Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/jfx2AJu7m0dqy1_brkBMd6KREDg.roa
File: jfx2AJu7m0dqy1_brkBMd6KREDg.roa (raw, json)
Hash identifier: X10+dqz0kz2fVEnkQ1Rn1GwqboI9ycKXHMNV6jAup38=
Subject key identifier: 8D:FC:76:00:9B:BB:9B:47:6A:CB:5F:DB:AE:40:4C:77:A2:91:10:38
Certificate issuer: /CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Certificate serial: 0181EE18809FF3F8858F75367589B23803DC
Authority key identifier: 9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/jfx2AJu7m0dqy1_brkBMd6KREDg.roa
Signing time: Mon 11 Jul 2022 16:29:51 +0000
ROA not before: Mon 11 Jul 2022 16:29:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50467
IP address blocks: 193.106.208.0/23 maxlen: 23
31.134.48.0/20 maxlen: 20
109.95.112.0/21 maxlen: 21
91.221.88.0/23 maxlen: 23
46.151.16.0/21 maxlen: 21
185.235.76.0/24 maxlen: 24
109.95.144.0/21 maxlen: 21
193.200.133.0/24 maxlen: 24
2a0c:db00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:18:80:9f:f3:f8:85:8f:75:36:75:89:b2:38:03:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f36d08a3cd8a42f46a2c96dfd72ed8cee279477
Validity
Not Before: Jul 11 16:29:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dfc76009bbb9b476acb5fdbae404c77a2911038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6f:47:1d:f6:ca:da:08:cc:76:38:86:9f:c2:
21:f4:0b:53:48:a1:b4:b6:d7:9e:bc:56:ce:7a:15:
28:de:a5:9c:c0:19:f4:84:bd:af:7f:5e:82:70:c7:
2c:96:c4:73:0b:d4:2d:e8:1b:57:d3:0a:a5:20:aa:
bd:2b:38:a8:34:bf:86:11:18:c0:87:dc:63:48:1a:
88:ea:00:f0:28:ab:3a:7d:fb:a8:86:f4:71:51:e9:
bb:74:ac:e9:02:77:58:3c:42:a5:c5:28:74:bc:21:
0a:be:a5:36:91:d8:61:06:b1:21:fb:44:99:7f:b3:
1b:ab:b3:45:2e:67:59:01:d6:79:0a:56:74:c7:ca:
6c:15:e8:e4:d1:96:eb:47:9b:05:52:99:54:6e:f2:
4d:07:85:49:ff:55:08:48:09:d8:70:33:3c:78:62:
46:79:32:47:a3:9b:65:82:ff:8e:51:d9:e6:81:a1:
32:a0:0b:a0:d4:70:2b:5b:35:da:1a:94:95:9f:4a:
cc:70:9e:7d:ce:0b:95:e3:ea:59:0d:5c:0b:1e:0d:
c9:2e:10:25:bd:12:db:00:29:16:46:c8:96:56:fb:
fd:95:4d:e7:2e:8d:ac:32:a4:fd:0a:12:12:e5:09:
c7:3d:bd:97:6d:a4:18:f2:fe:32:31:45:e5:78:67:
48:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FC:76:00:9B:BB:9B:47:6A:CB:5F:DB:AE:40:4C:77:A2:91:10:38
X509v3 Authority Key Identifier:
keyid:9F:36:D0:8A:3C:D8:A4:2F:46:A2:C9:6D:FD:72:ED:8C:EE:27:94:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzbQijzYpC9Goslt_XLtjO4nlHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/jfx2AJu7m0dqy1_brkBMd6KREDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2fbba7-ea0e-4089-9727-c33372c9d507/1/nzbQijzYpC9Goslt_XLtjO4nlHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.134.48.0/20
46.151.16.0/21
91.221.88.0/23
109.95.112.0/21
109.95.144.0/21
185.235.76.0/24
193.106.208.0/23
193.200.133.0/24
IPv6:
2a0c:db00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:5e:38:4c:6f:f1:d4:68:2b:06:72:4a:28:b3:59:19:8a:a2:
cc:fd:d0:40:28:ab:a7:06:35:8d:ea:84:3f:ac:05:03:68:f1:
78:46:88:9f:b6:c7:c9:c9:ea:f7:eb:a4:29:0d:9d:54:7d:63:
3d:b9:67:3c:bc:c9:4a:9f:8a:1d:e4:c8:4f:95:2c:c7:7e:86:
87:50:2c:d7:63:74:4e:c7:2a:a5:10:ea:5f:1a:06:b6:40:62:
a1:c5:e2:3f:6d:48:e5:a3:4d:cc:a6:90:42:81:31:da:32:33:
e4:e0:0a:7c:ea:1e:64:d6:5c:07:24:ed:9b:ba:77:7a:7b:99:
bb:b8:55:e3:1c:4f:c3:74:6e:66:35:76:e6:46:52:90:f6:54:
6e:9e:ae:76:f3:f7:9a:16:a4:d7:1a:49:a7:7f:ef:e0:2b:e5:
f8:21:2f:1d:15:e9:25:b9:f6:ad:46:65:50:0d:e0:cf:54:92:
48:9e:e3:3c:ea:9b:fd:68:6b:d6:c1:f7:88:bf:c0:2f:b4:cb:
ec:46:23:ec:a4:66:ff:a7:59:bc:ec:5e:d8:2d:a8:6b:49:91:
28:cb:63:58:0e:46:11:b7:50:81:92:77:55:35:b6:0a:33:ae:
8e:4d:8b:e1:9c:39:a5:34:fe:25:43:77:c9:0d:ab:fd:f3:26:
bc:e9:56:59
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYHuGICf8/iFj3U2dYmyOAPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzZkMDhhM2NkOGE0MmY0NmEyYzk2ZGZkNzJlZDhjZWUy
Nzk0NzcwHhcNMjIwNzExMTYyOTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZjNzYwMDliYmI5YjQ3NmFjYjVmZGJhZTQwNGM3N2EyOTExMDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkm9HHfbK2gjMdjiGn8Ih9AtTSKG0
tteevFbOehUo3qWcwBn0hL2vf16CcMcslsRzC9Qt6BtX0wqlIKq9KzioNL+GERjA
h9xjSBqI6gDwKKs6ffuohvRxUem7dKzpAndYPEKlxSh0vCEKvqU2kdhhBrEh+0SZ
f7Mbq7NFLmdZAdZ5ClZ0x8psFejk0ZbrR5sFUplUbvJNB4VJ/1UISAnYcDM8eGJG
eTJHo5tlgv+OUdnmgaEyoAug1HArWzXaGpSVn0rMcJ59zguV4+pZDVwLHg3JLhAl
vRLbACkWRsiWVvv9lU3nLo2sMqT9ChIS5QnHPb2XbaQY8v4yMUXleGdI0QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFI38dgCbu5tHastf265ATHeikRA4MB8GA1UdIwQY
MBaAFJ820Io82KQvRqLJbf1y7YzuJ5R3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3Mjct
YzMzMzcyYzlkNTA3LzEvamZ4MkFKdTdtMGRxeTFfYnJrQk1kNktSRURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZmJiYTctZWEwZS00MDg5LTk3MjctYzMzMzcyYzlkNTA3
LzEvbnpiUWlqellwQzlHb3NsdF9YTHRqTzRubEhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEH4YwAwQD
LpcQAwQBW91YAwQDbV9wAwQDbV+QAwQAuetMAwQBwWrQAwQAwciFMA0EAgACMAcD
BQMqDNsAMA0GCSqGSIb3DQEBCwUAA4IBAQBqXjhMb/HUaCsGckoos1kZiqLM/dBA
KKunBjWN6oQ/rAUDaPF4RoiftsfJyer366QpDZ1UfWM9uWc8vMlKn4od5MhPlSzH
foaHUCzXY3ROxyqlEOpfGga2QGKhxeI/bUjlo03MppBCgTHaMjPk4Ap86h5k1lwH
JO2bund6e5m7uFXjHE/DdG5mNXbmRlKQ9lRunq528/eaFqTXGkmnf+/gK+X4IS8d
FeklufatRmVQDeDPVJJInuM86pv9aGvWwfeIv8AvtMvsRiPspGb/p1m87F7YLahr
SZEoy2NYDkYRt1CBkndVNbYKM66OTYvhnDmlNP4lQ3fJDav98ya86VZZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:44 2024 by rpki-client on console-ams.rpki-client.org