Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/JqD37E8zQdDsYdnFyVnMLwvBMHY.roa
File: JqD37E8zQdDsYdnFyVnMLwvBMHY.roa (raw, json)
Hash identifier: aqIlVnJFbOBZlQ3Eu+6qUQGxnNqcPlTZHl1VAlln3cc=
Subject key identifier: 26:A0:F7:EC:4F:33:41:D0:EC:61:D9:C5:C9:59:CC:2F:0B:C1:30:76
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 018842EBB9B62A5DE3A923FDB3BD8573C617
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/JqD37E8zQdDsYdnFyVnMLwvBMHY.roa
Signing time: Mon 22 May 2023 10:05:24 +0000
ROA not before: Mon 22 May 2023 10:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24638
IP address blocks: 81.19.64.0/19 maxlen: 19
185.110.56.0/22 maxlen: 22
91.220.133.0/24 maxlen: 24
2a02:6b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:eb:b9:b6:2a:5d:e3:a9:23:fd:b3:bd:85:73:c6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: May 22 10:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26a0f7ec4f3341d0ec61d9c5c959cc2f0bc13076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:81:30:7b:f2:c3:06:fc:c6:70:66:bc:9b:0f:
55:d7:36:2a:dd:08:49:7d:27:c7:d4:ae:c9:7b:f3:
0f:87:01:fa:52:4b:36:4e:f0:6e:10:9c:c3:9c:75:
90:78:87:cc:20:9c:11:2f:6e:bf:ac:54:f3:2a:b3:
14:77:75:d6:07:24:fa:bc:d2:3c:41:74:62:16:9d:
27:48:89:ea:13:ae:30:2c:23:97:ee:58:91:b7:e7:
4b:c4:0c:68:d0:8a:c3:00:29:de:16:78:8d:1a:23:
1d:b4:d0:11:76:bf:5c:db:44:15:ec:5e:ac:6b:fd:
4f:02:b7:f4:c9:ca:bc:0c:ad:42:55:a3:ee:ca:7b:
7f:d7:dd:5c:f1:a6:ec:9c:27:3d:0d:56:90:f3:12:
ad:d4:85:5c:f0:d9:35:f2:62:51:37:90:52:c1:72:
46:b5:96:58:76:77:1c:f6:60:8d:78:98:f9:3c:64:
f9:a4:81:c9:38:a0:2e:80:25:5b:70:3a:b7:15:20:
9f:73:f0:94:f4:1f:9c:bd:06:a5:d5:49:5b:9f:60:
e7:d7:93:8f:bb:14:66:ec:ab:f2:1a:c4:51:d5:f3:
1e:5d:85:0f:29:5a:da:db:67:dd:c5:bd:d8:64:91:
cb:7e:a4:fa:fb:6f:f7:27:3b:89:98:0d:01:5a:b3:
19:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:A0:F7:EC:4F:33:41:D0:EC:61:D9:C5:C9:59:CC:2F:0B:C1:30:76
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/JqD37E8zQdDsYdnFyVnMLwvBMHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.64.0/19
91.220.133.0/24
185.110.56.0/22
IPv6:
2a02:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
83:e2:cd:2e:15:b4:be:89:04:0c:0c:0c:e5:24:6e:3f:b0:8b:
d2:53:32:8c:f8:6d:84:20:6b:68:9a:22:c3:a9:5a:40:b5:db:
75:66:95:e8:2d:d9:e8:0d:c5:59:f3:19:92:a4:45:b9:a4:a7:
6b:fd:cc:41:9c:4c:d1:b6:8d:65:06:1e:58:a4:98:e1:88:72:
92:7e:a9:78:5d:a0:52:9a:98:0a:9b:f5:ca:83:35:65:c8:d0:
94:bf:d2:2c:bc:fd:99:92:85:82:53:db:b2:48:22:37:80:f2:
67:3f:89:e0:9c:79:1a:95:96:3f:33:ef:fb:58:72:60:91:1f:
46:1a:96:d1:cb:27:d8:99:cd:ce:ee:51:f8:a3:be:c2:b5:0e:
fd:88:19:22:c1:2e:1e:6a:26:2f:e0:c1:8c:ba:bb:e1:71:cf:
21:df:88:e1:bf:ef:8b:34:c1:d0:4d:ee:a2:36:8a:c1:a3:ca:
22:ac:1d:fc:82:b2:05:e1:50:83:00:54:a9:a1:e6:51:65:dc:
97:ae:d5:be:77:89:70:95:79:d5:62:cb:13:e6:ca:9a:a8:02:
83:13:aa:4c:c0:01:4a:c3:92:ff:71:0b:a0:c9:71:bd:57:b5:
a6:b1:1f:ba:93:0a:60:e2:57:98:44:34:36:ac:49:b5:78:fa:
38:b7:77:93
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYhC67m2Kl3jqSP9s72Fc8YXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjMwNTIyMTAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmEwZjdlYzRmMzM0MWQwZWM2MWQ5YzVjOTU5Y2MyZjBiYzEzMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYEwe/LDBvzGcGa8mw9V1zYq3QhJ
fSfH1K7Je/MPhwH6Uks2TvBuEJzDnHWQeIfMIJwRL26/rFTzKrMUd3XWByT6vNI8
QXRiFp0nSInqE64wLCOX7liRt+dLxAxo0IrDACneFniNGiMdtNARdr9c20QV7F6s
a/1PArf0ycq8DK1CVaPuynt/191c8absnCc9DVaQ8xKt1IVc8Nk18mJRN5BSwXJG
tZZYdncc9mCNeJj5PGT5pIHJOKAugCVbcDq3FSCfc/CU9B+cvQal1Ulbn2Dn15OP
uxRm7KvyGsRR1fMeXYUPKVra22fdxb3YZJHLfqT6+2/3JzuJmA0BWrMZUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCag9+xPM0HQ7GHZxclZzC8LwTB2MB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEvSnFEMzdFOHpRZERzWWRuRnlWbk1Md3ZCTUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFURNAAwQA
W9yFAwQCuW44MA0EAgACMAcDBQAqAgawMA0GCSqGSIb3DQEBCwUAA4IBAQCD4s0u
FbS+iQQMDAzlJG4/sIvSUzKM+G2EIGtomiLDqVpAtdt1ZpXoLdnoDcVZ8xmSpEW5
pKdr/cxBnEzRto1lBh5YpJjhiHKSfql4XaBSmpgKm/XKgzVlyNCUv9IsvP2ZkoWC
U9uySCI3gPJnP4ngnHkalZY/M+/7WHJgkR9GGpbRyyfYmc3O7lH4o77CtQ79iBki
wS4eaiYv4MGMurvhcc8h34jhv++LNMHQTe6iNorBo8oirB38grIF4VCDAFSpoeZR
ZdyXrtW+d4lwlXnVYssT5sqaqAKDE6pMwAFKw5L/cQugyXG9V7WmsR+6kwpg4leY
RDQ2rEm1ePo4t3eT
-----END CERTIFICATE-----
Generated at Wed May 14 09:16:27 2025 by rpki-client