Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/AX_JBRyqqzPo_eH5bFUExMHVIMw.roa
File: AX_JBRyqqzPo_eH5bFUExMHVIMw.roa (raw, json)
Hash identifier: H6XImGWq8mh1yyVXc3WYKc3YhjyLmhJdv+QkOEFu//Q=
Subject key identifier: 01:7F:C9:05:1C:AA:AB:33:E8:FD:E1:F9:6C:55:04:C4:C1:D5:20:CC
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01856B40C374590105F950B124B6FE4A9AF4
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/AX_JBRyqqzPo_eH5bFUExMHVIMw.roa
Signing time: Sun 01 Jan 2023 02:54:44 +0000
ROA not before: Sun 01 Jan 2023 02:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12430
IP address blocks: 194.220.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 17
95.60.0.0/14 maxlen: 14
87.235.0.0/16 maxlen: 16
178.139.0.0/16 maxlen: 16
77.208.0.0/14 maxlen: 14
89.6.0.0/15 maxlen: 15
188.84.0.0/14 maxlen: 14
46.136.0.0/16 maxlen: 16
188.211.228.0/22 maxlen: 22
37.222.0.0/15 maxlen: 15
212.166.128.0/17 maxlen: 17
93.113.16.0/21 maxlen: 21
77.224.0.0/13 maxlen: 13
178.57.128.0/18 maxlen: 18
217.130.0.0/16 maxlen: 16
193.125.0.0/16 maxlen: 16
87.125.0.0/16 maxlen: 16
5.224.0.0/15 maxlen: 15
87.124.192.0/18 maxlen: 18
212.145.0.0/16 maxlen: 16
31.4.0.0/16 maxlen: 16
94.248.64.0/18 maxlen: 18
93.113.136.0/21 maxlen: 21
212.73.32.0/19 maxlen: 19
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
46.24.0.0/14 maxlen: 14
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:c3:74:59:01:05:f9:50:b1:24:b6:fe:4a:9a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jan 1 02:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017fc9051caaab33e8fde1f96c5504c4c1d520cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ce:5d:64:56:34:05:41:9e:5c:b1:f3:15:a6:
21:07:f0:aa:a4:78:b1:f4:73:b3:57:7c:a7:62:80:
59:a0:38:27:90:bd:3b:e1:7b:14:58:4d:be:2f:bb:
a5:82:d1:9a:38:67:d4:e6:cc:65:97:f9:85:d0:ea:
cd:9f:4b:a1:80:18:c7:62:6c:e0:9b:3a:62:a4:56:
5b:a3:bb:08:f3:01:5e:3d:57:ec:0e:27:0e:af:45:
58:55:cf:c5:9b:3c:ff:c2:af:f0:80:c8:bc:53:48:
03:cf:1e:a3:81:46:5b:e6:44:f9:c4:c5:59:f1:f5:
06:97:9f:f5:41:5d:bc:c3:fa:93:58:31:d7:da:f7:
18:5c:dc:80:5c:87:e8:96:af:0a:2c:1e:87:d2:51:
19:67:3b:14:d3:5f:ad:ae:5e:14:71:71:01:80:d8:
33:80:ff:f4:63:53:98:d4:c9:da:9b:a0:d6:d7:e0:
88:2a:db:87:eb:18:6e:05:65:5c:f9:77:f9:87:d0:
1c:30:c9:1a:94:7b:f5:99:e4:85:fa:ae:8a:63:08:
00:24:bb:f0:a5:53:66:8a:ca:d2:cb:31:73:ab:cc:
3e:1f:03:29:09:ba:26:d5:5c:3b:f2:38:5a:f5:b5:
ec:3e:e4:b8:20:15:89:97:da:5b:4c:17:8e:6e:42:
93:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7F:C9:05:1C:AA:AB:33:E8:FD:E1:F9:6C:55:04:C4:C1:D5:20:CC
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/AX_JBRyqqzPo_eH5bFUExMHVIMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
93.113.136.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:b8:86:1e:61:53:c2:12:30:0d:e8:9b:62:30:a2:b6:4a:84:
bb:a6:ae:ad:6a:5a:5a:93:56:23:58:e2:91:e7:a8:53:bf:37:
75:66:6e:b5:04:15:cb:03:75:50:67:1c:d5:0a:d5:d4:f8:29:
28:8b:4d:94:38:30:71:c1:a7:12:0f:bb:75:47:b4:cc:9e:cb:
3f:c6:b0:d5:8e:02:b0:ce:5a:db:48:e9:ae:3f:5f:35:2d:90:
83:ff:b7:31:a0:43:8a:88:fb:ed:b6:a5:96:cb:a5:b0:24:8f:
c3:0e:4b:b2:7a:c6:3c:41:f0:6b:b5:39:09:c0:d4:a0:db:44:
89:9b:9c:6a:ff:38:c7:7e:e8:56:62:2a:8e:24:dc:f7:61:1e:
99:58:55:38:5c:40:68:b1:c9:ac:ed:d8:84:1a:91:c2:e8:23:
88:4c:73:53:05:c1:b9:8d:18:eb:20:6d:0c:e1:b0:e6:f2:ca:
37:da:f5:ea:48:4d:09:1a:2c:bd:1c:2b:c8:86:9c:59:98:25:
68:a6:d5:5e:da:35:75:98:e8:cd:03:be:a9:59:93:49:76:61:
61:f8:1c:1f:30:a7:75:c9:63:c3:41:1f:76:39:51:6d:91:55:
9e:4c:e2:66:29:5d:08:59:6f:56:2b:d0:d5:2b:e4:be:17:75:
19:c5:d0:cb
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYVrQMN0WQEF+VCxJLb+Spr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjMwMTAxMDI1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdmYzkwNTFjYWFhYjMzZThmZGUxZjk2YzU1MDRjNGMxZDUyMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis5dZFY0BUGeXLHzFaYhB/CqpHix
9HOzV3ynYoBZoDgnkL074XsUWE2+L7ulgtGaOGfU5sxll/mF0OrNn0uhgBjHYmzg
mzpipFZbo7sI8wFePVfsDicOr0VYVc/Fmzz/wq/wgMi8U0gDzx6jgUZb5kT5xMVZ
8fUGl5/1QV28w/qTWDHX2vcYXNyAXIfolq8KLB6H0lEZZzsU01+trl4UcXEBgNgz
gP/0Y1OY1Mnam6DW1+CIKtuH6xhuBWVc+Xf5h9AcMMkalHv1meSF+q6KYwgAJLvw
pVNmisrSyzFzq8w+HwMpCbom1Vw78jha9bXsPuS4IBWJl9pbTBeObkKTBwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFAF/yQUcqqsz6P3h+WxVBMTB1SDMMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvQVhfSkJSeXFxelBvX2VINWJGVUV4TUhWSU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IAwQHPlcAAwMCTdADAwNN4DALAwQGV3zAAwMB
V3wDAwBX6wMDAVkGAwQDXXEQAwQDXXGIAwQGXvhAAwMCXzwDAwCUOAMDAJ+TAwQG
sjmAAwMAsosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQMEB9SmgAMD
ANmCMA0GCSqGSIb3DQEBCwUAA4IBAQAcuIYeYVPCEjAN6JtiMKK2SoS7pq6talpa
k1YjWOKR56hTvzd1Zm61BBXLA3VQZxzVCtXU+Ckoi02UODBxwacSD7t1R7TMnss/
xrDVjgKwzlrbSOmuP181LZCD/7cxoEOKiPvttqWWy6WwJI/DDkuyesY8QfBrtTkJ
wNSg20SJm5xq/zjHfuhWYiqOJNz3YR6ZWFU4XEBoscms7diEGpHC6COITHNTBcG5
jRjrIG0M4bDm8so32vXqSE0JGiy9HCvIhpxZmCVoptVe2jV1mOjNA76pWZNJdmFh
+BwfMKd1yWPDQR92OVFtkVWeTOJmKV0IWW9WK9DVK+S+F3UZxdDL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:05 2025 by rpki-client