Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa
File: JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa (raw, json)
Hash identifier: t/QQr9KDxwUxDVBlek3MVAeF5cKGaCEeU7lv23rB7Hw=
Subject key identifier: 25:B5:50:49:BD:9E:1E:22:97:B9:7E:85:74:95:13:67:8A:F1:56:76
Certificate issuer: /CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
Certificate serial: 0184F15FD526BAF35861858422B266A652E6
Authority key identifier: E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa
Signing time: Thu 08 Dec 2022 10:55:00 +0000
ROA not before: Thu 08 Dec 2022 10:55:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8560
IP address blocks: 109.228.0.0/18 maxlen: 24
217.174.240.0/20 maxlen: 24
93.90.192.0/20 maxlen: 24
79.99.40.0/21 maxlen: 24
77.68.0.0/17 maxlen: 24
185.132.36.0/22 maxlen: 24
88.208.192.0/18 maxlen: 24
213.171.192.0/19 maxlen: 24
185.132.40.0/22 maxlen: 24
2a00:da00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:5f:d5:26:ba:f3:58:61:85:84:22:b2:66:a6:52:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e796ffbbdf44efc1e8e10200d49da8eed0a3b71e
Validity
Not Before: Dec 8 10:55:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25b55049bd9e1e2297b97e85749513678af15676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:26:c8:4b:5f:d1:a8:a6:13:da:a9:68:59:48:
1a:ff:39:8b:02:68:84:4f:72:6d:a0:04:b8:ab:69:
91:ed:8e:1e:03:ec:eb:a2:27:33:ae:dc:7f:03:42:
6a:61:ff:6d:b6:2c:2e:7e:c1:a7:26:ba:43:25:e3:
b6:6e:35:83:9d:85:6d:22:97:79:bd:04:f4:05:41:
80:65:15:ab:ba:5c:f9:d4:bd:33:e3:4f:29:83:c4:
34:72:cb:f3:ea:aa:76:d4:4f:56:6b:2d:40:5f:bf:
f6:df:d1:7f:d3:94:5d:e7:ef:5a:36:36:f5:ff:33:
1f:5f:40:e9:73:1d:4b:5e:a8:41:70:c1:6d:37:3f:
52:c1:61:ae:23:d9:df:b7:4b:a6:a8:10:31:12:a0:
89:90:34:ca:d5:bb:be:5c:c0:94:a6:91:3d:74:16:
3e:ad:ef:1a:b0:46:d6:ca:ce:84:79:4e:51:53:51:
d9:11:47:9e:89:84:68:da:d0:00:8e:d3:aa:9d:04:
48:82:c1:3a:11:aa:e9:59:76:54:69:65:c7:76:c3:
5a:2f:a6:dc:4d:63:5a:df:93:ee:ac:67:c9:3b:05:
6d:fa:86:93:74:a7:1b:aa:93:6a:a3:80:ff:3c:31:
d3:04:22:1d:30:aa:2e:42:19:01:60:72:17:21:29:
fe:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B5:50:49:BD:9E:1E:22:97:B9:7E:85:74:95:13:67:8A:F1:56:76
X509v3 Authority Key Identifier:
keyid:E7:96:FF:BB:DF:44:EF:C1:E8:E1:02:00:D4:9D:A8:EE:D0:A3:B7:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55b_u99E78Ho4QIA1J2o7tCjtx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/JbVQSb2eHiKXuX6FdJUTZ4rxVnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/ca1cf4-acac-4555-bc40-e4322c9dde9c/1/55b_u99E78Ho4QIA1J2o7tCjtx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.68.0.0/17
79.99.40.0/21
88.208.192.0/18
93.90.192.0/20
109.228.0.0/18
185.132.36.0-185.132.43.255
213.171.192.0/19
217.174.240.0/20
IPv6:
2a00:da00::/32
Signature Algorithm: sha256WithRSAEncryption
52:ba:58:c7:fa:e2:ec:da:1c:f2:e0:25:93:bb:52:bf:24:05:
b6:3c:6d:f0:6e:76:da:10:a1:4c:2d:9b:53:cc:d4:03:c1:c7:
90:13:cd:92:36:6c:42:5f:c0:ea:b9:c6:56:48:97:7b:ce:78:
5e:4c:43:2c:33:5c:9b:f5:f8:1c:1e:34:05:35:4b:c8:c0:0d:
d0:53:60:74:bb:b3:76:db:34:63:dc:a1:ff:af:e2:e3:ec:da:
51:c8:b2:1c:8a:1c:ff:f5:9d:86:34:3d:de:34:95:06:73:82:
f7:3f:b7:84:0c:cc:56:f5:06:5d:22:4f:d8:90:99:91:9d:98:
8b:29:e4:3c:df:a7:93:dc:a3:fd:72:ae:13:c8:6f:5f:7b:57:
f3:18:58:da:e3:37:89:02:08:ba:ab:9d:1f:33:c5:10:55:6a:
34:35:22:08:ab:93:6a:9e:c0:3e:e4:4c:3a:2b:13:7b:b1:6b:
e8:37:81:38:75:b2:d1:1e:26:86:21:87:9c:73:5e:cc:a0:e5:
b3:87:3a:38:e1:c4:97:93:ff:51:8d:17:17:7e:d9:64:6f:fd:
31:0e:d2:56:44:b9:6a:6f:ed:c3:22:ee:ab:e1:64:3c:5b:91:
40:cf:3b:c5:ae:0d:ce:ef:3b:37:c2:6f:43:bd:fc:99:66:77:
f6:68:0a:6c
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYTxX9UmuvNYYYWEIrJmplLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3OTZmZmJiZGY0NGVmYzFlOGUxMDIwMGQ0OWRhOGVlZDBh
M2I3MWUwHhcNMjIxMjA4MTA1NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWI1NTA0OWJkOWUxZTIyOTdiOTdlODU3NDk1MTM2NzhhZjE1Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCbIS1/RqKYT2qloWUga/zmLAmiE
T3JtoAS4q2mR7Y4eA+zroiczrtx/A0JqYf9ttiwufsGnJrpDJeO2bjWDnYVtIpd5
vQT0BUGAZRWrulz51L0z408pg8Q0csvz6qp21E9Way1AX7/239F/05Rd5+9aNjb1
/zMfX0Dpcx1LXqhBcMFtNz9SwWGuI9nft0umqBAxEqCJkDTK1bu+XMCUppE9dBY+
re8asEbWys6EeU5RU1HZEUeeiYRo2tAAjtOqnQRIgsE6EarpWXZUaWXHdsNaL6bc
TWNa35PurGfJOwVt+oaTdKcbqpNqo4D/PDHTBCIdMKouQhkBYHIXISn+3wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCW1UEm9nh4il7l+hXSVE2eK8VZ2MB8GA1UdIwQY
MBaAFOeW/7vfRO/B6OECANSdqO7Qo7ceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAt
ZTQzMjJjOWRkZTljLzEvSmJWUVNiMmVIaUtYdVg2RmRKVVRaNHJ4Vm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9jYTFjZjQtYWNhYy00NTU1LWJjNDAtZTQzMjJjOWRkZTlj
LzEvNTViX3U5OUU3OEhvNFFJQTFKMm83dENqdHg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQHTUQAAwQD
T2MoAwQGWNDAAwQEXVrAAwQGbeQAMAwDBAK5hCQDBAK5hCgDBAXVq8ADBATZrvAw
DQQCAAIwBwMFACoA2gAwDQYJKoZIhvcNAQELBQADggEBAFK6WMf64uzaHPLgJZO7
Ur8kBbY8bfBudtoQoUwtm1PM1APBx5ATzZI2bEJfwOq5xlZIl3vOeF5MQywzXJv1
+BweNAU1S8jADdBTYHS7s3bbNGPcof+v4uPs2lHIshyKHP/1nYY0Pd40lQZzgvc/
t4QMzFb1Bl0iT9iQmZGdmIsp5Dzfp5Pco/1yrhPIb197V/MYWNrjN4kCCLqrnR8z
xRBVajQ1Igirk2qewD7kTDorE3uxa+g3gTh1stEeJoYhh5xzXsyg5bOHOjjhxJeT
/1GNFxd+2WRv/TEO0lZEuWpv7cMi7qvhZDxbkUDPO8WuDc7vOzfCb0O9/Jlmd/Zo
Cmw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:46 2024 by rpki-client on console-ams.rpki-client.org