Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/J_9VxahUNeilpsqJvVfD76gfr8g.roa
File: J_9VxahUNeilpsqJvVfD76gfr8g.roa (raw, json)
Hash identifier: ahoMLpBL2UA9X+HGO+Q4hsrEl1xs45BMcVldcBF3Dhs=
Subject key identifier: 27:FF:55:C5:A8:54:35:E8:A5:A6:CA:89:BD:57:C3:EF:A8:1F:AF:C8
Certificate issuer: /CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Certificate serial: 0184AA091192BD70417D6C19465D8D4BE413
Authority key identifier: F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/J_9VxahUNeilpsqJvVfD76gfr8g.roa
Signing time: Thu 24 Nov 2022 14:27:11 +0000
ROA not before: Thu 24 Nov 2022 14:27:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39683
IP address blocks: 185.252.22.0/23 maxlen: 23
5.61.96.0/21 maxlen: 24
195.189.224.0/24 maxlen: 24
195.189.224.0/23 maxlen: 23
195.189.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:09:11:92:bd:70:41:7d:6c:19:46:5d:8d:4b:e4:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f186e97097c8417d9437d70cfdfc527331b5a8
Validity
Not Before: Nov 24 14:27:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27ff55c5a85435e8a5a6ca89bd57c3efa81fafc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:06:1f:e7:20:93:12:35:70:e7:23:de:f7:7f:
bd:30:ea:e2:ff:ca:c0:8b:48:e4:b0:d6:58:03:e1:
d1:77:d3:24:d1:1b:34:21:41:90:c5:73:ab:18:1a:
a8:12:fe:c4:4f:0e:2e:bf:3f:be:62:fa:15:2e:39:
31:ac:9a:97:1d:0d:5a:e5:d3:5f:12:5e:07:04:e6:
55:14:bb:51:34:e5:b8:b9:de:69:5f:38:59:d8:7c:
e7:8f:e9:97:2b:6b:d1:e3:36:1c:30:fc:b6:29:b0:
76:ff:e4:93:1b:24:0d:09:bc:b5:9c:7b:2e:a8:c9:
df:6f:68:cd:eb:f2:7c:00:96:0c:89:10:97:b0:16:
16:8e:34:96:09:36:dd:0e:86:7d:c8:65:b3:25:be:
a3:20:cb:3e:9b:33:07:69:10:cc:41:8e:59:76:f6:
7d:fb:d5:8e:6c:c4:9c:65:b9:c0:1e:bd:08:9b:63:
77:0b:58:97:db:bd:8c:54:8c:e5:9e:11:51:d4:45:
15:65:02:da:52:ae:7f:6c:50:20:64:31:ad:ff:19:
9e:e2:e8:36:f3:68:f9:f1:d4:d6:74:f4:da:3e:da:
c0:a9:51:93:dc:73:78:0c:4c:7c:d6:39:ff:db:d9:
87:5d:58:b1:51:bd:6a:cd:43:5b:88:36:bd:3a:6c:
82:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FF:55:C5:A8:54:35:E8:A5:A6:CA:89:BD:57:C3:EF:A8:1F:AF:C8
X509v3 Authority Key Identifier:
keyid:F1:F1:86:E9:70:97:C8:41:7D:94:37:D7:0C:FD:FC:52:73:31:B5:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fGG6XCXyEF9lDfXDP38UnMxtag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/J_9VxahUNeilpsqJvVfD76gfr8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/5c3b99-b8ef-4ed1-857c-b65cd136262e/1/8fGG6XCXyEF9lDfXDP38UnMxtag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.96.0/21
185.252.22.0/23
195.189.224.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:5a:97:90:8a:fd:0a:f2:4c:1e:92:ee:e3:7c:ca:3c:0d:32:
29:0b:b0:7e:f5:a1:dc:ad:d1:e9:e9:eb:65:8e:07:b5:85:9c:
fc:e1:69:60:7c:5b:b3:fa:52:78:f5:58:f9:fd:4b:b5:c9:2a:
6e:d5:e9:a8:c3:f6:54:90:54:9e:33:16:96:37:88:53:bb:bf:
e2:46:44:9a:27:8b:5a:4a:33:cc:22:78:11:3c:70:e2:6f:f3:
2e:f1:75:23:d5:0a:30:51:fa:55:e7:99:91:f2:a8:12:6f:3f:
17:29:3f:85:d4:6f:5d:48:3a:85:19:93:56:fc:0f:b7:02:08:
0c:f4:8f:02:70:38:2c:10:49:23:11:22:cc:1e:8d:80:ca:7b:
6a:8d:0c:58:80:4e:02:bf:82:91:37:9f:22:88:60:d5:55:c9:
84:fe:e6:6f:03:1c:73:e4:c4:82:b8:e8:7f:5b:92:1c:ef:79:
9e:cb:b5:7d:31:84:93:a5:f5:38:42:34:54:91:25:c6:90:62:
a9:88:61:7f:ca:27:d6:ce:cc:b4:0a:96:55:68:96:2b:33:e5:
10:d3:67:1c:1f:0b:18:07:8f:de:c6:a4:5a:f6:69:e9:de:91:
e8:6b:02:a1:02:e8:71:42:41:03:9d:1c:a0:4a:75:8f:19:8d:
45:f1:69:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSqCRGSvXBBfWwZRl2NS+QTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjE4NmU5NzA5N2M4NDE3ZDk0MzdkNzBjZmRmYzUyNzMz
MWI1YTgwHhcNMjIxMTI0MTQyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2ZmNTVjNWE4NTQzNWU4YTVhNmNhODliZDU3YzNlZmE4MWZhZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigYf5yCTEjVw5yPe93+9MOri/8rA
i0jksNZYA+HRd9Mk0Rs0IUGQxXOrGBqoEv7ETw4uvz++YvoVLjkxrJqXHQ1a5dNf
El4HBOZVFLtRNOW4ud5pXzhZ2Hznj+mXK2vR4zYcMPy2KbB2/+STGyQNCby1nHsu
qMnfb2jN6/J8AJYMiRCXsBYWjjSWCTbdDoZ9yGWzJb6jIMs+mzMHaRDMQY5ZdvZ9
+9WObMScZbnAHr0Im2N3C1iX272MVIzlnhFR1EUVZQLaUq5/bFAgZDGt/xme4ug2
82j58dTWdPTaPtrAqVGT3HN4DEx81jn/29mHXVixUb1qzUNbiDa9OmyCZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCf/VcWoVDXopabKib1Xw++oH6/IMB8GA1UdIwQY
MBaAFPHxhulwl8hBfZQ31wz9/FJzMbWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2Mt
YjY1Y2QxMzYyNjJlLzEvSl85VnhhaFVOZWlscHNxSnZWZkQ3NmdmcjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81YzNiOTktYjhlZi00ZWQxLTg1N2MtYjY1Y2QxMzYyNjJl
LzEvOGZHRzZYQ1h5RUY5bERmWERQMzhVbk14dGFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBT1gAwQB
ufwWAwQBw73gMA0GCSqGSIb3DQEBCwUAA4IBAQB9WpeQiv0K8kweku7jfMo8DTIp
C7B+9aHcrdHp6etljge1hZz84WlgfFuz+lJ49Vj5/Uu1ySpu1emow/ZUkFSeMxaW
N4hTu7/iRkSaJ4taSjPMIngRPHDib/Mu8XUj1QowUfpV55mR8qgSbz8XKT+F1G9d
SDqFGZNW/A+3AggM9I8CcDgsEEkjESLMHo2AyntqjQxYgE4Cv4KRN58iiGDVVcmE
/uZvAxxz5MSCuOh/W5Ic73mey7V9MYSTpfU4QjRUkSXGkGKpiGF/yifWzsy0CpZV
aJYrM+UQ02ccHwsYB4/exqRa9mnp3pHoawKhAuhxQkEDnRygSnWPGY1F8WmH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:59 2025 by rpki-client