Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/JrHnTyOb7XgKPuyork77eypRgxc.roa
File: JrHnTyOb7XgKPuyork77eypRgxc.roa (raw, json)
Hash identifier: Ze3/+XofCqzhhH8FRsU0TnqXtW9HBDL+XaKVVKt1Yvs=
Subject key identifier: 26:B1:E7:4F:23:9B:ED:78:0A:3E:EC:A8:AE:4E:FB:7B:2A:51:83:17
Certificate issuer: /CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Certificate serial: 03950186
Authority key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/JrHnTyOb7XgKPuyork77eypRgxc.roa
Signing time: Sat 01 Jan 2022 03:54:58 +0000
ROA not before: Sat 01 Jan 2022 03:54:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200960
IP address blocks: 185.18.197.0/24 maxlen: 24
185.45.72.0/24 maxlen: 24
185.18.196.0/24 maxlen: 24
31.14.255.0/24 maxlen: 24
217.148.137.0/24 maxlen: 24
217.148.136.0/24 maxlen: 24
31.14.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60096902 (0x3950186)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Validity
Not Before: Jan 1 03:54:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26b1e74f239bed780a3eeca8ae4efb7b2a518317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:08:10:23:9b:ea:ef:cd:b3:43:3d:7a:24:
c2:a5:61:67:1d:dd:27:b8:74:43:b2:f1:92:5b:5d:
a3:ed:86:29:66:8e:99:d2:ac:e7:64:b0:01:1e:e9:
e4:52:80:79:e2:20:ca:b7:7f:77:b2:e2:dd:4a:30:
c4:65:63:c3:1d:6b:d9:db:4e:69:a2:74:3d:78:56:
56:b0:28:fc:5d:29:03:84:8b:ca:6a:3d:8a:0f:d7:
0e:9d:35:14:82:ff:4b:da:05:5f:13:ef:0d:23:3f:
26:76:4d:0b:85:88:7f:21:47:70:bd:28:eb:2d:a3:
6a:46:8a:28:97:a8:61:be:5f:a4:42:7f:98:6d:21:
7a:13:90:b1:e2:d5:35:70:9e:d8:73:7b:f7:93:24:
97:15:15:50:14:53:b8:ff:ca:bf:64:4b:6f:b6:1f:
d8:e4:be:6b:7d:7a:49:11:d7:46:83:aa:16:dd:52:
95:0f:73:95:eb:4c:af:4f:05:de:c5:e0:bb:90:51:
0a:42:af:66:0d:e4:e5:8e:67:1d:6b:02:7f:aa:bc:
6e:5c:cb:30:f9:62:40:a5:23:56:30:a4:56:ef:d0:
d1:cb:7d:2f:1a:22:db:2b:56:61:d0:e2:35:47:53:
0f:69:07:d5:c5:c9:d7:6b:fb:b5:0b:a5:87:70:a3:
a8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B1:E7:4F:23:9B:ED:78:0A:3E:EC:A8:AE:4E:FB:7B:2A:51:83:17
X509v3 Authority Key Identifier:
keyid:DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/JrHnTyOb7XgKPuyork77eypRgxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.103.0/24
31.14.255.0/24
185.18.196.0/23
185.45.72.0/24
217.148.136.0/23
Signature Algorithm: sha256WithRSAEncryption
95:9f:a3:a2:c4:43:b3:a9:cd:22:dc:3d:cd:fb:b4:c6:60:ba:
b4:e0:b8:a9:a0:c3:f3:a5:a7:aa:b9:c7:99:66:60:44:bb:0d:
0d:4e:2c:2a:12:c0:ca:05:2c:47:ac:19:c4:b4:2c:19:2e:c1:
b4:29:ff:b1:6b:3d:30:0f:10:5d:0f:57:52:06:f7:a6:c0:0c:
df:93:1e:1d:6e:76:9e:0f:ca:a1:9c:e0:3c:de:2b:ac:b5:66:
ff:f6:06:94:31:e8:1c:25:10:93:59:cf:0f:5d:74:a3:5c:66:
cd:dd:ba:6a:a2:c4:09:cb:69:10:af:b9:6e:11:f3:89:e1:e7:
3f:66:13:ec:b9:f2:90:28:90:e6:09:5b:a3:9b:9f:12:91:4e:
10:db:f1:5d:c6:ac:13:f9:1d:76:f1:23:71:ce:bc:aa:d3:c9:
72:6a:4a:51:05:38:b7:b0:34:5e:55:85:26:8a:2a:88:bc:18:
0b:9c:6c:bf:fe:6e:2f:74:4d:17:53:9e:a8:53:cf:62:ed:e3:
47:c9:f3:b0:db:8a:a0:56:c3:e1:57:91:f0:2a:ff:4f:9e:95:
75:e8:35:17:01:43:43:3c:4e:ce:bb:4d:1f:44:97:c1:b0:15:
9e:79:fb:48:87:ea:09:3f:d5:79:00:48:bf:d0:26:63:ea:88:
31:ef:54:03
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA5UBhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzNjYjIwYzVjYTdjNGVkOGU0MjA3OGIxYTY3Mjg3YTBkOTkxY2VjMB4XDTIyMDEw
MTAzNTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZiMWU3NGYyMzli
ZWQ3ODBhM2VlY2E4YWU0ZWZiN2IyYTUxODMxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9jCBAjm+rvzbNDPXokwqVhZx3dJ7h0Q7Lxkltdo+2GKWaO
mdKs52SwAR7p5FKAeeIgyrd/d7Li3UowxGVjwx1r2dtOaaJ0PXhWVrAo/F0pA4SL
ymo9ig/XDp01FIL/S9oFXxPvDSM/JnZNC4WIfyFHcL0o6y2jakaKKJeoYb5fpEJ/
mG0hehOQseLVNXCe2HN795MklxUVUBRTuP/Kv2RLb7Yf2OS+a316SRHXRoOqFt1S
lQ9zletMr08F3sXgu5BRCkKvZg3k5Y5nHWsCf6q8blzLMPliQKUjVjCkVu/Q0ct9
Lxoi2ytWYdDiNUdTD2kH1cXJ12v7tQulh3CjqGMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQmsedPI5vteAo+7KiuTvt7KlGDFzAfBgNVHSMEGDAWgBTcPLIMXKfE7Y5C
B4saZyh6DZkc7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNEeXlERnlueE8yT1FnZUxHbWNvZWcyWkhPdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYTg1ZjNkLTY1YTItNGY2Yy05Y2I5LTgyNjYwZWU0ZWFjNC8x
L0pySG5UeU9iN1hnS1B1eW9yazc3ZXlwUmd4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
YTg1ZjNkLTY1YTItNGY2Yy05Y2I5LTgyNjYwZWU0ZWFjNC8xLzNEeXlERnlueE8y
T1FnZUxHbWNvZWcyWkhPdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAB8OZwMEAB8O/wMEAbkSxAMEALkt
SAMEAdmUiDANBgkqhkiG9w0BAQsFAAOCAQEAlZ+josRDs6nNItw9zfu0xmC6tOC4
qaDD86WnqrnHmWZgRLsNDU4sKhLAygUsR6wZxLQsGS7BtCn/sWs9MA8QXQ9XUgb3
psAM35MeHW52ng/KoZzgPN4rrLVm//YGlDHoHCUQk1nPD110o1xmzd26aqLECctp
EK+5bhHzieHnP2YT7LnykCiQ5glbo5ufEpFOENvxXcasE/kddvEjcc68qtPJcmpK
UQU4t7A0XlWFJooqiLwYC5xsv/5uL3RNF1OeqFPPYu3jR8nzsNuKoFbD4VeR8Cr/
T56Vdeg1FwFDQzxOzrtNH0SXwbAVnnn7SIfqCT/VeQBIv9AmY+qIMe9UAw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org