Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/Jxf3J0X1DA0dH2SZ79qD7U2F9FY.roa
File: Jxf3J0X1DA0dH2SZ79qD7U2F9FY.roa (raw, json)
Hash identifier: aeQqAzAbRGHnQ8ZUAoGeanLlKKUZMpcEpk4e48bzo0k=
Subject key identifier: 27:17:F7:27:45:F5:0C:0D:1D:1F:64:99:EF:DA:83:ED:4D:85:F4:56
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 12DBD424
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/Jxf3J0X1DA0dH2SZ79qD7U2F9FY.roa
Signing time: Sat 01 Jan 2022 13:06:08 +0000
ROA not before: Sat 01 Jan 2022 13:06:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29670
IP address blocks: 193.29.188.0/24 maxlen: 24
217.197.80.0/20 maxlen: 24
192.109.82.0/24 maxlen: 24
192.109.21.0/24 maxlen: 24
192.109.42.0/24 maxlen: 24
185.177.204.0/22 maxlen: 24
2001:67c:1400::/45 maxlen: 48
2a0a:4580::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 316396580 (0x12dbd424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 13:06:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2717f72745f50c0d1d1f6499efda83ed4d85f456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:de:03:e1:22:89:36:b9:27:46:5c:78:66:62:
b5:32:56:2f:ca:32:8d:29:df:25:97:b4:2a:00:31:
09:b0:9c:a5:9a:ab:98:68:aa:d1:7d:d2:a8:5e:64:
93:fb:59:03:2b:af:42:4b:82:9e:85:25:fa:2c:2a:
89:8b:ee:e0:8d:70:80:9d:0f:b4:67:3e:8c:9f:53:
f5:fa:bc:98:0d:5e:05:77:df:18:cb:78:99:cc:ae:
1b:ef:14:89:a1:7f:e1:b0:ac:d6:9e:c2:a5:d2:fa:
b7:09:56:48:13:53:d7:75:a5:bf:c6:a2:23:a3:58:
47:16:06:f4:d2:91:d0:f7:d2:54:aa:3a:ba:de:32:
95:92:f6:fd:a0:a8:c7:8e:83:2c:60:aa:91:f7:51:
ac:d2:65:26:43:35:87:f6:36:40:9b:0c:ac:5b:9f:
4d:4d:bb:4e:35:03:97:7d:96:a0:8a:63:79:58:73:
98:77:9c:a4:60:8a:51:7a:58:96:55:01:29:22:e4:
80:fc:27:3c:2f:9f:af:36:10:03:43:5d:cc:42:97:
7c:a6:57:77:4e:17:ce:66:42:85:cf:09:e8:fa:94:
11:11:46:59:9a:48:f3:49:61:a9:c4:54:b2:3d:12:
75:51:25:69:e9:df:3b:43:bb:ea:b2:fa:4a:77:0a:
49:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:17:F7:27:45:F5:0C:0D:1D:1F:64:99:EF:DA:83:ED:4D:85:F4:56
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/Jxf3J0X1DA0dH2SZ79qD7U2F9FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.204.0/22
192.109.21.0/24
192.109.42.0/24
192.109.82.0/24
193.29.188.0/24
217.197.80.0/20
IPv6:
2001:67c:1400::/45
2a0a:4580::/29
Signature Algorithm: sha256WithRSAEncryption
1f:05:3b:e3:bd:52:2f:81:e8:54:e8:ea:37:f3:50:5a:4d:22:
3c:80:cf:e0:6b:d9:0b:dd:ba:25:4a:ac:92:84:37:f0:b1:52:
58:f8:ea:69:60:16:5c:aa:d9:5b:33:88:d9:10:bd:8e:21:8b:
ae:78:d2:bd:f2:82:76:0d:dc:93:07:c4:6d:45:27:93:0b:3e:
8a:17:08:7b:e8:d1:20:58:63:c2:f8:2b:0e:8f:65:58:bc:06:
fc:1a:b7:3a:ed:fa:cc:c8:a5:a4:4b:97:a4:c6:bf:81:97:d5:
7f:28:1a:68:12:8a:d1:00:6f:86:f9:a7:50:f7:f8:c4:38:3a:
ae:e2:9f:da:5f:94:61:1a:b0:4b:95:69:ef:fd:3b:5d:db:fa:
83:1d:e9:0b:c5:ed:70:ff:e8:a9:71:35:f2:d7:e8:04:9f:9a:
69:12:50:b7:f0:17:d3:ce:21:32:b9:e3:f1:d7:bb:4a:d1:78:
3a:60:27:98:49:2b:66:cb:78:17:2f:00:8e:96:de:3b:71:75:
e5:62:51:48:ea:8d:7c:a8:de:26:2d:b6:e4:19:18:22:a0:f5:
15:f4:a4:9d:24:bd:f5:b8:46:df:f8:72:6f:d6:f7:41:46:1a:
b8:12:6a:ff:c5:19:1c:1d:63:35:a3:6e:36:79:ee:c4:2c:98:
eb:7c:e8:0b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEEtvUJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGE5NjY2NjRlYzk2ZWRiZDEyZThlODJlOTQwYmZiOWZhZWMxMDVlMB4XDTIyMDEw
MTEzMDYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjcxN2Y3Mjc0NWY1
MGMwZDFkMWY2NDk5ZWZkYTgzZWQ0ZDg1ZjQ1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALveA+EiiTa5J0ZceGZitTJWL8oyjSnfJZe0KgAxCbCcpZqr
mGiq0X3SqF5kk/tZAyuvQkuCnoUl+iwqiYvu4I1wgJ0PtGc+jJ9T9fq8mA1eBXff
GMt4mcyuG+8UiaF/4bCs1p7CpdL6twlWSBNT13Wlv8aiI6NYRxYG9NKR0PfSVKo6
ut4ylZL2/aCox46DLGCqkfdRrNJlJkM1h/Y2QJsMrFufTU27TjUDl32WoIpjeVhz
mHecpGCKUXpYllUBKSLkgPwnPC+frzYQA0NdzEKXfKZXd04XzmZChc8J6PqUERFG
WZpI80lhqcRUsj0SdVElaenfO0O76rL6SncKSd0CAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBQnF/cnRfUMDR0fZJnv2oPtTYX0VjAfBgNVHSMEGDAWgBT4qWZmTslu29Eu
joLpQL+5+uwQXjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ1LzY0YWI5OS00OWFhLTRhYWUtOGRkNS0zODIzNTVmYzJmZjEv
MS9KeGYzSjBYMURBMGRIMlNaNzlxRDdVMkY5Rlkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ1
LzY0YWI5OS00OWFhLTRhYWUtOGRkNS0zODIzNTVmYzJmZjEvMS8xLUtsbVprN0pi
dHZSTG82QzZVQ191ZnJzRUY0LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCubHMAwQAwG0VAwQAwG0qAwQA
wG1SAwQAwR28AwQE2cVQMBYEAgACMBADBwMgAQZ8FAADBQMqCkWAMA0GCSqGSIb3
DQEBCwUAA4IBAQAfBTvjvVIvgehU6Oo381BaTSI8gM/ga9kL3bolSqyShDfwsVJY
+OppYBZcqtlbM4jZEL2OIYuueNK98oJ2DdyTB8RtRSeTCz6KFwh76NEgWGPC+CsO
j2VYvAb8Grc67frMyKWkS5ekxr+Bl9V/KBpoEorRAG+G+adQ9/jEODqu4p/aX5Rh
GrBLlWnv/Ttd2/qDHekLxe1w/+ipcTXy1+gEn5ppElC38BfTziEyuePx17tK0Xg6
YCeYSStmy3gXLwCOlt47cXXlYlFI6o18qN4mLbbkGRgioPUV9KSdJL31uEbf+HJv
1vdBRhq4Emr/xRkcHWM1o242ee7ELJjrfOgL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:16 2023 by rpki-client on console-fra.rpki-client.org