Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jXVMaTDThtXJmHnBfnnyNVFI77Y.roa
File: jXVMaTDThtXJmHnBfnnyNVFI77Y.roa (raw, json)
Hash identifier: E/78ZSa0QfszJbP5VRX65Da5RVYBx0bbqkQnbTj9pcs=
Subject key identifier: 8D:75:4C:69:30:D3:86:D5:C9:98:79:C1:7E:79:F2:35:51:48:EF:B6
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0184F6627D244DEC9039E82D81BDA81D72EA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jXVMaTDThtXJmHnBfnnyNVFI77Y.roa
Signing time: Fri 09 Dec 2022 10:16:00 +0000
ROA not before: Fri 09 Dec 2022 10:16:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f6:62:7d:24:4d:ec:90:39:e8:2d:81:bd:a8:1d:72:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Dec 9 10:16:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d754c6930d386d5c99879c17e79f2355148efb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:62:cb:b5:f9:dd:76:fb:74:43:06:85:5c:47:
e0:3d:f7:d9:39:c4:e3:3c:6b:97:a1:3c:9c:56:1b:
41:0f:bd:78:8e:56:f2:fe:00:b1:d7:e0:9a:c4:5e:
4e:d2:4a:8e:e8:97:be:46:bc:b1:c6:c3:1e:bc:fd:
02:6a:e7:3e:b1:8e:6c:43:c8:90:97:68:2c:d0:f0:
78:40:9a:50:69:91:6a:b7:c0:ee:eb:86:00:11:15:
85:e9:79:c5:f0:bd:d7:c1:1f:c9:12:e7:6c:87:31:
25:28:3f:dd:e3:5b:28:f1:5a:b2:b3:0c:1b:41:03:
3b:20:00:e3:b1:65:74:33:59:3a:2c:8e:c3:02:6b:
87:97:7b:25:1e:1c:32:b6:47:93:25:b4:db:bc:6d:
62:bc:db:ec:eb:2e:4d:fc:06:f9:c3:c5:fa:d8:19:
35:03:fb:96:db:c7:25:e6:54:69:88:a7:c4:14:6f:
ef:23:ac:6e:16:ee:64:d4:44:d9:fd:60:40:81:6e:
58:cc:3d:3c:35:51:ad:7a:4e:3b:2a:23:8f:f1:d0:
fe:16:75:68:2a:fa:51:95:78:28:d8:47:d5:ff:83:
6d:ce:4b:a7:ce:bd:6e:d2:0f:e0:bd:ca:f8:e4:d9:
4b:b7:f6:df:14:30:fd:da:e8:94:f1:be:09:af:cd:
30:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:75:4C:69:30:D3:86:D5:C9:98:79:C1:7E:79:F2:35:51:48:EF:B6
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jXVMaTDThtXJmHnBfnnyNVFI77Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
79:25:a3:ea:6c:b7:ba:4e:e8:52:15:06:e6:18:9d:ab:76:18:
9f:04:a9:a6:64:43:b1:ef:82:ee:76:c3:f0:23:18:f9:f1:2e:
d3:78:a8:41:84:60:d8:66:e9:9f:4e:5a:3f:96:7a:7a:ce:0f:
d3:bb:29:e9:7d:1f:0c:73:ef:d6:f9:f6:b4:b4:94:c9:18:b1:
15:c2:35:54:6f:0c:a3:6f:6b:ee:c0:8f:5d:d7:fc:3a:87:28:
bd:42:fd:56:46:3a:ec:ed:65:6d:d4:60:e4:b4:9c:3b:b6:e9:
50:2f:d2:94:7a:e5:d1:b9:2a:f1:2c:72:a9:10:b0:7e:c1:ce:
85:13:72:dd:09:20:51:0a:b1:bc:1d:6d:07:3c:9e:2f:0d:2f:
de:a7:90:10:7f:bd:ad:d1:55:aa:29:73:c4:20:ba:04:6c:00:
fb:41:ad:26:8c:bc:a7:80:93:18:29:14:24:1d:27:68:67:59:
93:56:97:2b:1c:69:6b:2d:a4:8a:61:f9:0e:2e:09:71:53:41:
e8:c2:c6:a9:91:29:1f:ae:2d:55:25:61:a8:ba:29:fa:cf:f2:
d7:8f:be:b9:8b:8b:49:f9:6e:1f:ed:f5:a9:41:0f:64:e8:0b:
98:99:7f:25:6c:ef:89:3b:f0:7c:85:22:46:7f:af:28:42:22:
96:98:a0:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYT2Yn0kTeyQOegtgb2oHXLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMjA5MTAxNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc1NGM2OTMwZDM4NmQ1Yzk5ODc5YzE3ZTc5ZjIzNTUxNDhlZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmLLtfnddvt0QwaFXEfgPffZOcTj
PGuXoTycVhtBD714jlby/gCx1+CaxF5O0kqO6Je+RryxxsMevP0Cauc+sY5sQ8iQ
l2gs0PB4QJpQaZFqt8Du64YAERWF6XnF8L3XwR/JEudshzElKD/d41so8Vqyswwb
QQM7IADjsWV0M1k6LI7DAmuHl3slHhwytkeTJbTbvG1ivNvs6y5N/Ab5w8X62Bk1
A/uW28cl5lRpiKfEFG/vI6xuFu5k1ETZ/WBAgW5YzD08NVGtek47KiOP8dD+FnVo
KvpRlXgo2EfV/4Ntzkunzr1u0g/gvcr45NlLt/bfFDD92uiU8b4Jr80wmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI11TGkw04bVyZh5wX558jVRSO+2MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvalhWTWFURFRodFhKbUhuQmZubnlOVkZJNzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ28AwQA
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQB5JaPqbLe6TuhSFQbmGJ2rdhif
BKmmZEOx74LudsPwIxj58S7TeKhBhGDYZumfTlo/lnp6zg/TuynpfR8Mc+/W+fa0
tJTJGLEVwjVUbwyjb2vuwI9d1/w6hyi9Qv1WRjrs7WVt1GDktJw7tulQL9KUeuXR
uSrxLHKpELB+wc6FE3LdCSBRCrG8HW0HPJ4vDS/ep5AQf72t0VWqKXPEILoEbAD7
Qa0mjLyngJMYKRQkHSdoZ1mTVpcrHGlrLaSKYfkOLglxU0HowsapkSkfri1VJWGo
uin6z/LXj765i4tJ+W4f7fWpQQ9k6AuYmX8lbO+JO/B8hSJGf68oQiKWmKDj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:32 2024 by rpki-client on console-fra.rpki-client.org