Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jZ8n68oGHz-Kh_GjQguwlCpNCbA.roa
File: jZ8n68oGHz-Kh_GjQguwlCpNCbA.roa (raw, json)
Hash identifier: Dn7DPpf9RZON+QvmnGYpARE4tS6X16WHUB63XPmY4uE=
Subject key identifier: 8D:9F:27:EB:CA:06:1F:3F:8A:87:F1:A3:42:0B:B0:94:2A:4D:09:B0
Certificate issuer: /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial: 0184A96C9653057CB9E8B0DBD37514571F91
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jZ8n68oGHz-Kh_GjQguwlCpNCbA.roa
Signing time: Thu 24 Nov 2022 11:36:16 +0000
ROA not before: Thu 24 Nov 2022 11:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 62.182.168.0/24 maxlen: 24
185.65.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:6c:96:53:05:7c:b9:e8:b0:db:d3:75:14:57:1f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Validity
Not Before: Nov 24 11:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d9f27ebca061f3f8a87f1a3420bb0942a4d09b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d8:aa:80:d1:f2:16:45:50:1c:7d:e6:59:61:
99:34:4d:94:c6:42:2b:62:11:c0:7d:c0:f0:3f:1f:
11:88:fd:db:14:b9:fb:9b:0d:46:68:01:9f:0d:47:
58:d9:fc:dc:88:bc:ac:dd:e0:39:db:80:c7:9b:eb:
7c:67:d5:ec:0a:07:5b:41:f3:fe:c4:3d:a0:ea:fa:
a9:82:93:bf:c3:f0:ca:94:8e:1d:a8:c4:09:8e:ad:
f5:67:94:e2:da:ab:0c:3e:99:2f:e0:6b:c4:c2:19:
fb:fe:7a:13:f1:2c:d2:a4:1e:3c:37:26:47:db:ca:
44:3c:d3:83:cc:3c:8f:14:2c:c9:4e:23:33:0d:ec:
00:3a:0b:98:16:31:d7:ac:80:84:dd:08:af:d3:c3:
99:db:f8:22:37:04:f9:5d:33:d4:fd:d5:2f:dc:50:
1d:88:69:bd:17:a1:b3:34:25:0d:66:dd:cd:98:48:
c1:0c:e1:e4:c1:33:fc:8d:c3:e9:ae:9b:77:17:90:
02:40:9d:77:e1:50:1e:eb:71:8c:c3:2b:21:b9:36:
eb:e9:26:1d:a4:86:99:ae:28:8a:a4:c9:68:35:c3:
5e:5d:1c:33:ea:d4:5e:b7:31:b8:81:fb:61:c7:51:
8b:01:51:c3:c2:1d:e7:af:f3:99:d8:de:4e:85:03:
b7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9F:27:EB:CA:06:1F:3F:8A:87:F1:A3:42:0B:B0:94:2A:4D:09:B0
X509v3 Authority Key Identifier:
keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/jZ8n68oGHz-Kh_GjQguwlCpNCbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.168.0/24
185.65.68.0/24
Signature Algorithm: sha256WithRSAEncryption
00:96:6f:c0:04:d5:4f:73:8f:b5:e2:ec:86:40:22:22:51:fc:
41:eb:cd:95:59:5f:6b:d9:aa:6a:7f:b6:73:1e:8e:a4:df:15:
2b:c0:6c:ca:77:21:e0:2c:1a:48:61:8b:bb:d5:b9:ae:46:00:
88:eb:56:a1:74:17:4c:90:b3:e2:f5:e6:8f:8c:a5:30:1d:ec:
c8:75:b8:d8:3c:ac:c7:bf:05:da:cc:8c:eb:e9:45:85:2e:95:
10:87:a3:c0:9f:6e:99:8e:4c:0c:92:f6:01:b4:1b:67:86:36:
90:3b:87:4c:54:66:ef:30:ce:86:62:2e:91:c5:8a:9f:ac:60:
2a:ad:d8:a0:ec:87:0e:c6:66:f3:8c:eb:55:76:63:98:ed:1e:
3f:be:ab:a6:66:8d:db:50:59:15:37:01:5f:4a:cc:c5:01:1e:
f1:55:79:b9:f3:98:71:ff:88:79:7b:4a:fd:60:18:18:1f:01:
86:b3:e3:05:91:03:ac:e2:3d:78:b9:c9:42:61:23:e8:5e:0c:
bf:d7:e3:34:9f:34:b4:52:0f:c4:ac:32:47:04:b5:02:b6:50:
3e:c9:7e:90:18:f6:0f:c2:8b:00:3c:dd:c8:40:03:4d:a8:64:
ad:9b:ec:80:7b:cf:55:45:c0:5a:b0:d8:cb:64:b7:9e:9e:b5:
d5:bc:f3:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSpbJZTBXy56LDb03UUVx+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjIxMTI0MTEzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDlmMjdlYmNhMDYxZjNmOGE4N2YxYTM0MjBiYjA5NDJhNGQwOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2diqgNHyFkVQHH3mWWGZNE2UxkIr
YhHAfcDwPx8RiP3bFLn7mw1GaAGfDUdY2fzciLys3eA524DHm+t8Z9XsCgdbQfP+
xD2g6vqpgpO/w/DKlI4dqMQJjq31Z5Ti2qsMPpkv4GvEwhn7/noT8SzSpB48NyZH
28pEPNODzDyPFCzJTiMzDewAOguYFjHXrICE3Qiv08OZ2/giNwT5XTPU/dUv3FAd
iGm9F6GzNCUNZt3NmEjBDOHkwTP8jcPprpt3F5ACQJ134VAe63GMwyshuTbr6SYd
pIaZriiKpMloNcNeXRwz6tRetzG4gfthx1GLAVHDwh3nr/OZ2N5OhQO30QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI2fJ+vKBh8/iofxo0ILsJQqTQmwMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvalo4bjY4b0dIei1LaF9HalFndXdsQ3BOQ2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPraoAwQA
uUFEMA0GCSqGSIb3DQEBCwUAA4IBAQAAlm/ABNVPc4+14uyGQCIiUfxB682VWV9r
2apqf7ZzHo6k3xUrwGzKdyHgLBpIYYu71bmuRgCI61ahdBdMkLPi9eaPjKUwHezI
dbjYPKzHvwXazIzr6UWFLpUQh6PAn26ZjkwMkvYBtBtnhjaQO4dMVGbvMM6GYi6R
xYqfrGAqrdig7IcOxmbzjOtVdmOY7R4/vqumZo3bUFkVNwFfSszFAR7xVXm585hx
/4h5e0r9YBgYHwGGs+MFkQOs4j14uclCYSPoXgy/1+M0nzS0Ug/ErDJHBLUCtlA+
yX6QGPYPwosAPN3IQANNqGStm+yAe89VRcBasNjLZLeenrXVvPNX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:13 2023 by rpki-client on console-fra.rpki-client.org