Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/js_P5D1PrcSHj6zku3exgmw3IcY.roa
File: js_P5D1PrcSHj6zku3exgmw3IcY.roa (raw, json)
Hash identifier: dvhj+V+8SUNk6BYd26NEnW0zsW8xScOJCaXEEbJcC1o=
Subject key identifier: 8E:CF:CF:E4:3D:4F:AD:C4:87:8F:AC:E4:BB:77:B1:82:6C:37:21:C6
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08C6CF9C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/js_P5D1PrcSHj6zku3exgmw3IcY.roa
Signing time: Sat 01 Jan 2022 07:04:33 +0000
ROA not before: Sat 01 Jan 2022 07:04:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60404
IP address blocks: 185.255.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147247004 (0x8c6cf9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ecfcfe43d4fadc4878face4bb77b1826c3721c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3b:b4:7b:69:af:d2:2a:38:f5:72:77:72:3e:
0c:b0:b6:9d:ce:a6:5d:3d:0c:1a:4c:4f:d1:3f:d8:
f0:64:af:80:15:96:d1:0e:65:5a:d3:4d:8d:bb:ab:
82:c0:67:31:6d:d4:22:aa:03:4e:ab:3e:d5:8b:20:
e5:30:6a:c1:37:bc:e7:a8:95:19:84:d5:f0:1b:f9:
bf:66:d5:79:37:41:9b:40:f1:b5:31:9a:bd:26:5f:
c3:18:82:6d:18:51:99:2f:e6:d3:29:a9:ca:58:06:
5d:7a:4a:49:e3:a9:25:8d:4d:9d:c0:6f:71:34:e4:
17:8e:b8:64:d0:5d:9f:f9:94:28:65:dd:81:77:a7:
42:e1:16:ca:96:18:8e:6a:08:94:dd:27:c5:15:0f:
c0:36:75:26:c7:eb:4e:67:54:2f:7d:da:0a:34:ef:
70:b9:f0:0a:39:24:21:3e:58:ab:b7:a3:d6:c7:71:
54:10:34:36:fd:08:c4:dd:57:5a:5e:65:ee:90:e7:
cd:9a:3c:59:42:51:00:2f:92:c6:42:ce:25:d3:c9:
34:85:89:9e:25:6e:ec:ec:26:6e:49:b9:1a:18:ef:
95:2d:4b:33:36:9c:d6:3d:d4:ff:73:fa:0c:e5:5b:
82:7c:ba:df:ab:42:88:1c:f4:9c:43:48:34:7d:1b:
19:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:CF:CF:E4:3D:4F:AD:C4:87:8F:AC:E4:BB:77:B1:82:6C:37:21:C6
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/js_P5D1PrcSHj6zku3exgmw3IcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:1e:05:99:d8:fe:fe:f5:f1:71:07:21:03:da:c4:fe:bd:a1:
ea:11:cc:49:71:cc:ee:36:e4:bb:cc:e5:c3:47:72:65:cc:d4:
07:db:62:f0:ca:af:c0:01:13:75:cb:2e:31:42:87:e6:98:37:
4d:7f:a9:79:79:ed:9b:c7:28:ad:a3:bd:4c:2d:c5:ad:6b:52:
18:ae:d2:ca:f3:c7:7a:47:53:d1:81:38:5f:3b:6e:a9:bd:ee:
c9:41:49:ea:fa:41:e5:44:4f:f9:ce:74:9a:bf:fe:46:ee:13:
90:78:e1:8d:62:1d:da:d2:77:7f:a6:3e:3c:fb:5a:4b:47:63:
6b:f2:66:1e:e2:fe:99:7f:fe:ed:ab:07:95:e9:2f:bd:eb:7a:
c2:e9:cc:f0:7b:7f:03:77:56:91:57:65:f5:7a:37:bf:0f:e7:
9d:e3:eb:5a:d8:bb:06:d9:42:1b:3b:a5:82:95:86:42:ec:c9:
4b:ec:e0:ea:7e:dd:e4:74:e2:fa:7e:18:c2:02:c0:5e:2d:d8:
d6:c6:fe:d9:b3:01:b9:33:7f:33:2e:7f:6b:0c:91:72:32:6c:
0e:cb:4d:4c:ea:57:52:3a:8a:3a:76:56:ba:2e:3d:f0:70:14:
a2:ab:cd:24:3c:aa:54:f3:73:75:66:0e:f6:61:e6:d4:17:02:
3f:a9:7e:3e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMbPnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVjZmNmZTQzZDRm
YWRjNDg3OGZhY2U0YmI3N2IxODI2YzM3MjFjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKg7tHtpr9IqOPVyd3I+DLC2nc6mXT0MGkxP0T/Y8GSvgBWW
0Q5lWtNNjburgsBnMW3UIqoDTqs+1Ysg5TBqwTe856iVGYTV8Bv5v2bVeTdBm0Dx
tTGavSZfwxiCbRhRmS/m0ympylgGXXpKSeOpJY1NncBvcTTkF464ZNBdn/mUKGXd
gXenQuEWypYYjmoIlN0nxRUPwDZ1JsfrTmdUL33aCjTvcLnwCjkkIT5Yq7ej1sdx
VBA0Nv0IxN1XWl5l7pDnzZo8WUJRAC+SxkLOJdPJNIWJniVu7Owmbkm5GhjvlS1L
Mzac1j3U/3P6DOVbgny636tCiBz0nENINH0bGTsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOz8/kPU+txIePrOS7d7GCbDchxjAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L2pzX1A1RDFQcmNTSGo2emt1M2V4Z213M0ljWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn/cjANBgkqhkiG9w0BAQsFAAOC
AQEAfh4Fmdj+/vXxcQchA9rE/r2h6hHMSXHM7jbku8zlw0dyZczUB9ti8MqvwAET
dcsuMUKH5pg3TX+peXntm8coraO9TC3FrWtSGK7SyvPHekdT0YE4Xztuqb3uyUFJ
6vpB5URP+c50mr/+Ru4TkHjhjWId2tJ3f6Y+PPtaS0dja/JmHuL+mX/+7asHlekv
vet6wunM8Ht/A3dWkVdl9Xo3vw/nnePrWti7BtlCGzulgpWGQuzJS+zg6n7d5HTi
+n4YwgLAXi3Y1sb+2bMBuTN/My5/awyRcjJsDstNTOpXUjqKOnZWui498HAUoqvN
JDyqVPNzdWYO9mHm1BcCP6l+Pg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org