Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/JAo6IK0jGBQ0siHB3o_8slIVsGY.roa
File: JAo6IK0jGBQ0siHB3o_8slIVsGY.roa (raw, json)
Hash identifier: aXsTO2q8PL7Ax+qz8aY60d5E+uU1ftTQrXPeHN9VNcs=
Subject key identifier: 24:0A:3A:20:AD:23:18:14:34:B2:21:C1:DE:8F:FC:B2:52:15:B0:66
Certificate issuer: /CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Certificate serial: 08FC6126
Authority key identifier: CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/JAo6IK0jGBQ0siHB3o_8slIVsGY.roa
Signing time: Thu 05 May 2022 22:38:27 +0000
ROA not before: Thu 05 May 2022 22:38:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202779
IP address blocks: 213.173.96.0/19 maxlen: 19
213.244.248.0/21 maxlen: 21
185.154.156.0/24 maxlen: 24
185.154.159.0/24 maxlen: 24
185.154.157.0/24 maxlen: 24
185.154.158.0/24 maxlen: 24
91.201.220.0/24 maxlen: 24
91.201.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150757670 (0x8fc6126)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Validity
Not Before: May 5 22:38:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=240a3a20ad23181434b221c1de8ffcb25215b066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2c:d0:38:c1:de:11:5e:55:25:7f:dc:cc:87:
40:36:75:16:7a:83:6d:92:e5:99:50:32:51:df:c4:
21:13:6d:0b:7b:26:6e:ff:74:2a:61:b3:d7:4f:84:
d5:7c:ee:72:ca:51:57:e6:45:78:c2:e0:2f:c5:3c:
c6:1e:2a:25:39:2e:19:fb:77:19:70:84:6f:e1:88:
d2:ca:aa:4d:ae:af:9b:ab:bf:2a:47:6f:ed:be:b7:
b0:ff:05:b4:c6:e9:06:58:5b:0d:cf:2a:ce:a9:3c:
37:6c:55:60:aa:4c:d9:2b:fa:03:4f:cb:d0:f8:be:
ce:e3:31:33:e1:c6:cb:01:79:0c:3a:4a:d7:3b:5d:
a8:53:c3:6a:ea:7e:95:ea:8e:a6:2f:b6:6c:16:5e:
49:da:ce:33:fe:55:d3:4d:57:ef:14:a0:72:b6:48:
58:c7:ab:5e:1b:9c:2b:01:e3:c4:36:04:9d:4a:6d:
b2:b4:fe:15:eb:a1:f7:3f:04:52:b1:a5:3b:38:68:
70:1a:26:f7:77:57:64:f1:ee:54:94:6d:f5:07:3b:
df:c4:62:4c:dd:42:d0:66:87:03:04:34:5a:62:49:
66:74:81:7e:a2:5e:50:83:b1:07:b9:1a:ed:a0:01:
08:d2:a2:f6:b2:6f:ae:19:f5:65:96:7c:25:23:ae:
d0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:0A:3A:20:AD:23:18:14:34:B2:21:C1:DE:8F:FC:B2:52:15:B0:66
X509v3 Authority Key Identifier:
keyid:CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/JAo6IK0jGBQ0siHB3o_8slIVsGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.220.0/22
185.154.156.0/22
213.173.96.0/19
213.244.248.0/21
Signature Algorithm: sha256WithRSAEncryption
19:97:f8:ca:d8:0f:8c:66:d3:a0:86:7b:03:dd:16:4c:82:a5:
de:47:96:b1:f9:9c:d0:a6:d2:56:4f:52:27:37:88:bf:76:55:
d5:70:3a:05:b0:9d:21:a9:d7:af:cd:96:b3:34:47:81:b9:ce:
d4:fa:7c:73:5c:cb:0e:bd:9e:45:88:69:a4:09:7a:ec:b8:9d:
2a:c8:47:9a:c0:63:20:55:c6:4d:5f:37:92:3d:6f:ef:0a:88:
21:fb:36:24:f5:bc:68:16:fd:f4:7f:bd:52:62:48:20:eb:8e:
42:15:b3:a9:24:fb:7c:d9:e9:44:9b:f2:a9:65:21:9b:a2:45:
6e:98:f8:fc:aa:ad:a7:ce:cb:1d:32:25:a2:d5:36:5e:3a:ed:
21:fd:05:52:b3:82:f1:15:b8:a6:3c:d0:f4:fe:ff:4f:10:38:
9a:4b:1c:f6:92:a0:32:dc:7f:0e:19:5e:2f:df:35:8e:5e:8c:
05:55:c4:41:4b:1a:ea:ca:5f:bc:47:41:e5:60:4a:34:5d:b9:
e0:4f:94:b1:21:5c:90:ec:2b:95:3f:91:c4:23:d7:ee:75:6d:
37:d8:a1:7d:a9:fc:7a:50:8d:55:32:cd:8e:67:50:75:e6:aa:
25:3e:ee:8b:17:38:35:d3:a8:10:1c:57:08:15:ad:3f:96:43:
6d:30:96:03
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECPxhJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Yzc3N2EwOGE0NTY0NTQ4YjUxOGVjMzg2NGIzNDFlMWZhNTIyNWVhMB4XDTIyMDUw
NTIyMzgyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQwYTNhMjBhZDIz
MTgxNDM0YjIyMWMxZGU4ZmZjYjI1MjE1YjA2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8s0DjB3hFeVSV/3MyHQDZ1FnqDbZLlmVAyUd/EIRNtC3sm
bv90KmGz10+E1XzucspRV+ZFeMLgL8U8xh4qJTkuGft3GXCEb+GI0sqqTa6vm6u/
Kkdv7b63sP8FtMbpBlhbDc8qzqk8N2xVYKpM2Sv6A0/L0Pi+zuMxM+HGywF5DDpK
1ztdqFPDaup+leqOpi+2bBZeSdrOM/5V001X7xSgcrZIWMerXhucKwHjxDYEnUpt
srT+Feuh9z8EUrGlOzhocBom93dXZPHuVJRt9Qc738RiTN1C0GaHAwQ0WmJJZnSB
fqJeUIOxB7ka7aABCNKi9rJvrhn1ZZZ8JSOu0KUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQkCjogrSMYFDSyIcHej/yyUhWwZjAfBgNVHSMEGDAWgBTMd3oIpFZFSLUY
7Dhks0Hh+lIl6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pIZDZDS1JXUlVpMUdPdzRaTE5CNGZwU0plby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvYTcyYTRiLTA2OTMtNGQxYi05YmZjLTc2N2IwY2M4MGMwOC8x
L0pBbzZJSzBqR0JRMHNpSEIzb184c2xJVnNHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
YTcyYTRiLTA2OTMtNGQxYi05YmZjLTc2N2IwY2M4MGMwOC8xL3pIZDZDS1JXUlVp
MUdPdzRaTE5CNGZwU0plby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlvJ3AMEArmanAMEBdWtYAMEA9X0
+DANBgkqhkiG9w0BAQsFAAOCAQEAGZf4ytgPjGbToIZ7A90WTIKl3keWsfmc0KbS
Vk9SJzeIv3ZV1XA6BbCdIanXr82WszRHgbnO1Pp8c1zLDr2eRYhppAl67LidKshH
msBjIFXGTV83kj1v7wqIIfs2JPW8aBb99H+9UmJIIOuOQhWzqST7fNnpRJvyqWUh
m6JFbpj4/Kqtp87LHTIlotU2XjrtIf0FUrOC8RW4pjzQ9P7/TxA4mksc9pKgMtx/
DhleL981jl6MBVXEQUsa6spfvEdB5WBKNF254E+UsSFckOwrlT+RxCPX7nVtN9ih
fan8elCNVTLNjmdQdeaqJT7uixc4NdOoEBxXCBWtP5ZDbTCWAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org