Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/J88L3rDaqD-ypiCchEG-1nhytWo.roa
File: J88L3rDaqD-ypiCchEG-1nhytWo.roa (raw, json)
Hash identifier: gahJYxFqtKq+3KFlsbRSLX7JkKRAYZS5+jM+2iP0EKQ=
Subject key identifier: 27:CF:0B:DE:B0:DA:A8:3F:B2:A6:20:9C:84:41:BE:D6:78:72:B5:6A
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 01848620242C3C06DBC1CF1E4FC1E7390F79
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/J88L3rDaqD-ypiCchEG-1nhytWo.roa
Signing time: Thu 17 Nov 2022 15:06:04 +0000
ROA not before: Thu 17 Nov 2022 15:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205836
IP address blocks: 185.204.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:20:24:2c:3c:06:db:c1:cf:1e:4f:c1:e7:39:0f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Nov 17 15:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27cf0bdeb0daa83fb2a6209c8441bed67872b56a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:98:af:77:c8:18:f3:fc:cb:c3:45:92:f1:
94:e8:cb:f4:55:3b:77:92:3d:e9:74:6d:f2:4d:5b:
a5:3e:62:03:a4:d6:d3:bc:c3:a7:6d:10:6e:b1:99:
ed:4e:7c:87:29:e7:6f:30:25:62:23:60:e4:4e:3e:
b3:0f:a3:df:ee:48:29:df:e8:d5:55:ec:9f:8c:aa:
48:0a:a4:3b:90:99:0b:4d:5f:4b:67:f6:10:d6:5c:
68:04:f9:33:13:0b:14:49:e0:a8:5e:9f:5a:bd:e8:
86:c6:a0:a3:f4:9a:92:c9:50:76:48:80:0c:1c:5e:
6d:66:15:18:9f:96:55:98:17:ed:d9:ca:e3:e2:55:
b2:b8:23:d1:8d:23:16:5e:c9:a8:10:0b:94:8b:c6:
c1:96:f8:c0:55:80:b8:d3:45:7c:e8:b0:04:43:ea:
44:2f:c4:8c:85:4a:2e:de:f6:be:ad:e8:cc:06:78:
95:4e:c9:2f:44:dd:0d:ea:fd:b6:1a:a4:8b:99:3a:
38:bc:47:b4:34:2a:ac:b2:81:4f:71:44:17:73:94:
64:43:6c:00:c4:14:a5:20:41:1f:c4:74:a2:98:1e:
3d:90:75:29:14:df:91:af:07:b6:4b:e6:fd:f0:67:
98:fb:f6:ef:68:b9:6f:43:ef:b9:91:94:83:e9:30:
2c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:CF:0B:DE:B0:DA:A8:3F:B2:A6:20:9C:84:41:BE:D6:78:72:B5:6A
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/J88L3rDaqD-ypiCchEG-1nhytWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.202.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:28:3a:30:80:18:ee:ef:37:46:b1:bc:13:6a:36:a1:b0:b7:
f5:c4:75:b4:48:4a:1d:94:5d:9b:6c:8e:3f:56:a8:93:47:c4:
8b:9a:e8:b5:51:56:0c:52:63:2d:98:d1:06:9e:ed:04:c1:dc:
3c:c1:84:71:61:48:50:8d:48:1e:fe:f1:e6:f0:09:e1:64:22:
f9:e0:17:54:f2:9f:b8:36:6d:2d:a7:44:d5:4e:85:fe:45:fe:
d5:ea:8b:a3:70:c8:2d:47:0f:80:3c:86:32:38:e4:c1:81:00:
8f:6e:1c:35:4c:35:2f:f9:ce:2f:66:dd:40:8e:9e:f2:f6:9f:
7a:f7:4f:e3:2f:c3:24:61:64:5d:10:f4:6e:f7:b1:84:a7:d8:
8e:f9:73:53:85:b4:b6:e4:f4:a7:e1:07:51:4c:67:4f:b6:18:
6d:02:e0:6d:8c:c3:ca:0b:75:91:a2:ba:5d:fa:66:03:52:3b:
b1:09:a9:08:63:b7:5f:1d:b5:9c:54:f6:23:08:df:5b:da:97:
5f:35:27:1e:ce:73:1d:00:5b:e8:a1:32:29:d0:fa:0a:ad:77:
aa:71:07:52:6e:62:4b:09:2b:be:c7:4e:b4:bf:b3:36:cb:44:
0f:21:f1:0a:0f:df:b1:25:a5:54:ac:72:cb:d2:22:47:ad:be:
d6:99:b7:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSGICQsPAbbwc8eT8HnOQ95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjIxMTE3MTUwNjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2NmMGJkZWIwZGFhODNmYjJhNjIwOWM4NDQxYmVkNjc4NzJiNTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj6Yr3fIGPP8y8NFkvGU6Mv0VTt3
kj3pdG3yTVulPmIDpNbTvMOnbRBusZntTnyHKedvMCViI2DkTj6zD6Pf7kgp3+jV
VeyfjKpICqQ7kJkLTV9LZ/YQ1lxoBPkzEwsUSeCoXp9aveiGxqCj9JqSyVB2SIAM
HF5tZhUYn5ZVmBft2crj4lWyuCPRjSMWXsmoEAuUi8bBlvjAVYC400V86LAEQ+pE
L8SMhUou3va+rejMBniVTskvRN0N6v22GqSLmTo4vEe0NCqssoFPcUQXc5RkQ2wA
xBSlIEEfxHSimB49kHUpFN+Rrwe2S+b98GeY+/bvaLlvQ++5kZSD6TAsvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCfPC96w2qg/sqYgnIRBvtZ4crVqMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvSjg4TDNyRGFxRC15cGlDY2hFRy0xbmh5dFdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuczKMA0G
CSqGSIb3DQEBCwUAA4IBAQBeKDowgBju7zdGsbwTajahsLf1xHW0SEodlF2bbI4/
VqiTR8SLmui1UVYMUmMtmNEGnu0Ewdw8wYRxYUhQjUge/vHm8AnhZCL54BdU8p+4
Nm0tp0TVToX+Rf7V6oujcMgtRw+APIYyOOTBgQCPbhw1TDUv+c4vZt1Ajp7y9p96
90/jL8MkYWRdEPRu97GEp9iO+XNThbS25PSn4QdRTGdPthhtAuBtjMPKC3WRorpd
+mYDUjuxCakIY7dfHbWcVPYjCN9b2pdfNSceznMdAFvooTIp0PoKrXeqcQdSbmJL
CSu+x060v7M2y0QPIfEKD9+xJaVUrHLL0iJHrb7WmbeX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org