Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/jyUMamb-LNzVBGaRh32u-wOYusA.roa
File: jyUMamb-LNzVBGaRh32u-wOYusA.roa (raw, json)
Hash identifier: wJWCLfGSuh7uo70HFTh2KtJR61Q5pXqCICOQvynDljg=
Subject key identifier: 8F:25:0C:6A:66:FE:2C:DC:D5:04:66:91:87:7D:AE:FB:03:98:BA:C0
Certificate issuer: /CN=df1e2d4bd362b62b8045021dc350b120e5530265
Certificate serial: 045345DA
Authority key identifier: DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/jyUMamb-LNzVBGaRh32u-wOYusA.roa
Signing time: Sat 01 Jan 2022 11:54:11 +0000
ROA not before: Sat 01 Jan 2022 11:54:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62282
IP address blocks: 37.156.216.0/21 maxlen: 21
37.156.217.0/24 maxlen: 24
37.156.219.0/24 maxlen: 24
37.156.222.0/24 maxlen: 24
37.156.220.0/24 maxlen: 24
185.193.24.0/22 maxlen: 22
37.156.221.0/24 maxlen: 24
185.193.27.0/24 maxlen: 24
185.193.25.0/24 maxlen: 24
185.193.26.0/24 maxlen: 24
185.38.166.0/24 maxlen: 24
185.38.164.0/22 maxlen: 22
185.79.244.0/22 maxlen: 22
185.79.245.0/24 maxlen: 24
185.79.246.0/24 maxlen: 24
185.79.244.0/24 maxlen: 24
185.79.247.0/24 maxlen: 24
2a01:41a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72566234 (0x45345da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df1e2d4bd362b62b8045021dc350b120e5530265
Validity
Not Before: Jan 1 11:54:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f250c6a66fe2cdcd5046691877daefb0398bac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0f:bf:2e:b7:80:a2:8d:35:38:76:6c:d8:b4:
94:c2:a8:65:65:6c:70:9d:9d:97:67:58:e0:81:0d:
9d:05:f3:4d:6d:5f:9c:ff:9c:a8:17:fd:58:4d:8a:
02:c0:33:17:42:8e:6d:71:7f:47:63:28:23:43:fa:
71:fb:3e:d2:df:64:00:f5:ab:df:17:7a:e8:c0:94:
2d:2d:e1:f8:60:72:86:72:f5:c4:69:cd:10:d2:6a:
16:65:6b:89:d5:87:bb:68:db:6e:dc:6a:e6:a7:29:
68:0d:31:68:ea:d3:a4:92:00:7f:78:d3:9e:80:c8:
2b:63:88:cb:e3:f4:cd:99:88:ab:41:6c:08:5f:54:
aa:99:18:c4:09:14:45:68:69:c0:95:33:71:78:5b:
40:37:44:e2:9b:45:c5:8c:c4:63:cc:79:b3:3f:d6:
5e:f9:f2:3f:3b:71:e1:b6:13:3a:17:e3:05:c8:65:
07:f2:18:5c:eb:29:71:80:7a:1a:7e:c4:ac:64:f5:
87:e6:6a:89:a1:5e:de:ba:1d:67:f2:1b:8b:15:fb:
36:49:30:c7:f9:d6:39:f6:7a:98:54:11:9c:cf:ff:
a6:39:83:0c:f8:79:33:76:66:25:c2:d4:6f:cc:e0:
11:80:d8:51:47:03:e5:bb:66:73:1f:cc:14:01:8c:
24:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:25:0C:6A:66:FE:2C:DC:D5:04:66:91:87:7D:AE:FB:03:98:BA:C0
X509v3 Authority Key Identifier:
keyid:DF:1E:2D:4B:D3:62:B6:2B:80:45:02:1D:C3:50:B1:20:E5:53:02:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3x4tS9NitiuARQIdw1CxIOVTAmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/jyUMamb-LNzVBGaRh32u-wOYusA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/2879fb-629c-4abf-a35f-03afae688657/1/3x4tS9NitiuARQIdw1CxIOVTAmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.216.0/21
185.38.164.0/22
185.79.244.0/22
185.193.24.0/22
IPv6:
2a01:41a0::/32
Signature Algorithm: sha256WithRSAEncryption
c0:b5:fd:d6:ce:e6:e5:58:c6:8c:33:93:ea:18:bf:a2:b1:32:
65:2e:e9:bf:0d:0e:d2:0d:15:dc:f6:72:08:b1:db:82:db:a6:
e2:17:9e:d8:69:20:7b:4f:58:7a:c6:dc:ff:65:c7:46:db:4d:
7f:9a:d4:60:be:b0:cb:46:0c:31:3b:a1:d7:d7:08:6e:16:40:
0c:3a:f5:81:57:c4:e0:00:56:02:8e:2a:a4:a1:c3:11:91:55:
c1:00:7a:d0:31:3e:94:01:40:42:3a:0f:a4:a9:50:35:d0:55:
de:c3:0d:db:09:4a:81:32:00:37:c5:d2:3c:80:a9:f9:9d:97:
e4:71:f0:08:91:a1:2c:4c:7b:54:e8:6d:07:21:7b:fc:b1:f2:
9f:6d:c1:be:a3:89:75:1d:16:b7:61:e1:c3:35:1b:5e:b5:e3:
31:da:14:e0:4b:2a:0d:8a:d6:a2:86:8d:98:b0:1c:c3:29:a4:
b5:64:ab:a0:62:5e:5d:f3:c1:54:90:23:3c:ee:0b:f9:53:30:
f4:55:45:be:8e:4b:bc:4e:1b:31:6a:be:b7:99:ed:88:32:f3:
cd:9b:f8:5b:f7:f5:2c:b9:61:8a:1c:c7:e7:d4:85:59:e9:2b:
04:f9:2c:a0:5f:4e:64:17:58:1d:97:0f:2f:db:b5:b4:12:55:
31:b0:85:10
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBFNF2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjFlMmQ0YmQzNjJiNjJiODA0NTAyMWRjMzUwYjEyMGU1NTMwMjY1MB4XDTIyMDEw
MTExNTQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGYyNTBjNmE2NmZl
MmNkY2Q1MDQ2NjkxODc3ZGFlZmIwMzk4YmFjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMAPvy63gKKNNTh2bNi0lMKoZWVscJ2dl2dY4IENnQXzTW1f
nP+cqBf9WE2KAsAzF0KObXF/R2MoI0P6cfs+0t9kAPWr3xd66MCULS3h+GByhnL1
xGnNENJqFmVridWHu2jbbtxq5qcpaA0xaOrTpJIAf3jTnoDIK2OIy+P0zZmIq0Fs
CF9UqpkYxAkURWhpwJUzcXhbQDdE4ptFxYzEY8x5sz/WXvnyPztx4bYTOhfjBchl
B/IYXOspcYB6Gn7ErGT1h+ZqiaFe3rodZ/IbixX7Nkkwx/nWOfZ6mFQRnM//pjmD
DPh5M3ZmJcLUb8zgEYDYUUcD5btmcx/MFAGMJDUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSPJQxqZv4s3NUEZpGHfa77A5i6wDAfBgNVHSMEGDAWgBTfHi1L02K2K4BF
Ah3DULEg5VMCZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN4NHRTOU5pdGl1QVJRSWR3MUN4SU9WVEFtVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvMjg3OWZiLTYyOWMtNGFiZi1hMzVmLTAzYWZhZTY4ODY1Ny8x
L2p5VU1hbWItTE56VkJHYVJoMzJ1LXdPWXVzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
Mjg3OWZiLTYyOWMtNGFiZi1hMzVmLTAzYWZhZTY4ODY1Ny8xLzN4NHRTOU5pdGl1
QVJRSWR3MUN4SU9WVEFtVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyWc2AMEArkmpAMEArlP9AMEArnB
GDANBAIAAjAHAwUAKgFBoDANBgkqhkiG9w0BAQsFAAOCAQEAwLX91s7m5VjGjDOT
6hi/orEyZS7pvw0O0g0V3PZyCLHbgtum4hee2Gkge09Yesbc/2XHRttNf5rUYL6w
y0YMMTuh19cIbhZADDr1gVfE4ABWAo4qpKHDEZFVwQB60DE+lAFAQjoPpKlQNdBV
3sMN2wlKgTIAN8XSPICp+Z2X5HHwCJGhLEx7VOhtByF7/LHyn23BvqOJdR0Wt2Hh
wzUbXrXjMdoU4EsqDYrWooaNmLAcwymktWSroGJeXfPBVJAjPO4L+VMw9FVFvo5L
vE4bMWq+t5ntiDLzzZv4W/f1LLlhihzH59SFWekrBPksoF9OZBdYHZcPL9u1tBJV
MbCFEA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:23 2025 by rpki-client