Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/JoOII4EAGgouT9_627-nOc90c0U.roa
File: JoOII4EAGgouT9_627-nOc90c0U.roa (raw, json)
Hash identifier: w8g9OmSlh/gWlkrvgl7RhGJtKCJPRHwHjyyg+ZyHW34=
Subject key identifier: 26:83:88:23:81:00:1A:0A:2E:4F:DF:FA:DB:BF:A7:39:CF:74:73:45
Certificate issuer: /CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Certificate serial: 0184265A1FD7C0CAAB3099BBB384550386C4
Authority key identifier: 9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/JoOII4EAGgouT9_627-nOc90c0U.roa
Signing time: Sun 30 Oct 2022 00:45:51 +0000
ROA not before: Sun 30 Oct 2022 00:45:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197433
IP address blocks: 91.221.132.0/24 maxlen: 24
91.221.133.0/24 maxlen: 24
31.131.143.0/24 maxlen: 24
31.131.140.0/24 maxlen: 24
31.131.141.0/24 maxlen: 24
31.131.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:26:5a:1f:d7:c0:ca:ab:30:99:bb:b3:84:55:03:86:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e8cd7d6a4105750bf8975a7d0b96794c1efe622
Validity
Not Before: Oct 30 00:45:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2683882381001a0a2e4fdffadbbfa739cf747345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9d:d4:53:9e:cc:2d:86:ee:82:ab:fa:ab:4a:
63:b2:5c:35:f9:09:de:d6:d6:e1:7d:75:6c:0b:51:
83:5e:43:76:76:e9:82:09:7a:59:7e:6c:04:dc:71:
b5:4e:6f:a6:e6:87:e2:b7:65:98:39:81:11:bc:12:
c6:bc:ba:62:07:03:64:fb:64:a5:5b:96:b6:99:66:
af:97:ee:20:7c:a8:4d:53:70:16:3b:d0:5c:8b:e2:
71:ba:21:6a:c2:54:c7:c9:79:a6:5e:21:1a:94:f1:
5a:b4:cc:0c:56:a4:4a:18:aa:2c:76:83:6e:dc:5e:
af:6b:c1:5f:c5:aa:59:ea:62:40:6e:a0:7a:8d:82:
c0:68:93:fd:28:84:00:e2:22:7a:07:e7:0f:87:f1:
d9:28:b0:3c:63:63:05:fd:75:66:09:b6:19:d9:e3:
5c:4f:f7:e7:a6:9e:ef:4c:17:b6:de:b0:de:9d:7c:
e5:ce:30:22:8d:57:f0:1d:13:52:67:72:69:5e:9e:
62:e4:96:97:6d:c8:55:86:f0:ee:3c:77:fe:62:d4:
3f:13:24:01:1f:00:31:5f:33:0e:d5:ad:24:d7:c2:
36:77:da:e5:c6:69:72:6f:59:53:f6:b8:90:54:e4:
d4:49:b1:66:a3:89:3c:77:21:f8:f2:db:81:2e:60:
73:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:83:88:23:81:00:1A:0A:2E:4F:DF:FA:DB:BF:A7:39:CF:74:73:45
X509v3 Authority Key Identifier:
keyid:9E:8C:D7:D6:A4:10:57:50:BF:89:75:A7:D0:B9:67:94:C1:EF:E6:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nozX1qQQV1C_iXWn0LlnlMHv5iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/JoOII4EAGgouT9_627-nOc90c0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/85c6bd-6a68-4d11-b9cd-8c2df5a5c6d7/1/nozX1qQQV1C_iXWn0LlnlMHv5iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.140.0/22
91.221.132.0/23
Signature Algorithm: sha256WithRSAEncryption
75:e7:ed:2c:dc:cc:eb:37:fa:0f:b8:b9:09:dd:ba:2b:9b:3f:
f7:ef:9e:d0:a7:cc:d8:a4:bb:14:1e:11:b4:c3:95:6d:e2:23:
68:ea:e6:92:0f:63:76:d4:72:3e:bb:1a:53:e0:66:b5:09:d9:
69:38:f9:63:40:06:1a:51:04:2e:96:e3:8a:d6:1c:e1:a4:04:
54:ff:fd:9d:32:17:f0:1e:31:28:49:d1:64:2a:25:cf:48:67:
61:0d:b9:9e:70:90:0f:d5:5d:3d:ff:50:62:7c:60:d9:35:c7:
47:3f:39:75:cd:81:05:a7:3a:db:41:b3:81:d0:f0:43:cb:e1:
b0:be:41:11:fb:41:85:70:f5:0d:16:d1:d2:cc:6f:cd:0f:d6:
c0:82:87:ba:2a:00:d1:ee:76:a9:a1:2e:73:12:df:ff:95:78:
16:8f:2e:2b:43:eb:bb:23:25:7c:b1:58:bd:f0:ef:47:1d:04:
0f:dd:b1:b6:3c:bc:54:cb:95:a7:0e:69:93:ea:0c:29:7f:ba:
a1:84:41:fc:67:b5:47:c5:9b:bf:88:73:4c:f4:b0:b1:6c:b8:
49:62:a1:7c:e7:a1:a1:9f:f7:4f:0a:62:77:0e:cf:3d:2d:f1:
1c:18:e7:44:14:08:24:b7:53:9f:c7:70:5c:73:62:be:a9:11:
69:e3:e3:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQmWh/XwMqrMJm7s4RVA4bEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOGNkN2Q2YTQxMDU3NTBiZjg5NzVhN2QwYjk2Nzk0YzFl
ZmU2MjIwHhcNMjIxMDMwMDA0NTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjgzODgyMzgxMDAxYTBhMmU0ZmRmZmFkYmJmYTczOWNmNzQ3MzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJ3UU57MLYbugqv6q0pjslw1+Qne
1tbhfXVsC1GDXkN2dumCCXpZfmwE3HG1Tm+m5ofit2WYOYERvBLGvLpiBwNk+2Sl
W5a2mWavl+4gfKhNU3AWO9Bci+JxuiFqwlTHyXmmXiEalPFatMwMVqRKGKosdoNu
3F6va8FfxapZ6mJAbqB6jYLAaJP9KIQA4iJ6B+cPh/HZKLA8Y2MF/XVmCbYZ2eNc
T/fnpp7vTBe23rDenXzlzjAijVfwHRNSZ3JpXp5i5JaXbchVhvDuPHf+YtQ/EyQB
HwAxXzMO1a0k18I2d9rlxmlyb1lT9riQVOTUSbFmo4k8dyH48tuBLmBzNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCaDiCOBABoKLk/f+tu/pznPdHNFMB8GA1UdIwQY
MBaAFJ6M19akEFdQv4l1p9C5Z5TB7+YiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2Qt
OGMyZGY1YTVjNmQ3LzEvSm9PSUk0RUFHZ291VDlfNjI3LW5PYzkwYzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84NWM2YmQtNmE2OC00ZDExLWI5Y2QtOGMyZGY1YTVjNmQ3
LzEvbm96WDFxUVFWMUNfaVhXbjBMbG5sTUh2NWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4OMAwQB
W92EMA0GCSqGSIb3DQEBCwUAA4IBAQB15+0s3MzrN/oPuLkJ3bormz/3757Qp8zY
pLsUHhG0w5Vt4iNo6uaSD2N21HI+uxpT4Ga1CdlpOPljQAYaUQQuluOK1hzhpARU
//2dMhfwHjEoSdFkKiXPSGdhDbmecJAP1V09/1BifGDZNcdHPzl1zYEFpzrbQbOB
0PBDy+GwvkER+0GFcPUNFtHSzG/ND9bAgoe6KgDR7napoS5zEt//lXgWjy4rQ+u7
IyV8sVi98O9HHQQP3bG2PLxUy5WnDmmT6gwpf7qhhEH8Z7VHxZu/iHNM9LCxbLhJ
YqF856Ghn/dPCmJ3Ds89LfEcGOdEFAgkt1Ofx3Bcc2K+qRFp4+P+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:21 2024 by rpki-client on console-fra.rpki-client.org