Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/j8uKZeJhrwF_r6MStX7FOScDXOo.roa
File: j8uKZeJhrwF_r6MStX7FOScDXOo.roa (raw, json)
Hash identifier: FiWYLYiJBddTq6Q3LyBiW9FvLesgXcRCcVv/aZNrw/E=
Subject key identifier: 8F:CB:8A:65:E2:61:AF:01:7F:AF:A3:12:B5:7E:C5:39:27:03:5C:EA
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 0A25DC15
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/j8uKZeJhrwF_r6MStX7FOScDXOo.roa
Signing time: Sat 01 Jan 2022 12:54:10 +0000
ROA not before: Sat 01 Jan 2022 12:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62371
IP address blocks: 185.70.40.0/24 maxlen: 24
185.70.43.0/24 maxlen: 24
185.70.41.0/24 maxlen: 24
185.70.42.0/24 maxlen: 24
2a05:2701:f30::/44 maxlen: 44
2a05:2701:f10::/44 maxlen: 44
2a05:2701:f00::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170253333 (0xa25dc15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Jan 1 12:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fcb8a65e261af017fafa312b57ec53927035cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fe:20:48:97:e3:51:7c:6a:c7:8f:70:24:68:
93:2f:a0:e5:f8:97:5f:61:1b:68:f0:6a:53:7c:65:
3d:f4:2b:c8:18:91:36:8f:0c:69:7d:51:6a:31:08:
e2:b0:26:c6:5f:0f:e1:fe:28:cd:bf:59:8a:c8:0c:
07:00:b6:67:9d:88:c9:50:33:26:c4:ae:0e:fd:b8:
68:dc:7c:52:76:8c:03:ca:64:9c:f9:4d:ad:7d:31:
39:af:4a:85:19:e0:28:a9:4a:31:b3:ad:24:9d:fd:
73:42:01:62:4e:7c:78:26:06:d2:fa:cd:df:fe:37:
d3:ca:b9:01:70:e4:86:af:52:9b:eb:f5:f5:74:95:
17:24:f7:f7:bc:25:87:db:8f:5c:c5:39:3d:ef:13:
e7:31:70:d1:63:0c:4e:54:80:1f:ff:e4:70:96:ee:
c5:83:52:c2:2d:7c:fd:51:d4:e9:a8:3b:05:f1:b1:
3e:86:a9:21:df:a3:18:87:8a:52:b2:95:c6:90:0b:
e5:a6:d5:8e:22:94:14:ee:15:f9:21:4a:11:57:84:
1e:59:96:b7:5d:33:b8:e8:59:df:80:df:0f:a6:46:
06:6a:dd:32:32:a7:62:89:82:25:66:b9:29:c1:4d:
8a:59:48:3b:b9:84:50:61:ce:aa:9b:c9:e7:61:a1:
ff:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CB:8A:65:E2:61:AF:01:7F:AF:A3:12:B5:7E:C5:39:27:03:5C:EA
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/j8uKZeJhrwF_r6MStX7FOScDXOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.40.0/22
IPv6:
2a05:2701:f00::/43
2a05:2701:f30::/44
Signature Algorithm: sha256WithRSAEncryption
7b:79:73:7c:8c:06:09:51:f6:59:5e:9d:34:41:fe:ad:c2:b6:
5d:80:f3:b5:a3:67:4d:54:51:91:9f:c7:d8:90:1f:d8:b3:ec:
c9:93:29:bb:7d:47:07:4f:e3:2a:75:5d:59:60:6b:b8:b2:4d:
21:60:84:91:f1:39:d2:21:32:eb:6a:2b:53:5e:8c:7c:c3:f1:
d5:85:58:58:df:37:47:75:e5:27:da:68:96:b7:ba:d4:2c:77:
f0:d6:8f:cd:d4:bb:51:3d:ba:a5:a0:09:26:d0:1b:5f:9a:8d:
bc:10:ae:36:18:33:8b:16:b5:90:56:22:b6:2f:48:c4:e2:fe:
e4:01:4f:9d:9d:7a:cf:de:84:cd:37:34:75:7a:2e:76:56:84:
bc:45:c3:c5:8b:7a:07:77:1f:84:99:05:3a:dc:0b:84:93:cc:
a8:5f:bd:2e:82:1e:c6:63:57:78:51:51:f2:c4:e9:65:cf:1f:
90:d2:3b:95:f7:fe:ef:ea:26:f3:71:d3:a1:73:b0:7d:c8:5e:
63:18:7f:e7:c6:c3:6f:1c:5d:32:1a:73:8a:82:7c:2b:7a:5f:
fe:c8:f2:57:9c:66:1e:7e:60:a9:cb:c3:49:86:57:a4:ef:7b:
14:c9:f6:5c:d8:60:a7:69:74:82:28:b4:6d:58:17:fa:a4:5d:
14:1a:ad:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECiXcFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzM2YTVjODVhMDhkODA3NDkwNDFjYjljZmE1MTdmYjdkNTg5YmE4MB4XDTIyMDEw
MTEyNTQxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGZjYjhhNjVlMjYx
YWYwMTdmYWZhMzEyYjU3ZWM1MzkyNzAzNWNlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALD+IEiX41F8asePcCRoky+g5fiXX2EbaPBqU3xlPfQryBiR
No8MaX1RajEI4rAmxl8P4f4ozb9ZisgMBwC2Z52IyVAzJsSuDv24aNx8UnaMA8pk
nPlNrX0xOa9KhRngKKlKMbOtJJ39c0IBYk58eCYG0vrN3/4308q5AXDkhq9Sm+v1
9XSVFyT397wlh9uPXMU5Pe8T5zFw0WMMTlSAH//kcJbuxYNSwi18/VHU6ag7BfGx
PoapId+jGIeKUrKVxpAL5abVjiKUFO4V+SFKEVeEHlmWt10zuOhZ34DfD6ZGBmrd
MjKnYomCJWa5KcFNillIO7mEUGHOqpvJ52Gh/+0CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSPy4pl4mGvAX+voxK1fsU5JwNc6jAfBgNVHSMEGDAWgBR3NqXIWgjYB0kE
HLnPpRf7fVibqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R6YWx5Rm9JMkFkSkJCeTV6NlVYLTMxWW02Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvNmRhMjg5LWFiZWMtNDlmNS1hNzU5LWNmMWY0YzdjOTIyMi8x
L2o4dUtaZUpocndGX3I2TVN0WDdGT1NjRFhPby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
NmRhMjg5LWFiZWMtNDlmNS1hNzU5LWNmMWY0YzdjOTIyMi8xL2R6YWx5Rm9JMkFk
SkJCeTV6NlVYLTMxWW02Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEArlGKDAYBAIAAjASAwcFKgUnAQ8A
AwcEKgUnAQ8wMA0GCSqGSIb3DQEBCwUAA4IBAQB7eXN8jAYJUfZZXp00Qf6twrZd
gPO1o2dNVFGRn8fYkB/Ys+zJkym7fUcHT+MqdV1ZYGu4sk0hYISR8TnSITLraitT
Xox8w/HVhVhY3zdHdeUn2miWt7rULHfw1o/N1LtRPbqloAkm0Btfmo28EK42GDOL
FrWQViK2L0jE4v7kAU+dnXrP3oTNNzR1ei52VoS8RcPFi3oHdx+EmQU63AuEk8yo
X70ugh7GY1d4UVHyxOllzx+Q0juV9/7v6ibzcdOhc7B9yF5jGH/nxsNvHF0yGnOK
gnwrel/+yPJXnGYefmCpy8NJhlek73sUyfZc2GCnaXSCKLRtWBf6pF0UGq34
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:04 2023 by rpki-client on console-fra.rpki-client.org