Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jrPe2-U9T2-Jxt1LdLXp9gh9WbY.roa
File: jrPe2-U9T2-Jxt1LdLXp9gh9WbY.roa (raw, json)
Hash identifier: 1NUxPNQAlcLlWxFaTfD/Krn/bqy/A37nIzKlJ+9bj/0=
Subject key identifier: 8E:B3:DE:DB:E5:3D:4F:6F:89:C6:DD:4B:74:B5:E9:F6:08:7D:59:B6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0189217C714AA3797BB35796B71B5A29AF58
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jrPe2-U9T2-Jxt1LdLXp9gh9WbY.roa
Signing time: Tue 04 Jul 2023 15:19:10 +0000
ROA not before: Tue 04 Jul 2023 15:19:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.230.52.0/24 maxlen: 24
193.58.145.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:7c:71:4a:a3:79:7b:b3:57:96:b7:1b:5a:29:af:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 4 15:19:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8eb3dedbe53d4f6f89c6dd4b74b5e9f6087d59b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:47:df:68:6b:07:c1:07:36:b5:e2:4f:92:
6e:c7:b5:95:35:26:08:7a:b3:87:08:3f:c5:c8:5f:
25:63:dc:aa:04:1f:a8:01:2d:98:16:46:61:07:39:
e2:12:e7:52:f5:26:16:70:b0:73:8a:9d:05:a3:4e:
af:f9:ab:a7:3a:70:a7:2d:fe:47:f7:47:c4:2a:5d:
58:d2:de:31:ea:f7:e0:11:30:ab:4f:5a:f1:83:9c:
48:a5:94:b4:5a:73:0d:20:b9:d7:8d:6e:dd:af:d5:
2c:bf:46:96:11:81:ff:25:a9:6f:eb:bf:8e:2c:32:
24:66:65:6f:42:4b:24:58:bb:44:31:fd:25:be:05:
9a:b6:b4:f2:32:95:77:21:5c:9f:02:05:61:1a:02:
39:0c:4d:56:84:c5:ad:e8:86:fe:7b:cb:3a:4b:1c:
db:34:10:4c:bc:95:a9:5f:bb:cc:15:1e:4a:ca:c6:
a6:66:14:75:16:84:6f:86:f0:f3:d1:ff:e6:62:c9:
c8:e0:3c:0a:d9:a4:c3:79:f3:7a:17:c6:a5:34:f0:
3d:81:55:69:5c:5b:a8:2b:fc:95:f8:93:67:be:96:
d2:6d:f5:35:60:a8:42:21:86:02:a7:17:d3:a5:84:
dc:70:ec:6f:3c:55:36:66:03:d4:58:8e:69:79:19:
3f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B3:DE:DB:E5:3D:4F:6F:89:C6:DD:4B:74:B5:E9:F6:08:7D:59:B6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/jrPe2-U9T2-Jxt1LdLXp9gh9WbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.223.78.0/24
185.225.0.0/23
185.230.52.0/24
193.58.145.0-193.58.147.255
Signature Algorithm: sha256WithRSAEncryption
1f:ab:11:fb:aa:6e:dd:3e:d7:c2:7e:c1:4b:92:95:15:17:dc:
1e:18:48:f0:06:ee:b9:38:a0:bb:5d:40:01:b7:8e:18:9f:3a:
4b:4c:08:ea:2e:7b:4b:b5:46:27:71:ea:53:3d:ff:27:68:db:
28:80:dc:42:3b:35:05:7d:25:47:ab:c6:28:44:2a:b7:ef:3c:
c4:08:2a:51:96:4e:c9:92:51:a0:21:58:ba:1c:16:52:80:47:
d9:92:f8:90:3a:5e:c4:3e:05:87:11:c3:91:89:d2:fe:6f:91:
58:61:ef:a9:f9:5d:50:62:9c:ca:b0:99:2d:21:db:e9:28:e3:
86:23:76:3b:e1:be:73:63:6b:0a:23:6c:b3:3f:b3:e9:c7:04:
db:06:af:17:c0:c9:f8:c5:eb:18:de:45:21:8f:fe:d2:b2:1c:
37:b1:cc:09:e1:8e:14:d6:10:2e:eb:a6:8e:5c:23:28:cc:3f:
4f:e8:4c:d1:ce:ff:fa:59:8c:d1:04:85:41:5e:ea:71:b8:49:
ce:d0:fb:20:63:c2:f6:59:67:b4:74:a2:7a:87:08:52:5d:57:
7a:60:10:9c:4f:6f:93:bb:c1:bc:60:6a:fa:22:71:b8:8b:5f:
64:11:31:98:b3:4c:0f:8b:00:d8:73:0b:45:4b:8f:64:ad:30:
6c:05:7e:b8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYkhfHFKo3l7s1eWtxtaKa9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA0MTUxOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWIzZGVkYmU1M2Q0ZjZmODljNmRkNGI3NGI1ZTlmNjA4N2Q1OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKtH32hrB8EHNrXiT5Jux7WVNSYI
erOHCD/FyF8lY9yqBB+oAS2YFkZhBzniEudS9SYWcLBzip0Fo06v+aunOnCnLf5H
90fEKl1Y0t4x6vfgETCrT1rxg5xIpZS0WnMNILnXjW7dr9Usv0aWEYH/Jalv67+O
LDIkZmVvQkskWLtEMf0lvgWatrTyMpV3IVyfAgVhGgI5DE1WhMWt6Ib+e8s6Sxzb
NBBMvJWpX7vMFR5KysamZhR1FoRvhvDz0f/mYsnI4DwK2aTDefN6F8alNPA9gVVp
XFuoK/yV+JNnvpbSbfU1YKhCIYYCpxfTpYTccOxvPFU2ZgPUWI5peRk/0QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFI6z3tvlPU9vicbdS3S16fYIfVm2MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvanJQZTItVTlUMi1KeHQxTGRMWHA5Z2g5V2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALQgVAwQA
LZPgAwQAud9OAwQBueEAAwQAueY0MAwDBADBOpEDBALBOpAwDQYJKoZIhvcNAQEL
BQADggEBAB+rEfuqbt0+18J+wUuSlRUX3B4YSPAG7rk4oLtdQAG3jhifOktMCOou
e0u1Ridx6lM9/ydo2yiA3EI7NQV9JUerxihEKrfvPMQIKlGWTsmSUaAhWLocFlKA
R9mS+JA6XsQ+BYcRw5GJ0v5vkVhh76n5XVBinMqwmS0h2+ko44YjdjvhvnNjawoj
bLM/s+nHBNsGrxfAyfjF6xjeRSGP/tKyHDexzAnhjhTWEC7rpo5cIyjMP0/oTNHO
//pZjNEEhUFe6nG4Sc7Q+yBjwvZZZ7R0onqHCFJdV3pgEJxPb5O7wbxgavoicbiL
X2QRMZizTA+LANhzC0VLj2StMGwFfrg=
-----END CERTIFICATE-----
Generated at Fri May 9 02:53:29 2025 by rpki-client