Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jbprEubWyx8Jg8p73X6SmB9ad0g.roa
File: jbprEubWyx8Jg8p73X6SmB9ad0g.roa (raw, json)
Hash identifier: ihD4z3DsQ99YimS332HUBocH9ynOmDWluiKlVdkpF1Q=
Subject key identifier: 8D:BA:6B:12:E6:D6:CB:1F:09:83:CA:7B:DD:7E:92:98:1F:5A:77:48
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 07BC8240
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jbprEubWyx8Jg8p73X6SmB9ad0g.roa
Signing time: Wed 02 Mar 2022 06:45:53 +0000
ROA not before: Wed 02 Mar 2022 06:45:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62206
IP address blocks: 45.151.2.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
193.57.43.0/24 maxlen: 24
193.57.41.0/24 maxlen: 24
45.144.213.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
195.62.24.0/24 maxlen: 24
45.13.191.0/24 maxlen: 24
194.15.52.0/23 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
85.209.123.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
85.209.121.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129794624 (0x7bc8240)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 2 06:45:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dba6b12e6d6cb1f0983ca7bdd7e92981f5a7748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:90:3c:4a:a5:cb:5a:82:2b:b3:e0:7b:f8:
75:79:a9:da:1e:05:67:76:44:6f:93:86:e6:ac:e2:
c5:82:49:af:74:40:38:40:68:0b:ea:b4:cf:65:10:
34:27:e8:41:7c:f7:f9:6c:6f:2a:51:a0:3b:79:4c:
2b:e8:c4:c3:06:26:93:cc:03:f5:24:b9:59:c9:72:
d6:7f:39:3d:db:25:27:f8:85:de:87:40:42:d9:13:
c8:f8:75:6a:c4:03:c9:c7:18:d8:62:97:a9:ef:38:
94:63:81:1b:46:d8:38:0c:f4:c1:79:d8:d2:76:13:
89:da:43:d9:b8:b6:e7:79:c5:04:01:e9:a2:e1:d5:
77:e7:61:ac:91:92:af:1f:d1:55:31:60:e2:75:a4:
f2:0a:3d:e7:25:4a:5f:c1:b5:e2:b2:57:ae:b7:f3:
02:36:30:ba:ed:0d:30:79:6d:8a:8d:bd:e9:eb:a0:
d2:24:40:2f:e4:28:7d:d0:b2:34:b1:49:be:06:8a:
f7:c5:19:ea:ca:93:8d:dc:47:bc:9f:bd:b7:05:ad:
2c:b4:bc:e6:b9:e5:1a:54:1a:46:22:25:fd:7e:50:
8a:89:28:55:b3:06:4f:5a:dd:f8:ea:00:0c:78:30:
fb:cd:ce:a8:c8:b9:89:ec:a3:8a:5d:2d:0f:f7:53:
75:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:BA:6B:12:E6:D6:CB:1F:09:83:CA:7B:DD:7E:92:98:1F:5A:77:48
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/jbprEubWyx8Jg8p73X6SmB9ad0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.29.0/24
45.13.191.0/24
45.88.137.0-45.88.139.255
45.144.212.0/23
45.151.2.0/24
77.83.37.0-77.83.38.255
85.209.120.0/22
185.43.248.0/23
185.43.251.0/24
185.200.62.0/24
193.30.240.0/22
193.57.41.0/24
193.57.43.0/24
194.15.52.0/23
194.242.96.0/22
195.62.24.0/24
195.177.93.0/24
195.177.95.0/24
195.211.190.0/24
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
c0:9c:9b:af:54:08:b2:87:02:12:f8:e4:e6:b1:19:49:f6:98:
94:47:01:b0:8f:5e:37:7b:31:32:a6:2f:95:a5:53:07:ef:a5:
46:5e:fb:d4:fd:9d:31:45:76:39:10:3e:df:b9:6e:d5:29:de:
9b:d7:d5:39:90:c0:2d:e9:22:4d:86:e1:a7:ad:6c:30:bb:4c:
76:c2:89:53:52:77:ae:22:60:dc:95:3f:46:c5:2e:f6:ed:52:
e6:01:7b:f0:d3:cf:2f:ff:f1:97:1d:1c:ea:de:db:c7:2f:06:
3f:96:94:ad:d1:c0:fd:42:8b:0f:a8:cb:d0:a8:8d:38:ed:24:
e0:2f:70:12:b2:dd:cb:3c:c5:01:81:9b:18:0c:4f:17:1f:67:
71:37:b3:09:8e:93:ac:e9:ca:1b:91:e4:a6:6e:81:8a:d9:8f:
64:b0:a8:5e:77:ab:f0:c2:77:90:c4:25:c1:77:ad:90:2e:c7:
24:62:13:8b:11:9a:62:a3:f4:74:eb:93:14:a9:ff:3b:9f:c2:
b4:82:05:a8:c0:b3:87:1d:c9:2c:1e:7e:91:10:08:d3:a2:de:
4f:aa:0f:0b:f1:f0:92:81:b7:cb:d7:70:4e:7a:b3:3f:53:fb:
9a:af:a5:3f:9b:a2:a5:eb:4c:80:54:16:64:60:c9:25:65:9d:
44:cc:3b:15
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIEB7yCQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDMw
MjA2NDU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRiYTZiMTJlNmQ2
Y2IxZjA5ODNjYTdiZGQ3ZTkyOTgxZjVhNzc0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALiokDxKpctagiuz4Hv4dXmp2h4FZ3ZEb5OG5qzixYJJr3RA
OEBoC+q0z2UQNCfoQXz3+WxvKlGgO3lMK+jEwwYmk8wD9SS5Wcly1n85PdslJ/iF
3odAQtkTyPh1asQDyccY2GKXqe84lGOBG0bYOAz0wXnY0nYTidpD2bi253nFBAHp
ouHVd+dhrJGSrx/RVTFg4nWk8go95yVKX8G14rJXrrfzAjYwuu0NMHltio296eug
0iRAL+QofdCyNLFJvgaK98UZ6sqTjdxHvJ+9twWtLLS85rnlGlQaRiIl/X5Qioko
VbMGT1rd+OoADHgw+83OqMi5ieyjil0tD/dTdWcCAwEAAaOCArUwggKxMB0GA1Ud
DgQWBBSNumsS5tbLHwmDynvdfpKYH1p3SDAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L2picHJFdWJXeXg4Smc4cDczWDZTbUI5YWQwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ygYIKwYBBQUHAQcBAf8EgbowgbcwgYkEAgABMIGCAwQALQkdAwQALQ2/MAwDBAAt
WIkDBAItWIgDBAEtkNQDBAAtlwIwDAMEAE1TJQMEAE1TJgMEAlXReAMEAbkr+AME
ALkr+wMEALnIPgMEAsEe8AMEAME5KQMEAME5KwMEAcIPNAMEAsLyYAMEAMM+GAME
AMOxXQMEAMOxXwMEAMPTvjApBAIAAjAjAwUAKgFxIAMFAyoHkgADBQMqDKWAAwUD
KhDfwAMFAyoRBYAwDQYJKoZIhvcNAQELBQADggEBAMCcm69UCLKHAhL45OaxGUn2
mJRHAbCPXjd7MTKmL5WlUwfvpUZe+9T9nTFFdjkQPt+5btUp3pvX1TmQwC3pIk2G
4aetbDC7THbCiVNSd64iYNyVP0bFLvbtUuYBe/DTzy//8ZcdHOre28cvBj+WlK3R
wP1Ciw+oy9CojTjtJOAvcBKy3cs8xQGBmxgMTxcfZ3E3swmOk6zpyhuR5KZugYrZ
j2SwqF53q/DCd5DEJcF3rZAuxyRiE4sRmmKj9HTrkxSp/zufwrSCBajAs4cdySwe
fpEQCNOi3k+qDwvx8JKBt8vXcE56sz9T+5qvpT+boqXrTIBUFmRgySVlnUTMOxU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org