Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/jNw3o3goWSHQr-aIS_8x9oEVWI0.roa
File: jNw3o3goWSHQr-aIS_8x9oEVWI0.roa (raw, json)
Hash identifier: s5YmSQ1Xf8wu///OrZMS9T12GH5iNzed+QphnfKYvAs=
Subject key identifier: 8C:DC:37:A3:78:28:59:21:D0:AF:E6:88:4B:FF:31:F6:81:15:58:8D
Certificate issuer: /CN=3cea1ea887dcefee6136155b8bd83392937c1671
Certificate serial: 018456052B24B7D849FBC855FCFDB42AB95F
Authority key identifier: 3C:EA:1E:A8:87:DC:EF:EE:61:36:15:5B:8B:D8:33:92:93:7C:16:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POoeqIfc7-5hNhVbi9gzkpN8FnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/jNw3o3goWSHQr-aIS_8x9oEVWI0.roa
Signing time: Tue 08 Nov 2022 06:54:50 +0000
ROA not before: Tue 08 Nov 2022 06:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35261
IP address blocks: 193.239.212.0/23 maxlen: 23
45.138.64.0/23 maxlen: 23
45.138.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:05:2b:24:b7:d8:49:fb:c8:55:fc:fd:b4:2a:b9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cea1ea887dcefee6136155b8bd83392937c1671
Validity
Not Before: Nov 8 06:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cdc37a378285921d0afe6884bff31f68115588d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7b:8b:e0:3c:b9:49:29:4a:d3:31:00:fa:02:
83:66:f7:b3:bc:4f:b3:3b:bd:78:32:fa:14:78:2d:
59:70:b8:c9:c6:df:53:46:f0:28:76:42:c5:9f:06:
ee:92:fc:f9:d7:2d:4c:af:8d:b7:99:36:c9:66:11:
56:3c:92:55:13:35:f4:d0:fa:b9:95:ef:5a:48:4e:
c6:71:09:42:f1:a1:a3:c0:75:be:de:b5:af:a0:c1:
6b:d2:aa:e1:54:62:63:f5:d6:f3:79:1d:97:fd:c9:
66:7e:52:e6:c9:27:a8:d7:9b:57:ac:14:17:a6:2c:
c4:62:9e:8e:52:e7:74:a3:ad:3c:c9:52:df:56:84:
56:69:97:26:83:19:23:a1:e7:d5:4c:a0:00:eb:0b:
b9:6d:b0:6e:9b:18:83:11:23:de:9f:72:b9:39:23:
d1:40:4a:a7:7f:59:d7:1c:dc:04:f3:42:2c:b6:e5:
16:40:53:e7:f6:27:61:57:7a:56:55:fa:5f:3f:bf:
5b:81:04:cb:8f:40:c7:21:a3:f5:58:92:dc:c3:09:
64:98:8a:0c:ad:17:24:e8:55:20:30:96:05:97:7a:
11:53:01:77:61:53:62:69:3a:3e:8e:45:24:61:e7:
a6:e1:cf:3f:9f:99:b1:53:86:36:38:8f:b9:fa:bc:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DC:37:A3:78:28:59:21:D0:AF:E6:88:4B:FF:31:F6:81:15:58:8D
X509v3 Authority Key Identifier:
keyid:3C:EA:1E:A8:87:DC:EF:EE:61:36:15:5B:8B:D8:33:92:93:7C:16:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POoeqIfc7-5hNhVbi9gzkpN8FnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/jNw3o3goWSHQr-aIS_8x9oEVWI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ca61ec-07b6-492e-8c48-b64cab4bbdff/1/POoeqIfc7-5hNhVbi9gzkpN8FnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.64.0/22
193.239.212.0/23
Signature Algorithm: sha256WithRSAEncryption
23:a8:ed:8c:25:8f:15:d1:35:b9:34:69:a1:c7:6a:41:82:ce:
34:fb:8e:b2:00:24:a1:e8:57:79:c2:76:65:28:1c:1d:fc:dd:
6c:3b:51:55:44:6d:61:ad:50:49:49:6c:48:9d:f8:8b:69:00:
53:dd:24:f1:ac:56:f5:09:21:ab:ab:cb:07:98:ef:62:89:5a:
e9:25:e8:cb:2f:21:78:5d:b7:fe:8d:24:3f:a6:1b:44:20:38:
b6:11:47:1e:82:f0:1e:5b:38:3c:aa:64:43:3d:51:90:56:71:
37:a6:88:e6:dd:b0:86:d9:e4:ae:e8:12:67:4d:85:ae:e6:2f:
9a:60:38:db:3d:37:f2:13:e8:60:44:f1:d2:79:a4:07:46:fd:
52:ea:f7:af:d4:cb:5a:75:84:29:d7:50:11:f1:35:5b:3e:91:
8f:69:aa:e7:6c:f7:59:11:5e:42:24:65:1f:46:42:de:c6:d4:
32:4e:b8:04:28:6d:96:20:83:91:4e:d7:91:4b:10:7e:4c:64:
05:19:ad:c0:ed:22:41:23:ba:bd:52:46:0e:d0:ea:ff:a6:1b:
e3:41:90:02:f2:b7:c2:85:ca:22:65:3a:6a:04:e0:9c:6c:2a:
91:dd:cf:2e:69:7f:f1:76:98:a7:69:36:ca:49:2f:8e:13:4c:
a5:53:80:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRWBSskt9hJ+8hV/P20KrlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZWExZWE4ODdkY2VmZWU2MTM2MTU1YjhiZDgzMzkyOTM3
YzE2NzEwHhcNMjIxMTA4MDY1NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RjMzdhMzc4Mjg1OTIxZDBhZmU2ODg0YmZmMzFmNjgxMTU1ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3uL4Dy5SSlK0zEA+gKDZvezvE+z
O714MvoUeC1ZcLjJxt9TRvAodkLFnwbukvz51y1Mr423mTbJZhFWPJJVEzX00Pq5
le9aSE7GcQlC8aGjwHW+3rWvoMFr0qrhVGJj9dbzeR2X/clmflLmySeo15tXrBQX
pizEYp6OUud0o608yVLfVoRWaZcmgxkjoefVTKAA6wu5bbBumxiDESPen3K5OSPR
QEqnf1nXHNwE80IstuUWQFPn9idhV3pWVfpfP79bgQTLj0DHIaP1WJLcwwlkmIoM
rRck6FUgMJYFl3oRUwF3YVNiaTo+jkUkYeem4c8/n5mxU4Y2OI+5+rxgwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIzcN6N4KFkh0K/miEv/MfaBFViNMB8GA1UdIwQY
MBaAFDzqHqiH3O/uYTYVW4vYM5KTfBZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9vZXFJZmM3LTVoTmhWYmk5Z3prcE44Rm5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jYTYxZWMtMDdiNi00OTJlLThjNDgt
YjY0Y2FiNGJiZGZmLzEvak53M28zZ29XU0hRci1hSVNfOHg5b0VWV0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jYTYxZWMtMDdiNi00OTJlLThjNDgtYjY0Y2FiNGJiZGZm
LzEvUE9vZXFJZmM3LTVoTmhWYmk5Z3prcE44Rm5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYpAAwQB
we/UMA0GCSqGSIb3DQEBCwUAA4IBAQAjqO2MJY8V0TW5NGmhx2pBgs40+46yACSh
6Fd5wnZlKBwd/N1sO1FVRG1hrVBJSWxInfiLaQBT3STxrFb1CSGrq8sHmO9iiVrp
JejLLyF4Xbf+jSQ/phtEIDi2EUcegvAeWzg8qmRDPVGQVnE3pojm3bCG2eSu6BJn
TYWu5i+aYDjbPTfyE+hgRPHSeaQHRv1S6vev1MtadYQp11AR8TVbPpGPaarnbPdZ
EV5CJGUfRkLextQyTrgEKG2WIIORTteRSxB+TGQFGa3A7SJBI7q9UkYO0Or/phvj
QZAC8rfChcoiZTpqBOCcbCqR3c8uaX/xdpinaTbKSS+OE0ylU4Dr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:32 2024 by rpki-client on console-fra.rpki-client.org