Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/jLWLIz4uZlbsPPjOZGoMlDInxgI.roa
File: jLWLIz4uZlbsPPjOZGoMlDInxgI.roa (raw, json)
Hash identifier: KQd9pu8PIdFX0IFtMKMe6FQUPVaJAZusDAS4Twas8zA=
Subject key identifier: 8C:B5:8B:23:3E:2E:66:56:EC:3C:F8:CE:64:6A:0C:94:32:27:C6:02
Certificate issuer: /CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Certificate serial: 0185536C90C1601EE99342056C01BD7B840B
Authority key identifier: 2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/jLWLIz4uZlbsPPjOZGoMlDInxgI.roa
Signing time: Tue 27 Dec 2022 11:51:41 +0000
ROA not before: Tue 27 Dec 2022 11:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202113
IP address blocks: 185.52.244.0/22 maxlen: 22
185.52.244.0/24 maxlen: 24
185.52.247.0/24 maxlen: 24
2a04:c9c0::/29 maxlen: 29
2a04:c9c7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:6c:90:c1:60:1e:e9:93:42:05:6c:01:bd:7b:84:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Validity
Not Before: Dec 27 11:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cb58b233e2e6656ec3cf8ce646a0c943227c602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e9:1e:78:bd:22:b7:83:81:c6:3f:01:31:ba:
5f:4a:54:a1:54:ac:25:ac:d9:e6:e8:b2:b2:de:2e:
8c:4c:46:05:62:10:bb:f9:9f:4b:e1:2c:0e:80:c4:
64:14:51:f6:86:8d:45:05:00:43:68:5b:09:d4:1a:
3c:27:09:79:ca:c7:5f:fe:b3:1c:4e:b2:5d:f1:00:
8c:d2:d5:c2:99:68:61:7b:4f:c6:db:47:6a:da:09:
f5:6e:15:c6:75:16:d3:df:da:d7:71:cb:4b:52:8e:
5b:da:13:92:92:05:ae:4f:a3:08:28:24:a7:87:f7:
d8:ae:5a:91:04:74:32:ac:88:75:ca:89:77:0e:0e:
67:20:05:9b:92:a1:5a:65:a5:55:85:94:d5:02:9e:
a5:81:87:e5:c8:7c:60:b1:2e:54:6a:95:8c:b3:a8:
85:f5:24:ad:94:ab:3e:82:fa:10:78:22:1c:b8:0a:
78:10:88:e2:03:6a:1b:bd:59:a7:70:6b:18:c8:c8:
4f:c9:15:f8:3d:27:6e:66:cf:46:eb:a6:3a:91:5b:
01:7a:b1:8c:62:7f:a3:6a:fb:30:c6:30:01:3c:10:
39:63:56:5c:09:d3:ac:b1:39:b1:36:d6:b2:3f:c6:
d6:c5:f3:3f:5c:b7:b6:79:80:6e:d6:c7:1f:4d:0f:
aa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B5:8B:23:3E:2E:66:56:EC:3C:F8:CE:64:6A:0C:94:32:27:C6:02
X509v3 Authority Key Identifier:
keyid:2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/jLWLIz4uZlbsPPjOZGoMlDInxgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/K6cIjjnnrYgXt9EOoqW4oJikegs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.244.0/22
IPv6:
2a04:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:65:22:f1:30:32:2c:eb:94:10:46:9e:db:01:69:a0:78:e7:
d0:69:fd:e8:6a:82:1d:10:d2:6d:0f:39:e5:31:be:bd:59:36:
51:ad:00:4b:48:e0:aa:cc:40:fd:18:8c:f9:e7:c1:a0:3a:c7:
d2:6f:52:25:a7:cc:e4:9f:f4:1b:2a:33:e3:89:bf:98:a8:93:
40:8f:c5:d9:85:c4:cd:e7:f0:35:9e:63:39:98:7e:05:de:d5:
78:b0:fa:f3:ef:d9:f0:e5:fa:da:6a:a6:c1:38:5e:4f:cb:3d:
59:13:2c:6d:82:e2:db:e6:a6:3b:90:8d:81:bc:94:c3:51:8b:
6a:16:50:c7:eb:2e:b5:92:e0:48:d0:fc:63:5b:24:df:5d:19:
14:dd:e4:54:4f:e0:d6:ba:96:b6:49:ef:66:01:58:cd:71:a9:
4c:93:66:8a:60:ba:d8:b6:c3:8b:ad:ab:f8:7b:66:13:e3:e4:
d4:1e:af:2b:dd:1d:8d:5a:1b:90:e5:d0:00:2a:45:06:eb:7d:
14:0f:a5:45:dd:08:ca:3c:6c:15:55:e8:0e:2c:6c:d8:a5:eb:
2c:1f:58:c4:96:4b:69:6a:12:80:c0:09:4a:37:72:b1:5c:ad:
ac:30:22:05:1a:01:a3:66:2c:1e:d6:0b:47:59:dc:6e:11:6b:
82:65:34:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVTbJDBYB7pk0IFbAG9e4QLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTcwODhlMzllN2FkODgxN2I3ZDEwZWEyYTViOGEwOThh
NDdhMGIwHhcNMjIxMjI3MTE1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2I1OGIyMzNlMmU2NjU2ZWMzY2Y4Y2U2NDZhMGM5NDMyMjdjNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+keeL0it4OBxj8BMbpfSlShVKwl
rNnm6LKy3i6MTEYFYhC7+Z9L4SwOgMRkFFH2ho1FBQBDaFsJ1Bo8Jwl5ysdf/rMc
TrJd8QCM0tXCmWhhe0/G20dq2gn1bhXGdRbT39rXcctLUo5b2hOSkgWuT6MIKCSn
h/fYrlqRBHQyrIh1yol3Dg5nIAWbkqFaZaVVhZTVAp6lgYflyHxgsS5UapWMs6iF
9SStlKs+gvoQeCIcuAp4EIjiA2obvVmncGsYyMhPyRX4PSduZs9G66Y6kVsBerGM
Yn+javswxjABPBA5Y1ZcCdOssTmxNtayP8bWxfM/XLe2eYBu1scfTQ+qQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIy1iyM+LmZW7Dz4zmRqDJQyJ8YCMB8GA1UdIwQY
MBaAFCunCI45562IF7fRDqKluKCYpHoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYt
NGE2N2U0ZDA1NmFiLzEvakxXTEl6NHVabGJzUFBqT1pHb01sRElueGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYtNGE2N2U0ZDA1NmFi
LzEvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTT0MA0E
AgACMAcDBQMqBMnAMA0GCSqGSIb3DQEBCwUAA4IBAQA+ZSLxMDIs65QQRp7bAWmg
eOfQaf3oaoIdENJtDznlMb69WTZRrQBLSOCqzED9GIz558GgOsfSb1Ilp8zkn/Qb
KjPjib+YqJNAj8XZhcTN5/A1nmM5mH4F3tV4sPrz79nw5fraaqbBOF5Pyz1ZEyxt
guLb5qY7kI2BvJTDUYtqFlDH6y61kuBI0PxjWyTfXRkU3eRUT+DWupa2Se9mAVjN
calMk2aKYLrYtsOLrav4e2YT4+TUHq8r3R2NWhuQ5dAAKkUG630UD6VF3QjKPGwV
VegOLGzYpessH1jElktpahKAwAlKN3KxXK2sMCIFGgGjZiwe1gtHWdxuEWuCZTSN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:52 2023 by rpki-client on console-ams.rpki-client.org