Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/jJx3UK1eKMc5a4ZuhYJa840mtCI.roa
File: jJx3UK1eKMc5a4ZuhYJa840mtCI.roa (raw, json)
Hash identifier: fPKc9K7iaet1GlYX/mSq+KFV0Hh9bHwR1MADQAokzwQ=
Subject key identifier: 8C:9C:77:50:AD:5E:28:C7:39:6B:86:6E:85:82:5A:F3:8D:26:B4:22
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 018361AC4942A925931828306DFBEA1A684C
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/jJx3UK1eKMc5a4ZuhYJa840mtCI.roa
Signing time: Wed 21 Sep 2022 20:10:24 +0000
ROA not before: Wed 21 Sep 2022 20:10:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41008
IP address blocks: 109.233.24.0/21 maxlen: 24
193.58.8.0/21 maxlen: 24
193.201.162.0/24 maxlen: 24
212.113.64.0/19 maxlen: 24
2a02:239c:0:24::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:61:ac:49:42:a9:25:93:18:28:30:6d:fb:ea:1a:68:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Sep 21 20:10:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c9c7750ad5e28c7396b866e85825af38d26b422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:54:3d:da:ce:82:01:10:49:b4:d5:42:bb:
1c:f9:7f:f8:bf:8f:3d:db:58:2b:90:9f:e0:f3:77:
c1:d4:f2:b2:09:1b:24:00:2f:8f:99:a6:1c:d9:03:
4d:17:5d:01:19:75:22:fe:a0:80:41:c7:8d:42:73:
3d:30:a4:b8:f0:17:e7:58:92:d0:f2:77:15:41:c6:
aa:67:b9:7e:71:52:09:e8:1e:1d:e9:d2:c2:d6:05:
ec:a4:ea:f0:82:18:44:a3:d8:47:cd:f6:b1:10:8b:
de:ce:c0:71:cb:12:ea:c2:b6:93:5e:82:02:b8:b4:
1b:37:62:9c:23:7d:87:bb:21:dc:c4:17:30:db:de:
59:d9:1b:e0:db:bf:10:2a:57:90:f6:c7:7b:26:5a:
44:bf:4c:34:d8:67:21:66:5e:fb:5c:a3:8d:83:02:
fc:fe:f2:07:36:15:ec:66:93:f0:b4:ca:42:d1:a7:
03:e3:56:b9:be:8c:ff:3e:c7:6b:e2:41:e1:10:e6:
db:81:73:5e:a7:50:24:b7:87:40:d6:a2:1f:64:a0:
8b:1b:0d:7c:6b:ef:ea:8e:bb:47:56:3b:e1:74:af:
63:9d:8a:35:ab:2f:23:8f:8c:8c:6e:87:41:71:20:
6c:d5:70:69:11:0d:bc:79:ba:9e:d7:dc:91:da:e7:
01:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9C:77:50:AD:5E:28:C7:39:6B:86:6E:85:82:5A:F3:8D:26:B4:22
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/jJx3UK1eKMc5a4ZuhYJa840mtCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.24.0/21
193.58.8.0/21
193.201.162.0/24
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
07:5c:dd:dd:61:b7:5e:c4:f6:24:93:55:d6:81:ce:53:2a:cb:
2b:6f:8f:8f:1e:13:8d:28:48:fc:53:d1:86:02:08:c1:d5:de:
81:e6:c5:a5:b1:e3:ea:cc:94:fe:90:fd:75:d3:93:b9:26:4c:
89:55:81:60:6b:22:b3:84:60:48:4b:ca:17:46:6e:d1:db:1b:
5d:27:9f:69:8d:1e:b8:b6:54:3a:51:43:c7:ca:9a:f5:4f:5f:
7e:48:cc:66:d5:40:81:2a:c3:19:6f:d8:7f:a5:19:66:cc:6c:
b2:a9:5b:46:72:10:39:5d:d5:4c:aa:65:c2:cd:de:b7:cc:f6:
97:87:b0:ab:54:67:af:8a:85:23:1c:6a:5a:41:b4:9f:41:1f:
9e:60:ce:38:dc:15:35:be:7e:ab:df:9d:91:e5:0e:ea:b7:90:
fa:b6:9a:83:b7:4d:60:1f:27:58:52:19:a7:07:9e:df:b0:d2:
56:25:58:38:15:be:63:51:37:1b:9a:17:1d:97:42:e5:78:8c:
4d:78:40:28:3b:07:60:15:0b:00:1a:99:11:67:0b:1a:ca:da:
27:94:b7:4c:2a:ec:2d:e9:0b:75:7e:5a:cb:6a:8b:7d:a8:4e:
57:19:78:23:ba:13:e3:3f:fc:24:d2:29:f8:e1:33:b3:5d:d7:
af:ce:67:31
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYNhrElCqSWTGCgwbfvqGmhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYzc1MjIzMjFjMjNkMTY5ZWQzMzJmZjQ5ODc5Y2NjMjQ1
MTcyZGIwHhcNMjIwOTIxMjAxMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzljNzc1MGFkNWUyOGM3Mzk2Yjg2NmU4NTgyNWFmMzhkMjZiNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmllUPdrOggEQSbTVQrsc+X/4v489
21grkJ/g83fB1PKyCRskAC+PmaYc2QNNF10BGXUi/qCAQceNQnM9MKS48BfnWJLQ
8ncVQcaqZ7l+cVIJ6B4d6dLC1gXspOrwghhEo9hHzfaxEIvezsBxyxLqwraTXoIC
uLQbN2KcI32HuyHcxBcw295Z2Rvg278QKleQ9sd7JlpEv0w02GchZl77XKONgwL8
/vIHNhXsZpPwtMpC0acD41a5voz/Psdr4kHhEObbgXNep1Akt4dA1qIfZKCLGw18
a+/qjrtHVjvhdK9jnYo1qy8jj4yMbodBcSBs1XBpEQ28ebqe19yR2ucBSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIycd1CtXijHOWuGboWCWvONJrQiMB8GA1UdIwQY
MBaAFB3HUiMhwj0WntMy/0mHnMwkUXLbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYt
NzA1NTM5M2Y3NWZlLzEvakp4M1VLMWVLTWM1YTRadWhZSmE4NDBtdENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81MjBkMDQtZTkxMi00ZjQ2LWE5ZTYtNzA1NTM5M2Y3NWZl
LzEvSGNkU0l5SENQUmFlMHpMX1NZZWN6Q1JSY3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDbekYAwQD
wToIAwQAwcmiAwQF1HFAMA0EAgACMAcDBQMqAiOYMA0GCSqGSIb3DQEBCwUAA4IB
AQAHXN3dYbdexPYkk1XWgc5TKssrb4+PHhONKEj8U9GGAgjB1d6B5sWlsePqzJT+
kP1105O5JkyJVYFgayKzhGBIS8oXRm7R2xtdJ59pjR64tlQ6UUPHypr1T19+SMxm
1UCBKsMZb9h/pRlmzGyyqVtGchA5XdVMqmXCzd63zPaXh7CrVGevioUjHGpaQbSf
QR+eYM443BU1vn6r352R5Q7qt5D6tpqDt01gHydYUhmnB57fsNJWJVg4Fb5jUTcb
mhcdl0LleIxNeEAoOwdgFQsAGpkRZwsaytonlLdMKuwt6Qt1flrLaot9qE5XGXgj
uhPjP/wk0in44TOzXdevzmcx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org