Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/jrXyQKAyLAxUgTL3ZjyTHazRiew.roa
File: jrXyQKAyLAxUgTL3ZjyTHazRiew.roa (raw, json)
Hash identifier: 54JA2GuLvpgIVImSQGT3+lAEQ/So3/M2XA2wfHzpEyU=
Subject key identifier: 8E:B5:F2:40:A0:32:2C:0C:54:81:32:F7:66:3C:93:1D:AC:D1:89:EC
Certificate issuer: /CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Certificate serial: 04107F14
Authority key identifier: 22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/jrXyQKAyLAxUgTL3ZjyTHazRiew.roa
Signing time: Sat 01 Jan 2022 10:01:46 +0000
ROA not before: Sat 01 Jan 2022 10:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209886
IP address blocks: 85.235.90.0/23 maxlen: 23
85.235.88.0/23 maxlen: 23
85.235.88.0/22 maxlen: 22
2a10:1ac0::/30 maxlen: 30
2a10:1ac4::/30 maxlen: 30
2a10:1ac0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68189972 (0x4107f14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2254bcc03293e3ad0e19a7a3fd1b1cfbd34c0990
Validity
Not Before: Jan 1 10:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8eb5f240a0322c0c548132f7663c931dacd189ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e0:fe:6a:82:56:c2:3e:c8:5c:f8:ff:c6:ef:
95:a5:4c:87:0f:e0:38:69:3a:ed:43:cb:2c:bc:3f:
9c:39:7e:f1:fb:f5:b0:00:2f:bc:c9:9a:f7:34:ba:
3d:30:8f:87:95:db:9c:99:58:62:96:f0:8d:4b:5f:
e9:92:34:12:44:50:8c:95:c6:6f:7e:7f:de:32:a7:
4e:2f:06:43:b2:06:9f:20:34:0e:42:f8:b4:b6:91:
e7:ba:c9:d8:84:29:8f:17:cb:c2:2d:5c:6a:e4:6f:
ec:c5:62:41:3a:3b:b0:0a:73:3c:30:6f:fd:22:24:
ef:67:5d:89:0c:b5:0e:8e:df:39:49:a6:f5:39:88:
57:d9:e2:f9:d0:0f:ef:bd:bb:39:a3:ea:fe:e1:dc:
99:43:24:5e:fc:56:9f:2e:21:85:f2:52:44:f1:fe:
0d:3f:7d:6c:ad:bc:08:2f:18:9d:82:d3:6c:2d:14:
55:00:5c:39:93:a8:bd:5d:8c:05:75:cd:77:0a:17:
a5:4b:26:e3:64:1f:73:07:dd:0e:78:23:10:95:36:
14:53:c4:25:d6:a9:ff:5c:ce:53:0e:15:08:e2:83:
5b:7c:9e:46:e6:4b:a0:3a:e6:62:23:f8:0a:94:2b:
69:7f:15:3e:57:18:eb:2c:2c:28:ce:cf:04:3e:f7:
7f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B5:F2:40:A0:32:2C:0C:54:81:32:F7:66:3C:93:1D:AC:D1:89:EC
X509v3 Authority Key Identifier:
keyid:22:54:BC:C0:32:93:E3:AD:0E:19:A7:A3:FD:1B:1C:FB:D3:4C:09:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IlS8wDKT460OGaej_Rsc-9NMCZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/jrXyQKAyLAxUgTL3ZjyTHazRiew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a3a530-25aa-4023-9a80-4e347d551c3f/1/IlS8wDKT460OGaej_Rsc-9NMCZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.88.0/22
IPv6:
2a10:1ac0::/29
Signature Algorithm: sha256WithRSAEncryption
34:8e:f7:5c:32:04:1a:09:09:2e:f3:29:05:2f:c2:91:03:b9:
63:b6:4d:0c:67:e3:4e:42:03:35:7b:15:d2:cc:ab:fa:0e:10:
b6:de:ad:ce:74:54:27:10:05:38:f9:f2:aa:af:a0:aa:73:fb:
c4:88:8d:44:a1:87:63:12:23:af:7a:0b:35:4e:13:e0:0f:45:
52:93:52:03:ee:7d:ca:c7:ff:d3:0e:61:31:69:6f:67:6f:60:
ff:45:0d:ef:c6:6a:d2:c1:16:07:80:02:c0:18:fa:29:ef:02:
9c:4c:c8:9a:70:32:b8:a1:da:1c:88:4c:67:f4:70:0d:4b:62:
87:e9:65:f1:bc:6e:84:92:a6:5d:63:7c:06:aa:fd:00:59:d5:
da:76:9e:17:77:86:58:78:e9:8c:62:dc:bb:1f:62:91:bc:d4:
83:f5:c4:60:fd:a1:b8:be:b4:81:57:f3:8a:bc:9d:c8:e6:20:
e4:35:b4:6d:49:ba:6f:58:16:51:6d:4a:a9:15:4b:76:f3:6b:
55:0a:76:d7:c7:99:24:2f:8b:47:d0:fc:e0:b0:a8:d5:c6:13:
38:0d:ee:6d:3f:46:c8:0e:06:ea:3d:99:32:6d:58:8a:b9:3a:
f8:14:3c:ee:fa:ee:97:bb:65:c0:e8:ac:f7:8d:ad:52:c5:5d:
bb:92:8b:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBBB/FDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjU0YmNjMDMyOTNlM2FkMGUxOWE3YTNmZDFiMWNmYmQzNGMwOTkwMB4XDTIyMDEw
MTEwMDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGViNWYyNDBhMDMy
MmMwYzU0ODEzMmY3NjYzYzkzMWRhY2QxODllYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/g/mqCVsI+yFz4/8bvlaVMhw/gOGk67UPLLLw/nDl+8fv1
sAAvvMma9zS6PTCPh5XbnJlYYpbwjUtf6ZI0EkRQjJXGb35/3jKnTi8GQ7IGnyA0
DkL4tLaR57rJ2IQpjxfLwi1cauRv7MViQTo7sApzPDBv/SIk72ddiQy1Do7fOUmm
9TmIV9ni+dAP7727OaPq/uHcmUMkXvxWny4hhfJSRPH+DT99bK28CC8YnYLTbC0U
VQBcOZOovV2MBXXNdwoXpUsm42QfcwfdDngjEJU2FFPEJdap/1zOUw4VCOKDW3ye
RuZLoDrmYiP4CpQraX8VPlcY6ywsKM7PBD73f08CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSOtfJAoDIsDFSBMvdmPJMdrNGJ7DAfBgNVHSMEGDAWgBQiVLzAMpPjrQ4Z
p6P9Gxz700wJkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lsUzh3REtUNDYwT0dhZWpfUnNjLTlOTUNaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvYTNhNTMwLTI1YWEtNDAyMy05YTgwLTRlMzQ3ZDU1MWMzZi8x
L2pyWHlRS0F5TEF4VWdUTDNaanlUSGF6Umlldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
YTNhNTMwLTI1YWEtNDAyMy05YTgwLTRlMzQ3ZDU1MWMzZi8xL0lsUzh3REtUNDYw
T0dhZWpfUnNjLTlOTUNaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAlXrWDANBAIAAjAHAwUDKhAawDAN
BgkqhkiG9w0BAQsFAAOCAQEANI73XDIEGgkJLvMpBS/CkQO5Y7ZNDGfjTkIDNXsV
0syr+g4Qtt6tznRUJxAFOPnyqq+gqnP7xIiNRKGHYxIjr3oLNU4T4A9FUpNSA+59
ysf/0w5hMWlvZ29g/0UN78Zq0sEWB4ACwBj6Ke8CnEzImnAyuKHaHIhMZ/RwDUti
h+ll8bxuhJKmXWN8Bqr9AFnV2naeF3eGWHjpjGLcux9ikbzUg/XEYP2huL60gVfz
irydyOYg5DW0bUm6b1gWUW1KqRVLdvNrVQp218eZJC+LR9D84LCo1cYTOA3ubT9G
yA4G6j2ZMm1Yirk6+BQ87vrul7tlwOis942tUsVdu5KLxw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:07 2023 by rpki-client on console-ams.rpki-client.org