Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/J3iDO_3lRliVpiC6FoEPQLP_75Q.roa
File: J3iDO_3lRliVpiC6FoEPQLP_75Q.roa (raw, json)
Hash identifier: +lsePyM80bJdLH7LsXwvZQRlrOme7ADyMva6katRxNA=
Subject key identifier: 27:78:83:3B:FD:E5:46:58:95:A6:20:BA:16:81:0F:40:B3:FF:EF:94
Certificate issuer: /CN=861c67bdb6d8c230fcdb427a9f71b80135872fc2
Certificate serial: 08D45D76
Authority key identifier: 86:1C:67:BD:B6:D8:C2:30:FC:DB:42:7A:9F:71:B8:01:35:87:2F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hhxnvbbYwjD820J6n3G4ATWHL8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/J3iDO_3lRliVpiC6FoEPQLP_75Q.roa
Signing time: Sat 01 Jan 2022 11:00:30 +0000
ROA not before: Sat 01 Jan 2022 11:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 185.238.52.0/22 maxlen: 24
185.17.60.0/22 maxlen: 24
193.221.114.0/24 maxlen: 24
185.241.76.0/22 maxlen: 24
2a03:e0c0::/32 maxlen: 48
2a0c:2680::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148135286 (0x8d45d76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=861c67bdb6d8c230fcdb427a9f71b80135872fc2
Validity
Not Before: Jan 1 11:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2778833bfde5465895a620ba16810f40b3ffef94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5a:59:b4:7b:6e:81:40:bb:a6:9a:c8:86:44:
ce:16:1a:fd:45:d6:c5:28:f1:66:58:42:0b:ae:91:
df:48:45:49:02:1b:8d:36:b3:c9:6d:47:26:1d:ef:
01:61:8a:ec:48:46:b9:3b:71:25:ab:83:b7:46:1b:
09:41:9c:8b:3c:06:3d:31:80:f9:c2:bb:f5:b8:46:
51:06:ce:2f:d6:5b:71:45:8c:21:ec:a4:a9:0a:bc:
08:e0:5c:b7:7f:ce:86:78:af:52:50:b7:f8:3e:9d:
b7:11:d1:ed:1d:21:78:d6:8c:71:2b:67:fd:e3:dc:
69:4e:b9:bf:12:73:31:c0:09:dc:ea:84:0b:00:8d:
0f:ad:22:8c:09:81:4b:02:b4:31:a6:71:66:7a:b0:
a2:64:96:7d:6f:73:a7:7a:7b:4b:a2:9a:55:6e:0d:
af:2b:64:5b:a4:4c:4c:e0:23:ad:ff:f5:37:a2:70:
d4:92:67:a9:59:38:6b:aa:e9:b7:f6:cb:d4:22:ed:
a3:2a:24:2d:90:12:31:d2:4b:fa:07:5a:c6:4a:fc:
96:76:54:d8:30:bd:47:d8:a7:0f:a2:4e:cb:6e:4c:
e6:55:64:f2:6c:f9:91:e5:42:93:d0:59:85:5b:6c:
e9:f1:81:fd:ca:43:c6:d3:a9:8e:00:ad:32:de:f8:
b2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:78:83:3B:FD:E5:46:58:95:A6:20:BA:16:81:0F:40:B3:FF:EF:94
X509v3 Authority Key Identifier:
keyid:86:1C:67:BD:B6:D8:C2:30:FC:DB:42:7A:9F:71:B8:01:35:87:2F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhxnvbbYwjD820J6n3G4ATWHL8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/J3iDO_3lRliVpiC6FoEPQLP_75Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/hhxnvbbYwjD820J6n3G4ATWHL8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.60.0/22
185.238.52.0/22
185.241.76.0/22
193.221.114.0/24
IPv6:
2a03:e0c0::/32
2a0c:2680::/29
Signature Algorithm: sha256WithRSAEncryption
38:41:e9:51:82:f8:2d:4b:5d:00:b9:32:8f:e6:08:a8:7a:bc:
bf:19:16:88:d7:ff:db:ab:73:5f:29:54:52:dc:ff:1d:2c:64:
e6:e6:26:b7:99:35:38:4b:f4:fb:ee:ea:c4:96:3e:44:2a:34:
92:93:c3:32:bc:d6:d1:ef:ce:ea:16:3c:e2:89:7a:ff:24:d8:
fc:8d:3a:52:e1:1b:74:9c:b6:68:a6:03:85:6d:3f:91:0a:0a:
45:24:5c:db:57:62:3d:40:13:bf:76:36:10:45:c6:12:1e:d8:
52:34:55:d5:bf:84:6f:b4:be:16:d9:6a:f8:1b:96:9e:12:6c:
8c:d7:57:67:4a:bb:3b:9a:e7:f3:d0:8e:d1:cc:48:96:08:2b:
cd:9f:b4:75:f9:1b:d8:98:7e:15:41:45:5f:bb:a5:4b:79:82:
08:98:e0:c2:46:f7:0a:8a:b8:bc:04:e7:e5:8e:c9:27:b6:b5:
00:b1:97:57:6e:7c:c5:62:bf:8d:bf:d7:68:bb:1e:56:ee:a2:
e6:9e:66:8a:c1:92:22:1e:18:1d:f1:54:9f:63:79:96:05:ab:
95:dd:f4:1e:fc:08:b9:c3:57:ce:57:08:cd:d3:39:7e:0f:b2:
f7:20:f3:cf:26:5c:e7:c2:fe:e6:ef:bf:41:56:4e:4e:9e:03:
03:37:cb:52
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIECNRddjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjFjNjdiZGI2ZDhjMjMwZmNkYjQyN2E5ZjcxYjgwMTM1ODcyZmMyMB4XDTIyMDEw
MTExMDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjc3ODgzM2JmZGU1
NDY1ODk1YTYyMGJhMTY4MTBmNDBiM2ZmZWY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJhaWbR7boFAu6aayIZEzhYa/UXWxSjxZlhCC66R30hFSQIb
jTazyW1HJh3vAWGK7EhGuTtxJauDt0YbCUGcizwGPTGA+cK79bhGUQbOL9ZbcUWM
IeykqQq8COBct3/OhnivUlC3+D6dtxHR7R0heNaMcStn/ePcaU65vxJzMcAJ3OqE
CwCND60ijAmBSwK0MaZxZnqwomSWfW9zp3p7S6KaVW4NrytkW6RMTOAjrf/1N6Jw
1JJnqVk4a6rpt/bL1CLtoyokLZASMdJL+gdaxkr8lnZU2DC9R9inD6JOy25M5lVk
8mz5keVCk9BZhVts6fGB/cpDxtOpjgCtMt74sjUCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQneIM7/eVGWJWmILoWgQ9As//vlDAfBgNVHSMEGDAWgBSGHGe9ttjCMPzb
QnqfcbgBNYcvwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hoeG52YmJZd2pEODIwSjZuM0c0QVRXSEw4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvOGExMTViLTM4NTktNDc1OS04NWFlLWZiODUzYzY1MzM0YS8x
L0ozaURPXzNsUmxpVnBpQzZGb0VQUUxQXzc1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
OGExMTViLTM4NTktNDc1OS04NWFlLWZiODUzYzY1MzM0YS8xL2hoeG52YmJZd2pE
ODIwSjZuM0c0QVRXSEw4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEArkRPAMEArnuNAMEArnxTAMEAMHd
cjAUBAIAAjAOAwUAKgPgwAMFAyoMJoAwDQYJKoZIhvcNAQELBQADggEBADhB6VGC
+C1LXQC5Mo/mCKh6vL8ZFojX/9urc18pVFLc/x0sZObmJreZNThL9Pvu6sSWPkQq
NJKTwzK81tHvzuoWPOKJev8k2PyNOlLhG3SctmimA4VtP5EKCkUkXNtXYj1AE792
NhBFxhIe2FI0VdW/hG+0vhbZavgblp4SbIzXV2dKuzua5/PQjtHMSJYIK82ftHX5
G9iYfhVBRV+7pUt5ggiY4MJG9wqKuLwE5+WOySe2tQCxl1dufMViv42/12i7Hlbu
ouaeZorBkiIeGB3xVJ9jeZYFq5Xd9B78CLnDV85XCM3TOX4Psvcg888mXOfC/ubv
v0FWTk6eAwM3y1I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:42 2024 by rpki-client on console-ams.rpki-client.org