Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/b64837-5e86-4909-a07b-065aa4155ed4/1/jlQDSkOZFhylRIhLJbr965bothA.roa
File: jlQDSkOZFhylRIhLJbr965bothA.roa (raw, json)
Hash identifier: MuPNnlp5q9KjdVXbR8+qd043nZrhvIDwsMyLiEno+/s=
Subject key identifier: 8E:54:03:4A:43:99:16:1C:A5:44:88:4B:25:BA:FD:EB:96:E8:B6:10
Certificate issuer: /CN=57b77118bd56b2b3b4499c566a7c648aad7a6e9f
Certificate serial: 05785BC4
Authority key identifier: 57:B7:71:18:BD:56:B2:B3:B4:49:9C:56:6A:7C:64:8A:AD:7A:6E:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7dxGL1WsrO0SZxWanxkiq16bp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/b64837-5e86-4909-a07b-065aa4155ed4/1/jlQDSkOZFhylRIhLJbr965bothA.roa
Signing time: Sat 01 Jan 2022 10:03:02 +0000
ROA not before: Sat 01 Jan 2022 10:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203953
IP address blocks: 185.50.192.0/22 maxlen: 22
185.118.248.0/22 maxlen: 22
217.61.216.0/21 maxlen: 21
185.181.220.0/22 maxlen: 22
212.237.128.0/20 maxlen: 20
195.192.232.0/22 maxlen: 22
213.32.240.0/21 maxlen: 21
185.15.72.0/22 maxlen: 22
80.210.64.0/20 maxlen: 20
2a05:f6c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91773892 (0x5785bc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b77118bd56b2b3b4499c566a7c648aad7a6e9f
Validity
Not Before: Jan 1 10:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e54034a4399161ca544884b25bafdeb96e8b610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:de:da:d2:bf:c4:2a:f6:35:af:5b:8b:ae:21:
30:6a:13:67:4d:25:85:75:98:ad:de:fe:77:d9:71:
1b:e6:37:0c:ba:0f:27:d6:70:78:45:46:51:16:52:
44:f4:57:42:2e:03:45:10:11:4e:22:33:3d:68:29:
ae:d4:dd:77:26:0d:aa:58:7b:1b:62:19:81:4d:22:
48:5f:f9:4a:35:a2:fc:9c:4c:d2:25:29:37:b6:ee:
39:5e:8a:21:bf:c0:bb:2b:6b:f7:4f:13:70:73:cc:
01:51:ac:aa:ea:76:61:2f:a4:52:c3:0e:75:8f:16:
c3:29:4a:51:1d:f5:81:f1:a8:d8:9e:07:a1:a0:62:
a0:26:6d:d8:43:ab:14:49:b7:a1:8e:65:06:63:1e:
c1:19:34:b0:08:44:d3:97:e8:b2:17:74:90:d6:62:
b4:39:a9:b2:36:27:48:1a:4f:d2:54:2a:b8:7a:cf:
88:ec:0d:95:bf:95:ec:d8:d5:db:f6:d7:ee:bb:f4:
35:8c:6f:e2:80:41:f7:75:aa:33:54:9d:ff:33:b0:
36:98:48:b0:56:59:95:a7:0d:37:b4:67:f6:0a:bb:
16:5f:b2:e3:23:98:56:5b:c5:7d:fe:8c:82:f5:93:
7e:34:24:a4:20:55:8b:96:ee:06:cb:71:e9:80:25:
72:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:54:03:4A:43:99:16:1C:A5:44:88:4B:25:BA:FD:EB:96:E8:B6:10
X509v3 Authority Key Identifier:
keyid:57:B7:71:18:BD:56:B2:B3:B4:49:9C:56:6A:7C:64:8A:AD:7A:6E:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7dxGL1WsrO0SZxWanxkiq16bp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b64837-5e86-4909-a07b-065aa4155ed4/1/jlQDSkOZFhylRIhLJbr965bothA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/b64837-5e86-4909-a07b-065aa4155ed4/1/V7dxGL1WsrO0SZxWanxkiq16bp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.210.64.0/20
185.15.72.0/22
185.50.192.0/22
185.118.248.0/22
185.181.220.0/22
195.192.232.0/22
212.237.128.0/20
213.32.240.0/21
217.61.216.0/21
IPv6:
2a05:f6c0::/29
Signature Algorithm: sha256WithRSAEncryption
37:ed:5a:30:1f:bd:f1:b0:13:1c:0d:ab:0b:b8:cf:b7:2e:45:
b5:ce:53:11:d0:8f:b6:2a:a4:cd:d6:42:cb:74:55:c6:98:e4:
0c:26:be:5e:6a:bf:8c:90:f9:ca:0e:5c:7d:66:d4:fb:99:3a:
f1:c3:ce:61:66:aa:31:f9:5d:1b:d8:db:f5:04:84:22:be:97:
e1:b2:96:ea:b2:aa:52:9b:01:88:32:57:29:99:06:3e:c4:94:
12:43:26:e9:e8:2d:59:1b:11:67:9b:8c:df:14:2c:38:ac:dc:
08:61:66:af:ad:ac:c3:6f:da:7d:e7:b3:3c:c0:6f:d2:d5:0f:
72:c1:fe:50:eb:a3:f8:ab:5b:90:28:78:9e:e6:a4:74:2d:ed:
2f:ea:6a:a6:7c:da:71:8a:64:02:b5:93:1d:a2:81:f8:19:b5:
82:f0:30:e9:3d:86:dc:f8:4d:74:1f:ce:9d:58:9d:b3:03:2d:
16:4f:ef:f2:a2:04:4d:98:20:64:44:8a:af:a3:eb:5d:33:fb:
e7:94:38:74:7a:13:60:e0:0c:ce:63:73:61:1b:61:c0:c3:e3:
1d:56:d8:34:6c:96:16:83:65:8a:b6:76:58:1e:66:ff:1a:c9:
a7:c1:0f:91:0f:58:18:a1:12:d5:ad:6d:b4:e8:68:b6:a3:28:
f7:cd:be:5c
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIEBXhbxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2I3NzExOGJkNTZiMmIzYjQ0OTljNTY2YTdjNjQ4YWFkN2E2ZTlmMB4XDTIyMDEw
MTEwMDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU1NDAzNGE0Mzk5
MTYxY2E1NDQ4ODRiMjViYWZkZWI5NmU4YjYxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPve2tK/xCr2Na9bi64hMGoTZ00lhXWYrd7+d9lxG+Y3DLoP
J9ZweEVGURZSRPRXQi4DRRARTiIzPWgprtTddyYNqlh7G2IZgU0iSF/5SjWi/JxM
0iUpN7buOV6KIb/Auytr908TcHPMAVGsqup2YS+kUsMOdY8WwylKUR31gfGo2J4H
oaBioCZt2EOrFEm3oY5lBmMewRk0sAhE05foshd0kNZitDmpsjYnSBpP0lQquHrP
iOwNlb+V7NjV2/bX7rv0NYxv4oBB93WqM1Sd/zOwNphIsFZZlacNN7Rn9gq7Fl+y
4yOYVlvFff6MgvWTfjQkpCBVi5buBstx6YAlckMCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBSOVANKQ5kWHKVEiEsluv3rlui2EDAfBgNVHSMEGDAWgBRXt3EYvVays7RJ
nFZqfGSKrXpunzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y3ZHhHTDFXc3JPMFNaeFdhbnhraXExNmJwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvYjY0ODM3LTVlODYtNDkwOS1hMDdiLTA2NWFhNDE1NWVkNC8x
L2psUURTa09aRmh5bFJJaExKYnI5NjVib3RoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
YjY0ODM3LTVlODYtNDkwOS1hMDdiLTA2NWFhNDE1NWVkNC8xL1Y3ZHhHTDFXc3JP
MFNaeFdhbnhraXExNmJwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBFDSQAMEArkPSAMEArkywAMEArl2
+AMEArm13AMEAsPA6AMEBNTtgAMEA9Ug8AMEA9k92DANBAIAAjAHAwUDKgX2wDAN
BgkqhkiG9w0BAQsFAAOCAQEAN+1aMB+98bATHA2rC7jPty5Ftc5TEdCPtiqkzdZC
y3RVxpjkDCa+Xmq/jJD5yg5cfWbU+5k68cPOYWaqMfldG9jb9QSEIr6X4bKW6rKq
UpsBiDJXKZkGPsSUEkMm6egtWRsRZ5uM3xQsOKzcCGFmr62sw2/afeezPMBv0tUP
csH+UOuj+KtbkCh4nuakdC3tL+pqpnzacYpkArWTHaKB+Bm1gvAw6T2G3PhNdB/O
nVidswMtFk/v8qIETZggZESKr6PrXTP755Q4dHoTYOAMzmNzYRthwMPjHVbYNGyW
FoNlirZ2WB5m/xrJp8EPkQ9YGKES1a1ttOhotqMo982+XA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:38 2024 by rpki-client on console-ams.rpki-client.org