
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/JDErGuYI4wOPOEPI_5AmayYxSyc.roa
File: JDErGuYI4wOPOEPI_5AmayYxSyc.roa (raw, json)
Hash identifier: 6lAWtVCx6ua9mVOyQJwRhrRoqQ6VvG+WxlEjFAdiaBc=
Subject key identifier: 24:31:2B:1A:E6:08:E3:03:8F:38:43:C8:FF:90:26:6B:26:31:4B:27
Certificate issuer: /CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Certificate serial: 01856B9340C2E2480856FC2776A35D1B5669
Authority key identifier: 3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/JDErGuYI4wOPOEPI_5AmayYxSyc.roa
Signing time: Sun 01 Jan 2023 04:24:50 +0000
ROA not before: Sun 01 Jan 2023 04:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 194.54.32.0/19 maxlen: 24
212.156.0.0/16 maxlen: 24
81.212.0.0/14 maxlen: 24
62.248.0.0/17 maxlen: 24
78.160.0.0/11 maxlen: 24
88.224.0.0/11 maxlen: 24
95.0.0.0/12 maxlen: 24
85.96.0.0/12 maxlen: 24
176.52.176.0/22 maxlen: 24
212.174.0.0/15 maxlen: 24
195.174.0.0/15 maxlen: 24
2a01:358::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:40:c2:e2:48:08:56:fc:27:76:a3:5d:1b:56:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3def11bb8a8d480a0313e1f218a66bdf4e95f627
Validity
Not Before: Jan 1 04:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24312b1ae608e3038f3843c8ff90266b26314b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:91:8e:95:29:eb:50:c5:26:aa:55:a8:1d:3b:
12:a0:c1:49:be:1e:9f:86:4a:95:25:9e:fb:ff:d3:
6e:9b:46:50:2b:ce:71:d0:6b:28:2c:09:67:90:8d:
a4:7b:d4:88:40:b3:dc:b6:d5:be:c0:59:ab:a3:d2:
14:32:95:ee:11:6d:41:28:40:bd:af:16:d7:39:cb:
0c:c1:0c:df:fb:d6:8f:00:88:ed:f4:27:6d:69:0c:
90:29:0a:c2:59:50:c8:b9:49:32:07:99:a5:87:84:
58:f4:22:da:0e:59:a0:5e:9c:05:6d:dd:75:83:10:
83:0b:c5:3e:11:ce:b9:63:b8:43:2c:28:6c:c1:08:
9f:2f:3d:80:fc:36:90:89:52:75:98:e5:79:05:a9:
f5:17:57:dd:e8:f4:e2:41:bb:be:d3:35:51:81:4d:
d8:fc:23:e4:4d:8c:e7:d4:31:47:c0:cc:9f:21:1e:
53:61:99:b7:7d:f7:b1:90:29:ca:89:67:43:f3:78:
0c:34:94:54:42:3b:6c:a9:5e:fa:7b:48:76:5b:58:
29:03:c3:9b:19:19:31:c5:c1:d9:91:6c:79:54:77:
5b:d1:4d:be:04:8f:13:80:4e:f8:a1:6f:2f:23:6c:
dc:56:43:87:5e:35:08:53:2a:e4:c0:8d:83:63:c3:
ea:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:31:2B:1A:E6:08:E3:03:8F:38:43:C8:FF:90:26:6B:26:31:4B:27
X509v3 Authority Key Identifier:
keyid:3D:EF:11:BB:8A:8D:48:0A:03:13:E1:F2:18:A6:6B:DF:4E:95:F6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pe8Ru4qNSAoDE-HyGKZr306V9ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/JDErGuYI4wOPOEPI_5AmayYxSyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/d1f172-2def-4797-805f-b494664724ad/1/Pe8Ru4qNSAoDE-HyGKZr306V9ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.248.0.0/17
78.160.0.0/11
81.212.0.0/14
85.96.0.0/12
88.224.0.0/11
95.0.0.0/12
176.52.176.0/22
194.54.32.0/19
195.174.0.0/15
212.156.0.0/16
212.174.0.0/15
IPv6:
2a01:358::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d8:03:2d:db:02:78:98:64:5a:ce:39:89:3b:a2:3c:bb:1c:
39:33:0d:7e:59:d2:e4:62:13:ae:94:a6:a2:42:49:f6:c1:41:
f0:cb:12:27:ee:ab:04:ec:44:05:92:1a:05:df:7a:43:e0:f9:
3a:f5:95:b5:a8:44:6b:65:be:85:2d:e2:52:44:3b:99:80:c9:
69:08:17:1f:00:b9:4c:3f:da:cb:b1:d4:da:16:03:1a:28:e8:
dd:91:30:3e:43:b6:f1:03:f6:69:16:b0:f0:27:f6:8d:db:3d:
82:dd:c2:af:7b:57:c8:af:ee:f4:5d:b6:e6:10:9b:a5:6d:a4:
bb:8f:6c:40:de:fc:15:9e:8e:46:e2:db:99:d8:4c:5c:7f:ce:
20:b1:f0:3f:59:25:4f:c4:6e:a4:10:13:ee:bc:a9:77:99:66:
40:a2:5b:1d:b8:da:39:96:43:59:f4:e3:9e:94:47:3d:1e:52:
a9:8f:40:74:34:d4:70:b2:2f:ec:a0:ea:e0:2a:32:ac:bb:2b:
ac:a7:dc:7b:2e:91:36:a4:13:b2:c2:c1:5c:67:62:08:59:f0:
33:69:c5:db:e9:03:f5:a0:3e:b2:68:65:f7:69:eb:38:19:95:
a6:ee:9b:e3:3a:d8:d1:de:4f:d0:d7:9a:b7:b9:81:32:b0:e0:
83:da:54:7d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVrk0DC4kgIVvwndqNdG1ZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZWYxMWJiOGE4ZDQ4MGEwMzEzZTFmMjE4YTY2YmRmNGU5
NWY2MjcwHhcNMjMwMTAxMDQyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDMxMmIxYWU2MDhlMzAzOGYzODQzYzhmZjkwMjY2YjI2MzE0YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpGOlSnrUMUmqlWoHTsSoMFJvh6f
hkqVJZ77/9Num0ZQK85x0GsoLAlnkI2ke9SIQLPcttW+wFmro9IUMpXuEW1BKEC9
rxbXOcsMwQzf+9aPAIjt9CdtaQyQKQrCWVDIuUkyB5mlh4RY9CLaDlmgXpwFbd11
gxCDC8U+Ec65Y7hDLChswQifLz2A/DaQiVJ1mOV5Ban1F1fd6PTiQbu+0zVRgU3Y
/CPkTYzn1DFHwMyfIR5TYZm3ffexkCnKiWdD83gMNJRUQjtsqV76e0h2W1gpA8Ob
GRkxxcHZkWx5VHdb0U2+BI8TgE74oW8vI2zcVkOHXjUIUyrkwI2DY8PqcwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFCQxKxrmCOMDjzhDyP+QJmsmMUsnMB8GA1UdIwQY
MBaAFD3vEbuKjUgKAxPh8hima99OlfYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYt
YjQ5NDY2NDcyNGFkLzEvSkRFckd1WUk0d09QT0VQSV81QW1heVl4U3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9kMWYxNzItMmRlZi00Nzk3LTgwNWYtYjQ5NDY2NDcyNGFk
LzEvUGU4UnU0cU5TQW9ERS1IeUdLWnIzMDZWOWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQHPvgAAwMF
TqADAwJR1AMDBFVgAwMFWOADAwRfAAMEArA0sAMEBcI2IAMDAcOuAwMA1JwDAwHU
rjANBAIAAjAHAwUDKgEDWDANBgkqhkiG9w0BAQsFAAOCAQEADtgDLdsCeJhkWs45
iTuiPLscOTMNflnS5GITrpSmokJJ9sFB8MsSJ+6rBOxEBZIaBd96Q+D5OvWVtahE
a2W+hS3iUkQ7mYDJaQgXHwC5TD/ay7HU2hYDGijo3ZEwPkO28QP2aRaw8Cf2jds9
gt3Cr3tXyK/u9F225hCbpW2ku49sQN78FZ6ORuLbmdhMXH/OILHwP1klT8RupBAT
7rypd5lmQKJbHbjaOZZDWfTjnpRHPR5SqY9AdDTUcLIv7KDq4CoyrLsrrKfcey6R
NqQTssLBXGdiCFnwM2nF2+kD9aA+smhl92nrOBmVpu6b4zrY0d5P0Neat7mBMrDg
g9pUfQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:37 2025 by rpki-client