Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/JVt0jux4q99gK-7OJhrh7MwAM1A.roa
File: JVt0jux4q99gK-7OJhrh7MwAM1A.roa (raw, json)
Hash identifier: miZS8cT4O5yNHSta4tZGFtKagWm+G8E8ZfOrKSp4RK0=
Subject key identifier: 25:5B:74:8E:EC:78:AB:DF:60:2B:EE:CE:26:1A:E1:EC:CC:00:33:50
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 077C4321
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/JVt0jux4q99gK-7OJhrh7MwAM1A.roa
Signing time: Sat 01 Jan 2022 08:00:44 +0000
ROA not before: Sat 01 Jan 2022 08:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41281
IP address blocks: 193.189.100.0/24 maxlen: 24
193.189.101.0/24 maxlen: 24
45.154.255.0/24 maxlen: 24
45.154.254.0/24 maxlen: 24
2001:67c:130c::/48 maxlen: 48
2a0f:df00:dead::/48 maxlen: 48
2a0f:df00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125584161 (0x77c4321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Jan 1 08:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=255b748eec78abdf602beece261ae1eccc003350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c0:38:9f:1a:5d:94:4c:dd:5a:ff:d1:c5:ee:
c0:0c:7c:55:9b:f5:67:64:7d:f4:71:e8:c8:be:1b:
7c:db:34:c3:c6:7d:a3:66:de:f8:64:4d:99:da:57:
d2:e7:47:13:39:dc:e5:f6:46:aa:6f:df:fd:e0:f1:
8e:c6:25:4b:70:35:d7:0c:3e:af:2f:ba:97:e5:07:
83:cc:ee:bc:7e:2d:ca:b1:5e:9a:3d:53:fb:9e:9e:
44:17:74:c3:92:a2:c3:32:2e:ef:de:7d:a7:63:c5:
38:94:90:1d:24:94:98:6f:63:36:f4:43:30:cb:81:
0e:cd:44:8a:9c:3a:9d:59:2c:e7:93:a8:1c:28:fc:
86:aa:e1:04:cc:49:3d:fc:34:7f:59:d0:d5:eb:23:
22:77:18:74:0c:ca:e0:fa:c0:86:e8:ae:97:81:11:
f3:79:8b:9a:ea:7b:8a:ad:fa:69:c3:06:d7:8c:32:
62:a7:4d:2d:e1:3b:e6:b9:85:ca:6e:d9:d2:70:e2:
2c:aa:4d:8c:12:0e:17:73:67:8e:6a:a8:e6:b2:f7:
b9:25:bb:b4:97:01:6a:a2:38:a1:58:cd:27:2a:ea:
da:42:ba:bc:9c:84:a7:c0:aa:92:44:91:df:c1:60:
da:8b:06:3d:19:b1:a2:a4:de:a9:7a:58:d7:2b:3d:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:5B:74:8E:EC:78:AB:DF:60:2B:EE:CE:26:1A:E1:EC:CC:00:33:50
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/JVt0jux4q99gK-7OJhrh7MwAM1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.254.0/23
193.189.100.0/23
IPv6:
2001:67c:130c::/48
2a0f:df00::/48
2a0f:df00:dead::/48
Signature Algorithm: sha256WithRSAEncryption
40:f7:05:ca:12:e9:4b:9d:9d:d7:51:f6:6e:84:55:83:1f:b1:
c3:e1:22:a8:61:18:cf:d0:28:b5:6b:a4:7a:f3:d5:6c:c0:13:
3b:e0:89:aa:6e:f9:8d:e1:90:b2:e2:3c:88:4c:fa:3a:e6:ad:
1c:2d:5e:02:8c:96:58:55:de:4f:43:8d:e7:3b:03:f4:e9:be:
54:7f:7a:d4:64:29:1e:82:f8:b0:38:7b:50:1e:cb:90:51:a7:
31:5a:59:45:fa:e3:8d:60:b2:6f:b4:0e:ac:2a:39:12:f0:ad:
20:3c:2f:1f:e9:08:6c:e6:22:26:ff:d3:82:12:50:a9:53:3c:
24:13:e2:f5:d2:c9:b7:ad:d2:f3:f2:55:ed:69:d5:26:fd:29:
ff:85:fb:c9:a4:d2:32:4c:6b:be:ba:ae:1a:51:ab:6a:54:48:
e0:f0:6e:ad:38:2f:03:9b:fe:4c:d6:16:50:60:98:9d:46:e2:
6f:ac:c2:2a:ad:53:fb:a0:ed:12:01:2d:b5:27:f9:fc:a2:61:
e4:00:13:a5:c6:d6:51:f3:b1:13:6b:e0:36:77:70:8c:6d:e3:
2b:9b:a0:b6:44:7d:2d:8c:27:1b:c9:51:b9:0c:c2:02:9c:b4:
7a:af:64:d0:ea:76:37:74:6c:58:a4:45:73:1b:e2:fa:ed:13:
0c:22:d7:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEB3xDITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODdlMzFjZTVkNTAxZDFhOTRhZmRhYmJkNGUwMjRjYzJhNzg4ZWY1MB4XDTIyMDEw
MTA4MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU1Yjc0OGVlYzc4
YWJkZjYwMmJlZWNlMjYxYWUxZWNjYzAwMzM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXAOJ8aXZRM3Vr/0cXuwAx8VZv1Z2R99HHoyL4bfNs0w8Z9
o2be+GRNmdpX0udHEznc5fZGqm/f/eDxjsYlS3A11ww+ry+6l+UHg8zuvH4tyrFe
mj1T+56eRBd0w5KiwzIu7959p2PFOJSQHSSUmG9jNvRDMMuBDs1Eipw6nVks55Oo
HCj8hqrhBMxJPfw0f1nQ1esjIncYdAzK4PrAhuiul4ER83mLmup7iq36acMG14wy
YqdNLeE75rmFym7Z0nDiLKpNjBIOF3Nnjmqo5rL3uSW7tJcBaqI4oVjNJyrq2kK6
vJyEp8CqkkSR38Fg2osGPRmxoqTeqXpY1ys9H4kCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBQlW3SO7Hir32Ar7s4mGuHszAAzUDAfBgNVHSMEGDAWgBR4fjHOXVAdGpSv
2rvU4CTMKniO9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VINHh6bDFRSFJxVXI5cTcxT0FrekNwNGp2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvN2M1NWQyLTM4MWMtNGU4Ny04Y2E1LTIzMDdiYjU5MjI1Zi8x
L0pWdDBqdXg0cTk5Z0stN09KaHJoN013QU0xQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
N2M1NWQyLTM4MWMtNGU4Ny04Y2E1LTIzMDdiYjU5MjI1Zi8xL2VINHh6bDFRSFJx
VXI5cTcxT0FrekNwNGp2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwEgQCAAEwDAMEAS2a/gMEAcG9ZDAhBAIAAjAbAwcA
IAEGfBMMAwcAKg/fAAAAAwcAKg/fAN6tMA0GCSqGSIb3DQEBCwUAA4IBAQBA9wXK
EulLnZ3XUfZuhFWDH7HD4SKoYRjP0Ci1a6R689VswBM74ImqbvmN4ZCy4jyITPo6
5q0cLV4CjJZYVd5PQ43nOwP06b5Uf3rUZCkegviwOHtQHsuQUacxWllF+uONYLJv
tA6sKjkS8K0gPC8f6Qhs5iIm/9OCElCpUzwkE+L10sm3rdLz8lXtadUm/Sn/hfvJ
pNIyTGu+uq4aUatqVEjg8G6tOC8Dm/5M1hZQYJidRuJvrMIqrVP7oO0SAS21J/n8
omHkABOlxtZR87ETa+A2d3CMbeMrm6C2RH0tjCcbyVG5DMICnLR6r2TQ6nY3dGxY
pEVzG+L67RMMItcj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:06 2025 by rpki-client