Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/JxPiBLmESRqtD1lfRvrXCIULe24.roa
File: JxPiBLmESRqtD1lfRvrXCIULe24.roa (raw, json)
Hash identifier: 7fWEjsGyDHPWHA8pAgaV1hX53t+kr8u7kkDmLBEYuEE=
Subject key identifier: 27:13:E2:04:B9:84:49:1A:AD:0F:59:5F:46:FA:D7:08:85:0B:7B:6E
Certificate issuer: /CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Certificate serial: 018BB0157219B3ACEC5A8B28435F8CF70422
Authority key identifier: B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/JxPiBLmESRqtD1lfRvrXCIULe24.roa
Signing time: Wed 08 Nov 2023 17:57:57 +0000
ROA not before: Wed 08 Nov 2023 17:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16365
IP address blocks: 212.149.0.0/18 maxlen: 18
212.149.0.0/19 maxlen: 19
195.42.236.0/24 maxlen: 24
195.42.239.0/24 maxlen: 24
195.42.236.0/22 maxlen: 22
212.149.30.0/24 maxlen: 24
212.149.29.0/24 maxlen: 24
212.149.32.0/19 maxlen: 19
2a00:d580:4900::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b0:15:72:19:b3:ac:ec:5a:8b:28:43:5f:8c:f7:04:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Validity
Not Before: Nov 8 17:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2713e204b984491aad0f595f46fad708850b7b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8b:96:24:e4:cb:81:d5:73:e5:e5:1f:b8:ab:
66:5b:7f:c3:50:23:58:a1:0f:13:6b:75:70:46:2c:
66:a9:6e:01:72:70:c4:71:94:f1:5c:03:91:e8:f0:
e4:8a:de:49:38:5a:2f:bf:d9:b6:fd:d1:58:9e:c1:
2b:d4:30:d6:42:1b:a3:de:52:cf:f9:29:b2:74:2c:
82:c5:b6:22:0c:6d:20:25:c4:6c:28:da:d1:48:99:
d6:fe:2c:b7:8f:08:06:6a:7c:e1:1f:fb:de:76:3a:
aa:60:28:ab:95:52:04:89:c3:29:d2:60:37:00:dd:
88:18:92:b5:f9:e3:c0:1b:6b:e4:c5:fb:23:a5:21:
ed:56:e3:00:9d:74:20:ad:31:6b:c9:88:ad:13:e0:
70:ac:e3:2d:a9:04:53:62:29:e8:4d:8f:a3:53:55:
9f:31:b2:d9:2a:ac:ce:58:55:6a:03:23:cd:5d:79:
8d:35:3d:ab:1f:be:12:b2:9d:50:18:f3:e7:5b:ab:
f5:05:39:39:2a:4e:30:49:7a:56:6c:44:72:77:14:
34:a3:63:59:44:01:23:db:d0:42:9a:cf:9d:6d:f5:
c7:39:44:22:f4:9a:b7:5b:9e:87:a1:78:0b:ef:31:
5b:99:9e:d0:c4:fc:12:29:46:6d:7a:57:38:fe:1b:
1b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:13:E2:04:B9:84:49:1A:AD:0F:59:5F:46:FA:D7:08:85:0B:7B:6E
X509v3 Authority Key Identifier:
keyid:B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/JxPiBLmESRqtD1lfRvrXCIULe24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/tTuhjVzrjnlMgTnOAqeRuFAYJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.236.0/22
212.149.0.0/18
IPv6:
2a00:d580:4900::/40
Signature Algorithm: sha256WithRSAEncryption
3a:5e:0c:c6:df:9f:ae:6b:3b:1c:d5:0e:17:dc:15:73:63:e1:
a5:dd:5a:f6:e9:9a:08:ac:c0:25:50:9c:94:85:2f:14:92:9c:
25:81:fa:95:a5:c5:67:da:14:1a:f3:fc:4e:36:73:07:a3:b4:
3c:c9:83:1a:b0:10:8a:e5:03:fd:34:f1:a0:cf:b4:e4:7c:ed:
b2:64:25:03:08:6f:a7:b3:ad:8a:f4:cf:fd:65:90:59:4b:77:
f2:16:92:98:97:a4:44:d4:8d:d2:a3:53:42:15:de:64:2b:bc:
64:0c:39:d4:7f:bd:0a:10:5f:c5:59:5a:e8:fc:52:7b:de:12:
d7:f1:43:c4:a8:ea:f0:b5:b5:f2:b5:4f:1f:c0:24:ee:54:ce:
61:dd:00:1a:90:8d:06:4d:c1:4d:4b:47:18:df:5f:39:00:84:
85:9f:1c:c2:28:fc:45:5d:53:33:33:d1:c5:49:7e:bf:de:f0:
c3:19:34:6d:78:b7:08:0a:59:cc:28:8b:a2:8d:12:df:ed:31:
1a:13:39:39:f0:cf:92:50:44:65:a3:8e:e7:45:65:ba:16:23:
dd:06:e6:b7:60:5c:1e:8e:f1:0b:27:e5:83:fe:c3:38:4f:f6:
09:ee:73:8c:16:ee:05:3c:97:b0:31:62:0e:fc:56:15:50:f1:
a1:86:be:65
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYuwFXIZs6zsWosoQ1+M9wQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2JhMThkNWNlYjhlNzk0YzgxMzljZTAyYTc5MWI4NTAx
ODI1ZWYwHhcNMjMxMTA4MTc1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzEzZTIwNGI5ODQ0OTFhYWQwZjU5NWY0NmZhZDcwODg1MGI3YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApouWJOTLgdVz5eUfuKtmW3/DUCNY
oQ8Ta3VwRixmqW4BcnDEcZTxXAOR6PDkit5JOFovv9m2/dFYnsEr1DDWQhuj3lLP
+SmydCyCxbYiDG0gJcRsKNrRSJnW/iy3jwgGanzhH/vedjqqYCirlVIEicMp0mA3
AN2IGJK1+ePAG2vkxfsjpSHtVuMAnXQgrTFryYitE+BwrOMtqQRTYinoTY+jU1Wf
MbLZKqzOWFVqAyPNXXmNNT2rH74Ssp1QGPPnW6v1BTk5Kk4wSXpWbERydxQ0o2NZ
RAEj29BCms+dbfXHOUQi9Jq3W56HoXgL7zFbmZ7QxPwSKUZtelc4/hsbdwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCcT4gS5hEkarQ9ZX0b61wiFC3tuMB8GA1UdIwQY
MBaAFLU7oY1c6455TIE5zgKnkbhQGCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAt
NzU0YjYwYzViNTY4LzEvSnhQaUJMbUVTUnF0RDFsZlJ2clhDSVVMZTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAtNzU0YjYwYzViNTY4
LzEvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCwyrsAwQG
1JUAMA4EAgACMAgDBgAqANWASTANBgkqhkiG9w0BAQsFAAOCAQEAOl4Mxt+frms7
HNUOF9wVc2Phpd1a9umaCKzAJVCclIUvFJKcJYH6laXFZ9oUGvP8TjZzB6O0PMmD
GrAQiuUD/TTxoM+05HztsmQlAwhvp7OtivTP/WWQWUt38haSmJekRNSN0qNTQhXe
ZCu8ZAw51H+9ChBfxVla6PxSe94S1/FDxKjq8LW18rVPH8Ak7lTOYd0AGpCNBk3B
TUtHGN9fOQCEhZ8cwij8RV1TMzPRxUl+v97wwxk0bXi3CApZzCiLoo0S3+0xGhM5
OfDPklBEZaOO50VluhYj3Qbmt2BcHo7xCyflg/7DOE/2Ce5zjBbuBTyXsDFiDvxW
FVDxoYa+ZQ==
-----END CERTIFICATE-----
Generated at Mon Apr 28 08:34:27 2025 by rpki-client