Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/JtllPltSzYv_0BFtyCvfgLVBuV8.roa
File: JtllPltSzYv_0BFtyCvfgLVBuV8.roa (raw, json)
Hash identifier: 5iYJngbpY+CQgybKefaqNve+aWuDKIiaDweT50oxq7I=
Subject key identifier: 26:D9:65:3E:5B:52:CD:8B:FF:D0:11:6D:C8:2B:DF:80:B5:41:B9:5F
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 01896E71EDE44620C34AFDA2D4FAA5E3609E
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/JtllPltSzYv_0BFtyCvfgLVBuV8.roa
Signing time: Wed 19 Jul 2023 13:58:27 +0000
ROA not before: Wed 19 Jul 2023 13:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208257
IP address blocks: 185.251.70.0/24 maxlen: 24
151.248.20.0/22 maxlen: 22
151.248.22.0/23 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6e:71:ed:e4:46:20:c3:4a:fd:a2:d4:fa:a5:e3:60:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jul 19 13:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=26d9653e5b52cd8bffd0116dc82bdf80b541b95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:72:68:39:58:62:e2:cd:a7:eb:c2:73:91:4b:
6a:2e:3f:d7:6f:46:18:22:b8:ce:99:9b:dd:f6:eb:
5f:7f:7f:57:ac:31:70:56:9f:6f:bb:7b:84:36:15:
99:45:5e:d0:1d:7a:7e:23:61:df:c9:bb:4e:05:4e:
f7:5a:36:c3:39:41:5f:81:5c:2a:f0:e7:fc:ec:fe:
12:5a:7a:a8:b3:4c:8f:8e:a9:27:17:6f:32:5f:fb:
1c:8f:06:e1:db:5c:3a:06:02:a8:6c:95:57:73:5c:
0d:15:e2:31:aa:3a:c7:83:cc:51:dd:04:04:52:2b:
76:fd:04:92:43:a7:a3:a6:5b:b9:26:11:bb:91:d3:
d7:f1:3d:fb:d2:72:de:45:1d:01:44:35:79:d3:91:
52:69:b5:a4:2d:19:88:de:01:ed:eb:87:42:51:74:
75:47:12:ab:8c:f2:45:af:2e:89:e4:10:36:28:45:
e3:3a:1e:8f:a8:76:a4:28:97:c0:7f:65:46:89:69:
a6:40:49:b5:d0:93:bf:3e:15:8e:3c:c3:8b:54:7f:
ad:8b:f7:5f:63:f9:31:af:4f:8b:3e:68:81:ea:da:
1e:ed:09:c1:42:8f:99:37:62:79:86:6a:1d:86:b2:
bb:36:9b:33:7c:5b:04:25:e6:96:89:06:c1:bf:0e:
19:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D9:65:3E:5B:52:CD:8B:FF:D0:11:6D:C8:2B:DF:80:B5:41:B9:5F
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/JtllPltSzYv_0BFtyCvfgLVBuV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.20.0/22
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
34:8e:6e:41:35:78:54:08:d9:36:8c:7d:2f:d6:c7:b6:86:c1:
9d:cc:c5:99:02:92:59:39:76:e8:5a:12:0a:e1:fb:f2:40:90:
b1:6c:c3:49:9d:43:ee:0f:02:07:c7:69:e2:83:63:6a:99:4f:
f7:8f:8f:c3:76:94:8a:a4:ce:75:97:b9:77:2b:e5:55:25:c5:
44:f5:9a:6b:b5:bf:4a:82:13:51:63:ac:db:a1:1f:33:b5:92:
8a:1b:4e:db:35:29:6d:68:91:f9:8a:01:7a:3d:b1:27:a7:54:
41:3d:7a:3d:66:b2:9f:38:2d:a5:64:14:1c:c6:a9:ce:52:be:
00:0b:1d:6e:6e:b9:73:db:4c:6b:05:e1:40:d9:61:ea:dc:a5:
5c:79:a0:b0:2f:a1:f7:4d:1f:2b:71:c3:7a:30:1d:39:63:2c:
fa:28:b7:71:a0:b5:bb:a2:d4:14:22:bd:64:9a:83:c8:c3:21:
bb:b9:10:bc:41:51:a8:cb:03:2f:4c:98:da:27:07:b8:df:df:
4e:85:fb:fc:b9:53:55:09:29:8b:6e:e3:f7:bc:c2:42:33:6f:
0a:24:b2:87:8e:b5:9f:44:e2:67:05:7f:af:87:cf:f8:9a:f8:
df:1c:bd:ff:07:fc:5c:d5:f1:3f:e2:44:11:39:36:9d:72:5c:
b5:d1:cc:78
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYluce3kRiDDSv2i1Pql42CeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjMwNzE5MTM1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmQ5NjUzZTViNTJjZDhiZmZkMDExNmRjODJiZGY4MGI1NDFiOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3JoOVhi4s2n68JzkUtqLj/Xb0YY
IrjOmZvd9utff39XrDFwVp9vu3uENhWZRV7QHXp+I2HfybtOBU73WjbDOUFfgVwq
8Of87P4SWnqos0yPjqknF28yX/scjwbh21w6BgKobJVXc1wNFeIxqjrHg8xR3QQE
Uit2/QSSQ6ejplu5JhG7kdPX8T370nLeRR0BRDV505FSabWkLRmI3gHt64dCUXR1
RxKrjPJFry6J5BA2KEXjOh6PqHakKJfAf2VGiWmmQEm10JO/PhWOPMOLVH+ti/df
Y/kxr0+LPmiB6toe7QnBQo+ZN2J5hmodhrK7NpszfFsEJeaWiQbBvw4ZdQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFCbZZT5bUs2L/9ARbcgr34C1QblfMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvSnRsbFBsdFN6WXZfMEJGdHlDdmZnTFZCdVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCl/gUAwQA
uftGMBsEAgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQAD
ggEBADSObkE1eFQI2TaMfS/Wx7aGwZ3MxZkCklk5duhaEgrh+/JAkLFsw0mdQ+4P
AgfHaeKDY2qZT/ePj8N2lIqkznWXuXcr5VUlxUT1mmu1v0qCE1FjrNuhHzO1koob
Tts1KW1okfmKAXo9sSenVEE9ej1msp84LaVkFBzGqc5SvgALHW5uuXPbTGsF4UDZ
YercpVx5oLAvofdNHytxw3owHTljLPoot3Ggtbui1BQivWSag8jDIbu5ELxBUajL
Ay9MmNonB7jf306F+/y5U1UJKYtu4/e8wkIzbwoksoeOtZ9E4mcFf6+Hz/ia+N8c
vf8H/FzV8T/iRBE5Np1yXLXRzHg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:45 2025 by rpki-client