Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa
File: J1ZHofnvyzP6FV77wRZvFcQoyzo.roa (raw, json)
Hash identifier: tFtPgAZ7ivuPDXsp9LLvfZi8jwJqRR9ui6WMadlnx9Y=
Subject key identifier: 27:56:47:A1:F9:EF:CB:33:FA:15:5E:FB:C1:16:6F:15:C4:28:CB:3A
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01853AC0D7B5CD1D4B45545E966A1FAF6980
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa
Signing time: Thu 22 Dec 2022 16:53:14 +0000
ROA not before: Thu 22 Dec 2022 16:53:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
188.130.254.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:c0:d7:b5:cd:1d:4b:45:54:5e:96:6a:1f:af:69:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 22 16:53:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=275647a1f9efcb33fa155efbc1166f15c428cb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:04:5b:c7:9e:5c:a5:95:52:10:75:af:43:17:
b1:9d:fe:c1:a1:17:b6:40:e6:0b:ad:8e:be:eb:97:
5b:72:87:a9:c6:74:fe:63:4e:12:e5:b8:ee:47:14:
27:8c:21:9c:6f:90:85:da:14:f7:3e:2a:08:d1:42:
7e:b8:b8:a4:8f:58:c6:d2:64:77:ed:96:53:5a:ad:
bc:c5:46:21:ae:65:bb:99:c6:d1:45:0f:7a:85:dc:
3e:a8:18:21:b7:d0:c7:4d:b3:7d:5a:53:b2:ed:65:
c4:ce:63:72:14:46:0b:e5:5c:fd:f6:c8:39:f4:ee:
31:f7:6d:0a:f7:28:9a:10:89:7a:4e:b9:5d:9f:26:
19:2a:c2:a5:18:92:5d:bf:b2:ac:da:c8:34:1c:19:
34:59:80:51:85:a1:27:02:ff:21:e6:bd:f0:ac:7e:
f1:eb:95:13:9c:ea:02:6c:d7:6f:9b:6d:73:67:01:
8d:2d:7d:f2:4b:21:60:c5:81:10:dc:60:1e:d2:38:
88:1d:83:f9:59:94:8e:b9:8c:03:58:b4:a6:1a:f0:
6b:96:25:77:ab:cb:c4:42:9a:05:72:9c:c1:66:28:
fd:93:f7:81:d8:44:fe:35:1d:07:3b:c4:30:95:16:
35:5e:af:f5:52:45:40:70:4d:7e:bf:de:50:10:7b:
84:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:56:47:A1:F9:EF:CB:33:FA:15:5E:FB:C1:16:6F:15:C4:28:CB:3A
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/J1ZHofnvyzP6FV77wRZvFcQoyzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
188.130.254.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
08:21:3c:97:bf:70:fe:3a:8a:50:49:5d:3a:57:14:fe:99:dd:
87:6d:b0:4d:ac:ee:41:98:d2:4b:7e:06:8a:e6:54:3b:bc:35:
28:17:ac:86:7d:93:fe:5b:05:ca:e6:97:91:f7:e8:7c:15:8d:
94:db:69:3f:91:60:48:76:13:96:98:a8:be:a6:ce:8c:07:e3:
12:06:b3:0e:1b:6b:a9:74:82:48:66:7b:c6:77:c1:10:dd:9b:
5d:5f:36:98:3a:a1:64:ee:c0:a3:14:bf:8c:eb:62:84:a1:e2:
0c:69:46:a7:d8:4a:41:71:72:09:b1:d4:79:86:cc:f4:22:c4:
be:21:bf:fa:0c:e7:0c:94:de:a7:e6:f1:6e:03:6b:d4:2b:90:
68:ed:37:5d:d4:e8:ee:a2:cc:87:dd:be:43:43:cc:7c:fe:3e:
12:39:ba:93:0f:a4:97:a5:3a:d2:91:73:d8:cb:e3:bc:bb:4a:
73:de:c0:4b:97:3d:59:aa:f2:7b:f4:ff:c2:04:05:61:5e:a9:
95:25:8a:f7:f6:b7:cd:c1:00:ae:12:28:7e:59:d0:2d:b2:bc:
41:d6:14:d9:99:f4:7d:7a:a5:8b:cc:b2:ca:fd:e8:b8:17:5b:
f5:43:81:82:9f:a4:fb:ac:9e:3f:60:25:d3:04:8f:52:6f:09:
3e:80:24:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYU6wNe1zR1LRVRelmofr2mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjIyMTY1MzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzU2NDdhMWY5ZWZjYjMzZmExNTVlZmJjMTE2NmYxNWM0MjhjYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswRbx55cpZVSEHWvQxexnf7BoRe2
QOYLrY6+65dbcoepxnT+Y04S5bjuRxQnjCGcb5CF2hT3PioI0UJ+uLikj1jG0mR3
7ZZTWq28xUYhrmW7mcbRRQ96hdw+qBght9DHTbN9WlOy7WXEzmNyFEYL5Vz99sg5
9O4x920K9yiaEIl6TrldnyYZKsKlGJJdv7Ks2sg0HBk0WYBRhaEnAv8h5r3wrH7x
65UTnOoCbNdvm21zZwGNLX3ySyFgxYEQ3GAe0jiIHYP5WZSOuYwDWLSmGvBrliV3
q8vEQpoFcpzBZij9k/eB2ET+NR0HO8QwlRY1Xq/1UkVAcE1+v95QEHuEVwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCdWR6H578sz+hVe+8EWbxXEKMs6MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSjFaSG9mbnZ5elA2RlY3N3dSWnZGY1FveXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAvIK2AwQA
vIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAIITyX
v3D+OopQSV06VxT+md2HbbBNrO5BmNJLfgaK5lQ7vDUoF6yGfZP+WwXK5peR9+h8
FY2U22k/kWBIdhOWmKi+ps6MB+MSBrMOG2updIJIZnvGd8EQ3ZtdXzaYOqFk7sCj
FL+M62KEoeIMaUan2EpBcXIJsdR5hsz0IsS+Ib/6DOcMlN6n5vFuA2vUK5Bo7Tdd
1OjuosyH3b5DQ8x8/j4SObqTD6SXpTrSkXPYy+O8u0pz3sBLlz1ZqvJ79P/CBAVh
XqmVJYr39rfNwQCuEih+WdAtsrxB1hTZmfR9eqWLzLLK/ei4F1v1Q4GCn6T7rJ4/
YCXTBI9Sbwk+gCTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org