Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/jkfS1X05GDIKjnHb7upXw_DTcJ0.roa
File: jkfS1X05GDIKjnHb7upXw_DTcJ0.roa (raw, json)
Hash identifier: bVzstoOmk7jbifxNpfC7hqNLSNnksAcJboYZ2qiPzeM=
Subject key identifier: 8E:47:D2:D5:7D:39:18:32:0A:8E:71:DB:EE:EA:57:C3:F0:D3:70:9D
Certificate issuer: /CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Certificate serial: 3838321B
Authority key identifier: 15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/jkfS1X05GDIKjnHb7upXw_DTcJ0.roa
Signing time: Sat 01 Jan 2022 16:10:29 +0000
ROA not before: Sat 01 Jan 2022 16:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39636
IP address blocks: 46.233.128.0/18 maxlen: 18
94.74.0.0/18 maxlen: 18
89.184.96.0/19 maxlen: 19
89.184.118.0/24 maxlen: 24
185.182.116.0/22 maxlen: 22
2a01:8320::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943206939 (0x3838321b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1501c845f13dd4ad6e9dae470d5ff69c5cca3771
Validity
Not Before: Jan 1 16:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e47d2d57d3918320a8e71dbeeea57c3f0d3709d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:3a:c3:8a:5a:d0:ac:17:b6:17:78:d6:04:
a7:dd:b0:90:d4:4a:6c:d6:f0:72:94:9d:b7:25:49:
51:7b:e3:03:8b:15:75:df:a2:b5:36:3b:de:ee:76:
ce:ef:b0:58:1b:53:5d:b2:9f:fa:99:e7:5d:e8:ca:
4b:05:8a:c4:41:2a:ec:9b:64:f1:8c:70:d6:07:29:
ba:8e:62:78:a1:a6:25:6f:06:76:3d:f1:7c:77:f7:
e1:66:32:69:9a:41:20:5c:54:d3:b0:bd:6a:b2:91:
20:3d:53:43:b7:c9:c2:f4:40:30:79:97:d0:3e:92:
97:04:e5:c2:6b:55:3f:eb:c0:46:52:8c:a0:20:a8:
0d:15:42:4e:0c:dc:e8:5f:34:66:17:20:e8:f0:96:
c6:6a:b8:26:e5:82:9d:de:fb:3b:47:75:81:80:c5:
54:cf:ee:d5:a5:b2:a9:90:31:5f:1d:07:2f:59:94:
56:b5:fa:10:a5:e0:87:39:06:b2:2d:74:72:a6:e9:
cc:ed:a3:50:68:5d:0f:72:40:23:84:d7:6f:43:dd:
8e:78:89:b4:32:f7:14:62:49:4b:09:21:6a:58:df:
44:3b:4e:b8:87:93:cb:3e:7b:19:93:d7:99:85:8e:
42:82:f3:b8:09:d0:32:d1:25:be:1a:0a:57:ef:dd:
24:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:D2:D5:7D:39:18:32:0A:8E:71:DB:EE:EA:57:C3:F0:D3:70:9D
X509v3 Authority Key Identifier:
keyid:15:01:C8:45:F1:3D:D4:AD:6E:9D:AE:47:0D:5F:F6:9C:5C:CA:37:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQHIRfE91K1una5HDV_2nFzKN3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/jkfS1X05GDIKjnHb7upXw_DTcJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/0376a1-49d6-4a4d-8c2a-ed7915436b27/1/FQHIRfE91K1una5HDV_2nFzKN3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.128.0/18
89.184.96.0/19
94.74.0.0/18
185.182.116.0/22
IPv6:
2a01:8320::/32
Signature Algorithm: sha256WithRSAEncryption
c7:c9:13:88:86:68:b8:c8:85:cd:d9:f9:76:3f:8a:ae:78:ab:
ee:3f:ba:e4:45:2f:48:1e:1d:12:07:fb:0b:52:b6:b5:69:bc:
55:b7:e4:f8:bd:1a:b8:88:7d:b7:d4:7f:20:32:5e:57:4c:3a:
d5:fe:e3:70:a7:8a:ff:0a:8a:cd:93:2c:0a:ff:56:29:19:6d:
4a:5d:12:ff:9f:b3:cb:fc:49:64:72:48:ae:b5:f6:5b:5b:e4:
13:fc:1d:61:26:f9:55:67:40:01:f1:51:06:b8:2b:1d:2b:cf:
93:af:10:63:9e:5e:95:b2:6b:59:95:40:53:75:c2:2c:18:e3:
2e:bc:2d:c5:fe:fc:50:b2:ee:04:33:e0:d2:c1:f0:9e:aa:f1:
da:39:8b:ce:91:97:c0:34:e3:7f:22:06:9f:8c:aa:67:a7:58:
02:06:1c:bd:4e:d3:f1:07:be:6d:1f:9f:cb:0d:9d:7f:4c:36:
50:5c:2f:69:54:af:1e:1c:20:6f:e7:56:35:11:8c:56:c7:73:
a3:59:1f:5f:0a:f1:a1:54:62:bb:72:36:bd:53:dc:be:d8:41:
73:f2:40:9e:1d:46:57:f1:f5:be:83:2c:aa:a2:db:c1:97:f6:
13:d6:e7:d8:05:17:aa:52:87:13:10:e8:06:0d:bf:6f:09:7e:
41:74:96:8a
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEODgyGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NTAxYzg0NWYxM2RkNGFkNmU5ZGFlNDcwZDVmZjY5YzVjY2EzNzcxMB4XDTIyMDEw
MTE2MTAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU0N2QyZDU3ZDM5
MTgzMjBhOGU3MWRiZWVlYTU3YzNmMGQzNzA5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbsOsOKWtCsF7YXeNYEp92wkNRKbNbwcpSdtyVJUXvjA4sV
dd+itTY73u52zu+wWBtTXbKf+pnnXejKSwWKxEEq7Jtk8Yxw1gcpuo5ieKGmJW8G
dj3xfHf34WYyaZpBIFxU07C9arKRID1TQ7fJwvRAMHmX0D6SlwTlwmtVP+vARlKM
oCCoDRVCTgzc6F80Zhcg6PCWxmq4JuWCnd77O0d1gYDFVM/u1aWyqZAxXx0HL1mU
VrX6EKXghzkGsi10cqbpzO2jUGhdD3JAI4TXb0PdjniJtDL3FGJJSwkhaljfRDtO
uIeTyz57GZPXmYWOQoLzuAnQMtElvhoKV+/dJCsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSOR9LVfTkYMgqOcdvu6lfD8NNwnTAfBgNVHSMEGDAWgBQVAchF8T3UrW6d
rkcNX/acXMo3cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZRSElSZkU5MUsxdW5hNUhEVl8ybkZ6S04zRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMDM3NmExLTQ5ZDYtNGE0ZC04YzJhLWVkNzkxNTQzNmIyNy8x
L2prZlMxWDA1R0RJS2puSGI3dXBYd19EVGNKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
MDM3NmExLTQ5ZDYtNGE0ZC04YzJhLWVkNzkxNTQzNmIyNy8xL0ZRSElSZkU5MUsx
dW5hNUhEVl8ybkZ6S04zRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBi7pgAMEBVm4YAMEBl5KAAMEArm2
dDANBAIAAjAHAwUAKgGDIDANBgkqhkiG9w0BAQsFAAOCAQEAx8kTiIZouMiFzdn5
dj+Krnir7j+65EUvSB4dEgf7C1K2tWm8Vbfk+L0auIh9t9R/IDJeV0w61f7jcKeK
/wqKzZMsCv9WKRltSl0S/5+zy/xJZHJIrrX2W1vkE/wdYSb5VWdAAfFRBrgrHSvP
k68QY55elbJrWZVAU3XCLBjjLrwtxf78ULLuBDPg0sHwnqrx2jmLzpGXwDTjfyIG
n4yqZ6dYAgYcvU7T8Qe+bR+fyw2df0w2UFwvaVSvHhwgb+dWNRGMVsdzo1kfXwrx
oVRiu3I2vVPcvthBc/JAnh1GV/H1voMsqqLbwZf2E9bn2AUXqlKHExDoBg2/bwl+
QXSWig==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:55:05 2025 by rpki-client