Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa
File: JS87ukhw8QsHHm-sD7BAa61ZkmI.roa (raw, json)
Hash identifier: AyeWdAs8ys3iaGtNwDdpWkWWM1HuGiXi4Z01tKkbf30=
Subject key identifier: 25:2F:3B:BA:48:70:F1:0B:07:1E:6F:AC:0F:B0:40:6B:AD:59:92:62
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 1DF85780
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa
Signing time: Wed 22 Jun 2022 13:18:22 +0000
ROA not before: Wed 22 Jun 2022 13:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34354
IP address blocks: 89.221.112.0/23 maxlen: 23
89.221.114.0/23 maxlen: 23
89.221.116.0/23 maxlen: 23
89.221.118.0/23 maxlen: 23
85.158.72.0/23 maxlen: 23
85.158.74.0/23 maxlen: 23
85.158.76.0/23 maxlen: 23
85.158.78.0/23 maxlen: 23
89.221.120.0/23 maxlen: 23
89.221.122.0/23 maxlen: 23
89.221.124.0/23 maxlen: 23
89.221.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 502814592 (0x1df85780)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jun 22 13:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=252f3bba4870f10b071e6fac0fb0406bad599262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:6c:67:79:0b:4f:a7:74:b6:cd:f9:18:08:
d8:74:da:cc:88:00:c8:72:7a:7b:54:dd:1e:53:f7:
9a:8b:9b:69:24:8a:8d:02:fb:fd:92:5b:f6:79:31:
61:fe:52:39:a0:67:dc:4c:76:d2:de:00:53:d0:a6:
71:b0:a0:ea:36:ca:7a:23:fc:ad:f9:66:19:43:fb:
81:82:f2:f0:38:16:45:c5:56:26:b4:97:f1:55:ef:
81:c8:ec:54:76:34:89:90:d9:b8:7d:d0:41:e6:ba:
8c:35:c2:28:a6:45:e0:42:38:63:5f:16:83:98:13:
47:57:97:20:b2:e6:a0:d6:b9:e5:a5:73:e1:60:cb:
b3:30:47:3e:d1:eb:a8:ec:a3:9b:42:9d:a3:b1:72:
67:87:43:02:4c:30:61:4d:45:a2:fe:a8:8b:d2:9b:
79:cd:6d:00:a6:b4:ce:25:cd:fd:87:f0:f4:f4:05:
9b:48:5c:6c:a6:0b:48:d2:6c:83:a3:58:d0:c1:28:
88:65:fc:78:80:3e:b7:2b:2d:37:88:b5:4f:6c:fd:
28:2d:24:e5:90:53:25:6b:5e:55:8e:65:96:ac:be:
11:e2:41:56:53:68:28:2b:7e:ec:c2:dd:31:ea:23:
0d:b7:aa:59:49:0e:f2:06:1b:1e:97:19:01:d5:14:
ce:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2F:3B:BA:48:70:F1:0B:07:1E:6F:AC:0F:B0:40:6B:AD:59:92:62
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/JS87ukhw8QsHHm-sD7BAa61ZkmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.72.0/21
89.221.112.0/20
Signature Algorithm: sha256WithRSAEncryption
30:41:47:0c:a4:d9:5a:cc:4e:fa:2f:56:4e:b3:9d:c1:41:c6:
90:93:37:15:55:90:75:42:21:85:74:73:0a:58:61:6d:0a:b5:
b8:6e:d6:62:9a:65:28:cd:61:7f:0c:b5:34:fa:5a:26:4f:bd:
3f:a3:1e:2f:5a:b7:36:fb:8e:26:3a:f5:60:ad:b7:05:02:39:
0e:37:22:33:93:b5:97:f2:38:32:fb:15:09:26:6a:1a:e9:a0:
49:42:a6:4a:ed:83:aa:01:e3:1d:6a:20:94:cf:85:69:0e:c9:
93:34:a7:43:f4:5d:b6:74:60:87:83:67:c8:f9:94:5a:26:da:
b1:db:05:52:46:7e:15:93:e3:85:4b:9d:4d:2f:54:38:2d:f9:
3d:ec:11:73:04:a1:40:19:a2:c0:d9:87:d2:49:c7:ca:40:d4:
26:0c:ab:6e:37:3c:b2:3f:19:90:6b:f1:08:50:df:ca:31:2f:
48:47:77:6a:6d:91:05:32:f4:04:0c:90:1b:98:ef:77:ff:93:
c2:53:6d:a1:cf:f9:3e:98:6b:72:14:96:aa:25:ab:7a:53:67:
4b:e0:5a:5b:1e:22:10:35:d1:13:95:51:77:50:fb:45:5c:37:
ea:c4:c8:c4:79:6e:6c:fa:34:09:95:42:86:b6:bd:82:fd:30:
a6:24:35:ae
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEHfhXgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWExYjM2NTUyZjlkYWNjYjkyYWM1YzNiNDRiNDI2ZDY0Mzc0OWUyMB4XDTIyMDYy
MjEzMTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUyZjNiYmE0ODcw
ZjEwYjA3MWU2ZmFjMGZiMDQwNmJhZDU5OTI2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALuVbGd5C0+ndLbN+RgI2HTazIgAyHJ6e1TdHlP3moubaSSK
jQL7/ZJb9nkxYf5SOaBn3Ex20t4AU9CmcbCg6jbKeiP8rflmGUP7gYLy8DgWRcVW
JrSX8VXvgcjsVHY0iZDZuH3QQea6jDXCKKZF4EI4Y18Wg5gTR1eXILLmoNa55aVz
4WDLszBHPtHrqOyjm0Kdo7FyZ4dDAkwwYU1Fov6oi9Kbec1tAKa0ziXN/Yfw9PQF
m0hcbKYLSNJsg6NY0MEoiGX8eIA+tystN4i1T2z9KC0k5ZBTJWteVY5llqy+EeJB
VlNoKCt+7MLdMeojDbeqWUkO8gYbHpcZAdUUzhsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQlLzu6SHDxCwceb6wPsEBrrVmSYjAfBgNVHSMEGDAWgBTlobNlUvnazLkq
xcO0S0JtZDdJ4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVhR3paVkw1MnN5NUtzWER0RXRDYldRM1NlSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8x
L0pTODd1a2h3OFFzSEhtLXNEN0JBYTYxWmttSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YjhlYTViLTNkZDQtNDM3NC1hNzkzLWM1ZTZkMjNmOGIwOS8xLzVhR3paVkw1MnN5
NUtzWER0RXRDYldRM1NlSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1WeSAMEBFndcDANBgkqhkiG9w0B
AQsFAAOCAQEAMEFHDKTZWsxO+i9WTrOdwUHGkJM3FVWQdUIhhXRzClhhbQq1uG7W
YpplKM1hfwy1NPpaJk+9P6MeL1q3NvuOJjr1YK23BQI5DjciM5O1l/I4MvsVCSZq
GumgSUKmSu2DqgHjHWoglM+FaQ7JkzSnQ/RdtnRgh4NnyPmUWibasdsFUkZ+FZPj
hUudTS9UOC35PewRcwShQBmiwNmH0knHykDUJgyrbjc8sj8ZkGvxCFDfyjEvSEd3
am2RBTL0BAyQG5jvd/+TwlNtoc/5PphrchSWqiWrelNnS+BaWx4iEDXRE5VRd1D7
RVw36sTIxHlubPo0CZVChra9gv0wpiQ1rg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-fra.rpki-client.org