Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jDpaCP_iNkMF4lGXYITWQlv3bEc.roa
File: jDpaCP_iNkMF4lGXYITWQlv3bEc.roa (raw, json)
Hash identifier: ztN8wkCouGKbcNsuHc2/wm6C0EaICSXg5I+bYsv0Edk=
Subject key identifier: 8C:3A:5A:08:FF:E2:36:43:05:E2:51:97:60:84:D6:42:5B:F7:6C:47
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0353EDF7
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jDpaCP_iNkMF4lGXYITWQlv3bEc.roa
Signing time: Fri 14 Jan 2022 15:25:13 +0000
ROA not before: Fri 14 Jan 2022 15:25:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 78.135.111.0/24 maxlen: 32
31.210.39.0/24 maxlen: 32
78.135.80.0/24 maxlen: 24
188.132.209.0/24 maxlen: 32
78.135.87.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55832055 (0x353edf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 14 15:25:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c3a5a08ffe2364305e251976084d6425bf76c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dd:0a:90:cd:7e:2e:6a:18:33:e2:59:db:48:
43:42:f8:bd:69:43:4d:15:a9:2b:dc:fb:e2:66:b6:
82:1b:b9:69:3a:01:cb:a5:9e:5d:e4:d9:a8:a6:bf:
22:58:2c:83:d5:52:ce:3c:59:0f:c7:db:59:12:c8:
25:47:c4:4d:74:bc:4d:fb:6a:1e:7c:dd:80:87:3e:
ab:80:5e:ca:58:9c:40:14:af:0d:6c:d2:69:40:26:
bf:47:15:d6:96:21:94:22:39:a4:2f:f9:1f:bd:25:
ff:c0:98:d9:1f:57:70:e7:e6:79:38:cb:c2:3f:51:
ba:1b:32:c0:de:a0:18:83:a9:b4:b1:8a:cd:3b:19:
05:1f:99:ec:81:36:fd:bf:92:f4:4d:44:2b:86:87:
64:66:24:e0:88:84:38:87:67:06:a3:0d:ef:04:71:
61:70:1b:ac:6b:45:b6:23:8c:42:41:22:cc:6e:60:
7c:e0:40:86:8a:7d:32:d5:64:74:23:f0:b6:ad:ef:
7d:64:08:d9:bf:73:e4:06:f6:ae:62:e1:76:de:28:
c4:be:26:1e:72:eb:67:de:39:bc:0b:ca:ae:23:a9:
8a:56:d7:5b:dc:bd:4f:b4:18:09:fe:b8:c9:3f:a2:
20:e2:a7:2d:f7:44:8a:67:94:06:79:27:47:9f:ed:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3A:5A:08:FF:E2:36:43:05:E2:51:97:60:84:D6:42:5B:F7:6C:47
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/jDpaCP_iNkMF4lGXYITWQlv3bEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.39.0/24
78.135.80.0/24
78.135.87.0/24
78.135.111.0/24
188.132.209.0/24
Signature Algorithm: sha256WithRSAEncryption
21:6d:ff:ca:63:ae:57:01:ea:71:6c:a6:44:25:4a:89:17:ec:
d5:86:e3:fa:0d:52:45:cd:90:08:de:e1:ea:88:7a:e6:cb:fc:
a9:34:7e:51:df:ac:b8:ce:80:e5:a1:7f:a4:71:48:df:b2:77:
f6:66:1a:da:66:2d:99:ba:f3:16:50:6c:0f:f4:6c:e5:5d:3d:
43:e2:01:57:10:b0:e7:ae:18:39:e6:10:25:60:9b:a8:6b:f0:
20:2e:9d:04:4a:25:42:fa:c2:5e:35:6f:00:17:68:b5:c8:27:
0d:45:40:0f:57:3b:10:59:14:84:a8:90:55:35:76:eb:19:a7:
f9:45:bb:7d:66:c2:6e:1c:a2:92:68:d5:0e:35:7c:3c:9a:91:
f7:e0:94:fb:4a:fa:02:87:f1:f0:8b:f0:41:e9:a1:5d:9d:9d:
63:a3:ae:9c:2b:25:33:6f:96:e5:fd:56:85:19:ff:7e:3a:ef:
60:73:ea:70:c4:20:e4:fd:66:b7:01:7d:33:31:96:db:8c:83:
a4:2a:29:4a:a8:92:bf:88:25:1c:a5:1e:f0:6b:e2:87:b0:83:
a4:a1:50:74:9b:4e:95:c8:f1:89:5a:e2:90:62:a4:40:20:ff:
2a:b5:3f:4b:2c:14:af:09:5f:5c:a7:6c:29:f0:a1:86:e0:fe:
1c:4c:be:2c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEA1Pt9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDEx
NDE1MjUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMzYTVhMDhmZmUy
MzY0MzA1ZTI1MTk3NjA4NGQ2NDI1YmY3NmM0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANfdCpDNfi5qGDPiWdtIQ0L4vWlDTRWpK9z74ma2ghu5aToB
y6WeXeTZqKa/Ilgsg9VSzjxZD8fbWRLIJUfETXS8TftqHnzdgIc+q4BeylicQBSv
DWzSaUAmv0cV1pYhlCI5pC/5H70l/8CY2R9XcOfmeTjLwj9RuhsywN6gGIOptLGK
zTsZBR+Z7IE2/b+S9E1EK4aHZGYk4IiEOIdnBqMN7wRxYXAbrGtFtiOMQkEizG5g
fOBAhop9MtVkdCPwtq3vfWQI2b9z5Ab2rmLhdt4oxL4mHnLrZ945vAvKriOpilbX
W9y9T7QYCf64yT+iIOKnLfdEimeUBnknR5/t4gcCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSMOloI/+I2QwXiUZdghNZCW/dsRzAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
L2pEcGFDUF9pTmtNRjRsR1hZSVRXUWx2M2JFYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAB/SJwMEAE6HUAMEAE6HVwMEAE6H
bwMEALyE0TANBgkqhkiG9w0BAQsFAAOCAQEAIW3/ymOuVwHqcWymRCVKiRfs1Ybj
+g1SRc2QCN7h6oh65sv8qTR+Ud+suM6A5aF/pHFI37J39mYa2mYtmbrzFlBsD/Rs
5V09Q+IBVxCw564YOeYQJWCbqGvwIC6dBEolQvrCXjVvABdotcgnDUVAD1c7EFkU
hKiQVTV26xmn+UW7fWbCbhyikmjVDjV8PJqR9+CU+0r6Aofx8IvwQemhXZ2dY6Ou
nCslM2+W5f1WhRn/fjrvYHPqcMQg5P1mtwF9MzGW24yDpCopSqiSv4glHKUe8Gvi
h7CDpKFQdJtOlcjxiVrikGKkQCD/KrU/SywUrwlfXKdsKfChhuD+HEy+LA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org