Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JeMq3VgBGjOR6-KjAmqxc22XsTM.roa
File: JeMq3VgBGjOR6-KjAmqxc22XsTM.roa (raw, json)
Hash identifier: QJ4Sx1YP9IJU0cBktY0fvSCKaXfWMDCjdSoYCstkdeI=
Subject key identifier: 25:E3:2A:DD:58:01:1A:33:91:EB:E2:A3:02:6A:B1:73:6D:97:B1:33
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184EB4073CEEAF096BE62CA5CD21C6BCC28
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JeMq3VgBGjOR6-KjAmqxc22XsTM.roa
Signing time: Wed 07 Dec 2022 06:23:00 +0000
ROA not before: Wed 07 Dec 2022 06:23:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 37.34.88.0/21 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:40:73:ce:ea:f0:96:be:62:ca:5c:d2:1c:6b:cc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 7 06:23:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25e32add58011a3391ebe2a3026ab1736d97b133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3b:8b:cc:fa:07:58:1e:f6:ab:29:53:f7:60:
b6:bd:f0:d4:1e:2e:e6:25:a4:00:e1:16:07:48:b1:
ba:1f:f7:54:d0:1d:a4:18:b1:46:e9:e5:ec:99:c1:
26:ba:61:bf:4f:7c:55:74:48:49:a3:88:84:c0:33:
68:b5:85:a1:27:0e:b9:2e:7d:f5:ed:16:5a:e4:fc:
87:b4:4f:7c:e2:27:62:f1:13:bd:39:48:4c:7e:8e:
c6:62:2c:3e:f6:30:9e:9b:cf:38:d2:e7:3f:b4:7e:
d5:66:51:a2:2b:7b:e1:f3:4c:a6:f9:57:4a:61:0e:
6e:05:c1:6e:91:3c:2a:7b:02:1c:70:ef:02:88:99:
68:ad:e0:f3:11:d3:4c:94:23:ba:29:ac:fa:2f:25:
b4:d5:0b:4c:94:cc:fb:cf:90:12:3b:f5:70:4a:f9:
02:3b:55:50:d5:df:e5:95:08:ef:28:f2:76:36:09:
0f:bb:e0:f7:d0:88:cc:7a:ed:ce:28:e5:cd:ee:a9:
a4:55:c8:32:55:8f:7a:8c:65:93:d9:1e:d0:7b:60:
1d:2b:38:57:90:2c:01:3e:ba:a3:16:2b:91:ad:15:
bf:b5:b1:b1:8a:b1:d9:7f:1f:6a:d8:a2:5b:e6:7b:
9b:13:a8:03:40:2d:1c:48:bd:52:ba:78:bd:9f:54:
8f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E3:2A:DD:58:01:1A:33:91:EB:E2:A3:02:6A:B1:73:6D:97:B1:33
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/JeMq3VgBGjOR6-KjAmqxc22XsTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.88.0/21
130.255.64.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:a8:ed:23:a5:9a:cd:c7:e9:2d:49:40:28:8b:92:d0:dd:52:
30:e7:5a:a8:fd:df:51:77:f5:13:9d:41:85:07:0a:39:44:74:
25:06:e9:bd:5a:ea:2b:a9:1f:08:e7:5d:2a:83:d4:f5:96:84:
09:a3:f5:45:cb:61:df:11:43:a0:7a:b7:bd:4b:6e:b2:7e:ab:
5d:5a:63:1d:d6:61:9d:0e:c4:21:b6:58:60:ab:38:c9:bc:ba:
8a:0c:68:8f:a7:a8:d5:6d:8b:a2:48:60:1f:63:43:fe:74:08:
06:7c:8c:cc:08:6c:40:14:18:af:a4:dc:a4:9a:d9:79:65:ee:
1f:c6:d6:3f:db:2b:0c:96:4b:f1:1c:3a:c6:45:88:03:ec:18:
dd:0d:08:cc:06:31:f5:de:fa:5a:7b:16:3b:1c:b6:a6:c4:60:
49:65:e5:ef:c0:f3:8d:a1:cf:fe:bb:2e:1a:be:30:30:a0:6a:
c9:3e:8d:66:08:3d:c6:06:54:e4:aa:2f:c4:9c:46:44:d3:87:
e7:19:0a:5b:d0:65:e4:d4:ac:34:e2:61:f9:78:a0:f7:a8:4a:
d9:12:3f:30:22:1c:22:3a:6a:d1:f7:13:55:66:11:53:fe:21:
77:e7:08:e5:85:fe:f0:f1:38:8a:63:f9:93:7e:b9:1a:ee:03:
91:63:1d:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTrQHPO6vCWvmLKXNIca8woMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjA3MDYyMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWUzMmFkZDU4MDExYTMzOTFlYmUyYTMwMjZhYjE3MzZkOTdiMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTuLzPoHWB72qylT92C2vfDUHi7m
JaQA4RYHSLG6H/dU0B2kGLFG6eXsmcEmumG/T3xVdEhJo4iEwDNotYWhJw65Ln31
7RZa5PyHtE984idi8RO9OUhMfo7GYiw+9jCem8840uc/tH7VZlGiK3vh80ym+VdK
YQ5uBcFukTwqewIccO8CiJloreDzEdNMlCO6Kaz6LyW01QtMlMz7z5ASO/VwSvkC
O1VQ1d/llQjvKPJ2NgkPu+D30IjMeu3OKOXN7qmkVcgyVY96jGWT2R7Qe2AdKzhX
kCwBPrqjFiuRrRW/tbGxirHZfx9q2KJb5nubE6gDQC0cSL1Suni9n1SPqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCXjKt1YARozkeviowJqsXNtl7EzMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvSmVNcTNWZ0JHak9SNi1LakFtcXhjMjJYc1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJSJYAwQD
gv9AMA0GCSqGSIb3DQEBCwUAA4IBAQAsqO0jpZrNx+ktSUAoi5LQ3VIw51qo/d9R
d/UTnUGFBwo5RHQlBum9WuorqR8I510qg9T1loQJo/VFy2HfEUOgere9S26yfqtd
WmMd1mGdDsQhtlhgqzjJvLqKDGiPp6jVbYuiSGAfY0P+dAgGfIzMCGxAFBivpNyk
mtl5Ze4fxtY/2ysMlkvxHDrGRYgD7BjdDQjMBjH13vpaexY7HLamxGBJZeXvwPON
oc/+uy4avjAwoGrJPo1mCD3GBlTkqi/EnEZE04fnGQpb0GXk1Kw04mH5eKD3qErZ
Ej8wIhwiOmrR9xNVZhFT/iF35wjlhf7w8TiKY/mTfrka7gORYx3Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org