Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Juq2cS5JZ6-CZcepD-BJ7mPLxHQ.roa
File: Juq2cS5JZ6-CZcepD-BJ7mPLxHQ.roa (raw, json)
Hash identifier: Hh8SzaJavjsfMbgNt4BwGTmrFU3c5/xgAwdPgB0bk2s=
Subject key identifier: 26:EA:B6:71:2E:49:67:AF:82:65:C7:A9:0F:E0:49:EE:63:CB:C4:74
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 08829176
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Juq2cS5JZ6-CZcepD-BJ7mPLxHQ.roa
Signing time: Wed 08 Jun 2022 12:02:17 +0000
ROA not before: Wed 08 Jun 2022 12:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8330
IP address blocks: 91.198.81.0/24 maxlen: 24
5.57.88.0/21 maxlen: 21
193.203.5.0/24 maxlen: 24
195.35.120.0/24 maxlen: 24
2001:7f8:17::/48 maxlen: 48
2a00:eb20:abcd::/48 maxlen: 48
2a00:eb20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142774646 (0x8829176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jun 8 12:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26eab6712e4967af8265c7a90fe049ee63cbc474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:a7:d9:15:68:e2:fb:bb:35:10:ec:d2:82:
55:a4:cd:59:db:ea:94:34:fe:ca:c9:12:1e:a0:06:
77:c6:9b:06:53:ce:10:30:83:b5:56:07:63:06:9b:
81:fa:86:3f:c3:1f:a8:dc:c7:b6:73:f4:fa:ab:71:
c9:f3:e4:56:4f:7b:4a:43:c6:ee:52:9d:26:64:1c:
46:32:c0:a5:ba:e1:37:fc:bd:16:98:55:6e:a4:1d:
3f:92:5a:af:62:00:6a:5f:41:59:b0:6f:de:45:3a:
54:2f:3e:4c:7b:f7:a9:b4:24:9b:2a:84:17:d6:02:
cf:b6:9f:5b:b3:c5:c6:6c:8e:80:5d:fb:c7:23:45:
6e:34:5c:66:c7:14:80:11:3f:74:87:c8:1e:08:9f:
9c:22:6e:43:53:b2:7c:69:ee:51:bc:b3:52:07:bf:
93:d3:51:dc:51:53:5b:8f:29:db:42:19:86:9a:ce:
31:a4:c1:3a:a3:69:be:e1:21:7c:85:78:f0:74:1a:
3c:37:f5:7d:21:ec:c1:4c:ba:5c:21:63:81:42:66:
85:47:21:61:d3:f4:30:1e:cf:83:cc:76:4e:af:b8:
3e:97:eb:a3:8b:a5:94:d2:2c:21:a9:ee:e5:e1:df:
26:a3:3e:e3:49:b6:be:2e:dc:6e:fe:c4:9e:3a:04:
8f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:EA:B6:71:2E:49:67:AF:82:65:C7:A9:0F:E0:49:EE:63:CB:C4:74
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Juq2cS5JZ6-CZcepD-BJ7mPLxHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.88.0/21
91.198.81.0/24
193.203.5.0/24
195.35.120.0/24
IPv6:
2001:7f8:17::/48
2a00:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
61:12:d4:1a:e1:b7:f2:95:c9:f6:40:0c:b4:1a:5f:e0:95:51:
c6:fd:52:26:41:91:b8:ce:88:28:99:47:72:b7:29:d2:a7:46:
bf:f9:d6:11:2b:55:dd:74:41:74:45:df:c6:af:0d:06:f6:11:
b6:50:36:92:68:2a:3e:21:0d:10:e2:05:35:9d:96:bc:9d:cf:
c0:ef:7e:fc:4c:47:df:3b:51:c2:ec:6d:bd:cc:8f:53:cc:86:
ae:0e:20:a9:1d:12:b6:ec:98:75:0f:6e:92:e3:63:27:10:c9:
81:df:aa:68:51:91:0d:94:87:25:57:7f:d4:8c:0e:55:c4:a2:
bf:4c:80:5b:7d:6d:d9:6d:19:af:04:72:b0:ca:1a:2c:e3:aa:
c2:73:ac:af:c4:40:78:30:93:b0:10:22:39:1a:67:82:52:18:
b9:f7:b9:f2:27:94:2a:f3:93:1e:7a:75:ee:09:6e:02:96:b1:
a8:03:44:76:56:0a:e6:38:28:3e:1a:76:29:f5:e4:5f:76:4f:
b5:fb:47:16:7c:ce:3f:a7:fb:94:0e:c4:8d:42:ba:46:5b:ee:
83:34:f4:95:11:1d:60:2c:8b:0d:a0:4b:2e:8f:06:d9:b8:83:
95:f9:4c:a7:e2:94:be:7f:7e:21:7b:9d:dc:a7:10:e0:14:28:
ce:96:78:b1
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECIKRdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkMDdiNDVmN2Q4MzEyNGM5ZjhjMGZhYzAzYmVjMDI0NjhiMzdlMB4XDTIyMDYw
ODEyMDIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZlYWI2NzEyZTQ5
NjdhZjgyNjVjN2E5MGZlMDQ5ZWU2M2NiYzQ3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9Vp9kVaOL7uzUQ7NKCVaTNWdvqlDT+yskSHqAGd8abBlPO
EDCDtVYHYwabgfqGP8MfqNzHtnP0+qtxyfPkVk97SkPG7lKdJmQcRjLApbrhN/y9
FphVbqQdP5Jar2IAal9BWbBv3kU6VC8+THv3qbQkmyqEF9YCz7afW7PFxmyOgF37
xyNFbjRcZscUgBE/dIfIHgifnCJuQ1OyfGnuUbyzUge/k9NR3FFTW48p20IZhprO
MaTBOqNpvuEhfIV48HQaPDf1fSHswUy6XCFjgUJmhUchYdP0MB7Pg8x2Tq+4Ppfr
o4ullNIsIanu5eHfJqM+40m2vi7cbv7EnjoEj8UCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBQm6rZxLklnr4Jlx6kP4EnuY8vEdDAfBgNVHSMEGDAWgBRejQe0X32DEkyf
jA+sA77AJGizfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMEh0Rjk5Z3hKTW40d1ByQU8td0NSb3MzNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvYTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8x
L0p1cTJjUzVKWjYtQ1pjZXBELUJKN21QTHhIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
YTE2OGU5LWQwNzAtNDRlMC05NGE0LTZjOGZkODRiYjVmNS8xL1hvMEh0Rjk5Z3hK
TW40d1ByQU8td0NSb3MzNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAwU5WAMEAFvGUQMEAMHLBQMEAMMj
eDAWBAIAAjAQAwcAIAEH+AAXAwUAKgDrIDANBgkqhkiG9w0BAQsFAAOCAQEAYRLU
GuG38pXJ9kAMtBpf4JVRxv1SJkGRuM6IKJlHcrcp0qdGv/nWEStV3XRBdEXfxq8N
BvYRtlA2kmgqPiENEOIFNZ2WvJ3PwO9+/ExH3ztRwuxtvcyPU8yGrg4gqR0StuyY
dQ9ukuNjJxDJgd+qaFGRDZSHJVd/1IwOVcSiv0yAW31t2W0ZrwRysMoaLOOqwnOs
r8RAeDCTsBAiORpnglIYufe58ieUKvOTHnp17gluApaxqANEdlYK5jgoPhp2KfXk
X3ZPtftHFnzOP6f7lA7EjUK6RlvugzT0lREdYCyLDaBLLo8G2biDlflMp+KUvn9+
IXud3KcQ4BQozpZ4sQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:04 2023 by rpki-client on console-ams.rpki-client.org