Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/JOripywU34-usgRzdSMuWx6vLQ4.roa
File: JOripywU34-usgRzdSMuWx6vLQ4.roa (raw, json)
Hash identifier: gUtq5hN9f8lMBmmzGVZVUN/UKdLgU/jDBDbQokGEL/Y=
Subject key identifier: 24:EA:E2:A7:2C:14:DF:8F:AE:B2:04:73:75:23:2E:5B:1E:AF:2D:0E
Certificate issuer: /CN=252cb35c3f56b2798ff61bd4d9a5ced0ee039fb0
Certificate serial: 01823446FE4126EB85A97330BAB6B4595151
Authority key identifier: 25:2C:B3:5C:3F:56:B2:79:8F:F6:1B:D4:D9:A5:CE:D0:EE:03:9F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/JOripywU34-usgRzdSMuWx6vLQ4.roa
Signing time: Mon 25 Jul 2022 07:34:03 +0000
ROA not before: Mon 25 Jul 2022 07:34:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41157
IP address blocks: 81.201.176.0/20 maxlen: 20
2a02:2218::/29 maxlen: 32
2a02:2218::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:46:fe:41:26:eb:85:a9:73:30:ba:b6:b4:59:51:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=252cb35c3f56b2798ff61bd4d9a5ced0ee039fb0
Validity
Not Before: Jul 25 07:34:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24eae2a72c14df8faeb2047375232e5b1eaf2d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:eb:0c:9e:3b:b7:9c:59:a7:fe:63:d6:85:a2:
eb:7a:62:e3:f2:99:33:2e:d4:9f:ea:12:2c:2d:aa:
af:fe:20:a0:9a:24:c6:89:8b:09:26:53:75:7a:ba:
7e:cf:a9:a1:08:0a:0b:15:28:42:15:55:3a:a2:a4:
db:71:0b:09:f0:39:fe:2f:fa:17:e7:4a:99:9a:7f:
97:4c:81:e2:68:f1:0b:8d:5c:28:23:aa:93:c0:c4:
4d:ae:d7:53:d7:5e:55:2f:43:7e:d1:eb:dc:1a:1b:
4f:48:a7:e9:51:c4:3f:3f:af:c8:94:8b:53:1e:dc:
16:b5:70:6e:5a:d3:be:ff:61:c9:b1:0d:2d:72:a4:
fc:e8:4a:3c:4f:5d:75:8b:51:bf:80:8c:45:04:3b:
35:c1:07:e9:ba:54:8d:6f:0c:a9:14:93:09:86:f7:
99:74:20:37:fc:14:f7:a8:34:22:2e:ea:27:3c:3e:
06:fa:f8:b7:c6:23:bc:6d:24:ed:8e:3b:b1:25:35:
66:a6:19:7a:55:1c:e0:72:f9:93:de:6a:0f:e9:60:
82:48:58:b4:ec:51:dd:87:fd:78:36:a8:be:ee:8d:
b2:1f:d7:3e:bb:e2:9a:f0:e0:27:44:9b:73:4b:20:
a2:69:4a:f7:61:de:3a:29:40:35:b7:7b:ac:14:33:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EA:E2:A7:2C:14:DF:8F:AE:B2:04:73:75:23:2E:5B:1E:AF:2D:0E
X509v3 Authority Key Identifier:
keyid:25:2C:B3:5C:3F:56:B2:79:8F:F6:1B:D4:D9:A5:CE:D0:EE:03:9F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/JOripywU34-usgRzdSMuWx6vLQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/77c6fc-8a99-42f4-ac23-56c6a1031dbb/1/JSyzXD9WsnmP9hvU2aXO0O4Dn7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.201.176.0/20
IPv6:
2a02:2218::/29
Signature Algorithm: sha256WithRSAEncryption
00:50:61:e1:0e:90:1f:34:cd:fa:32:79:ee:3b:c8:aa:2c:4a:
04:ad:15:f2:29:5b:54:90:87:0f:ae:b9:dc:ff:b4:b0:06:90:
6c:18:67:83:fa:dc:55:25:12:3d:36:5e:6b:35:2b:10:73:44:
3f:fb:11:5d:53:fb:f2:da:58:49:a0:ed:4c:ca:d3:c6:b8:72:
48:f6:da:40:c6:7d:d3:bb:aa:06:98:26:2f:44:e1:0e:8f:9b:
60:9a:66:02:d0:b4:01:39:f7:21:86:18:e3:ad:ba:44:c8:2f:
37:53:79:94:48:a3:40:e9:f5:56:39:e3:63:5c:6c:8e:7f:3f:
6a:e5:b5:35:12:89:ae:01:b9:f5:6f:b9:da:36:31:f2:f3:c1:
e1:72:4f:37:40:0d:f0:37:02:ef:69:2d:3a:84:8d:77:e4:1f:
14:4a:66:82:98:2d:93:1b:df:98:d0:06:26:0f:3f:65:80:ec:
f5:94:5f:e7:45:a5:88:9e:06:88:60:93:46:66:60:fe:b1:73:
b9:50:ce:36:9d:3b:49:49:21:05:9f:be:b8:f2:c4:83:af:9d:
82:1d:4c:0e:90:ce:07:a1:d4:eb:c8:07:e8:3a:8c:9e:b3:64:
99:4d:a1:65:38:f8:06:c0:39:04:f7:cd:18:e8:34:c2:89:0a:
2d:3b:eb:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYI0Rv5BJuuFqXMwura0WVFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MmNiMzVjM2Y1NmIyNzk4ZmY2MWJkNGQ5YTVjZWQwZWUw
MzlmYjAwHhcNMjIwNzI1MDczNDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGVhZTJhNzJjMTRkZjhmYWViMjA0NzM3NTIzMmU1YjFlYWYyZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgusMnju3nFmn/mPWhaLremLj8pkz
LtSf6hIsLaqv/iCgmiTGiYsJJlN1erp+z6mhCAoLFShCFVU6oqTbcQsJ8Dn+L/oX
50qZmn+XTIHiaPELjVwoI6qTwMRNrtdT115VL0N+0evcGhtPSKfpUcQ/P6/IlItT
HtwWtXBuWtO+/2HJsQ0tcqT86Eo8T111i1G/gIxFBDs1wQfpulSNbwypFJMJhveZ
dCA3/BT3qDQiLuonPD4G+vi3xiO8bSTtjjuxJTVmphl6VRzgcvmT3moP6WCCSFi0
7FHdh/14Nqi+7o2yH9c+u+Ka8OAnRJtzSyCiaUr3Yd46KUA1t3usFDNixQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCTq4qcsFN+PrrIEc3UjLlsery0OMB8GA1UdIwQY
MBaAFCUss1w/VrJ5j/Yb1NmlztDuA5+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlN5elhEOVdzbm1QOWh2VTJhWE8wTzREbjdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83N2M2ZmMtOGE5OS00MmY0LWFjMjMt
NTZjNmExMDMxZGJiLzEvSk9yaXB5d1UzNC11c2dSemRTTXVXeDZ2TFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83N2M2ZmMtOGE5OS00MmY0LWFjMjMtNTZjNmExMDMxZGJi
LzEvSlN5elhEOVdzbm1QOWh2VTJhWE8wTzREbjdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUcmwMA0E
AgACMAcDBQMqAiIYMA0GCSqGSIb3DQEBCwUAA4IBAQAAUGHhDpAfNM36MnnuO8iq
LEoErRXyKVtUkIcPrrnc/7SwBpBsGGeD+txVJRI9Nl5rNSsQc0Q/+xFdU/vy2lhJ
oO1MytPGuHJI9tpAxn3Tu6oGmCYvROEOj5tgmmYC0LQBOfchhhjjrbpEyC83U3mU
SKNA6fVWOeNjXGyOfz9q5bU1EomuAbn1b7naNjHy88Hhck83QA3wNwLvaS06hI13
5B8USmaCmC2TG9+Y0AYmDz9lgOz1lF/nRaWIngaIYJNGZmD+sXO5UM42nTtJSSEF
n7648sSDr52CHUwOkM4HodTryAfoOoyes2SZTaFlOPgGwDkE980Y6DTCiQotO+sz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:56 2025 by rpki-client