Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/jkzgztrKtNba-SiEve03sgoC-wE.roa
File: jkzgztrKtNba-SiEve03sgoC-wE.roa (raw, json)
Hash identifier: 9Ws3DJtZRPxcoFZb+3lqDZ1eK3fiSme7OqzyfKnPGeI=
Subject key identifier: 8E:4C:E0:CE:DA:CA:B4:D6:DA:F9:28:84:BD:ED:37:B2:0A:02:FB:01
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 018543777A2400ACB98EE3E72FA530731DE4
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/jkzgztrKtNba-SiEve03sgoC-wE.roa
Signing time: Sat 24 Dec 2022 09:29:41 +0000
ROA not before: Sat 24 Dec 2022 09:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212216
IP address blocks: 195.28.10.0/24 maxlen: 24
185.73.226.0/24 maxlen: 32
80.249.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:77:7a:24:00:ac:b9:8e:e3:e7:2f:a5:30:73:1d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Dec 24 09:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e4ce0cedacab4d6daf92884bded37b20a02fb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:cd:48:0b:8b:2b:f9:a8:e8:36:9f:38:6e:
7c:9a:38:af:83:64:9c:7c:ff:6d:a8:94:55:4c:04:
55:77:74:ea:8a:33:d7:b4:42:03:c3:b6:4c:77:f9:
ce:56:2b:1e:ba:20:d0:9c:d7:5f:51:4f:ef:e8:32:
c7:04:13:91:6c:7d:36:d3:04:ef:b4:fc:eb:0e:2a:
61:20:ad:e8:b9:73:c3:d3:31:92:fe:8e:f3:81:cc:
c8:b0:47:73:e0:f6:f3:fa:c0:6f:23:4f:34:f3:ea:
de:b8:fc:f2:8d:e2:84:6c:fd:8f:54:cb:a3:5f:ab:
1b:d4:4f:c9:a0:4c:dc:f8:c7:5c:d6:99:be:9c:6a:
9e:84:07:e7:ff:34:d4:36:57:77:96:61:96:34:dd:
a6:f9:53:f7:4c:82:d4:48:6e:42:a6:fb:ef:72:b4:
3e:5e:4c:a5:39:82:18:21:7c:fa:e5:59:0e:e6:f4:
ab:9f:90:17:56:29:91:93:c1:09:f5:b4:2c:27:9f:
e1:c5:e7:39:6e:93:09:4d:f5:28:9f:49:d5:fb:dd:
6f:6c:75:27:f4:26:f3:4d:6e:91:f2:0a:21:4a:b4:
87:e5:a5:ec:e3:b3:28:7f:81:e2:d9:ca:31:fe:71:
29:f9:2a:0d:74:07:24:c0:ce:de:94:01:50:c7:32:
2f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4C:E0:CE:DA:CA:B4:D6:DA:F9:28:84:BD:ED:37:B2:0A:02:FB:01
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/jkzgztrKtNba-SiEve03sgoC-wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.115.0/24
185.73.226.0/24
195.28.10.0/24
Signature Algorithm: sha256WithRSAEncryption
76:85:ef:06:86:47:a1:9b:5c:9a:66:7b:fb:c5:1a:dc:63:98:
84:fb:f1:8f:a4:55:57:7a:41:36:d1:57:28:b3:62:2a:f8:9c:
e5:22:37:1f:5b:0d:bc:67:3a:0e:64:eb:3f:32:63:96:f0:c7:
d4:b7:89:f9:3e:ef:04:90:47:4d:58:0c:9b:85:9a:e7:08:bd:
2f:b3:94:20:a3:b9:b3:95:55:d2:76:21:9c:89:8a:e2:71:ab:
b1:82:b9:3f:a3:5f:1a:03:0f:4c:f6:90:8b:27:f1:43:17:75:
8c:ac:d2:a2:d7:2e:8c:90:0d:7e:69:07:49:7b:80:f8:91:e7:
55:44:8a:98:fe:63:99:e9:d2:67:ac:0a:a5:2d:db:9c:07:04:
18:45:62:d8:3b:12:5d:88:57:89:23:5f:db:3d:cc:2f:ce:32:
fe:7b:37:10:4d:98:f6:d5:0f:46:db:25:48:29:3d:93:15:c5:
f4:e5:3c:77:f0:7b:90:e6:a8:7f:d6:45:6c:cb:4c:e4:00:2b:
71:ea:fe:f0:20:0a:df:64:35:ac:bc:10:7f:1b:78:9d:d3:9f:
9a:95:f4:45:38:7a:65:04:8d:24:ab:a9:9d:97:02:c7:b8:ad:
58:dd:0d:6c:1a:9a:e8:eb:a2:02:6f:36:8a:00:6f:e9:e2:82:
ee:ed:5b:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVDd3okAKy5juPnL6Uwcx3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2YWZhYWUyZTNlMDU0MDczYTM4YWFiNjM1ZGM5NjQ2MGVl
ZjQ4N2UwHhcNMjIxMjI0MDkyOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRjZTBjZWRhY2FiNGQ2ZGFmOTI4ODRiZGVkMzdiMjBhMDJmYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9PNSAuLK/mo6DafOG58mjivg2Sc
fP9tqJRVTARVd3TqijPXtEIDw7ZMd/nOViseuiDQnNdfUU/v6DLHBBORbH020wTv
tPzrDiphIK3ouXPD0zGS/o7zgczIsEdz4Pbz+sBvI0808+reuPzyjeKEbP2PVMuj
X6sb1E/JoEzc+Mdc1pm+nGqehAfn/zTUNld3lmGWNN2m+VP3TILUSG5CpvvvcrQ+
XkylOYIYIXz65VkO5vSrn5AXVimRk8EJ9bQsJ5/hxec5bpMJTfUon0nV+91vbHUn
9CbzTW6R8gohSrSH5aXs47Mof4Hi2cox/nEp+SoNdAckwM7elAFQxzIvRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI5M4M7ayrTW2vkohL3tN7IKAvsBMB8GA1UdIwQY
MBaAFIavquLj4FQHOjiqtjXclkYO70h+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzIt
NDcyMDQwYjI0N2Y2LzEvamt6Z3p0ckt0TmJhLVNpRXZlMDNzZ29DLXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNzZhMWEtMzcyNC00OTViLWFjNzItNDcyMDQwYjI0N2Y2
LzEvaHEtcTR1UGdWQWM2T0txMk5keVdSZzd2U0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPlzAwQA
uUniAwQAwxwKMA0GCSqGSIb3DQEBCwUAA4IBAQB2he8Ghkehm1yaZnv7xRrcY5iE
+/GPpFVXekE20Vcos2Iq+JzlIjcfWw28ZzoOZOs/MmOW8MfUt4n5Pu8EkEdNWAyb
hZrnCL0vs5Qgo7mzlVXSdiGciYricauxgrk/o18aAw9M9pCLJ/FDF3WMrNKi1y6M
kA1+aQdJe4D4kedVRIqY/mOZ6dJnrAqlLducBwQYRWLYOxJdiFeJI1/bPcwvzjL+
ezcQTZj21Q9G2yVIKT2TFcX05Tx38HuQ5qh/1kVsy0zkACtx6v7wIArfZDWsvBB/
G3id05+alfRFOHplBI0kq6mdlwLHuK1Y3Q1sGpro66ICbzaKAG/p4oLu7Vtv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:39 2024 by rpki-client on console-ams.rpki-client.org