Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/jjYGTzGijfP7RUkVY90zz40p1WA.roa
File: jjYGTzGijfP7RUkVY90zz40p1WA.roa (raw, json)
Hash identifier: qGn7i3uLmhYrw8n4cEhBYO+EK55OHhFaPXzqc+KIc18=
Subject key identifier: 8E:36:06:4F:31:A2:8D:F3:FB:45:49:15:63:DD:33:CF:8D:29:D5:60
Certificate issuer: /CN=570cdd1732e5643a15eed9ee77e1394b80242548
Certificate serial: 0183CC0841A1A0373FD5F76ACBFFEDEF5BC1
Authority key identifier: 57:0C:DD:17:32:E5:64:3A:15:EE:D9:EE:77:E1:39:4B:80:24:25:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwzdFzLlZDoV7tnud-E5S4AkJUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/jjYGTzGijfP7RUkVY90zz40p1WA.roa
Signing time: Wed 12 Oct 2022 11:50:36 +0000
ROA not before: Wed 12 Oct 2022 11:50:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212693
IP address blocks: 185.175.89.0/24 maxlen: 24
2a10:4440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:08:41:a1:a0:37:3f:d5:f7:6a:cb:ff:ed:ef:5b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570cdd1732e5643a15eed9ee77e1394b80242548
Validity
Not Before: Oct 12 11:50:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e36064f31a28df3fb45491563dd33cf8d29d560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:29:3c:7c:bc:ae:92:d4:46:02:bf:85:07:78:
7e:85:f2:ff:49:4c:9b:30:d7:ae:88:7d:2f:97:18:
f7:b1:8f:8c:66:0d:fb:09:6b:7b:e5:f9:07:ed:7c:
d7:b0:72:8c:f7:c1:b5:5e:9d:54:34:4c:a3:59:26:
8a:ca:33:5d:52:ed:00:3c:95:a5:a7:4b:47:d1:1b:
cc:a5:89:1d:d8:16:da:92:f9:cc:fd:4c:1e:9f:42:
07:58:46:2a:56:88:66:33:24:73:ec:a7:48:78:a0:
36:6a:ce:a4:51:d5:50:95:3e:da:7c:fa:da:b9:98:
40:b9:8b:18:b5:4b:39:01:0e:49:f2:13:f3:cd:f0:
2c:93:dd:ee:63:05:8e:7c:4d:84:45:fe:7a:e4:4c:
68:d9:e3:3a:e4:51:f5:40:ab:f8:1a:da:d8:87:23:
bd:64:e8:3b:15:d8:98:ca:20:06:59:3d:1a:d5:b4:
67:45:f6:c2:30:4a:29:ef:78:1b:47:ec:ef:6d:0a:
78:e0:ca:fc:77:92:42:ff:c7:ef:61:24:cf:de:44:
27:7e:14:ec:c7:ea:0f:63:75:51:97:56:8f:cc:5c:
68:3e:cf:fd:cb:14:a9:95:2c:85:fd:ef:39:e0:4a:
d4:af:4b:5c:81:0f:06:83:32:2b:78:47:93:a0:b8:
85:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:06:4F:31:A2:8D:F3:FB:45:49:15:63:DD:33:CF:8D:29:D5:60
X509v3 Authority Key Identifier:
keyid:57:0C:DD:17:32:E5:64:3A:15:EE:D9:EE:77:E1:39:4B:80:24:25:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwzdFzLlZDoV7tnud-E5S4AkJUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/jjYGTzGijfP7RUkVY90zz40p1WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/64d313-644c-4b9f-811a-38a5c9105cc5/1/VwzdFzLlZDoV7tnud-E5S4AkJUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.89.0/24
IPv6:
2a10:4440::/29
Signature Algorithm: sha256WithRSAEncryption
c6:93:a5:ae:b7:43:2a:f8:7b:6f:f0:69:0e:2f:4c:6e:4b:90:
b6:b9:ab:7f:e6:0c:03:b1:b4:7d:9d:b3:de:3f:ac:40:52:4e:
03:19:a2:e0:d0:f0:de:55:21:20:e8:23:fe:a2:7c:ad:7c:4c:
82:d9:08:e7:9f:1e:92:be:82:2c:6e:1f:c6:d5:f3:91:86:f4:
ae:b4:a7:18:68:27:f4:4d:54:75:47:f2:2b:bd:84:d2:ec:4b:
ef:d4:58:79:b2:78:29:b6:e0:bf:6d:7e:85:2a:36:61:60:f3:
ae:17:8b:f6:5e:d7:6a:12:cf:32:6a:c9:eb:e0:2c:47:97:0b:
a6:0d:9e:7d:f9:b3:ac:4a:c9:16:51:7a:63:5a:56:f5:19:65:
68:3a:55:cb:59:aa:fc:5c:46:31:e9:f7:15:40:2f:9e:e3:75:
b3:c8:13:bd:85:b7:e2:8b:4b:c6:bd:5e:81:7c:1a:79:d6:8a:
b0:1c:53:3d:9a:22:1f:cc:99:3f:55:99:63:fc:b6:89:95:89:
34:24:01:07:cf:23:78:c4:2a:86:19:5b:34:8a:71:d5:5a:c2:
54:5c:a4:30:27:39:25:74:37:41:07:49:9e:0e:ee:18:e4:a0:
22:55:c3:b7:e7:0e:f7:08:97:19:d2:f2:71:16:de:9c:9b:8a:
57:53:75:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPMCEGhoDc/1fdqy//t71vBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGNkZDE3MzJlNTY0M2ExNWVlZDllZTc3ZTEzOTRiODAy
NDI1NDgwHhcNMjIxMDEyMTE1MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2MDY0ZjMxYTI4ZGYzZmI0NTQ5MTU2M2RkMzNjZjhkMjlkNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmik8fLyuktRGAr+FB3h+hfL/SUyb
MNeuiH0vlxj3sY+MZg37CWt75fkH7XzXsHKM98G1Xp1UNEyjWSaKyjNdUu0APJWl
p0tH0RvMpYkd2BbakvnM/Uwen0IHWEYqVohmMyRz7KdIeKA2as6kUdVQlT7afPra
uZhAuYsYtUs5AQ5J8hPzzfAsk93uYwWOfE2ERf565Exo2eM65FH1QKv4GtrYhyO9
ZOg7FdiYyiAGWT0a1bRnRfbCMEop73gbR+zvbQp44Mr8d5JC/8fvYSTP3kQnfhTs
x+oPY3VRl1aPzFxoPs/9yxSplSyF/e854ErUr0tcgQ8GgzIreEeToLiF6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI42Bk8xoo3z+0VJFWPdM8+NKdVgMB8GA1UdIwQY
MBaAFFcM3Rcy5WQ6Fe7Z7nfhOUuAJCVIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnd6ZEZ6TGxaRG9WN3RudWQtRTVTNEFrSlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My82NGQzMTMtNjQ0Yy00YjlmLTgxMWEt
MzhhNWM5MTA1Y2M1LzEvampZR1R6R2lqZlA3UlVrVlk5MHp6NDBwMVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My82NGQzMTMtNjQ0Yy00YjlmLTgxMWEtMzhhNWM5MTA1Y2M1
LzEvVnd6ZEZ6TGxaRG9WN3RudWQtRTVTNEFrSlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAua9ZMA0E
AgACMAcDBQMqEERAMA0GCSqGSIb3DQEBCwUAA4IBAQDGk6Wut0Mq+Htv8GkOL0xu
S5C2uat/5gwDsbR9nbPeP6xAUk4DGaLg0PDeVSEg6CP+onytfEyC2Qjnnx6SvoIs
bh/G1fORhvSutKcYaCf0TVR1R/IrvYTS7Evv1Fh5sngptuC/bX6FKjZhYPOuF4v2
XtdqEs8yasnr4CxHlwumDZ59+bOsSskWUXpjWlb1GWVoOlXLWar8XEYx6fcVQC+e
43WzyBO9hbfii0vGvV6BfBp51oqwHFM9miIfzJk/VZlj/LaJlYk0JAEHzyN4xCqG
GVs0inHVWsJUXKQwJzkldDdBB0meDu4Y5KAiVcO35w73CJcZ0vJxFt6cm4pXU3VI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:16 2024 by rpki-client on console-fra.rpki-client.org