Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYiid9j_OU_qVU9sivsdifzlZbk.roa
File: jYiid9j_OU_qVU9sivsdifzlZbk.roa (raw, json)
Hash identifier: /FjeA3XVNysd75jJPFtDoNJFgyKku72fOLLDqC1IlaU=
Subject key identifier: 8D:88:A2:77:D8:FF:39:4F:EA:55:4F:6C:8A:FB:1D:89:FC:E5:65:B9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188F104FEA282EC22922EC1BC5F0CE6F7A2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYiid9j_OU_qVU9sivsdifzlZbk.roa
Signing time: Sun 25 Jun 2023 05:26:56 +0000
ROA not before: Sun 25 Jun 2023 05:26:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.14.166.0/24 maxlen: 24
93.123.74.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
45.129.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f1:04:fe:a2:82:ec:22:92:2e:c1:bc:5f:0c:e6:f7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 25 05:26:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d88a277d8ff394fea554f6c8afb1d89fce565b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:a3:69:40:64:2f:da:ca:d2:36:e3:d5:1b:
b1:d7:79:f5:34:85:09:25:46:0c:6e:40:e2:d4:a9:
c9:40:b8:e6:94:54:f2:34:df:62:3b:9e:76:67:5a:
34:77:51:84:0d:b9:77:d1:a4:2b:74:3d:b8:a9:24:
c7:9e:2b:96:3f:ab:9e:0b:67:c7:74:2c:d4:2a:ca:
b6:ea:6c:3e:61:28:07:fa:6c:68:60:1f:d2:6f:b9:
02:8d:58:31:72:8b:bb:79:dc:36:41:13:e9:d1:db:
15:7a:e0:36:cd:47:29:e2:78:a6:f7:57:95:34:29:
36:97:98:99:13:b8:07:3c:c0:48:04:24:76:d8:c6:
fc:25:c4:55:dd:b0:92:a8:6a:eb:b7:cc:b5:b4:13:
ef:3d:33:39:72:ad:2e:46:14:89:d5:2d:61:87:1d:
7d:c6:44:3b:a6:02:78:74:13:07:fc:88:d4:28:d5:
80:94:cc:c3:35:a8:c6:b4:3a:99:4c:33:5c:b4:ab:
3b:19:9e:63:7f:c4:97:d4:6b:6a:cd:25:70:c8:d9:
16:19:73:62:d6:60:2a:24:6d:26:92:c8:13:14:ec:
0e:39:26:a7:bb:41:70:58:ac:91:4c:0e:ca:8b:7f:
4e:6d:92:32:a0:a6:fd:33:d6:cf:2e:69:7d:c6:fe:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:88:A2:77:D8:FF:39:4F:EA:55:4F:6C:8A:FB:1D:89:FC:E5:65:B9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYiid9j_OU_qVU9sivsdifzlZbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
45.129.85.0/24
83.219.96.0/24
83.219.99.0/24
93.123.74.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:38:88:96:a1:cf:4f:b6:58:ad:05:60:cc:cd:9b:c6:96:35:
46:3f:41:f3:4b:23:cd:7e:6a:ee:14:a8:45:e8:42:ed:02:b8:
1d:e3:fb:32:d1:d7:16:8e:5f:c0:17:44:af:c2:8b:01:21:56:
c0:0b:c5:76:46:a1:f6:0f:f5:9e:b6:71:7f:46:8e:b9:ff:29:
f6:6c:f2:d8:15:a1:29:0e:ed:14:71:29:f5:f1:fa:53:86:32:
0d:15:3d:76:3c:3a:a5:18:4f:43:e8:85:9b:5f:78:3f:ea:b4:
4e:02:f9:d0:12:20:19:28:a2:d9:65:ed:00:79:f7:ab:ee:e3:
db:f4:bc:84:a9:a9:15:62:fb:dc:34:bd:f9:c5:1d:af:f3:a9:
1e:2b:ab:05:4b:6d:a6:e1:59:36:76:87:51:ef:d2:d5:83:04:
0e:4a:46:92:85:f2:2c:89:0e:fb:b4:34:02:7f:b3:16:b9:35:
66:b0:65:26:39:bd:a2:83:6d:0f:a9:4c:54:3d:94:e8:2c:51:
48:e4:e3:c5:d4:ac:31:83:e0:40:5b:1d:19:d7:bd:3f:74:10:
52:69:58:9f:c8:ca:78:d5:24:d8:f6:80:44:ea:6a:44:bf:f7:
85:01:5d:94:87:2b:3d:f9:ce:d2:14:56:c2:ff:86:2a:b0:c2:
e8:7c:bd:64
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjxBP6iguwiki7BvF8M5veiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjI1MDUyNjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg4YTI3N2Q4ZmYzOTRmZWE1NTRmNmM4YWZiMWQ4OWZjZTU2NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VOjaUBkL9rK0jbj1Rux13n1NIUJ
JUYMbkDi1KnJQLjmlFTyNN9iO552Z1o0d1GEDbl30aQrdD24qSTHniuWP6ueC2fH
dCzUKsq26mw+YSgH+mxoYB/Sb7kCjVgxcou7edw2QRPp0dsVeuA2zUcp4nim91eV
NCk2l5iZE7gHPMBIBCR22Mb8JcRV3bCSqGrrt8y1tBPvPTM5cq0uRhSJ1S1hhx19
xkQ7pgJ4dBMH/IjUKNWAlMzDNajGtDqZTDNctKs7GZ5jf8SX1GtqzSVwyNkWGXNi
1mAqJG0mksgTFOwOOSanu0FwWKyRTA7Ki39ObZIyoKb9M9bPLml9xv5DBQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI2IonfY/zlP6lVPbIr7HYn85WW5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvallpaWQ5al9PVV9xVlU5c2l2c2RpZnpsWmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ6mAwQA
LYFVAwQAU9tgAwQAU9tjAwQAXXtKMA0GCSqGSIb3DQEBCwUAA4IBAQBaOIiWoc9P
tlitBWDMzZvGljVGP0HzSyPNfmruFKhF6ELtArgd4/sy0dcWjl/AF0SvwosBIVbA
C8V2RqH2D/WetnF/Ro65/yn2bPLYFaEpDu0UcSn18fpThjINFT12PDqlGE9D6IWb
X3g/6rROAvnQEiAZKKLZZe0Aefer7uPb9LyEqakVYvvcNL35xR2v86keK6sFS22m
4Vk2dodR79LVgwQOSkaShfIsiQ77tDQCf7MWuTVmsGUmOb2ig20PqUxUPZToLFFI
5OPF1Kwxg+BAWx0Z170/dBBSaVifyMp41STY9oBE6mpEv/eFAV2Uhys9+c7SFFbC
/4YqsMLofL1k
-----END CERTIFICATE-----
Generated at Tue May 13 17:16:09 2025 by rpki-client