:CA:5D:05:B1:B4:3B:44:F9:C8
X509v3 Authority Key Identifier:
keyid:B0:84:72:50:B3:A7:71:27:DF:7C:3C:7B:8D:EF:8C:9D:91:9D:C4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sIRyULOncSfffDx7je-MnZGdxLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/pJjixcaOEoKXtpnKXQWxtDtE-cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/sIRyULOncSfffDx7je-MnZGdxLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.124.0/22
195.191.254.0/23
IPv6:
2a04:3180::/29
Signature Algorithm: sha256WithRSAEncryption
06:9a:74:09:98:43:05:e2:23:af:b0:c3:e8:53:3c:08:d4:18:
c5:03:af:26:4a:00:25:99:6c:06:83:94:6b:7b:12:08:6e:00:
95:ff:4a:3b:6a:ca:9b:f0:a9:25:23:ca:72:34:98:ca:e4:8c:
72:a5:7e:9f:b9:ab:f2:03:cf:88:bb:8d:b3:14:07:6c:d1:0e:
6c:77:db:de:cc:19:9e:c1:98:d2:54:cd:3b:31:3f:15:fd:af:
ae:72:ca:c6:e4:35:76:3f:aa:c3:d3:ce:4b:90:8f:6f:96:95:
2f:bb:60:8d:f7:44:d8:65:54:42:0a:46:9b:74:83:07:79:c4:
14:59:7c:17:b1:a9:91:a4:02:05:6e:2b:59:88:87:75:ef:83:
c9:2c:1a:e2:fb:df:aa:19:d1:f8:c1:c3:08:5f:7a:b2:d9:90:
7a:8f:6a:28:1a:72:06:c4:ef:41:55:5e:11:6a:3c:75:3a:97:
56:30:79:0a:bf:52:72:43:ff:0a:5c:61:37:22:99:6d:bf:87:
58:49:98:25:df:e5:bd:c4:f3:c4:cd:27:26:aa:8d:03:ac:5e:
9c:91:b4:4e:80:1b:91:16:23:f9:3c:93:1b:0c:73:e9:d6:cb:
a5:8d:2f:26:cc:0a:8b:02:a2:ce:b9:ba:98:f3:d0:dd:aa:98:
74:3b:80:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhNdN4TXSk4TobYbLNmf7klMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwODQ3MjUwYjNhNzcxMjdkZjdjM2M3YjhkZWY4YzlkOTE5
ZGM0YjkwHhcNMjMwNTI0MTExMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDk4ZTJjNWM2OGUxMjgyOTdiNjk5Y2E1ZDA1YjFiNDNiNDRmOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0/mx5jjP4tEhceLklEn4XnUe+CV
Ff6vDqvrQk9EaeJQLGiV9PyAMN5t94IKXD0Cy6F6sH38yFAVpEy8AO4biGuCV1RT
2i1VVpv5Axmmh4ZfVkYaNK+9aurThLFTEXzwQKPLCi+/ZnrWxC8qRbH6bVDaCYAB
XBd3cr1sOcxhjQgg3z9N23/VFrXrTlrplI8qNO2R/C7BakfHEaGTMB6rntWVaWj3
0o4dvnRzqdVtfAJkKlkVKS+9ux3WT6wHxozHdU+blfO/6aZibD1XSGFfo/SqIFax
zmLWm8IW5p1FkE6zgHxmPG6tQu/QXxbn4OF9Hj4Do++296rRLoEDgHbWBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKSY4sXGjhKCl7aZyl0FsbQ7RPnIMB8GA1UdIwQY
MBaAFLCEclCzp3En33w8e43vjJ2RncS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0lSeVVMT25jU2ZmZkR4N2plLU1uWkdkeExrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xNzhmZmQtYTk5Yy00MzMzLThlOWIt
Y2EzNTQ2OTU1M2NmLzEvcEpqaXhjYU9Fb0tYdHBuS1hRV3h0RHRFLWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xNzhmZmQtYTk5Yy00MzMzLThlOWItY2EzNTQ2OTU1M2Nm
LzEvc0lSeVVMT25jU2ZmZkR4N2plLU1uWkdkeExrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRl8AwQB
w7/+MA0EAgACMAcDBQMqBDGAMA0GCSqGSIb3DQEBCwUAA4IBAQAGmnQJmEMF4iOv
sMPoUzwI1BjFA68mSgAlmWwGg5RrexIIbgCV/0o7asqb8KklI8pyNJjK5IxypX6f
uavyA8+Iu42zFAds0Q5sd9vezBmewZjSVM07MT8V/a+ucsrG5DV2P6rD085LkI9v
lpUvu2CN90TYZVRCCkabdIMHecQUWXwXsamRpAIFbitZiId174PJLBri+9+qGdH4
wcMIX3qy2ZB6j2ooGnIGxO9BVV4Rajx1OpdWMHkKv1JyQ/8KXGE3Ipltv4dYSZgl
3+W9xPPEzScmqo0DrF6ckbROgBuRFiP5PJMbDHPp1suljS8mzAqLAqLOubqY89Dd
qph0O4C1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:55 2025 by rpki-client