Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/JLgCae47AdpRHOc9LoedZwmmMKU.roa
File: JLgCae47AdpRHOc9LoedZwmmMKU.roa (raw, json)
Hash identifier: DT+83kwjaqqH0vnu/kCDb8n1VRPNjnAzCTyuyRrIPuw=
Subject key identifier: 24:B8:02:69:EE:3B:01:DA:51:1C:E7:3D:2E:87:9D:67:09:A6:30:A5
Certificate issuer: /CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Certificate serial: 018258E0CACFD09149F4CCB0B59542099662
Authority key identifier: 3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/JLgCae47AdpRHOc9LoedZwmmMKU.roa
Signing time: Mon 01 Aug 2022 10:08:23 +0000
ROA not before: Mon 01 Aug 2022 10:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60475
IP address blocks: 37.202.16.0/21 maxlen: 21
37.202.22.0/23 maxlen: 23
185.241.200.0/22 maxlen: 22
2a02:ff00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:e0:ca:cf:d0:91:49:f4:cc:b0:b5:95:42:09:96:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3195f47084c8b0c670d03f7ee7b516cf804c5c
Validity
Not Before: Aug 1 10:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24b80269ee3b01da511ce73d2e879d6709a630a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:bb:98:ef:c2:69:6c:a4:67:7a:a1:ec:ba:
1b:79:96:a8:b2:70:f3:cf:e2:38:31:76:f7:c6:c4:
5c:23:29:d2:d4:bf:12:68:a0:c2:f9:eb:de:f6:6c:
2b:9f:f0:fe:35:27:f4:54:0f:36:cb:07:70:4e:f4:
97:85:f0:76:23:e6:01:04:83:39:7d:7e:85:8c:62:
f5:67:a1:5c:9e:df:77:68:b0:1a:9e:63:3c:a9:08:
0a:c0:40:c2:94:60:3a:5e:56:58:af:da:1f:52:ca:
c5:79:ca:11:70:b9:2c:56:eb:f1:76:36:ab:c0:e4:
2a:f1:b5:83:ec:ad:bd:82:36:9f:9a:c9:05:16:73:
3f:e8:74:21:a9:04:81:81:58:81:c7:42:e2:55:21:
73:63:48:cf:08:0b:0a:43:e1:ee:89:46:dc:5c:3d:
76:aa:d4:23:72:68:f3:d5:63:1f:bc:00:85:2f:1f:
b6:81:c8:07:5e:69:83:20:78:91:65:7d:30:f7:b0:
3e:7d:ab:d4:53:54:6e:b7:32:48:b3:d2:23:37:39:
62:e8:9c:f1:f7:9b:16:ec:2e:91:d7:36:11:c0:e3:
b4:8e:80:80:79:bb:52:35:c1:14:9e:d1:f9:b4:39:
a2:7e:c3:55:db:49:d1:c2:4e:b8:88:88:29:a5:80:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B8:02:69:EE:3B:01:DA:51:1C:E7:3D:2E:87:9D:67:09:A6:30:A5
X509v3 Authority Key Identifier:
keyid:3F:31:95:F4:70:84:C8:B0:C6:70:D0:3F:7E:E7:B5:16:CF:80:4C:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzGV9HCEyLDGcNA_fue1Fs-ATFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/JLgCae47AdpRHOc9LoedZwmmMKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ab4f87-7569-47e1-9006-604378e7173f/1/PzGV9HCEyLDGcNA_fue1Fs-ATFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.16.0/21
185.241.200.0/22
IPv6:
2a02:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
92:fc:d5:f6:cd:fa:85:01:8d:15:4e:22:84:f8:31:48:5a:72:
92:ef:0c:b2:9f:84:7f:f2:46:14:fc:0b:47:e8:77:41:b9:89:
59:db:29:89:ea:40:12:ed:bb:7f:a2:d9:87:2a:89:5a:5d:65:
21:02:e7:7e:52:8d:88:58:7c:eb:4c:34:3e:8a:54:7a:6b:11:
1a:26:65:66:f0:14:35:9b:a4:43:9e:9a:56:e7:fb:9c:ce:a2:
d6:6e:3a:cb:1f:82:05:61:55:e9:2b:a4:fc:d4:4c:0b:02:e1:
fb:5e:09:7b:08:22:bc:b2:56:00:9a:29:0c:45:59:ed:65:1e:
2f:80:54:71:49:36:c9:46:92:cd:42:c8:77:51:9b:83:5a:a3:
3d:11:a0:6a:72:9c:2b:da:6e:bc:3b:d4:af:f7:48:91:7c:08:
28:13:01:36:b6:5e:48:28:fe:6c:e6:45:3e:cf:22:83:f0:d2:
0b:4c:80:af:eb:99:1f:a4:93:13:33:f7:b7:a4:15:35:ff:8f:
aa:28:cf:37:e0:d4:4d:0d:57:17:ff:e1:4f:e8:8a:b2:5b:93:
67:7f:99:f7:52:f0:d9:a2:bf:41:ea:18:b6:ef:cb:88:cf:e9:
68:34:f6:2e:c4:bf:92:8d:49:7a:22:da:91:9d:82:c9:d2:aa:
6f:9d:f1:eb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYJY4MrP0JFJ9MywtZVCCZZiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzE5NWY0NzA4NGM4YjBjNjcwZDAzZjdlZTdiNTE2Y2Y4
MDRjNWMwHhcNMjIwODAxMTAwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGI4MDI2OWVlM2IwMWRhNTExY2U3M2QyZTg3OWQ2NzA5YTYzMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPO7mO/CaWykZ3qh7LobeZaosnDz
z+I4MXb3xsRcIynS1L8SaKDC+eve9mwrn/D+NSf0VA82ywdwTvSXhfB2I+YBBIM5
fX6FjGL1Z6Fcnt93aLAanmM8qQgKwEDClGA6XlZYr9ofUsrFecoRcLksVuvxdjar
wOQq8bWD7K29gjafmskFFnM/6HQhqQSBgViBx0LiVSFzY0jPCAsKQ+HuiUbcXD12
qtQjcmjz1WMfvACFLx+2gcgHXmmDIHiRZX0w97A+favUU1RutzJIs9IjNzli6Jzx
95sW7C6R1zYRwOO0joCAebtSNcEUntH5tDmifsNV20nRwk64iIgppYADPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCS4AmnuOwHaURznPS6HnWcJpjClMB8GA1UdIwQY
MBaAFD8xlfRwhMiwxnDQP37ntRbPgExcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYt
NjA0Mzc4ZTcxNzNmLzEvSkxnQ2FlNDdBZHBSSE9jOUxvZWRad21tTUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hYjRmODctNzU2OS00N2UxLTkwMDYtNjA0Mzc4ZTcxNzNm
LzEvUHpHVjlIQ0V5TERHY05BX2Z1ZTFGcy1BVEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoQAwQC
ufHIMA0EAgACMAcDBQMqAv8AMA0GCSqGSIb3DQEBCwUAA4IBAQCS/NX2zfqFAY0V
TiKE+DFIWnKS7wyyn4R/8kYU/AtH6HdBuYlZ2ymJ6kAS7bt/otmHKolaXWUhAud+
Uo2IWHzrTDQ+ilR6axEaJmVm8BQ1m6RDnppW5/uczqLWbjrLH4IFYVXpK6T81EwL
AuH7Xgl7CCK8slYAmikMRVntZR4vgFRxSTbJRpLNQsh3UZuDWqM9EaBqcpwr2m68
O9Sv90iRfAgoEwE2tl5IKP5s5kU+zyKD8NILTICv65kfpJMTM/e3pBU1/4+qKM83
4NRNDVcX/+FP6IqyW5Nnf5n3UvDZor9B6hi278uIz+loNPYuxL+SjUl6ItqRnYLJ
0qpvnfHr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org