Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRZ1fRNFUP94x9ZqXY9s6SY57Q8.roa
File: JRZ1fRNFUP94x9ZqXY9s6SY57Q8.roa (raw, json)
Hash identifier: v7OvJlxI/QMpJXWz8rp0NZulXIZvsUuMzYcspCO2NRI=
Subject key identifier: 25:16:75:7D:13:45:50:FF:78:C7:D6:6A:5D:8F:6C:E9:26:39:ED:0F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184F0CE4403BE41625A07E0CBA6AD0950C5
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRZ1fRNFUP94x9ZqXY9s6SY57Q8.roa
Signing time: Thu 08 Dec 2022 08:16:00 +0000
ROA not before: Thu 08 Dec 2022 08:16:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 46.20.216.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f0:ce:44:03:be:41:62:5a:07:e0:cb:a6:ad:09:50:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 8 08:16:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2516757d134550ff78c7d66a5d8f6ce92639ed0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:3e:2f:96:38:e8:0f:2d:6b:4b:de:55:92:
38:54:3f:26:ab:f1:8a:bc:24:b0:e2:c0:50:bf:50:
09:94:76:55:9d:3c:b9:bc:42:53:8a:8b:6e:49:78:
5f:95:f2:21:63:cf:55:96:0c:7a:44:c7:dc:be:a9:
f1:52:f8:25:d9:63:f2:fc:f8:8d:67:63:d3:46:76:
df:88:95:01:b1:4f:23:30:06:30:27:ad:89:19:f0:
8b:8e:5f:82:71:dc:3f:51:09:e9:6f:08:0e:6c:69:
50:96:23:a6:00:05:3d:d9:12:0f:1d:f0:5d:05:33:
c0:9f:5a:22:f5:75:89:09:6b:d3:4d:1f:ff:0b:a7:
c1:4e:7e:b6:e6:09:d7:f6:d4:b9:ba:f6:74:38:2a:
df:64:0c:3d:35:81:62:0b:35:b0:81:11:b8:ca:8a:
73:3c:2a:99:9b:04:8d:34:6c:33:0d:61:ba:9d:62:
b6:3d:ac:7a:d0:37:45:0e:27:dc:2c:d2:56:a3:36:
1f:87:ea:44:b3:5a:59:d9:34:fa:76:d5:16:ea:d6:
25:d0:04:ad:ea:c8:19:24:4f:94:2f:d6:4c:0e:32:
a3:dc:2c:37:22:91:c5:b4:81:e7:9e:dc:3d:6c:b1:
35:0a:f6:b3:19:aa:25:a3:00:07:24:a3:cc:bd:a9:
af:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:16:75:7D:13:45:50:FF:78:C7:D6:6A:5D:8F:6C:E9:26:39:ED:0F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JRZ1fRNFUP94x9ZqXY9s6SY57Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.216.0/21
Signature Algorithm: sha256WithRSAEncryption
68:67:82:46:e3:73:83:5e:88:94:cb:2b:a2:fc:14:e2:31:ff:
d4:3f:1a:25:6d:52:54:a3:a8:bd:29:61:00:68:9e:c8:a3:fa:
34:2c:dc:25:03:0e:12:40:32:c2:8a:26:81:9d:49:c2:e7:44:
0c:84:6d:96:07:d6:ac:8b:f2:70:31:79:f1:46:51:3c:f4:b8:
ba:bc:83:b8:34:bd:e1:cf:fa:06:99:2c:aa:18:70:cd:00:41:
e0:b3:9c:7e:3c:7e:83:fe:37:dc:03:08:f4:0b:f5:f0:0d:d3:
a9:33:c0:f6:3e:b9:6d:a3:9f:8c:19:9e:87:26:75:35:bc:cc:
0d:0a:86:4d:9e:ec:ac:6c:30:f0:ad:5d:ef:da:3c:b4:ad:2f:
5a:76:a5:54:57:c1:ef:ec:00:c1:84:49:0c:fa:e2:32:40:18:
20:67:2d:c2:4c:89:e5:3b:14:ba:2e:31:f3:21:f6:85:c8:c8:
19:3e:65:9a:88:a0:ea:b4:4f:b0:45:ff:02:a5:d0:ca:0d:2b:
7c:8b:31:77:c2:09:74:2d:45:c1:c4:25:68:01:26:cd:da:e2:
ab:bc:fd:f5:41:d6:54:a3:53:20:27:19:3a:a2:ad:44:b2:53:
14:5b:50:9a:df:68:d5:3b:c6:b5:9e:1e:f8:24:2d:f9:9b:b2:
1c:b0:e7:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTwzkQDvkFiWgfgy6atCVDFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjA4MDgxNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTE2NzU3ZDEzNDU1MGZmNzhjN2Q2NmE1ZDhmNmNlOTI2MzllZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOU+L5Y46A8ta0veVZI4VD8mq/GK
vCSw4sBQv1AJlHZVnTy5vEJTiotuSXhflfIhY89Vlgx6RMfcvqnxUvgl2WPy/PiN
Z2PTRnbfiJUBsU8jMAYwJ62JGfCLjl+Ccdw/UQnpbwgObGlQliOmAAU92RIPHfBd
BTPAn1oi9XWJCWvTTR//C6fBTn625gnX9tS5uvZ0OCrfZAw9NYFiCzWwgRG4yopz
PCqZmwSNNGwzDWG6nWK2Pax60DdFDifcLNJWozYfh+pEs1pZ2TT6dtUW6tYl0ASt
6sgZJE+UL9ZMDjKj3Cw3IpHFtIHnntw9bLE1CvazGaolowAHJKPMvamvIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCUWdX0TRVD/eMfWal2PbOkmOe0PMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSlJaMWZSTkZVUDk0eDlacVhZOXM2U1k1N1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLhTYMA0G
CSqGSIb3DQEBCwUAA4IBAQBoZ4JG43ODXoiUyyui/BTiMf/UPxolbVJUo6i9KWEA
aJ7Io/o0LNwlAw4SQDLCiiaBnUnC50QMhG2WB9asi/JwMXnxRlE89Li6vIO4NL3h
z/oGmSyqGHDNAEHgs5x+PH6D/jfcAwj0C/XwDdOpM8D2Prlto5+MGZ6HJnU1vMwN
CoZNnuysbDDwrV3v2jy0rS9adqVUV8Hv7ADBhEkM+uIyQBggZy3CTInlOxS6LjHz
IfaFyMgZPmWaiKDqtE+wRf8CpdDKDSt8izF3wgl0LUXBxCVoASbN2uKrvP31QdZU
o1MgJxk6oq1EslMUW1Ca32jVO8a1nh74JC35m7IcsOcT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org