Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa
File: jwsk4aAf4YF4mIppbYnjmldnXLg.roa (raw, json)
Hash identifier: iNuFpKg7p3G6oAQYaRxc6GqfaKJTn6T3vAzpUyhEwMg=
Subject key identifier: 8F:0B:24:E1:A0:1F:E1:81:78:98:8A:69:6D:89:E3:9A:57:67:5C:B8
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 06B59109
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa
Signing time: Sat 01 Jan 2022 01:53:56 +0000
ROA not before: Sat 01 Jan 2022 01:53:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209984
IP address blocks: 194.15.219.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.40.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112562441 (0x6b59109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Jan 1 01:53:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f0b24e1a01fe18178988a696d89e39a57675cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:29:89:ab:d5:c6:83:7c:a2:ca:71:5a:ae:31:
57:f6:43:68:7e:82:13:cd:bd:74:6f:35:77:c6:26:
2a:08:b2:6d:0e:ec:5a:23:88:1e:62:cc:d7:f2:d6:
00:06:15:8d:1b:8d:09:5b:4f:b3:c6:ba:c7:78:90:
3a:09:a2:24:50:77:8b:e9:44:b6:41:61:c3:e6:03:
bd:e4:77:b0:67:25:83:9b:c6:ec:c5:79:be:f7:14:
2c:5d:49:ff:49:b7:5a:76:2e:e5:e2:c1:22:28:35:
e4:52:04:45:33:67:a2:ad:8a:99:32:e1:a5:67:9f:
46:3b:05:a6:ea:f1:a3:6d:a9:f9:d0:30:a6:4e:6e:
02:36:b1:f3:d2:59:9f:29:35:e0:b6:99:ec:7e:20:
2c:9e:81:c9:a0:db:9a:b6:6a:f6:77:83:66:d7:44:
82:f9:7d:ec:b6:98:8a:01:76:9b:c5:e5:77:bb:66:
94:78:23:22:7b:1e:3d:77:04:99:bb:da:11:21:41:
15:1b:35:95:5d:54:6a:39:e3:a8:e7:fb:55:d9:de:
91:37:96:11:6b:e4:c1:3a:0d:c2:47:7b:d7:8c:93:
52:cf:e4:e6:db:e5:39:61:0d:57:6f:c2:53:e0:18:
4b:bf:4e:f0:23:f5:8e:01:80:23:d6:88:fd:a6:93:
80:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:0B:24:E1:A0:1F:E1:81:78:98:8A:69:6D:89:E3:9A:57:67:5C:B8
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/jwsk4aAf4YF4mIppbYnjmldnXLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e8:8c:8f:42:cf:31:f8:7a:ff:cd:7e:51:7e:20:ec:8d:82:
3a:0a:0c:9d:e5:0f:d4:3a:8a:94:43:c8:ab:7b:44:90:91:19:
de:de:64:1c:19:b8:d5:eb:18:db:06:11:fc:26:58:5e:c6:a1:
a1:99:73:07:b9:9d:56:2b:8a:55:d2:a2:71:46:8c:d1:2b:ab:
11:3e:7b:4a:3e:7a:2c:f5:c8:11:89:4a:89:54:2d:d0:b7:78:
ff:a0:0e:eb:4a:e9:1f:cd:fe:48:75:79:74:53:e1:66:bc:f1:
af:5f:30:27:6f:d3:ee:07:ff:0b:12:eb:f9:b9:24:7e:59:fa:
39:78:4f:64:e9:9c:bd:60:1d:79:70:06:6d:fb:c8:58:eb:dc:
2b:8a:e7:4d:64:e8:61:93:e9:70:e2:3a:2c:29:c2:46:88:6c:
da:16:c4:09:6b:a9:bb:9e:7b:e5:42:47:b8:5d:af:46:17:d0:
fe:20:e2:8b:22:8d:5c:ac:62:a3:fb:ae:cc:cc:1c:0d:e8:e1:
2b:96:9a:7b:db:5e:c1:df:09:ee:0e:50:f2:dd:b1:41:c5:6a:
3e:c5:af:35:2a:77:d1:55:57:01:87:d4:b1:b7:6f:72:7c:a3:
ac:20:ed:44:66:4d:0b:5b:34:9b:6d:95:4e:e6:da:6d:85:53:
dd:c4:91:c4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBrWRCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTliODZmOTllMmQ2YmRlMTRmYTg3OTlkZTcxY2U0MWI5ODAyMGI5MB4XDTIyMDEw
MTAxNTM1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYwYjI0ZTFhMDFm
ZTE4MTc4OTg4YTY5NmQ4OWUzOWE1NzY3NWNiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEpiavVxoN8ospxWq4xV/ZDaH6CE829dG81d8YmKgiybQ7s
WiOIHmLM1/LWAAYVjRuNCVtPs8a6x3iQOgmiJFB3i+lEtkFhw+YDveR3sGclg5vG
7MV5vvcULF1J/0m3WnYu5eLBIig15FIERTNnoq2KmTLhpWefRjsFpurxo22p+dAw
pk5uAjax89JZnyk14LaZ7H4gLJ6ByaDbmrZq9neDZtdEgvl97LaYigF2m8Xld7tm
lHgjInsePXcEmbvaESFBFRs1lV1UajnjqOf7VdnekTeWEWvkwToNwkd714yTUs/k
5tvlOWENV2/CU+AYS79O8CP1jgGAI9aI/aaTgH0CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSPCyThoB/hgXiYimltieOaV2dcuDAfBgNVHSMEGDAWgBQFm4b5ni1r3hT6
h5necc5BuYAguTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JadUctWjR0YTk0VS1vZVozbkhPUWJtQUlMay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMzU4NDE2LTI3NTItNDE1OS1hZGQ2LWNjM2ZiMzUxZTMzNi8x
L2p3c2s0YUFmNFlGNG1JcHBiWW5qbWxkblhMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MzU4NDE2LTI3NTItNDE1OS1hZGQ2LWNjM2ZiMzUxZTMzNi8xL0JadUctWjR0YTk0
VS1vZVozbkhPUWJtQUlMay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFko7gMEAFkrSAMEAFkrxgMEAFks
kQMEAMIP2wMEAMIP6AMEAMIP7AMEAMIaATANBgkqhkiG9w0BAQsFAAOCAQEAGeiM
j0LPMfh6/81+UX4g7I2COgoMneUP1DqKlEPIq3tEkJEZ3t5kHBm41esY2wYR/CZY
XsahoZlzB7mdViuKVdKicUaM0SurET57Sj56LPXIEYlKiVQt0Ld4/6AO60rpH83+
SHV5dFPhZrzxr18wJ2/T7gf/CxLr+bkkfln6OXhPZOmcvWAdeXAGbfvIWOvcK4rn
TWToYZPpcOI6LCnCRohs2hbECWupu5575UJHuF2vRhfQ/iDiiyKNXKxio/uuzMwc
DejhK5aae9tewd8J7g5Q8t2xQcVqPsWvNSp30VVXAYfUsbdvcnyjrCDtRGZNC1s0
m22VTubabYVT3cSRxA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org