Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/JWbtID_xRwWCAf5RVHzBhieXQZE.roa
File: JWbtID_xRwWCAf5RVHzBhieXQZE.roa (raw, json)
Hash identifier: sbB+a7lmqLVSr3mNZwfchfH25hDIZwNxtdSZchcMUTw=
Subject key identifier: 25:66:ED:20:3F:F1:47:05:82:01:FE:51:54:7C:C1:86:27:97:41:91
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 01828D2B03061C5CEA25B95C3AD5192CD81E
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/JWbtID_xRwWCAf5RVHzBhieXQZE.roa
Signing time: Thu 11 Aug 2022 13:49:42 +0000
ROA not before: Thu 11 Aug 2022 13:49:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.201.0/24 maxlen: 24
45.88.200.0/24 maxlen: 24
185.181.60.0/22 maxlen: 24
185.125.168.0/22 maxlen: 24
198.140.141.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.216.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
2a03:94e1::/32 maxlen: 32
2a0a:cd80::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 32
2a03:94e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8d:2b:03:06:1c:5c:ea:25:b9:5c:3a:d5:19:2c:d8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Aug 11 13:49:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2566ed203ff147058201fe51547cc18627974191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:86:a0:e3:cf:ef:fb:8e:c0:e5:9c:a0:ec:5f:
e1:c7:d3:c8:b6:9e:0a:ee:1a:d3:58:ec:11:f3:1e:
d0:f0:28:89:90:b4:07:b6:82:83:c4:51:92:b0:ea:
0f:8c:1d:89:08:61:1e:f8:fe:fc:2f:5a:b4:4d:fd:
83:ed:2d:23:e0:d3:e6:b9:ca:f7:e5:f4:03:2d:45:
53:7f:f4:61:7f:40:21:d9:81:9a:3b:12:33:b7:3a:
7a:b5:29:5b:28:f3:f9:8d:46:ac:6b:c8:f4:d3:66:
22:60:90:70:1a:93:30:00:08:b7:8e:66:81:a0:20:
b1:e0:5a:2f:0b:c0:41:55:00:ad:1b:11:9e:92:8d:
5a:0d:35:90:86:4f:8f:a2:75:77:26:8c:a8:a2:44:
03:17:ac:ee:f3:fb:a9:c3:3a:ce:71:04:6d:68:02:
e0:78:cf:a2:3d:0c:cb:82:64:5a:6f:e8:5d:76:50:
7c:75:2f:0c:c9:95:53:90:ee:59:ea:7f:60:5b:04:
7b:11:92:c3:70:34:38:97:34:28:3d:76:61:8b:57:
95:b5:5e:57:b0:b6:16:fb:68:8f:88:c2:c7:17:20:
63:ca:2d:a4:84:3e:2d:62:af:0d:0c:4d:a6:74:c6:
72:ad:ab:63:7e:ca:b9:de:d7:cf:ed:ff:2c:e3:39:
0a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:66:ED:20:3F:F1:47:05:82:01:FE:51:54:7C:C1:86:27:97:41:91
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/JWbtID_xRwWCAf5RVHzBhieXQZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0/23
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
198.140.141.0/24
IPv6:
2a03:94e0::/30
2a0a:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
54:38:d4:07:c2:bb:4e:0f:07:17:bf:e4:82:13:4c:12:66:27:
ca:e7:f6:43:c3:f1:72:bf:da:25:dd:84:75:af:26:85:66:e8:
6a:69:2d:f5:d8:71:a8:1b:74:51:0d:cd:3d:69:1c:69:3b:1d:
54:95:71:8d:cd:36:4a:d9:9d:ef:59:e0:ce:c3:37:5d:03:d9:
fc:40:68:d0:4a:f5:9a:61:c5:4a:1c:b8:c9:49:50:8f:96:f1:
b4:bf:86:f0:b5:74:30:1d:b0:23:93:1d:30:83:1a:e0:20:b7:
5f:32:05:d2:0f:ee:c8:f2:8b:a7:9d:0d:b4:fc:03:79:f2:ef:
fd:0a:59:0c:bc:e0:93:0f:4e:d5:16:06:80:c7:62:e1:ed:06:
16:e5:2e:46:a5:ab:67:56:e7:4f:75:18:65:c8:5e:42:41:1a:
ef:98:a1:2f:72:0f:cf:51:2c:b6:37:b4:b7:00:2d:13:01:e3:
0f:6b:7e:57:15:9f:51:46:94:17:5a:f1:e5:fb:1a:a5:99:20:
a3:4f:47:ba:66:4b:3d:04:b8:da:a5:b3:a4:c1:8e:ee:80:d4:
b0:2b:aa:89:3f:7e:1d:6e:3e:b5:86:a0:82:8a:41:99:6e:3e:
be:eb:49:79:ad:0d:d9:20:d0:9b:82:e5:be:50:a6:a2:aa:40:
3d:73:e6:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYKNKwMGHFzqJblcOtUZLNgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYTIyOWUyNjZiMjU1ODg5OWYzNTQ3ZWU2M2Q4NGVkNjU5
NDc2OGIwHhcNMjIwODExMTM0OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTY2ZWQyMDNmZjE0NzA1ODIwMWZlNTE1NDdjYzE4NjI3OTc0MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloag48/v+47A5Zyg7F/hx9PItp4K
7hrTWOwR8x7Q8CiJkLQHtoKDxFGSsOoPjB2JCGEe+P78L1q0Tf2D7S0j4NPmucr3
5fQDLUVTf/Rhf0Ah2YGaOxIztzp6tSlbKPP5jUasa8j002YiYJBwGpMwAAi3jmaB
oCCx4FovC8BBVQCtGxGeko1aDTWQhk+PonV3JoyookQDF6zu8/upwzrOcQRtaALg
eM+iPQzLgmRab+hddlB8dS8MyZVTkO5Z6n9gWwR7EZLDcDQ4lzQoPXZhi1eVtV5X
sLYW+2iPiMLHFyBjyi2khD4tYq8NDE2mdMZyratjfsq53tfP7f8s4zkKVQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCVm7SA/8UcFggH+UVR8wYYnl0GRMB8GA1UdIwQY
MBaAFJOiKeJmslWImfNUfuY9hO1llHaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYt
NGQ3NzdjYWNkOWE0LzEvSldidElEX3hSd1dDQWY1UlZIekJoaWVYUVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jNDA3M2EtOTIzYi00ZWNmLTk1NjYtNGQ3NzdjYWNkOWE0
LzEvazZJcDRtYXlWWWlaODFSLTVqMkU3V1dVZG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQBLVjIAwQC
uX2oAwQCubU8MAwDBAO589gDBAC589oDBADGjI0wFAQCAAIwDgMFAioDlOADBQAq
Cs2AMA0GCSqGSIb3DQEBCwUAA4IBAQBUONQHwrtODwcXv+SCE0wSZifK5/ZDw/Fy
v9ol3YR1ryaFZuhqaS312HGoG3RRDc09aRxpOx1UlXGNzTZK2Z3vWeDOwzddA9n8
QGjQSvWaYcVKHLjJSVCPlvG0v4bwtXQwHbAjkx0wgxrgILdfMgXSD+7I8ounnQ20
/AN58u/9ClkMvOCTD07VFgaAx2Lh7QYW5S5GpatnVudPdRhlyF5CQRrvmKEvcg/P
USy2N7S3AC0TAeMPa35XFZ9RRpQXWvHl+xqlmSCjT0e6Zks9BLjapbOkwY7ugNSw
K6qJP34dbj61hqCCikGZbj6+60l5rQ3ZINCbguW+UKaiqkA9c+aA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org