Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/jFbNBxs0tIuDkBWG7A6SZ6fbOUQ.roa
File: jFbNBxs0tIuDkBWG7A6SZ6fbOUQ.roa (raw, json)
Hash identifier: vYm2FnIanrWExIOHvYUg5kbKp312QaSI62d/t2Q1kF8=
Subject key identifier: 8C:56:CD:07:1B:34:B4:8B:83:90:15:86:EC:0E:92:67:A7:DB:39:44
Certificate issuer: /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial: 0E97943D
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/jFbNBxs0tIuDkBWG7A6SZ6fbOUQ.roa
Signing time: Sat 01 Jan 2022 13:01:46 +0000
ROA not before: Sat 01 Jan 2022 13:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30870
IP address blocks: 185.40.56.0/22 maxlen: 24
185.108.116.0/22 maxlen: 24
194.30.160.0/24 maxlen: 24
87.101.8.0/21 maxlen: 21
2a01:4d60::/32 maxlen: 48
2a06:4a80::/29 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 244814909 (0xe97943d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
Validity
Not Before: Jan 1 13:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c56cd071b34b48b83901586ec0e9267a7db3944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:61:cb:0a:c3:14:d7:69:d9:75:2e:60:49:
38:86:34:20:b8:27:1a:a8:ec:bf:50:5f:5d:f2:74:
f5:6a:1e:2d:aa:9e:e7:46:e0:e7:c1:25:ae:5a:07:
e7:10:31:93:60:ef:2c:ec:e8:76:e5:1b:ff:a2:c1:
b2:a6:9c:5b:0b:65:7b:60:eb:31:8b:00:d9:f1:84:
7b:92:79:a9:28:1e:c8:ac:df:47:21:65:76:84:26:
e1:cf:d7:89:4b:01:2f:7e:2f:3e:f1:78:42:9c:c3:
33:78:ce:d1:5f:c1:76:5e:2c:da:a6:54:fb:44:1e:
be:f6:b3:73:95:57:b4:c9:55:69:64:94:6e:19:14:
f7:cc:10:4a:59:b8:f2:47:20:21:6f:70:52:5f:29:
71:53:b0:d5:9c:a6:3a:43:5f:2a:19:6c:a2:b4:37:
33:40:f2:19:1d:45:d5:45:f6:ac:5f:14:b3:a6:79:
fe:97:12:8f:94:e9:8e:6e:d8:a1:18:86:8f:e0:56:
a9:34:19:ec:84:31:2b:ee:c8:66:e9:36:58:72:d8:
10:0a:d9:53:0d:18:e1:5b:9b:d2:6c:61:99:bf:bc:
58:af:d2:85:a4:d3:b5:b5:fa:6c:4a:2f:ed:27:cb:
07:a5:8f:d1:bd:a0:d4:68:6c:8e:10:b6:4e:a4:38:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:56:CD:07:1B:34:B4:8B:83:90:15:86:EC:0E:92:67:A7:DB:39:44
X509v3 Authority Key Identifier:
keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/jFbNBxs0tIuDkBWG7A6SZ6fbOUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.101.8.0/21
185.40.56.0/22
185.108.116.0/22
194.30.160.0/24
IPv6:
2a01:4d60::/32
2a06:4a80::/29
Signature Algorithm: sha256WithRSAEncryption
c6:d5:a0:3c:3b:d5:b7:6e:3f:e7:9c:b5:c5:bd:0b:f9:02:cd:
a4:5e:52:a5:32:6b:1a:60:c1:32:ef:22:6c:1a:e8:cc:6a:ce:
6a:47:7e:f4:e1:84:cd:45:1d:0c:e7:50:eb:ba:98:1c:7b:51:
2e:d3:f2:6c:0c:f1:ee:09:96:59:c5:45:cb:fa:20:0d:b8:53:
55:90:2f:39:4a:aa:61:0a:fb:39:da:d4:1f:46:51:f8:29:98:
38:aa:04:c8:e4:65:0d:48:9c:21:2b:ac:d0:20:0a:25:bc:ae:
3c:89:15:b5:bf:8e:f9:7d:8c:02:5a:8c:bb:0b:6e:cc:ad:87:
6a:6f:7d:0e:21:0b:13:c0:ff:98:5d:9e:1a:64:9f:cd:aa:6b:
85:d4:be:08:5f:1f:ce:63:1f:bd:ba:b2:1c:70:f5:6f:d3:ff:
bd:4c:4e:8f:db:5a:72:a9:95:b5:91:02:52:90:81:0d:72:1b:
0d:a6:fd:7c:1b:06:a1:64:35:52:0f:fc:87:09:83:8e:99:82:
b5:3e:9f:73:c2:e1:8c:73:bf:13:bd:51:49:db:7e:55:91:d0:
4b:81:c5:6d:33:bb:71:f3:36:53:6f:d3:5f:46:ec:24:ff:9c:
70:2f:bf:75:58:fd:77:1d:98:6d:b8:28:0e:86:e0:6d:e6:0d:
e8:1c:eb:cb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEDpeUPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTk0ZjAzMDRlZWRkMzYzYzY2MjJmZDkxYzU5YjEwODcxYWEzMDQ0MB4XDTIyMDEw
MTEzMDE0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM1NmNkMDcxYjM0
YjQ4YjgzOTAxNTg2ZWMwZTkyNjdhN2RiMzk0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCuYcsKwxTXadl1LmBJOIY0ILgnGqjsv1BfXfJ09WoeLaqe
50bg58ElrloH5xAxk2DvLOzoduUb/6LBsqacWwtle2DrMYsA2fGEe5J5qSgeyKzf
RyFldoQm4c/XiUsBL34vPvF4QpzDM3jO0V/Bdl4s2qZU+0Qevvazc5VXtMlVaWSU
bhkU98wQSlm48kcgIW9wUl8pcVOw1ZymOkNfKhlsorQ3M0DyGR1F1UX2rF8Us6Z5
/pcSj5Tpjm7YoRiGj+BWqTQZ7IQxK+7IZuk2WHLYEArZUw0Y4Vub0mxhmb+8WK/S
haTTtbX6bEov7SfLB6WP0b2g1GhsjhC2TqQ4AOcCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBSMVs0HGzS0i4OQFYbsDpJnp9s5RDAfBgNVHSMEGDAWgBSxlPAwTu3TY8Zi
L9kcWbEIcaowRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NaVHdNRTd0MDJQR1lpX1pIRm14Q0hHcU1FUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvZGY4NGE3LTcyYzktNGEyZi04MTE1LWFmYmRiZGFkNThhNS8x
L2pGYk5CeHMwdEl1RGtCV0c3QTZTWjZmYk9VUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
ZGY4NGE3LTcyYzktNGEyZi04MTE1LWFmYmRiZGFkNThhNS8xL3NaVHdNRTd0MDJQ
R1lpX1pIRm14Q0hHcU1FUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEA1dlCAMEArkoOAMEArlsdAMEAMIe
oDAUBAIAAjAOAwUAKgFNYAMFAyoGSoAwDQYJKoZIhvcNAQELBQADggEBAMbVoDw7
1bduP+ectcW9C/kCzaReUqUyaxpgwTLvImwa6MxqzmpHfvThhM1FHQznUOu6mBx7
US7T8mwM8e4JllnFRcv6IA24U1WQLzlKqmEK+zna1B9GUfgpmDiqBMjkZQ1InCEr
rNAgCiW8rjyJFbW/jvl9jAJajLsLbsyth2pvfQ4hCxPA/5hdnhpkn82qa4XUvghf
H85jH726shxw9W/T/71MTo/bWnKplbWRAlKQgQ1yGw2m/XwbBqFkNVIP/IcJg46Z
grU+n3PC4YxzvxO9UUnbflWR0EuBxW0zu3HzNlNv019G7CT/nHAvv3VY/XcdmG24
KA6G4G3mDegc68s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:03 2024 by rpki-client on console-fra.rpki-client.org