Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/JiVjVaj08kL4QrhOlQgNcLUBxv8.roa
File: JiVjVaj08kL4QrhOlQgNcLUBxv8.roa (raw, json)
Hash identifier: nN/S9PUZfMRJjq9NpDVcsD9GeS9MNDEZwJJrUeWBrIY=
Subject key identifier: 26:25:63:55:A8:F4:F2:42:F8:42:B8:4E:95:08:0D:70:B5:01:C6:FF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0184397EEC0F46306C48A2B6BD7F04133593
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/JiVjVaj08kL4QrhOlQgNcLUBxv8.roa
Signing time: Wed 02 Nov 2022 17:58:50 +0000
ROA not before: Wed 02 Nov 2022 17:58:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.24.0/22 maxlen: 22
64.43.100.0/22 maxlen: 22
64.43.104.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:7e:ec:0f:46:30:6c:48:a2:b6:bd:7f:04:13:35:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 2 17:58:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26256355a8f4f242f842b84e95080d70b501c6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:70:97:8d:0a:f9:af:f7:9c:94:3a:42:38:ab:
51:10:10:f0:93:e1:3c:85:b3:c7:f7:fe:99:8d:00:
bd:9d:fa:db:70:41:17:31:ae:f7:a4:3c:f7:e7:9f:
48:06:df:f5:9f:c6:f0:a2:ac:93:66:61:68:a5:fc:
0b:c5:36:e0:08:4c:a0:6d:af:c1:22:ad:f3:0f:09:
ed:95:b0:0c:28:56:c3:ab:b6:55:1c:39:27:f0:9b:
c2:90:e4:7e:39:aa:8d:3e:a8:8f:e4:2f:9e:40:7a:
49:dd:6d:01:1e:68:a9:5e:b6:c5:cb:12:a7:9d:c9:
4a:b7:d5:cd:a5:54:54:72:0b:1c:f6:97:e6:53:5f:
20:cc:9b:09:81:b6:55:63:02:5c:f5:fd:b8:c6:a3:
c1:fb:e7:bf:a3:b5:f1:40:b3:ac:cb:d1:88:45:fb:
26:cd:41:b3:98:cf:9d:0d:9a:a8:b9:5b:ad:ff:e9:
ee:3e:d7:4f:f1:bf:e0:b2:56:5c:0f:02:06:b7:e1:
56:fb:f8:48:ef:4f:3a:85:4d:54:9c:ba:de:2f:5a:
dd:c1:2d:e5:7c:0b:fa:1e:49:aa:04:ed:90:6b:79:
d7:86:85:ed:b4:12:be:7f:c0:76:29:ee:d2:41:71:
02:90:20:b2:ea:f7:10:e1:61:f9:d1:57:e1:c7:40:
30:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:25:63:55:A8:F4:F2:42:F8:42:B8:4E:95:08:0D:70:B5:01:C6:FF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/JiVjVaj08kL4QrhOlQgNcLUBxv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.100.0-64.43.111.255
64.43.116.0/22
77.36.24.0/22
Signature Algorithm: sha256WithRSAEncryption
51:89:d8:e2:b0:6c:aa:7e:f7:2f:b1:2c:11:fe:f5:1f:23:e8:
94:5a:d7:0a:da:2d:2f:b1:79:6b:c9:78:91:75:8e:ee:db:ca:
2d:50:1b:7c:4b:bd:26:d3:ac:bd:66:2f:c3:51:16:8e:a7:53:
42:07:5f:7c:7e:fb:1a:b9:cd:1c:39:73:42:17:cd:2a:66:f8:
5a:49:8d:0c:b4:bb:b4:27:c7:06:84:82:eb:3d:7d:fb:eb:c0:
35:f6:6b:0a:df:3c:97:8a:4b:d8:f5:71:e1:0d:22:2c:12:26:
c9:ac:8f:76:2f:2f:d8:e0:7b:8b:77:86:e2:e1:c9:ec:84:4a:
bd:fe:42:02:79:f1:8e:79:84:f5:53:a6:ac:66:14:29:02:fe:
92:ae:e3:c9:78:e9:46:61:85:39:fa:6e:62:61:4e:1b:75:5f:
32:87:74:4f:61:d1:df:ad:8a:3a:03:1a:81:70:35:b4:c0:58:
02:7e:09:3b:5d:6a:14:c2:0a:37:18:94:0c:bf:86:7b:26:ec:
9f:0d:cb:50:7c:1a:49:0b:a3:30:06:8f:42:ae:30:3a:f2:66:
13:9e:e9:d1:d5:33:6e:97:b8:9b:4e:c9:04:03:cb:f3:22:23:
d9:e3:3b:ec:c0:51:d3:07:af:41:ff:81:ef:19:07:01:73:9d:
95:be:78:b0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQ5fuwPRjBsSKK2vX8EEzWTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTAyMTc1ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjI1NjM1NWE4ZjRmMjQyZjg0MmI4NGU5NTA4MGQ3MGI1MDFjNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXCXjQr5r/eclDpCOKtREBDwk+E8
hbPH9/6ZjQC9nfrbcEEXMa73pDz3559IBt/1n8bwoqyTZmFopfwLxTbgCEygba/B
Iq3zDwntlbAMKFbDq7ZVHDkn8JvCkOR+OaqNPqiP5C+eQHpJ3W0BHmipXrbFyxKn
nclKt9XNpVRUcgsc9pfmU18gzJsJgbZVYwJc9f24xqPB++e/o7XxQLOsy9GIRfsm
zUGzmM+dDZqouVut/+nuPtdP8b/gslZcDwIGt+FW+/hI7086hU1UnLreL1rdwS3l
fAv6HkmqBO2Qa3nXhoXttBK+f8B2Ke7SQXECkCCy6vcQ4WH50Vfhx0AwxwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCYlY1Wo9PJC+EK4TpUIDXC1Acb/MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvSmlWalZhajA4a0w0UXJoT2xRZ05jTFVCeHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAJAK2QD
BARAK2ADBAJAK3QDBAJNJBgwDQYJKoZIhvcNAQELBQADggEBAFGJ2OKwbKp+9y+x
LBH+9R8j6JRa1wraLS+xeWvJeJF1ju7byi1QG3xLvSbTrL1mL8NRFo6nU0IHX3x+
+xq5zRw5c0IXzSpm+FpJjQy0u7QnxwaEgus9ffvrwDX2awrfPJeKS9j1ceENIiwS
Jsmsj3YvL9jge4t3huLhyeyESr3+QgJ58Y55hPVTpqxmFCkC/pKu48l46UZhhTn6
bmJhTht1XzKHdE9h0d+tijoDGoFwNbTAWAJ+CTtdahTCCjcYlAy/hnsm7J8Ny1B8
GkkLozAGj0KuMDryZhOe6dHVM26XuJtOyQQDy/MiI9njO+zAUdMHr0H/ge8ZBwFz
nZW+eLA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org