Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/DKIQYHavD6LjTholy4u-UWBERak.roa
File: DKIQYHavD6LjTholy4u-UWBERak.roa (raw, json)
Hash identifier: yGfd+rEf7F2xbCNaAoam1nQf/Dr+KGWMTy8pdzkSzY8=
Subject key identifier: 0C:A2:10:60:76:AF:0F:A2:E3:4E:1A:25:CB:8B:BE:51:60:44:45:A9
Certificate issuer: /CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Certificate serial: 0514819F
Authority key identifier: 24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/DKIQYHavD6LjTholy4u-UWBERak.roa
Signing time: Thu 19 May 2022 08:04:03 +0000
ROA not before: Thu 19 May 2022 08:04:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41956
IP address blocks: 185.6.148.0/24 maxlen: 24
185.6.149.0/24 maxlen: 24
185.6.150.0/24 maxlen: 24
185.6.151.0/24 maxlen: 24
212.30.53.0/24 maxlen: 24
212.30.54.0/24 maxlen: 24
212.30.55.0/24 maxlen: 24
212.30.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85229983 (0x514819f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2455d7fee4a499ecaf11d2d3da8e389de323412f
Validity
Not Before: May 19 08:04:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ca2106076af0fa2e34e1a25cb8bbe51604445a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:cb:7d:07:04:07:32:43:8e:de:28:72:e2:
5d:6a:a9:29:ed:d6:08:a6:67:1d:28:8e:46:4b:4a:
de:76:4d:bf:1e:5f:94:91:6d:af:d4:ed:74:24:9b:
7f:ae:04:50:af:c5:7d:00:ec:0b:dc:59:c3:a3:75:
65:a9:de:2f:03:b3:ae:3d:9c:40:7c:27:5a:24:19:
41:3c:20:7c:83:16:a1:85:e8:0a:e9:23:9a:57:05:
fe:33:8f:30:af:4c:f4:ae:77:30:9b:0d:69:21:87:
be:f0:21:d0:68:3d:b2:a9:04:4e:99:66:aa:e3:be:
d5:d8:0a:05:cf:2c:06:13:2c:bf:07:2a:a4:b1:57:
2f:04:85:c9:a1:dd:03:c8:15:20:52:32:4b:da:d0:
ba:15:9a:3e:e1:f1:14:29:29:22:6f:73:c8:9d:2f:
2e:8e:d8:fc:38:ae:f0:30:48:f0:e3:b1:d7:7b:2a:
99:dd:c2:e0:6e:b7:4a:1c:1f:7e:7c:63:46:3f:da:
c9:26:9b:b7:75:a7:e1:3d:c8:9e:e9:10:ea:ec:bc:
22:37:19:ed:72:2a:d2:1c:44:b5:61:3f:eb:0f:04:
da:a8:a8:08:d8:c8:f8:e7:97:6c:0a:30:45:0b:95:
aa:e9:a0:da:a3:2b:99:6e:36:d8:a4:cb:5e:ab:3e:
a4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A2:10:60:76:AF:0F:A2:E3:4E:1A:25:CB:8B:BE:51:60:44:45:A9
X509v3 Authority Key Identifier:
keyid:24:55:D7:FE:E4:A4:99:EC:AF:11:D2:D3:DA:8E:38:9D:E3:23:41:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFXX_uSkmeyvEdLT2o44neMjQS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/DKIQYHavD6LjTholy4u-UWBERak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/3ffb76-9931-4942-9da1-1e0465513b63/1/JFXX_uSkmeyvEdLT2o44neMjQS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.148.0/22
212.30.52.0/22
Signature Algorithm: sha256WithRSAEncryption
14:51:80:f9:4e:9c:57:6b:76:96:37:06:c2:44:23:bb:72:5f:
ff:00:54:9e:20:29:c1:1d:ef:52:d7:bb:0c:46:20:c6:88:60:
96:0b:47:d5:8d:6a:22:c5:8f:5f:bf:e7:04:3c:d4:2b:e4:cd:
02:8f:cc:df:cb:71:5c:dd:4a:37:92:30:c1:c8:4a:69:82:42:
f4:56:2b:f9:fb:63:3e:69:a9:a4:e8:75:97:5a:2e:32:fc:0b:
8c:d7:49:5e:85:16:8a:01:88:02:e6:31:c3:1f:86:53:fc:c4:
e8:f6:bd:86:62:49:90:28:b0:eb:73:8a:98:d2:77:9b:f9:ab:
ec:50:e3:c6:00:20:28:c7:5b:0e:55:fc:23:c5:2e:76:b0:ba:
05:55:20:ff:47:91:d4:79:e7:11:3e:51:1e:9c:2e:3f:43:0b:
da:25:a3:fc:e0:d2:60:9a:4d:f2:eb:1a:49:e2:a0:85:bc:3e:
1c:ce:63:8f:15:1a:7a:98:c5:b1:b9:12:3f:74:df:c8:b3:7c:
3b:fb:b7:73:95:1a:e2:5b:b2:58:9a:a3:12:54:c6:91:c9:2b:
6d:de:37:ea:07:d1:e1:39:6c:9b:88:b1:de:36:57:43:1c:4c:
17:ae:c6:57:fc:ed:b6:9a:24:e1:45:d8:a4:f0:e8:16:89:53:
c5:25:d3:d3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBRSBnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDU1ZDdmZWU0YTQ5OWVjYWYxMWQyZDNkYThlMzg5ZGUzMjM0MTJmMB4XDTIyMDUx
OTA4MDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNhMjEwNjA3NmFm
MGZhMmUzNGUxYTI1Y2I4YmJlNTE2MDQ0NDVhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1ny30HBAcyQ47eKHLiXWqpKe3WCKZnHSiORktK3nZNvx5f
lJFtr9TtdCSbf64EUK/FfQDsC9xZw6N1ZaneLwOzrj2cQHwnWiQZQTwgfIMWoYXo
CukjmlcF/jOPMK9M9K53MJsNaSGHvvAh0Gg9sqkETplmquO+1dgKBc8sBhMsvwcq
pLFXLwSFyaHdA8gVIFIyS9rQuhWaPuHxFCkpIm9zyJ0vLo7Y/Diu8DBI8OOx13sq
md3C4G63ShwffnxjRj/aySabt3Wn4T3InukQ6uy8IjcZ7XIq0hxEtWE/6w8E2qio
CNjI+OeXbAowRQuVqumg2qMrmW422KTLXqs+pMkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMohBgdq8PouNOGiXLi75RYERFqTAfBgNVHSMEGDAWgBQkVdf+5KSZ7K8R
0tPajjid4yNBLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pGWFhfdVNrbWV5dkVkTFQybzQ0bmVNalFTOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGMvM2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8x
L0RLSVFZSGF2RDZMalRob2x5NHUtVVdCRVJhay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGMv
M2ZmYjc2LTk5MzEtNDk0Mi05ZGExLTFlMDQ2NTUxM2I2My8xL0pGWFhfdVNrbWV5
dkVkTFQybzQ0bmVNalFTOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkGlAMEAtQeNDANBgkqhkiG9w0B
AQsFAAOCAQEAFFGA+U6cV2t2ljcGwkQju3Jf/wBUniApwR3vUte7DEYgxohglgtH
1Y1qIsWPX7/nBDzUK+TNAo/M38txXN1KN5IwwchKaYJC9FYr+ftjPmmppOh1l1ou
MvwLjNdJXoUWigGIAuYxwx+GU/zE6Pa9hmJJkCiw63OKmNJ3m/mr7FDjxgAgKMdb
DlX8I8UudrC6BVUg/0eR1HnnET5RHpwuP0ML2iWj/ODSYJpN8usaSeKghbw+HM5j
jxUaepjFsbkSP3TfyLN8O/u3c5Ua4luyWJqjElTGkckrbd436gfR4Tlsm4ix3jZX
QxxMF67GV/zttpok4UXYpPDoFolTxSXT0w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:35 2023 by rpki-client on console-fra.rpki-client.org