Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/JCj2XVJommVPo5_Y_P74bQK0NNs.roa
File: JCj2XVJommVPo5_Y_P74bQK0NNs.roa (raw, json)
Hash identifier: eNbzC2kJH9JonRRSWSQpsPW8DoE/2M01qbcDQqZDIKI=
Subject key identifier: 24:28:F6:5D:52:68:9A:65:4F:A3:9F:D8:FC:FE:F8:6D:02:B4:34:DB
Certificate issuer: /CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Certificate serial: 09AAC51E
Authority key identifier: 8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/JCj2XVJommVPo5_Y_P74bQK0NNs.roa
Signing time: Sat 01 Jan 2022 05:57:18 +0000
ROA not before: Sat 01 Jan 2022 05:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209936
IP address blocks: 185.242.164.0/22 maxlen: 22
2a0c:e780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162186526 (0x9aac51e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8acddd5c30d580eb0feeca2a16cf5c5a8b2568fd
Validity
Not Before: Jan 1 05:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2428f65d52689a654fa39fd8fcfef86d02b434db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f8:58:f7:d0:d9:cb:d9:44:9d:ac:c2:1e:82:
ae:02:17:68:22:2b:0b:91:fb:e0:7b:d9:e8:98:63:
ae:da:4c:c3:c4:11:b3:4f:ec:88:1b:de:40:df:0e:
62:0b:07:e7:26:06:7b:94:1b:67:e9:4a:e1:09:d9:
a1:15:ff:d7:44:00:9e:98:d9:ed:64:1b:03:7a:15:
6d:99:32:cc:e2:55:5d:29:44:8a:72:7e:11:3b:62:
d7:79:c7:8a:82:d8:68:3c:61:fd:68:6b:ba:25:2a:
b8:7f:89:a8:63:86:72:af:4c:79:0b:25:25:fc:48:
1e:26:8b:e1:6a:b3:1f:97:c9:3b:06:96:6c:7a:71:
e6:bc:07:95:8e:df:0b:4f:d5:17:0d:b5:f7:ec:14:
9f:37:63:46:91:08:6a:de:51:4f:be:e8:b9:e9:c8:
51:4c:f3:9b:64:46:3e:87:e1:46:38:87:53:d4:69:
6a:fb:38:77:1c:57:be:41:46:71:a0:4d:e8:56:88:
06:18:59:c9:ab:9e:a0:a3:25:4a:7b:04:fc:e4:4a:
14:29:9f:dc:41:92:3e:da:8b:00:70:80:b9:78:3f:
9f:30:f2:a4:ea:e2:3c:84:dc:e3:45:8c:a8:16:b7:
06:3d:14:2d:c8:4a:ab:c7:16:51:a4:42:3a:39:cd:
89:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:28:F6:5D:52:68:9A:65:4F:A3:9F:D8:FC:FE:F8:6D:02:B4:34:DB
X509v3 Authority Key Identifier:
keyid:8A:CD:DD:5C:30:D5:80:EB:0F:EE:CA:2A:16:CF:5C:5A:8B:25:68:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is3dXDDVgOsP7soqFs9cWoslaP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/JCj2XVJommVPo5_Y_P74bQK0NNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/25aca7-7e28-487c-86d2-17b1c7379300/1/is3dXDDVgOsP7soqFs9cWoslaP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.164.0/22
IPv6:
2a0c:e780::/29
Signature Algorithm: sha256WithRSAEncryption
26:5b:ba:8d:b9:4b:1c:ed:5e:44:11:1e:42:4f:59:2d:1e:da:
d8:a9:0d:17:03:5b:a0:ed:84:6c:14:7a:46:2f:ea:ec:0b:6d:
95:b5:e6:49:ca:b6:a4:2f:73:ed:7a:51:1e:c6:97:57:51:49:
5c:7b:51:07:78:f6:f5:b4:0e:98:71:0d:74:2c:74:1d:d3:a7:
d5:7b:33:2e:f9:6a:a9:8c:0f:6f:ec:a2:b6:2d:e2:7e:3e:ad:
31:bf:07:a1:c1:47:7c:55:a6:57:99:ca:cd:3c:a3:22:07:97:
17:8e:a0:f0:8c:15:3a:77:93:ad:6a:29:53:43:3f:b9:52:12:
07:0b:89:bb:d4:c9:a2:95:a4:e6:78:2b:16:0e:bc:27:64:6a:
3b:5b:8d:fd:c1:d9:d0:8b:b3:13:60:a9:31:a3:32:88:b3:2e:
1d:fc:81:c7:74:c1:29:1f:b9:f0:5c:f1:4e:36:96:70:ea:67:
d5:95:4d:ec:9d:8a:b5:89:2d:c2:61:ed:5d:09:f3:af:3a:20:
ed:45:12:e1:2a:74:b1:b1:4f:a8:6a:30:48:e9:b6:6c:03:9d:
de:08:f5:47:ef:65:0e:52:06:9b:c7:23:cf:34:8f:96:e1:dd:
34:b5:7e:78:95:2f:8b:81:3b:84:53:c2:2b:4c:2b:fd:48:85:
ec:a5:b8:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECarFHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YWNkZGQ1YzMwZDU4MGViMGZlZWNhMmExNmNmNWM1YThiMjU2OGZkMB4XDTIyMDEw
MTA1NTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQyOGY2NWQ1MjY4
OWE2NTRmYTM5ZmQ4ZmNmZWY4NmQwMmI0MzRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK34WPfQ2cvZRJ2swh6CrgIXaCIrC5H74HvZ6JhjrtpMw8QR
s0/siBveQN8OYgsH5yYGe5QbZ+lK4QnZoRX/10QAnpjZ7WQbA3oVbZkyzOJVXSlE
inJ+ETti13nHioLYaDxh/WhruiUquH+JqGOGcq9MeQslJfxIHiaL4WqzH5fJOwaW
bHpx5rwHlY7fC0/VFw219+wUnzdjRpEIat5RT77ouenIUUzzm2RGPofhRjiHU9Rp
avs4dxxXvkFGcaBN6FaIBhhZyaueoKMlSnsE/ORKFCmf3EGSPtqLAHCAuXg/nzDy
pOriPITc40WMqBa3Bj0ULchKq8cWUaRCOjnNiU8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQkKPZdUmiaZU+jn9j8/vhtArQ02zAfBgNVHSMEGDAWgBSKzd1cMNWA6w/u
yioWz1xaiyVo/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lzM2RYRERWZ09zUDdzb3FGczljV29zbGFQMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvMjVhY2E3LTdlMjgtNDg3Yy04NmQyLTE3YjFjNzM3OTMwMC8x
L0pDajJYVkpvbW1WUG81X1lfUDc0YlFLME5Ocy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
MjVhY2E3LTdlMjgtNDg3Yy04NmQyLTE3YjFjNzM3OTMwMC8xL2lzM2RYRERWZ09z
UDdzb3FGczljV29zbGFQMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnypDANBAIAAjAHAwUDKgzngDAN
BgkqhkiG9w0BAQsFAAOCAQEAJlu6jblLHO1eRBEeQk9ZLR7a2KkNFwNboO2EbBR6
Ri/q7AttlbXmScq2pC9z7XpRHsaXV1FJXHtRB3j29bQOmHENdCx0HdOn1XszLvlq
qYwPb+yiti3ifj6tMb8HocFHfFWmV5nKzTyjIgeXF46g8IwVOneTrWopU0M/uVIS
BwuJu9TJopWk5ngrFg68J2RqO1uN/cHZ0IuzE2CpMaMyiLMuHfyBx3TBKR+58Fzx
TjaWcOpn1ZVN7J2KtYktwmHtXQnzrzog7UUS4Sp0sbFPqGowSOm2bAOd3gj1R+9l
DlIGm8cjzzSPluHdNLV+eJUvi4E7hFPCK0wr/UiF7KW4wQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:54 2023 by rpki-client on console-ams.rpki-client.org