Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/JpzLXTavpgPzt4vZsv08x2i3UqI.roa
File: JpzLXTavpgPzt4vZsv08x2i3UqI.roa (raw, json)
Hash identifier: BYV4C6uqWEpu63hOiPRzH07S1xTWXmbmknWPoOj/xOY=
Subject key identifier: 26:9C:CB:5D:36:AF:A6:03:F3:B7:8B:D9:B2:FD:3C:C7:68:B7:52:A2
Certificate issuer: /CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Certificate serial: 0184A3D4B318F634F4F7E80207BD9C6B0418
Authority key identifier: 6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/JpzLXTavpgPzt4vZsv08x2i3UqI.roa
Signing time: Wed 23 Nov 2022 09:32:16 +0000
ROA not before: Wed 23 Nov 2022 09:32:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44143
IP address blocks: 95.86.48.0/21 maxlen: 21
188.120.104.0/21 maxlen: 21
188.120.112.0/22 maxlen: 22
188.120.117.0/24 maxlen: 24
188.120.113.0/24 maxlen: 24
188.120.116.0/22 maxlen: 22
188.120.116.0/24 maxlen: 24
188.120.118.0/24 maxlen: 24
188.120.119.0/24 maxlen: 24
2a00:61c1::/32 maxlen: 32
2a00:61c0::/29 maxlen: 29
2a00:61c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:d4:b3:18:f6:34:f4:f7:e8:02:07:bd:9c:6b:04:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e60883aae491e5fb773a9264019ff4f888d5ca5
Validity
Not Before: Nov 23 09:32:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=269ccb5d36afa603f3b78bd9b2fd3cc768b752a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d6:75:01:58:fa:21:ee:97:1a:60:17:44:62:
77:18:c3:6b:6f:75:e9:a2:ee:c8:00:26:c7:c5:9d:
9d:f0:f6:44:3d:34:76:ea:8a:c0:67:55:6d:fa:e6:
1c:be:07:bf:d6:e2:fa:b4:08:fc:4f:89:84:90:f8:
05:0c:95:4b:03:c3:96:19:54:e7:f8:dc:ff:01:68:
de:53:4d:22:bd:d1:84:9e:53:d0:e6:39:c5:42:93:
ac:1d:1a:ae:f2:da:15:11:81:77:03:42:8a:93:8b:
9b:59:98:a1:0c:a3:d1:31:a4:59:1f:56:4a:08:39:
b4:cc:f1:bf:22:c1:dc:0b:76:2a:b7:76:91:52:6a:
60:48:30:5c:e7:d9:3b:b0:10:05:3f:b0:11:12:c4:
3d:0a:98:2a:3d:ee:97:21:bb:a9:2b:01:1c:8a:f8:
e4:8e:11:06:28:00:a7:1f:22:3a:c8:eb:1e:d3:53:
ef:f7:09:80:d5:e8:a4:17:fa:a2:17:78:d3:12:6a:
15:a4:29:e8:ff:a4:6a:69:64:9b:f2:40:d5:14:63:
99:e8:94:c0:a4:81:02:12:99:3b:3b:eb:04:fb:7d:
c5:59:55:cd:44:86:b3:ad:10:23:ce:43:18:4a:53:
11:93:69:c3:57:2b:37:c0:f4:ef:90:82:42:47:ce:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:9C:CB:5D:36:AF:A6:03:F3:B7:8B:D9:B2:FD:3C:C7:68:B7:52:A2
X509v3 Authority Key Identifier:
keyid:6E:60:88:3A:AE:49:1E:5F:B7:73:A9:26:40:19:FF:4F:88:8D:5C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmCIOq5JHl-3c6kmQBn_T4iNXKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/JpzLXTavpgPzt4vZsv08x2i3UqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/d8e096-4310-42b9-bd20-b5602d3da8a6/1/bmCIOq5JHl-3c6kmQBn_T4iNXKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.86.48.0/21
188.120.104.0-188.120.119.255
IPv6:
2a00:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:c2:5c:db:a8:82:40:3c:49:f7:b6:d5:7c:e2:00:18:c6:74:
75:2c:82:13:3c:02:29:79:3b:0a:9a:4f:54:8d:fb:5f:54:28:
40:1f:8f:c1:ed:ab:19:2b:47:87:97:bf:cb:31:33:b4:87:7e:
2e:c2:a2:80:da:ed:dc:60:f2:4a:df:81:2a:fc:7b:c5:a4:3c:
3d:02:2d:12:1b:37:63:53:64:e9:ab:2b:f6:ea:4e:37:13:58:
17:09:c8:53:73:ad:62:b8:fe:72:56:49:4e:8d:43:8a:64:63:
f6:b7:39:db:b0:a3:b9:b2:72:2f:1c:fc:48:42:ed:b4:74:82:
4b:86:3e:06:c9:ac:5d:6a:20:cd:73:91:2a:73:96:23:da:aa:
73:6d:cf:28:d1:83:c2:f8:38:6e:9b:ed:7c:98:5d:ba:5b:ad:
fc:65:6d:a2:03:2a:0a:ae:2a:b7:c5:56:78:56:88:f7:2e:85:
18:f2:f0:98:c5:42:5b:e8:09:9b:51:58:50:20:cb:ba:b1:18:
05:34:68:d5:1a:6c:b4:4c:0a:10:cc:d4:5d:a7:bc:7c:b5:e4:
dc:12:37:bf:be:13:98:4e:73:8c:24:62:eb:85:3a:7a:e8:85:
ed:e3:7e:eb:f1:ea:67:69:74:2b:cd:30:fc:87:fb:84:77:ba:
3c:a3:4f:c2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYSj1LMY9jT09+gCB72cawQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNjA4ODNhYWU0OTFlNWZiNzczYTkyNjQwMTlmZjRmODg4
ZDVjYTUwHhcNMjIxMTIzMDkzMjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjljY2I1ZDM2YWZhNjAzZjNiNzhiZDliMmZkM2NjNzY4Yjc1MmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNZ1AVj6Ie6XGmAXRGJ3GMNrb3Xp
ou7IACbHxZ2d8PZEPTR26orAZ1Vt+uYcvge/1uL6tAj8T4mEkPgFDJVLA8OWGVTn
+Nz/AWjeU00ivdGEnlPQ5jnFQpOsHRqu8toVEYF3A0KKk4ubWZihDKPRMaRZH1ZK
CDm0zPG/IsHcC3Yqt3aRUmpgSDBc59k7sBAFP7AREsQ9CpgqPe6XIbupKwEcivjk
jhEGKACnHyI6yOse01Pv9wmA1eikF/qiF3jTEmoVpCno/6RqaWSb8kDVFGOZ6JTA
pIECEpk7O+sE+33FWVXNRIazrRAjzkMYSlMRk2nDVys3wPTvkIJCR85XwQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCacy102r6YD87eL2bL9PMdot1KiMB8GA1UdIwQY
MBaAFG5giDquSR5ft3OpJkAZ/0+IjVylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAt
YjU2MDJkM2RhOGE2LzEvSnB6TFhUYXZwZ1B6dDR2WnN2MDh4MmkzVXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9kOGUwOTYtNDMxMC00MmI5LWJkMjAtYjU2MDJkM2RhOGE2
LzEvYm1DSU9xNUpIbC0zYzZrbVFCbl9UNGlOWEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDX1YwMAwD
BAO8eGgDBAO8eHAwDQQCAAIwBwMFAyoAYcAwDQYJKoZIhvcNAQELBQADggEBADrC
XNuogkA8Sfe21XziABjGdHUsghM8Ail5OwqaT1SN+19UKEAfj8HtqxkrR4eXv8sx
M7SHfi7CooDa7dxg8krfgSr8e8WkPD0CLRIbN2NTZOmrK/bqTjcTWBcJyFNzrWK4
/nJWSU6NQ4pkY/a3Oduwo7myci8c/EhC7bR0gkuGPgbJrF1qIM1zkSpzliPaqnNt
zyjRg8L4OG6b7XyYXbpbrfxlbaIDKgquKrfFVnhWiPcuhRjy8JjFQlvoCZtRWFAg
y7qxGAU0aNUabLRMChDM1F2nvHy15NwSN7++E5hOc4wkYuuFOnrohe3jfuvx6mdp
dCvNMPyH+4R3ujyjT8I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:27 2024 by rpki-client on console-fra.rpki-client.org