Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/jDPJM1LwmWCv631JrWDcNg8aTMs.roa
File: jDPJM1LwmWCv631JrWDcNg8aTMs.roa (raw, json)
Hash identifier: QvOnyz9UaZC96GPIS2f5e6i+Tz+NjRPX0J/DwRn2hqI=
Subject key identifier: 8C:33:C9:33:52:F0:99:60:AF:EB:7D:49:AD:60:DC:36:0F:1A:4C:CB
Certificate issuer: /CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Certificate serial: 99AC43
Authority key identifier: 85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/jDPJM1LwmWCv631JrWDcNg8aTMs.roa
Signing time: Sat 01 Jan 2022 01:57:20 +0000
ROA not before: Sat 01 Jan 2022 01:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42334
IP address blocks: 77.235.148.0/24 maxlen: 24
185.131.39.0/24 maxlen: 24
77.235.147.0/24 maxlen: 24
77.235.146.0/24 maxlen: 24
77.235.151.0/24 maxlen: 24
77.235.150.0/24 maxlen: 24
77.235.149.0/24 maxlen: 24
77.235.152.0/24 maxlen: 24
77.235.158.0/24 maxlen: 24
77.235.157.0/24 maxlen: 24
77.235.159.0/24 maxlen: 24
77.235.154.0/24 maxlen: 24
77.235.130.0/24 maxlen: 24
77.235.129.0/24 maxlen: 24
77.235.128.0/24 maxlen: 24
77.235.132.0/24 maxlen: 24
77.235.131.0/24 maxlen: 24
77.235.134.0/24 maxlen: 24
77.235.133.0/24 maxlen: 24
77.235.137.0/24 maxlen: 24
77.235.136.0/24 maxlen: 24
77.235.135.0/24 maxlen: 24
77.235.139.0/24 maxlen: 24
77.235.138.0/24 maxlen: 24
77.235.144.0/24 maxlen: 24
185.131.36.0/24 maxlen: 24
77.235.143.0/24 maxlen: 24
185.131.38.0/24 maxlen: 24
77.235.145.0/24 maxlen: 24
185.131.37.0/24 maxlen: 24
77.235.141.0/24 maxlen: 24
77.235.140.0/24 maxlen: 24
2a02:4180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10071107 (0x99ac43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85e1567b1681833c944a5f2640a9e03be8ef0bf4
Validity
Not Before: Jan 1 01:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c33c93352f09960afeb7d49ad60dc360f1a4ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f0:f5:1a:92:0a:74:82:e7:15:32:b5:f0:7f:
b6:d0:ea:9e:de:c6:97:6a:3f:30:2d:ab:42:7c:40:
d0:b4:22:83:32:48:39:13:ee:c9:c6:79:5d:85:8e:
3c:3b:8d:af:82:3d:eb:eb:92:36:95:51:b2:79:78:
9e:29:29:f0:75:55:00:57:a6:c4:48:01:61:08:fa:
63:25:89:4d:09:e2:e5:fd:21:92:c1:35:fd:27:a0:
6f:87:ed:30:98:9e:80:24:7d:73:13:c9:c7:c1:16:
6f:40:7e:a8:48:ca:bd:ac:37:7b:df:63:c5:98:f6:
b9:3d:7f:ce:ad:59:20:3a:c5:12:69:fc:08:0f:6a:
fb:7a:73:61:b4:1e:1c:4b:82:c2:b7:ae:57:08:a4:
20:63:de:f7:79:e0:13:48:e8:ce:3f:dd:d0:56:af:
41:a0:a2:8e:07:3a:93:1d:df:38:33:ae:53:79:7c:
af:7a:37:64:24:7e:b3:90:12:d8:58:82:da:85:9a:
e0:5e:a7:f1:3b:88:8b:4c:ad:c2:c5:9e:6a:5e:6b:
b5:ae:28:b1:64:77:cb:01:70:49:01:20:28:23:f3:
c3:79:fa:15:03:f2:48:69:03:9c:72:a8:00:8e:3b:
d0:a0:44:4d:a3:72:15:0e:f5:8b:cc:c0:dc:b9:c8:
09:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:33:C9:33:52:F0:99:60:AF:EB:7D:49:AD:60:DC:36:0F:1A:4C:CB
X509v3 Authority Key Identifier:
keyid:85:E1:56:7B:16:81:83:3C:94:4A:5F:26:40:A9:E0:3B:E8:EF:0B:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/heFWexaBgzyUSl8mQKngO-jvC_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/jDPJM1LwmWCv631JrWDcNg8aTMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/df4945-f532-4a01-a7fa-53a998de63e3/1/heFWexaBgzyUSl8mQKngO-jvC_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.128.0-77.235.141.255
77.235.143.0-77.235.152.255
77.235.154.0/24
77.235.157.0-77.235.159.255
185.131.36.0/22
IPv6:
2a02:4180::/32
Signature Algorithm: sha256WithRSAEncryption
58:56:98:2c:61:3f:45:25:1e:32:01:ec:fe:43:d4:3d:47:22:
8f:01:f3:97:4c:18:5c:d4:67:79:64:96:d7:7c:c9:ff:fb:b6:
bd:f2:67:d8:ac:cc:11:b3:ac:8b:44:54:ef:84:d2:ef:1b:26:
4a:f7:6e:83:9b:65:b0:ed:37:de:44:de:b0:d1:19:43:93:fe:
31:8a:c2:d5:85:1a:22:4f:06:2c:2c:17:f0:80:11:1f:69:9a:
14:b9:72:68:fa:34:76:b9:05:98:20:21:ca:31:2e:1f:d2:6e:
d4:e0:74:3b:c7:f8:4a:13:09:59:20:7a:db:b7:8a:a8:6e:30:
ec:ca:d1:da:8e:95:c5:44:72:30:6e:35:6b:98:03:f7:af:86:
d8:c8:75:74:2d:ca:66:79:57:6f:f5:b0:45:ab:33:ab:7d:3e:
09:1d:b9:db:d9:8b:ab:d3:f9:0a:83:50:1c:0b:bb:68:f9:54:
08:b3:3d:06:9e:d4:ae:48:9f:78:33:25:c4:f1:29:52:77:a3:
37:34:3d:30:b4:6d:f8:09:48:0b:9d:12:e5:6e:c5:cb:84:b6:
3c:42:57:86:31:7f:0a:09:a5:12:f6:ba:9a:04:60:52:31:a8:
da:83:4f:9e:a1:5f:cf:cf:ee:26:26:33:56:49:cf:3d:16:c6:
a1:5d:7c:cf
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEAJmsQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWUxNTY3YjE2ODE4MzNjOTQ0YTVmMjY0MGE5ZTAzYmU4ZWYwYmY0MB4XDTIyMDEw
MTAxNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMzM2M5MzM1MmYw
OTk2MGFmZWI3ZDQ5YWQ2MGRjMzYwZjFhNGNjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDw9RqSCnSC5xUytfB/ttDqnt7Gl2o/MC2rQnxA0LQigzJI
ORPuycZ5XYWOPDuNr4I96+uSNpVRsnl4nikp8HVVAFemxEgBYQj6YyWJTQni5f0h
ksE1/Segb4ftMJiegCR9cxPJx8EWb0B+qEjKvaw3e99jxZj2uT1/zq1ZIDrFEmn8
CA9q+3pzYbQeHEuCwreuVwikIGPe93ngE0jozj/d0FavQaCijgc6kx3fODOuU3l8
r3o3ZCR+s5AS2FiC2oWa4F6n8TuIi0ytwsWeal5rta4osWR3ywFwSQEgKCPzw3n6
FQPySGkDnHKoAI470KBETaNyFQ71i8zA3LnICSkCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSMM8kzUvCZYK/rfUmtYNw2DxpMyzAfBgNVHSMEGDAWgBSF4VZ7FoGDPJRK
XyZAqeA76O8L9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hlRldleGFCZ3p5VVNsOG1RS25nTy1qdkNfUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvZGY0OTQ1LWY1MzItNGEwMS1hN2ZhLTUzYTk5OGRlNjNlMy8x
L2pEUEpNMUx3bVdDdjYzMUpyV0RjTmc4YVRNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
ZGY0OTQ1LWY1MzItNGEwMS1hN2ZhLTUzYTk5OGRlNjNlMy8xL2hlRldleGFCZ3p5
VVNsOG1RS25nTy1qdkNfUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNjAMAwQHTeuAAwQBTeuMMAwDBABN648D
BABN65gDBABN65owDAMEAE3rnQMEBU3rgAMEArmDJDANBAIAAjAHAwUAKgJBgDAN
BgkqhkiG9w0BAQsFAAOCAQEAWFaYLGE/RSUeMgHs/kPUPUcijwHzl0wYXNRneWSW
13zJ//u2vfJn2KzMEbOsi0RU74TS7xsmSvdug5tlsO033kTesNEZQ5P+MYrC1YUa
Ik8GLCwX8IARH2maFLlyaPo0drkFmCAhyjEuH9Ju1OB0O8f4ShMJWSB627eKqG4w
7MrR2o6VxURyMG41a5gD96+G2Mh1dC3KZnlXb/WwRaszq30+CR2529mLq9P5CoNQ
HAu7aPlUCLM9Bp7UrkifeDMlxPEpUnejNzQ9MLRt+AlIC50S5W7Fy4S2PEJXhjF/
CgmlEva6mgRgUjGo2oNPnqFfz8/uJiYzVknPPRbGoV18zw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:40 2023 by rpki-client on console-ams.rpki-client.org