Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jYRdWxFjr_q29Yn4BYVRLW4wlyU.roa
File: jYRdWxFjr_q29Yn4BYVRLW4wlyU.roa (raw, json)
Hash identifier: IkZNMMbkd3ElvAe+wk9HFBzebkxg/qB062YEj5bxKeI=
Subject key identifier: 8D:84:5D:5B:11:63:AF:FA:B6:F5:89:F8:05:85:51:2D:6E:30:97:25
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0183B351FB67E657F6E42F79F9366EB137FC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jYRdWxFjr_q29Yn4BYVRLW4wlyU.roa
Signing time: Fri 07 Oct 2022 16:40:37 +0000
ROA not before: Fri 07 Oct 2022 16:40:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8474
IP address blocks: 194.50.200.0/23 maxlen: 24
195.138.96.0/19 maxlen: 24
194.50.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b3:51:fb:67:e6:57:f6:e4:2f:79:f9:36:6e:b1:37:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Oct 7 16:40:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d845d5b1163affab6f589f80585512d6e309725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4d:0d:ad:b4:d3:2f:c5:23:93:c8:15:8b:e7:
56:c0:b5:84:35:70:f1:1b:17:ec:46:52:de:c7:a3:
d7:86:02:cc:82:2c:84:52:ca:2f:20:72:58:ed:a2:
27:06:40:1b:56:1c:db:01:ff:c9:34:2f:87:d7:97:
2b:7a:a6:6d:93:13:8e:28:be:bb:f1:96:5b:55:05:
a6:f6:1f:5a:c4:ca:52:d0:dc:60:fe:47:c2:7e:9b:
4c:6d:bf:2e:fe:7a:37:f3:1f:e3:d3:45:a6:c7:3f:
a2:0b:f0:73:ad:19:ab:dd:f6:71:42:3c:c5:18:4a:
d6:4a:35:58:91:a4:d5:79:40:c5:4b:10:87:2a:ef:
c3:a2:9f:89:9a:dd:ac:9f:a6:6d:98:51:7b:60:6a:
20:d9:d4:d5:67:0f:36:52:c0:f8:1c:63:8c:a9:bc:
d7:71:c0:25:21:3e:32:73:ba:47:ac:83:1b:25:48:
17:0f:cd:9f:2d:b4:94:cd:e6:80:cd:b9:4c:6a:3c:
50:a9:77:e1:e0:67:15:a3:6c:e4:43:49:e8:ec:0d:
e2:2a:c7:fd:b3:01:db:a7:1d:5c:6b:e6:6b:21:4b:
44:6f:49:82:60:e4:fb:7e:f6:02:43:54:6b:a8:eb:
71:1e:17:37:43:1d:55:98:45:a0:90:ee:1e:a9:8f:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:84:5D:5B:11:63:AF:FA:B6:F5:89:F8:05:85:51:2D:6E:30:97:25
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/jYRdWxFjr_q29Yn4BYVRLW4wlyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
67:c6:67:53:3e:e6:80:18:ec:e1:94:31:a0:53:33:79:2f:22:
19:a8:92:3a:af:71:9c:8d:20:0c:5a:9f:ef:d4:24:4c:03:f1:
86:e5:85:0d:21:46:c0:fb:72:3f:46:91:35:fa:9d:4a:6d:c1:
b7:81:0b:74:9a:db:4c:aa:10:96:13:5d:e5:5e:a2:a6:01:5a:
54:99:88:6f:98:1e:76:78:36:32:15:a0:1a:2c:08:87:b9:7a:
cf:35:f0:7d:f5:b1:44:67:2f:a5:82:b2:3e:e6:a6:46:0e:1e:
15:d7:e2:e0:af:42:50:be:b3:5e:f9:50:87:9b:a4:b1:0f:dc:
4b:32:49:5f:34:2d:a6:09:8d:39:81:42:4c:8d:30:57:56:07:
ee:8b:e7:80:fa:38:c4:73:a6:4d:8d:09:27:69:e4:10:56:82:
19:e2:af:f2:7e:df:94:e4:68:66:62:87:34:45:45:ba:8b:45:
2f:42:22:da:10:b8:78:af:d7:a9:50:7d:af:de:74:25:d3:28:
47:79:35:f7:a6:b8:0f:81:5e:2a:95:34:d8:4c:24:b1:11:2f:
72:d6:ae:bb:a3:77:60:15:6a:7e:24:55:39:2f:a0:eb:6e:76:
5e:d2:09:82:3f:19:bb:75:f2:41:75:3c:21:d7:d1:82:4d:e5:
1f:4c:29:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOzUftn5lf25C95+TZusTf8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMDA3MTY0MDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDg0NWQ1YjExNjNhZmZhYjZmNTg5ZjgwNTg1NTEyZDZlMzA5NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE0NrbTTL8Ujk8gVi+dWwLWENXDx
GxfsRlLex6PXhgLMgiyEUsovIHJY7aInBkAbVhzbAf/JNC+H15creqZtkxOOKL67
8ZZbVQWm9h9axMpS0Nxg/kfCfptMbb8u/no38x/j00Wmxz+iC/BzrRmr3fZxQjzF
GErWSjVYkaTVeUDFSxCHKu/Dop+Jmt2sn6ZtmFF7YGog2dTVZw82UsD4HGOMqbzX
ccAlIT4yc7pHrIMbJUgXD82fLbSUzeaAzblMajxQqXfh4GcVo2zkQ0no7A3iKsf9
swHbpx1ca+ZrIUtEb0mCYOT7fvYCQ1RrqOtxHhc3Qx1VmEWgkO4eqY/9SwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI2EXVsRY6/6tvWJ+AWFUS1uMJclMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvallSZFd4RmpyX3EyOVluNEJZVlJMVzR3bHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwjLIAwQB
wjLOAwQFw4pgMA0GCSqGSIb3DQEBCwUAA4IBAQBnxmdTPuaAGOzhlDGgUzN5LyIZ
qJI6r3GcjSAMWp/v1CRMA/GG5YUNIUbA+3I/RpE1+p1KbcG3gQt0mttMqhCWE13l
XqKmAVpUmYhvmB52eDYyFaAaLAiHuXrPNfB99bFEZy+lgrI+5qZGDh4V1+Lgr0JQ
vrNe+VCHm6SxD9xLMklfNC2mCY05gUJMjTBXVgfui+eA+jjEc6ZNjQknaeQQVoIZ
4q/yft+U5GhmYoc0RUW6i0UvQiLaELh4r9epUH2v3nQl0yhHeTX3prgPgV4qlTTY
TCSxES9y1q67o3dgFWp+JFU5L6DrbnZe0gmCPxm7dfJBdTwh19GCTeUfTCkE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org