Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/JNsQbZSRnXQLcTnadJkduM0J0Q0.roa
File: JNsQbZSRnXQLcTnadJkduM0J0Q0.roa (raw, json)
Hash identifier: fioyw//RegMUXxIZip0JE/y4wp5iBQdHypDS1LC943c=
Subject key identifier: 24:DB:10:6D:94:91:9D:74:0B:71:39:DA:74:99:1D:B8:CD:09:D1:0D
Certificate issuer: /CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Certificate serial: 1A66E796
Authority key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/JNsQbZSRnXQLcTnadJkduM0J0Q0.roa
Signing time: Sat 01 Jan 2022 15:56:32 +0000
ROA not before: Sat 01 Jan 2022 15:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56665
IP address blocks: 185.3.44.0/22 maxlen: 24
94.252.0.0/17 maxlen: 24
185.40.60.0/22 maxlen: 24
212.66.64.0/19 maxlen: 24
31.204.88.0/21 maxlen: 24
2a04:81c0::/29 maxlen: 48
2a00:4180::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442951574 (0x1a66e796)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Validity
Not Before: Jan 1 15:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24db106d94919d740b7139da74991db8cd09d10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:61:f9:4c:63:3b:bf:38:18:68:5a:66:88:7b:
db:3f:98:dd:e5:c4:64:e5:00:93:30:eb:bd:76:97:
55:6d:ee:dd:e4:f5:bf:e2:2a:38:f5:cc:19:ae:39:
38:f5:60:89:55:c6:43:34:88:5e:81:dd:ab:08:7a:
ca:48:9a:ce:8c:65:a0:11:8a:40:0a:a3:25:2c:58:
68:5c:76:a3:13:a7:1b:0a:50:b0:5c:2e:29:5a:e5:
4e:a0:df:87:8d:32:6f:cf:ad:b3:1d:f2:e0:39:24:
64:f7:75:75:b4:b5:7a:55:87:c1:32:6a:9a:3f:63:
79:66:96:90:d3:e8:3c:4e:28:34:e4:15:f7:69:5b:
5e:01:52:43:68:cd:9f:01:f5:f9:ee:3f:5a:58:82:
c4:e7:21:94:6f:6f:17:46:8e:00:fe:89:e6:38:5c:
3a:f5:a8:c8:f1:3d:2d:fc:e2:4c:99:b2:a0:54:22:
86:db:f8:f4:a9:b5:2d:e6:a1:a0:20:22:42:e5:c7:
61:ae:e0:8a:72:c8:f6:a3:3d:e4:01:bb:f2:06:c1:
d6:18:59:66:67:61:83:bf:7e:94:d3:07:24:14:5a:
7b:77:c4:21:4b:47:9f:ee:90:c3:4c:53:5f:ca:f0:
6f:8e:5b:00:44:9f:f1:c6:fb:67:7e:31:c7:96:4f:
62:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:DB:10:6D:94:91:9D:74:0B:71:39:DA:74:99:1D:B8:CD:09:D1:0D
X509v3 Authority Key Identifier:
keyid:EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/JNsQbZSRnXQLcTnadJkduM0J0Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/21
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180::/32
2a04:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:2d:7c:c2:d3:ed:78:b0:a5:87:0c:11:3e:68:fc:85:f8:96:
ea:8f:b7:b7:c7:72:0c:81:5c:55:a0:ef:62:49:dc:47:81:6b:
76:af:8d:a3:6e:47:b3:29:9e:97:80:91:21:64:3e:f7:3a:ab:
a4:f1:68:9a:be:a8:eb:60:27:9d:bf:2e:3e:55:9b:63:32:f1:
a9:56:0b:42:c1:2f:04:47:23:02:c7:74:14:58:d5:92:29:ba:
b6:b2:1b:b7:61:08:61:78:33:f9:00:a9:e1:ff:23:3b:55:62:
b8:d6:c4:10:ac:ab:93:b9:e3:74:5c:2d:5a:db:4d:2c:7c:41:
64:e3:5a:ce:d2:f2:c7:c2:ff:de:c9:44:c9:82:24:c1:ab:d4:
a6:aa:71:81:cf:bb:5b:34:f8:41:a7:0a:f0:c6:1e:19:83:5c:
ee:95:a2:87:e1:7d:b1:70:2a:c8:2e:04:18:1c:a0:01:99:9c:
16:01:ba:e6:a0:81:7f:0a:73:d6:0a:88:22:a4:ed:67:16:c6:
25:66:23:5b:35:42:84:b2:3e:1d:e0:f5:db:24:52:7c:03:d3:
9a:d4:ef:f1:25:35:c2:72:91:c9:53:2a:e0:fd:6e:7d:ea:5a:
ac:83:02:eb:14:7b:05:00:39:68:f4:eb:bc:51:2e:b8:49:b1:
a8:e7:b3:76
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEGmbnljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YTIyZjRmYjk1NWQ3OWYwOTNkN2U4N2IxODJjMzQ0MGFjNGJlMDZjMB4XDTIyMDEw
MTE1NTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRkYjEwNmQ5NDkx
OWQ3NDBiNzEzOWRhNzQ5OTFkYjhjZDA5ZDEwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZh+UxjO784GGhaZoh72z+Y3eXEZOUAkzDrvXaXVW3u3eT1
v+IqOPXMGa45OPVgiVXGQzSIXoHdqwh6ykiazoxloBGKQAqjJSxYaFx2oxOnGwpQ
sFwuKVrlTqDfh40yb8+tsx3y4DkkZPd1dbS1elWHwTJqmj9jeWaWkNPoPE4oNOQV
92lbXgFSQ2jNnwH1+e4/WliCxOchlG9vF0aOAP6J5jhcOvWoyPE9LfziTJmyoFQi
htv49Km1LeahoCAiQuXHYa7ginLI9qM95AG78gbB1hhZZmdhg79+lNMHJBRae3fE
IUtHn+6Qw0xTX8rwb45bAESf8cb7Z34xx5ZPYusCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQk2xBtlJGddAtxOdp0mR24zQnRDTAfBgNVHSMEGDAWgBTqIvT7lV158JPX
6HsYLDRArEvgbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZpTDAtNVZkZWZDVDEtaDdHQ3cwUUt4TDRHdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZmM4MDM3LTJiN2MtNDFmYy05ZGJmLTkzZDFmYjcyZDM4My8x
L0pOc1FiWlNSblhRTGNUbmFkSmtkdU0wSjBRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZmM4MDM3LTJiN2MtNDFmYy05ZGJmLTkzZDFmYjcyZDM4My8xLzZpTDAtNVZkZWZD
VDEtaDdHQ3cwUUt4TDRHdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEAx/MWAMEB178AAMEArkDLAMEArko
PAMEBdRCQDAUBAIAAjAOAwUAKgBBgAMFAyoEgcAwDQYJKoZIhvcNAQELBQADggEB
AI8tfMLT7XiwpYcMET5o/IX4luqPt7fHcgyBXFWg72JJ3EeBa3avjaNuR7MpnpeA
kSFkPvc6q6TxaJq+qOtgJ52/Lj5Vm2My8alWC0LBLwRHIwLHdBRY1ZIpurayG7dh
CGF4M/kAqeH/IztVYrjWxBCsq5O543RcLVrbTSx8QWTjWs7S8sfC/97JRMmCJMGr
1KaqcYHPu1s0+EGnCvDGHhmDXO6VoofhfbFwKsguBBgcoAGZnBYBuuaggX8Kc9YK
iCKk7WcWxiVmI1s1QoSyPh3g9dskUnwD05rU7/ElNcJykclTKuD9bn3qWqyDAusU
ewUAOWj067xRLrhJsajns3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org