Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa
File: jocZn-sMlNz4fx8p-0llNBHoREY.roa (raw, json)
Hash identifier: vpwQHc/wbnt9J6PsEci3VEGomE4P4Otiqr+LgP0xcTw=
Subject key identifier: 8E:87:19:9F:EB:0C:94:DC:F8:7F:1F:29:FB:49:65:34:11:E8:44:46
Certificate issuer: /CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Certificate serial: 0268AF4E
Authority key identifier: 84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa
Signing time: Thu 24 Feb 2022 18:38:13 +0000
ROA not before: Thu 24 Feb 2022 18:38:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39396
IP address blocks: 185.251.39.0/24 maxlen: 24
85.187.216.0/23 maxlen: 24
185.138.176.0/22 maxlen: 24
2a10:bac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40415054 (0x268af4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Validity
Not Before: Feb 24 18:38:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e87199feb0c94dcf87f1f29fb49653411e84446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:0e:d4:59:58:e1:d5:b6:61:b1:0e:c5:fb:
c8:f8:ed:65:3b:68:46:fc:ef:f4:ac:cf:98:e5:a2:
7e:52:1a:bd:99:88:d0:b5:b8:e6:a2:bb:1a:42:9d:
74:91:04:00:e3:33:ea:4a:af:1c:f9:05:52:5c:3a:
b2:e0:d1:26:28:15:83:a7:da:2b:48:1f:d8:83:50:
8b:47:10:99:74:5e:7c:f2:ff:da:f0:f4:40:91:48:
ed:23:60:5d:ef:b9:cb:cf:45:ff:2d:c0:b8:30:39:
d7:b1:8c:d7:0b:1f:f5:aa:e8:e7:81:3a:ee:5a:57:
5d:c7:de:78:d6:54:a7:28:c9:8d:3d:62:dd:0c:2d:
90:0d:ac:17:69:ea:8c:91:a2:03:b5:21:82:12:d4:
2a:cc:71:1f:77:fb:2f:a2:7b:75:f3:2b:c0:6e:2d:
b8:1e:97:a9:f2:f0:25:de:05:e1:f0:b4:e5:9d:60:
68:9a:9f:3b:18:24:07:a0:a4:83:5c:72:97:62:a7:
4d:35:60:3f:eb:26:c2:2b:c1:a6:4a:77:6c:34:d0:
ce:5a:f1:e0:3f:13:27:38:a9:3f:35:96:dc:41:80:
36:62:bc:f7:7a:09:17:83:16:9a:0a:24:cf:87:f6:
8c:6b:00:bb:81:25:82:ec:a5:90:c7:02:3b:74:4f:
56:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:87:19:9F:EB:0C:94:DC:F8:7F:1F:29:FB:49:65:34:11:E8:44:46
X509v3 Authority Key Identifier:
keyid:84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/jocZn-sMlNz4fx8p-0llNBHoREY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.216.0/23
185.138.176.0/22
185.251.39.0/24
IPv6:
2a10:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
05:f3:fb:d9:4d:ff:71:16:09:d0:a0:32:fb:81:f3:96:3e:52:
c6:1b:36:a0:5b:d7:bd:da:9a:c2:b9:73:5f:8a:ee:c6:8a:48:
67:cb:da:38:a1:25:ce:f7:c2:53:0b:34:00:35:a9:ba:b6:14:
d1:38:6e:f9:67:df:c0:27:2d:05:68:db:3f:ec:f8:41:f1:9f:
8b:d2:43:68:83:a3:70:44:c8:c6:2a:20:a8:57:bf:6e:b7:3b:
1d:82:a5:90:84:86:14:d0:ac:bd:7d:9a:d2:49:ec:f9:70:23:
ff:a5:4c:5a:c5:12:d5:98:bb:61:b2:28:84:37:7e:21:9c:6a:
59:d8:fb:42:9c:8c:6d:37:ac:27:95:32:7d:50:22:e7:dd:64:
d7:65:cd:5a:a9:52:dd:44:7d:be:9d:3e:68:48:18:d2:23:77:
00:a0:9a:0f:12:ab:b5:93:29:5b:ae:b2:61:0a:85:90:f5:04:
30:d2:40:3b:6b:a7:6c:50:f8:83:0f:3b:f0:f4:c7:d0:c5:1b:
ba:cb:f9:b7:d1:51:af:4c:1b:47:cf:a5:e8:1f:c5:8d:42:bd:
97:6f:60:69:f1:9a:d9:85:6a:21:79:94:51:4d:23:e6:13:c2:
70:ea:2a:1d:e7:cc:8a:c2:b0:54:f8:5f:8e:87:51:00:c4:42:
fe:10:34:f3
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAmivTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY0MzBkOWFkOWNiOWM0MmM0YmQ2NjkwZTlmNTgxMmE0NTdhMDJmMB4XDTIyMDIy
NDE4MzgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU4NzE5OWZlYjBj
OTRkY2Y4N2YxZjI5ZmI0OTY1MzQxMWU4NDQ0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbjDtRZWOHVtmGxDsX7yPjtZTtoRvzv9KzPmOWiflIavZmI
0LW45qK7GkKddJEEAOMz6kqvHPkFUlw6suDRJigVg6faK0gf2INQi0cQmXRefPL/
2vD0QJFI7SNgXe+5y89F/y3AuDA517GM1wsf9aro54E67lpXXcfeeNZUpyjJjT1i
3QwtkA2sF2nqjJGiA7UhghLUKsxxH3f7L6J7dfMrwG4tuB6XqfLwJd4F4fC05Z1g
aJqfOxgkB6Ckg1xyl2KnTTVgP+smwivBpkp3bDTQzlrx4D8TJzipPzWW3EGANmK8
93oJF4MWmgokz4f2jGsAu4ElguylkMcCO3RPVoUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSOhxmf6wyU3Ph/Hyn7SWU0EehERjAfBgNVHSMEGDAWgBSE9DDZrZy5xCxL
1mkOn1gSpFegLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQUXcyYTJjdWNRc1M5WnBEcDlZRXFSWG9DOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYWJkMDA0LWM2OGYtNDliMS1hMmM0LWI5MDU2ZWJiYzU3Ni8x
L2pvY1puLXNNbE56NGZ4OHAtMGxsTkJIb1JFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YWJkMDA0LWM2OGYtNDliMS1hMmM0LWI5MDU2ZWJiYzU3Ni8xL2hQUXcyYTJjdWNR
c1M5WnBEcDlZRXFSWG9DOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVW72AMEArmKsAMEALn7JzANBAIA
AjAHAwUAKhC6wDANBgkqhkiG9w0BAQsFAAOCAQEABfP72U3/cRYJ0KAy+4Hzlj5S
xhs2oFvXvdqawrlzX4ruxopIZ8vaOKElzvfCUws0ADWpurYU0Thu+WffwCctBWjb
P+z4QfGfi9JDaIOjcETIxiogqFe/brc7HYKlkISGFNCsvX2a0kns+XAj/6VMWsUS
1Zi7YbIohDd+IZxqWdj7QpyMbTesJ5UyfVAi591k12XNWqlS3UR9vp0+aEgY0iN3
AKCaDxKrtZMpW66yYQqFkPUEMNJAO2unbFD4gw878PTH0MUbusv5t9FRr0wbR8+l
6B/FjUK9l29gafGa2YVqIXmUUU0j5hPCcOoqHefMisKwVPhfjodRAMRC/hA08w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:47 2024 by rpki-client on console-fra.rpki-client.org