Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Jmj2JFAqI8G04V_QECQAqXj37r4.roa
File: Jmj2JFAqI8G04V_QECQAqXj37r4.roa (raw, json)
Hash identifier: zTiPjMSTUUEahoKIubYP0/lrwediCrmL1dYlTA7UIU8=
Subject key identifier: 26:68:F6:24:50:2A:23:C1:B4:E1:5F:D0:10:24:00:A9:78:F7:EE:BE
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 0D89DCFF
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Jmj2JFAqI8G04V_QECQAqXj37r4.roa
Signing time: Thu 10 Feb 2022 16:14:58 +0000
ROA not before: Thu 10 Feb 2022 16:14:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48519
IP address blocks: 195.253.66.0/24 maxlen: 24
195.253.65.0/24 maxlen: 24
195.253.84.0/22 maxlen: 22
195.253.96.0/19 maxlen: 24
185.119.136.0/23 maxlen: 23
185.119.138.0/23 maxlen: 24
195.253.48.0/22 maxlen: 22
195.253.52.0/23 maxlen: 23
2a01:5b0:8::/48 maxlen: 48
2a01:5b0:2::/48 maxlen: 48
2a01:5b0:5::/48 maxlen: 48
2a01:5b0:20::/43 maxlen: 48
2a01:5b0:6::/48 maxlen: 48
2a01:5b0:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 227138815 (0xd89dcff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: Feb 10 16:14:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2668f624502a23c1b4e15fd0102400a978f7eebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:16:4f:de:bf:14:7c:e0:ed:2d:21:e3:44:
35:c9:18:0a:0d:92:a0:76:11:ee:3d:46:91:54:56:
00:e9:bd:3d:64:58:90:4c:35:cd:8a:8d:03:e7:1d:
77:ab:f4:fd:f4:52:d5:f3:02:eb:58:6f:49:bb:36:
00:17:d0:3f:c2:fe:f0:75:ee:0e:04:13:d0:df:a9:
ad:6d:66:cf:71:76:de:b8:7a:b8:aa:b4:11:ec:ad:
bc:91:43:5b:95:06:9d:86:ff:37:e8:47:25:0e:49:
7c:3d:fc:c1:37:f1:b6:55:91:e1:bb:5a:7b:24:af:
11:1b:4b:92:6b:ac:a6:d9:9e:44:75:22:86:e5:d2:
84:17:2b:db:f2:29:c9:5c:68:61:78:c5:a2:91:2d:
6b:11:e8:28:08:81:e6:3d:32:da:4d:9a:82:79:0e:
e3:67:59:dd:3f:e3:ce:14:40:ad:7d:ca:92:43:4a:
51:8d:08:06:bb:96:0e:cc:fa:4c:03:3e:f9:ec:96:
09:2e:ad:e9:fa:de:cf:f8:ae:e2:8c:f6:1a:78:73:
04:4a:e3:e6:b6:a4:d8:2a:a2:a9:3d:75:18:a9:9c:
6e:2d:82:e9:ab:24:70:13:40:1a:91:b6:fb:84:4d:
40:10:a3:86:b3:38:4c:f1:22:e6:7e:03:cd:b4:4b:
50:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:68:F6:24:50:2A:23:C1:B4:E1:5F:D0:10:24:00:A9:78:F7:EE:BE
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/Jmj2JFAqI8G04V_QECQAqXj37r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.136.0/22
195.253.48.0-195.253.53.255
195.253.65.0-195.253.66.255
195.253.84.0/22
195.253.96.0/19
IPv6:
2a01:5b0:2::/48
2a01:5b0:5::-2a01:5b0:6:ffff:ffff:ffff:ffff:ffff
2a01:5b0:8::/47
2a01:5b0:20::/43
Signature Algorithm: sha256WithRSAEncryption
3b:66:48:ec:8e:05:0c:70:c1:91:7d:09:19:42:3c:00:e6:c7:
c2:23:f9:49:5c:a6:c6:13:2a:58:08:db:01:3b:cb:6c:da:ca:
44:e9:72:8d:c3:64:80:d5:f8:37:d4:b2:33:72:a0:c5:91:4c:
d9:1e:68:e0:4b:93:68:5b:da:fb:ae:2a:6d:16:96:bb:53:64:
a9:5b:6e:b6:1b:7e:ec:4a:2c:65:cd:70:ea:d1:6c:7e:02:d7:
1d:6b:a3:8e:30:e7:e0:4a:cb:b4:fe:6a:50:b2:dd:0f:80:67:
bf:e8:9e:bd:77:88:3a:4a:84:9c:5b:a4:aa:fd:c4:0b:90:ce:
54:ac:93:e2:51:2f:fc:18:e6:21:a4:ad:9e:ac:64:a9:e1:8f:
fc:07:0c:63:0c:bb:6f:3b:cd:f6:f0:01:cd:b9:f5:1c:31:c2:
7e:7d:e0:3d:f4:4d:97:20:e7:b7:d1:fd:70:91:dc:e9:d1:99:
b6:d5:15:ed:c2:bf:f6:00:9d:fb:f6:46:4e:59:62:36:5f:07:
f1:76:7b:a7:e1:54:78:f4:30:ac:02:fc:08:a3:17:89:e2:ad:
c7:45:3d:67:89:a6:88:34:d2:dd:07:f1:2f:fd:3b:38:16:3e:
59:d1:d3:97:d2:b6:4e:81:01:57:1a:68:4c:8c:71:cc:c8:b6:
8b:49:8f:c0
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIEDYnc/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGMxZTQyNmY1OGU0MmFlMzBlNTZjZGI3ZmY0ZDhmOWRkZDg1YjMwMB4XDTIyMDIx
MDE2MTQ1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjY2OGY2MjQ1MDJh
MjNjMWI0ZTE1ZmQwMTAyNDAwYTk3OGY3ZWViZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSSFk/evxR84O0tIeNENckYCg2SoHYR7j1GkVRWAOm9PWRY
kEw1zYqNA+cdd6v0/fRS1fMC61hvSbs2ABfQP8L+8HXuDgQT0N+prW1mz3F23rh6
uKq0EeytvJFDW5UGnYb/N+hHJQ5JfD38wTfxtlWR4btaeySvERtLkmusptmeRHUi
huXShBcr2/IpyVxoYXjFopEtaxHoKAiB5j0y2k2agnkO42dZ3T/jzhRArX3KkkNK
UY0IBruWDsz6TAM++eyWCS6t6frez/iu4oz2GnhzBErj5rak2CqiqT11GKmcbi2C
6askcBNAGpG2+4RNQBCjhrM4TPEi5n4DzbRLUDsCAwEAAaOCAmgwggJkMB0GA1Ud
DgQWBBQmaPYkUCojwbThX9AQJACpePfuvjAfBgNVHSMEGDAWgBRQweQm9Y5CrjDl
bNt/9Nj53dhbMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VNSGtKdldPUXE0dzVXemJmX1RZLWQzWVd6QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvOWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8x
L0ptajJKRkFxSThHMDRWX1FFQ1FBcVhqMzdyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
OWM2ZGFkLTM3N2EtNDQ0ZS1iMGRjLTA2M2NlNmNmNDYwZC8xL1VNSGtKdldPUXE0
dzVXemJmX1RZLWQzWVd6QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB+
BggrBgEFBQcBBwEB/wRvMG0wNAQCAAEwLgMEArl3iDAMAwQEw/0wAwQBw/00MAwD
BADD/UEDBADD/UIDBALD/VQDBAXD/WAwNQQCAAIwLwMHACoBBbAAAjASAwcAKgEF
sAAFAwcAKgEFsAAGAwcBKgEFsAAIAwcFKgEFsAAgMA0GCSqGSIb3DQEBCwUAA4IB
AQA7ZkjsjgUMcMGRfQkZQjwA5sfCI/lJXKbGEypYCNsBO8ts2spE6XKNw2SA1fg3
1LIzcqDFkUzZHmjgS5NoW9r7riptFpa7U2SpW262G37sSixlzXDq0Wx+Atcda6OO
MOfgSsu0/mpQst0PgGe/6J69d4g6SoScW6Sq/cQLkM5UrJPiUS/8GOYhpK2erGSp
4Y/8BwxjDLtvO8328AHNufUcMcJ+feA99E2XIOe30f1wkdzp0Zm21RXtwr/2AJ37
9kZOWWI2Xwfxdnun4VR49DCsAvwIoxeJ4q3HRT1niaaINNLdB/Ev/Ts4Fj5Z0dOX
0rZOgQFXGmhMjHHMyLaLSY/A
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:09 2024 by rpki-client on console-fra.rpki-client.org