Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/JPPmV-9ewh7OUsPfIxOBqpaXlWc.roa
File: JPPmV-9ewh7OUsPfIxOBqpaXlWc.roa (raw, json)
Hash identifier: 2s5/XFe3NjXFQ6BmgpUW9RX5B5bIwOQ1H023RlhXuZw=
Subject key identifier: 24:F3:E6:57:EF:5E:C2:1E:CE:52:C3:DF:23:13:81:AA:96:97:95:67
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018B626EE2FABCA2B1914120C6EED306CC50
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/JPPmV-9ewh7OUsPfIxOBqpaXlWc.roa
Signing time: Tue 24 Oct 2023 16:05:16 +0000
ROA not before: Tue 24 Oct 2023 16:05:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213278
IP address blocks: 195.211.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:6e:e2:fa:bc:a2:b1:91:41:20:c6:ee:d3:06:cc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Oct 24 16:05:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=24f3e657ef5ec21ece52c3df231381aa96979567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b0:48:6d:05:08:b8:29:db:29:a1:13:e1:05:
fd:3f:c9:ff:33:39:d6:4a:34:d4:a3:33:be:fc:8a:
d8:e1:4f:5f:3d:43:b0:38:9e:53:50:93:b0:89:26:
05:2b:75:e5:02:2b:83:84:68:cc:b7:00:52:9e:6f:
38:57:94:8c:95:5f:1c:83:9b:b8:d5:92:76:c6:dd:
7b:d2:1b:51:40:e6:e6:b8:cf:1f:3c:f3:cb:cc:77:
c4:a5:3b:f6:46:fd:2e:e9:a3:55:93:fc:2d:05:99:
e8:75:f0:9c:ca:a9:75:64:52:2b:75:43:e0:b8:69:
71:ac:b2:65:56:ce:da:0c:df:6b:40:ad:98:22:87:
01:54:f2:69:1e:df:20:dd:f0:29:83:71:93:90:b2:
0d:f4:ae:b8:18:9b:7f:f2:04:02:16:f2:17:40:2b:
20:31:79:ba:1d:cd:4b:c3:03:a3:73:67:61:87:1c:
6f:6c:cd:17:8d:b3:43:ef:32:eb:1d:d9:e9:ae:ab:
88:07:98:85:74:f2:20:39:8f:f5:83:93:6c:5e:84:
ec:63:67:80:3d:2a:4b:f0:32:7c:f2:75:ad:30:62:
68:76:c0:ce:81:70:4c:61:6b:35:38:68:f6:d6:15:
46:94:b9:4c:10:db:4b:24:8d:26:45:2d:9b:c8:ea:
0a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F3:E6:57:EF:5E:C2:1E:CE:52:C3:DF:23:13:81:AA:96:97:95:67
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/JPPmV-9ewh7OUsPfIxOBqpaXlWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.163.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c5:b5:fd:00:89:60:cf:55:6e:8a:65:50:37:9c:87:47:16:
4c:c6:60:85:8f:bd:0e:1b:d8:6f:11:a7:dc:62:f5:15:b6:ef:
46:0a:68:69:da:71:63:25:6c:dc:64:2a:52:3a:7b:60:9b:2c:
b8:fd:8a:63:f6:17:bd:ba:80:a9:e7:58:aa:bc:5b:ef:23:73:
6d:07:fd:25:7f:31:65:39:ac:50:73:27:78:2f:15:b8:c8:10:
0e:70:cf:99:a4:c4:d5:c7:43:e3:82:6c:69:f7:40:b1:24:1d:
7d:27:a8:0e:01:ba:d8:8a:e4:3b:4d:6e:fb:0f:cf:06:1c:26:
c9:da:f3:e6:2e:be:3d:a7:b2:22:8e:47:c4:a6:82:cc:7d:f9:
b6:9f:8c:d1:dc:ec:95:7c:75:ff:94:67:36:cc:29:3d:5c:ae:
b5:45:08:90:5e:78:10:3c:2a:31:fb:da:37:4d:99:c1:c1:6c:
c0:b1:45:75:d4:a8:9b:75:07:92:00:2e:b2:af:8b:d9:36:e3:
05:e9:1a:c3:29:52:93:a2:52:da:24:0e:fa:fe:90:20:11:01:
31:b8:3d:78:d4:f2:8a:6a:94:3b:8d:21:b2:cf:3a:3a:ac:a8:
6a:a6:aa:4b:ca:ea:55:07:3d:f9:d8:da:db:11:69:4d:b5:35:
5d:5a:d6:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtibuL6vKKxkUEgxu7TBsxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMxMDI0MTYwNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGYzZTY1N2VmNWVjMjFlY2U1MmMzZGYyMzEzODFhYTk2OTc5NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7BIbQUIuCnbKaET4QX9P8n/MznW
SjTUozO+/IrY4U9fPUOwOJ5TUJOwiSYFK3XlAiuDhGjMtwBSnm84V5SMlV8cg5u4
1ZJ2xt170htRQObmuM8fPPPLzHfEpTv2Rv0u6aNVk/wtBZnodfCcyql1ZFIrdUPg
uGlxrLJlVs7aDN9rQK2YIocBVPJpHt8g3fApg3GTkLIN9K64GJt/8gQCFvIXQCsg
MXm6Hc1LwwOjc2dhhxxvbM0XjbND7zLrHdnprquIB5iFdPIgOY/1g5NsXoTsY2eA
PSpL8DJ88nWtMGJodsDOgXBMYWs1OGj21hVGlLlMENtLJI0mRS2byOoKpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCTz5lfvXsIezlLD3yMTgaqWl5VnMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvSlBQbVYtOWV3aDdPVXNQZkl4T0JxcGFYbFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9OjMA0G
CSqGSIb3DQEBCwUAA4IBAQCdxbX9AIlgz1VuimVQN5yHRxZMxmCFj70OG9hvEafc
YvUVtu9GCmhp2nFjJWzcZCpSOntgmyy4/Ypj9he9uoCp51iqvFvvI3NtB/0lfzFl
OaxQcyd4LxW4yBAOcM+ZpMTVx0Pjgmxp90CxJB19J6gOAbrYiuQ7TW77D88GHCbJ
2vPmLr49p7IijkfEpoLMffm2n4zR3OyVfHX/lGc2zCk9XK61RQiQXngQPCox+9o3
TZnBwWzAsUV11KibdQeSAC6yr4vZNuMF6RrDKVKTolLaJA76/pAgEQExuD141PKK
apQ7jSGyzzo6rKhqpqpLyupVBz352NrbEWlNtTVdWtYM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:22 2025 by rpki-client