Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/JQW5gtRBPYigErDb0NdkyDsrZuk.roa
File: JQW5gtRBPYigErDb0NdkyDsrZuk.roa (raw, json)
Hash identifier: 818+6UH5c1vwMCLhxymga1hOFlMTWv3GAvs5Uoobt1o=
Subject key identifier: 25:05:B9:82:D4:41:3D:88:A0:12:B0:DB:D0:D7:64:C8:3B:2B:66:E9
Certificate issuer: /CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Certificate serial: 12145004
Authority key identifier: 64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/JQW5gtRBPYigErDb0NdkyDsrZuk.roa
Signing time: Sat 01 Jan 2022 05:57:27 +0000
ROA not before: Sat 01 Jan 2022 05:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198336
IP address blocks: 176.227.224.0/21 maxlen: 21
176.227.224.0/20 maxlen: 20
176.227.232.0/23 maxlen: 23
176.227.238.0/23 maxlen: 23
176.227.234.0/23 maxlen: 23
176.227.237.0/24 maxlen: 24
176.227.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303321092 (0x12145004)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e90627021adcfa5624342d3e5f8b48035acfb4
Validity
Not Before: Jan 1 05:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2505b982d4413d88a012b0dbd0d764c83b2b66e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ab:7a:60:3e:65:30:28:04:64:86:56:45:19:
98:66:0e:cb:9a:ce:36:bd:10:32:c5:f7:1a:59:1e:
41:40:7a:ee:7d:3b:83:3b:ba:6f:23:46:eb:da:83:
b5:bc:c1:d5:42:83:09:ee:7c:14:9a:f6:18:99:f6:
a4:d0:9d:c4:2e:f0:50:b8:c4:2a:1f:4b:5d:c9:b3:
15:d3:75:6b:82:98:db:d8:ab:f7:f5:a0:a5:e3:9b:
de:c5:ed:b3:3e:46:ae:99:6c:d8:b8:2e:3d:22:95:
86:0b:b0:19:05:8d:ff:3e:ca:0e:ac:8d:d9:d8:c8:
45:43:8b:14:5d:29:fa:16:d8:d6:b7:d0:c1:34:e2:
49:ec:91:d2:f0:ab:62:d5:e8:3e:bb:cf:41:73:24:
b4:70:fe:e6:1e:b4:0e:de:29:7d:82:bc:65:9f:04:
b5:0b:a2:a2:a7:74:ce:30:75:f5:6f:3a:15:f0:4a:
ff:2e:11:70:1a:35:67:7a:fc:74:34:7a:79:6a:2e:
9c:a7:20:dc:19:32:11:f5:02:15:73:7d:51:ff:54:
b3:a5:a2:5c:58:9d:96:d8:df:e6:d0:9b:3e:cb:ed:
d8:3f:77:f3:16:3d:cc:b4:14:41:95:60:c2:c9:28:
ac:88:8a:8f:18:51:d3:2c:d2:a0:f1:e2:41:1d:a4:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:05:B9:82:D4:41:3D:88:A0:12:B0:DB:D0:D7:64:C8:3B:2B:66:E9
X509v3 Authority Key Identifier:
keyid:64:E9:06:27:02:1A:DC:FA:56:24:34:2D:3E:5F:8B:48:03:5A:CF:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/JQW5gtRBPYigErDb0NdkyDsrZuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6e3fba-4d3a-43cb-babf-5f2882de3ec7/1/ZOkGJwIa3PpWJDQtPl-LSANaz7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.224.0/20
Signature Algorithm: sha256WithRSAEncryption
33:00:38:1c:12:96:26:50:65:ec:a0:8b:3e:11:0a:05:cb:34:
9b:73:1f:8a:f7:71:14:51:45:2e:43:48:37:c8:2d:e3:a3:41:
55:27:6a:64:d1:2e:29:13:7a:a5:e0:ff:08:a9:6d:7a:1e:e6:
0c:11:55:09:69:c4:20:16:07:98:66:13:ab:78:bf:bc:76:a9:
63:d1:13:24:46:2c:49:ff:22:a1:94:b9:77:0d:ac:c0:77:17:
64:9e:11:7d:ca:6c:f9:7b:bb:e3:6f:ff:fe:66:55:0f:d5:d3:
51:22:96:b3:11:6c:18:af:f3:62:fe:fa:1b:1c:74:6e:96:f5:
07:d0:62:fb:a2:df:34:29:74:de:f0:98:11:49:93:56:ce:0d:
e8:db:57:3a:ad:d1:58:ec:0e:c5:03:bc:b8:fd:de:48:08:2c:
31:4d:c9:76:a0:5a:8a:f3:7e:25:30:b8:70:ac:ee:dd:fc:6e:
04:e0:83:10:92:b4:3a:24:a7:16:8b:bd:60:e2:d1:eb:d6:1c:
0f:53:ec:81:e6:51:b5:43:2d:dc:04:f1:05:63:fa:ad:85:2f:
41:8a:7f:f9:22:cc:70:12:eb:32:bd:5a:04:2b:e2:17:49:ec:
5a:0d:af:58:fd:c8:74:97:02:02:1a:60:fc:4c:ea:28:fc:fb:
40:df:91:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEhRQBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGU5MDYyNzAyMWFkY2ZhNTYyNDM0MmQzZTVmOGI0ODAzNWFjZmI0MB4XDTIyMDEw
MTA1NTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUwNWI5ODJkNDQx
M2Q4OGEwMTJiMGRiZDBkNzY0YzgzYjJiNjZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuremA+ZTAoBGSGVkUZmGYOy5rONr0QMsX3GlkeQUB67n07
gzu6byNG69qDtbzB1UKDCe58FJr2GJn2pNCdxC7wULjEKh9LXcmzFdN1a4KY29ir
9/WgpeOb3sXtsz5Grpls2LguPSKVhguwGQWN/z7KDqyN2djIRUOLFF0p+hbY1rfQ
wTTiSeyR0vCrYtXoPrvPQXMktHD+5h60Dt4pfYK8ZZ8EtQuioqd0zjB19W86FfBK
/y4RcBo1Z3r8dDR6eWounKcg3BkyEfUCFXN9Uf9Us6WiXFidltjf5tCbPsvt2D93
8xY9zLQUQZVgwskorIiKjxhR0yzSoPHiQR2kyY0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlBbmC1EE9iKASsNvQ12TIOytm6TAfBgNVHSMEGDAWgBRk6QYnAhrc+lYk
NC0+X4tIA1rPtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pPa0dKd0lhM1BwV0pEUXRQbC1MU0FOYXo3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvNmUzZmJhLTRkM2EtNDNjYi1iYWJmLTVmMjg4MmRlM2VjNy8x
L0pRVzVndFJCUFlpZ0VyRGIwTmRreURzclp1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
NmUzZmJhLTRkM2EtNDNjYi1iYWJmLTVmMjg4MmRlM2VjNy8xL1pPa0dKd0lhM1Bw
V0pEUXRQbC1MU0FOYXo3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLDj4DANBgkqhkiG9w0BAQsFAAOC
AQEAMwA4HBKWJlBl7KCLPhEKBcs0m3MfivdxFFFFLkNIN8gt46NBVSdqZNEuKRN6
peD/CKlteh7mDBFVCWnEIBYHmGYTq3i/vHapY9ETJEYsSf8ioZS5dw2swHcXZJ4R
fcps+Xu742///mZVD9XTUSKWsxFsGK/zYv76Gxx0bpb1B9Bi+6LfNCl03vCYEUmT
Vs4N6NtXOq3RWOwOxQO8uP3eSAgsMU3JdqBaivN+JTC4cKzu3fxuBOCDEJK0OiSn
Fou9YOLR69YcD1PsgeZRtUMt3ATxBWP6rYUvQYp/+SLMcBLrMr1aBCviF0nsWg2v
WP3IdJcCAhpg/EzqKPz7QN+RtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:09 2024 by rpki-client on console-fra.rpki-client.org