Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JjHWVrQC2CaZB0WLvrtWHJYmFNI.roa
File: JjHWVrQC2CaZB0WLvrtWHJYmFNI.roa (raw, json)
Hash identifier: GA6Y/8cyhTa3bzWQkRufJmbcyN9O0fUsN1QXBNmgCg0=
Subject key identifier: 26:31:D6:56:B4:02:D8:26:99:07:45:8B:BE:BB:56:1C:96:26:14:D2
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01845E8462B1BF7E4BEAA77AF78FF408FE82
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JjHWVrQC2CaZB0WLvrtWHJYmFNI.roa
Signing time: Wed 09 Nov 2022 22:30:45 +0000
ROA not before: Wed 09 Nov 2022 22:30:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.48.0/20 maxlen: 24
95.164.16.0/22 maxlen: 22
94.131.64.0/20 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.240.0/21 maxlen: 21
95.164.44.0/22 maxlen: 22
94.131.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5e:84:62:b1:bf:7e:4b:ea:a7:7a:f7:8f:f4:08:fe:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 9 22:30:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2631d656b402d8269907458bbebb561c962614d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:68:3b:be:08:47:23:94:c0:0c:ab:e8:8a:9c:
cc:5d:e5:79:46:42:f8:b9:bc:e5:57:93:8c:41:3e:
48:d8:c3:fc:6a:08:5a:8d:53:a9:e1:b8:e6:16:40:
2c:d5:28:75:15:c1:ab:12:3c:c3:5c:fb:07:a4:70:
18:42:ee:77:8a:33:a4:3c:58:87:ac:1e:58:0c:89:
62:00:33:cb:68:c5:52:74:f2:bc:d2:04:c2:db:1f:
79:72:da:28:42:f2:6b:3b:5a:62:53:72:1d:78:7a:
9f:d5:91:b2:ae:42:60:77:a6:5e:72:fb:20:5a:90:
47:d8:b3:3f:03:33:9f:6c:ae:5e:92:02:26:83:03:
88:60:e3:59:dd:3e:65:09:c2:e2:31:59:5f:f7:e9:
66:61:33:ab:c3:31:37:1b:28:41:6d:0a:ca:ac:9a:
b1:e0:0e:ab:4b:d5:a0:17:51:62:4b:3a:1e:77:fb:
ed:51:12:50:c5:28:93:79:ad:81:da:cb:71:fc:d1:
93:14:be:aa:2c:fd:35:6b:3c:d2:1a:30:bc:36:1a:
6f:f5:f6:bc:db:53:5f:a8:5f:4c:70:df:83:31:6b:
c4:e4:78:82:b9:3d:e8:16:b8:6a:c1:30:c3:38:4f:
77:82:7d:30:d0:5b:19:cb:76:de:df:2e:49:26:c1:
30:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:31:D6:56:B4:02:D8:26:99:07:45:8B:BE:BB:56:1C:96:26:14:D2
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/JjHWVrQC2CaZB0WLvrtWHJYmFNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.16.0/22
95.164.44.0/22
95.164.128.0/20
95.164.240.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:6c:bf:da:a8:36:fa:cb:71:04:b4:00:61:15:28:d7:34:62:
13:14:d2:c7:57:37:dc:e9:01:c8:a2:e8:43:c0:11:b2:73:15:
2f:c2:02:65:6b:b5:cf:7e:69:7e:1c:d3:44:22:0e:a1:79:26:
1e:71:63:47:ff:b7:87:da:46:7b:74:6b:2b:6f:84:6d:8e:19:
5f:49:c0:48:78:27:b1:fe:77:36:9f:15:94:ff:19:d1:15:9f:
1c:87:4b:a3:43:02:2d:0c:44:cd:e1:6e:62:7f:7e:17:44:2b:
ee:99:5d:44:ef:4c:69:5a:d1:e9:b5:e1:5f:0f:f3:46:29:5b:
66:09:2b:12:89:60:3b:3c:29:fa:4a:11:e3:99:ca:a4:10:5f:
4c:b1:9d:40:1a:e2:8b:9c:c2:1e:c7:04:99:b0:33:15:18:26:
ed:9c:77:84:bd:07:e4:5f:3f:8e:98:2e:29:9e:be:56:20:66:
4d:15:40:be:54:6f:ac:86:38:85:d3:e9:23:21:a8:9f:1b:d0:
26:2e:42:29:51:6d:22:18:f7:45:0a:41:55:4f:9d:52:cd:77:
82:9c:ef:4d:09:0f:0b:6f:f5:ea:c2:4a:a0:05:44:40:b2:cd:
26:44:c0:f9:c2:e5:4e:c3:28:7c:b3:ad:4e:75:48:a2:dd:61:
34:70:90:18
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYRehGKxv35L6qd694/0CP6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMTA5MjIzMDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjMxZDY1NmI0MDJkODI2OTkwNzQ1OGJiZWJiNTYxYzk2MjYxNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2g7vghHI5TADKvoipzMXeV5RkL4
ubzlV5OMQT5I2MP8aghajVOp4bjmFkAs1Sh1FcGrEjzDXPsHpHAYQu53ijOkPFiH
rB5YDIliADPLaMVSdPK80gTC2x95ctooQvJrO1piU3IdeHqf1ZGyrkJgd6Zecvsg
WpBH2LM/AzOfbK5ekgImgwOIYONZ3T5lCcLiMVlf9+lmYTOrwzE3GyhBbQrKrJqx
4A6rS9WgF1FiSzoed/vtURJQxSiTea2B2stx/NGTFL6qLP01azzSGjC8Nhpv9fa8
21NfqF9McN+DMWvE5HiCuT3oFrhqwTDDOE93gn0w0FsZy3be3y5JJsEwLQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCYx1la0AtgmmQdFi767VhyWJhTSMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSmpIV1ZyUUMyQ2FaQjBXTHZydFdISlltRk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpBADBAJfpCwDBARfpIADBANfpPAwDQYJKoZIhvcNAQEL
BQADggEBAHtsv9qoNvrLcQS0AGEVKNc0YhMU0sdXN9zpAcii6EPAEbJzFS/CAmVr
tc9+aX4c00QiDqF5Jh5xY0f/t4faRnt0aytvhG2OGV9JwEh4J7H+dzafFZT/GdEV
nxyHS6NDAi0MRM3hbmJ/fhdEK+6ZXUTvTGla0em14V8P80YpW2YJKxKJYDs8KfpK
EeOZyqQQX0yxnUAa4oucwh7HBJmwMxUYJu2cd4S9B+RfP46YLimevlYgZk0VQL5U
b6yGOIXT6SMhqJ8b0CYuQilRbSIY90UKQVVPnVLNd4Kc700JDwtv9erCSqAFRECy
zSZEwPnC5U7DKHyzrU51SKLdYTRwkBg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org