Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/JTOk7XT12baBYk8bmN_31-AB21E.roa
File: JTOk7XT12baBYk8bmN_31-AB21E.roa (raw, json)
Hash identifier: sYZ1QgmS+5DoeaxDD7zMdUlfsdpgsGZZ103249cyJH4=
Subject key identifier: 25:33:A4:ED:74:F5:D9:B6:81:62:4F:1B:98:DF:F7:D7:E0:01:DB:51
Certificate issuer: /CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Certificate serial: 02200137
Authority key identifier: D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/JTOk7XT12baBYk8bmN_31-AB21E.roa
Signing time: Sat 01 Jan 2022 11:57:59 +0000
ROA not before: Sat 01 Jan 2022 11:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206706
IP address blocks: 185.228.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35651895 (0x2200137)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9c9baf46d6c94d27ce128da3b65b5a3b06db38b
Validity
Not Before: Jan 1 11:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2533a4ed74f5d9b681624f1b98dff7d7e001db51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:16:63:26:ab:8e:e7:30:ed:50:50:d8:2c:
ee:cb:be:9d:e5:75:12:7c:6f:d7:7e:83:84:a3:2c:
cc:7a:8d:de:a8:bb:c0:f5:43:9a:05:62:6a:22:c3:
62:c7:ea:c6:1a:93:8a:ad:7b:da:79:15:a1:84:6a:
25:ba:83:1b:6d:71:be:ea:00:33:c7:b2:a9:2f:b1:
10:90:46:9e:04:25:6a:49:c3:48:e8:10:bd:b4:dc:
aa:e4:58:71:3b:23:57:23:ec:fc:0d:25:f7:10:b4:
b1:14:fe:d3:44:84:5d:2b:6c:c1:37:f5:d1:6e:1a:
d4:22:11:d2:a6:46:4a:d8:1b:7b:09:be:46:96:88:
dc:69:a4:14:7a:17:70:4a:cf:ed:62:b0:91:69:6d:
26:b7:9e:dc:56:2b:f6:59:25:d2:c9:f7:6f:2a:36:
cf:ae:35:fd:b9:21:4e:d8:eb:83:c3:dc:23:46:d7:
f7:d5:bd:03:ff:c5:0f:4f:3b:1c:a2:0e:67:21:29:
14:eb:58:c5:67:fa:83:6e:bd:6f:ba:c2:bf:91:8c:
06:db:30:3b:a7:18:a0:29:33:3f:26:a3:fc:d8:28:
2d:c6:42:e8:38:b0:45:ed:f1:a3:be:3c:da:63:fb:
b7:86:03:f7:54:ed:6c:16:a6:4d:05:ea:dc:ed:79:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:33:A4:ED:74:F5:D9:B6:81:62:4F:1B:98:DF:F7:D7:E0:01:DB:51
X509v3 Authority Key Identifier:
keyid:D9:C9:BA:F4:6D:6C:94:D2:7C:E1:28:DA:3B:65:B5:A3:B0:6D:B3:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2cm69G1slNJ84SjaO2W1o7Bts4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/JTOk7XT12baBYk8bmN_31-AB21E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/94f98c-c1d1-4fe2-9adc-a010d8e4faf0/1/2cm69G1slNJ84SjaO2W1o7Bts4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.249.0/24
Signature Algorithm: sha256WithRSAEncryption
60:6f:89:c4:8f:d3:8e:2b:37:f9:aa:a2:14:5e:90:d4:46:ff:
5f:62:98:21:32:36:7d:f6:c8:71:cb:66:ef:9e:74:0f:dc:13:
6f:9b:d7:86:41:7f:50:59:b4:f5:4c:1e:69:8f:97:2e:23:99:
b3:b3:cc:00:db:0a:e7:d5:1c:1c:98:23:c1:bb:92:45:fc:d0:
56:51:67:b0:e8:d1:16:30:ab:3e:72:fa:aa:0d:96:99:4f:ec:
0c:17:a0:34:41:ff:9c:ad:e9:de:42:fd:55:63:12:49:72:5e:
72:a6:5d:43:92:51:e3:9b:95:3c:1a:1c:20:7f:07:61:12:cc:
ee:10:c0:c4:69:f5:92:80:d0:f9:82:fb:1e:17:dd:61:54:80:
18:81:e7:69:27:1f:52:45:76:79:2f:2c:80:08:69:42:e4:8f:
9c:8c:f4:d5:99:1a:4b:4a:20:24:da:b9:a9:e1:a6:25:55:d8:
01:32:54:2f:d5:5d:e5:1a:7a:24:ec:fb:44:52:23:0d:65:82:
ff:27:46:df:a2:db:71:8f:ee:53:fc:49:7c:fb:00:7b:1d:88:
8b:51:ab:43:c3:1d:31:5a:ac:cc:d5:44:cf:24:12:7a:be:4a:
8c:ef:44:f2:9f:a4:23:c2:66:ac:77:5c:4b:cb:86:8c:99:1b:
ab:da:c3:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiABNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWM5YmFmNDZkNmM5NGQyN2NlMTI4ZGEzYjY1YjVhM2IwNmRiMzhiMB4XDTIyMDEw
MTExNTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUzM2E0ZWQ3NGY1
ZDliNjgxNjI0ZjFiOThkZmY3ZDdlMDAxZGI1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZaFmMmq47nMO1QUNgs7su+neV1Enxv136DhKMszHqN3qi7
wPVDmgViaiLDYsfqxhqTiq172nkVoYRqJbqDG21xvuoAM8eyqS+xEJBGngQlaknD
SOgQvbTcquRYcTsjVyPs/A0l9xC0sRT+00SEXStswTf10W4a1CIR0qZGStgbewm+
RpaI3GmkFHoXcErP7WKwkWltJree3FYr9lkl0sn3byo2z641/bkhTtjrg8PcI0bX
99W9A//FD087HKIOZyEpFOtYxWf6g269b7rCv5GMBtswO6cYoCkzPyaj/NgoLcZC
6DiwRe3xo7482mP7t4YD91TtbBamTQXq3O156EcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQlM6TtdPXZtoFiTxuY3/fX4AHbUTAfBgNVHSMEGDAWgBTZybr0bWyU0nzh
KNo7ZbWjsG2zizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJjbTY5RzFzbE5KODRTamFPMlcxbzdCdHM0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTRmOThjLWMxZDEtNGZlMi05YWRjLWEwMTBkOGU0ZmFmMC8x
L0pUT2s3WFQxMmJhQllrOGJtTl8zMS1BQjIxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTRmOThjLWMxZDEtNGZlMi05YWRjLWEwMTBkOGU0ZmFmMC8xLzJjbTY5RzFzbE5K
ODRTamFPMlcxbzdCdHM0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnk+TANBgkqhkiG9w0BAQsFAAOC
AQEAYG+JxI/Tjis3+aqiFF6Q1Eb/X2KYITI2ffbIcctm7550D9wTb5vXhkF/UFm0
9UweaY+XLiOZs7PMANsK59UcHJgjwbuSRfzQVlFnsOjRFjCrPnL6qg2WmU/sDBeg
NEH/nK3p3kL9VWMSSXJecqZdQ5JR45uVPBocIH8HYRLM7hDAxGn1koDQ+YL7Hhfd
YVSAGIHnaScfUkV2eS8sgAhpQuSPnIz01ZkaS0ogJNq5qeGmJVXYATJUL9Vd5Rp6
JOz7RFIjDWWC/ydG36LbcY/uU/xJfPsAex2Ii1GrQ8MdMVqszNVEzyQSer5KjO9E
8p+kI8JmrHdcS8uGjJkbq9rDMA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:43 2025 by rpki-client