Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/xCJZLZRW_I0GjkyQmyxBxIDq5gs.roa
File: xCJZLZRW_I0GjkyQmyxBxIDq5gs.roa (raw, json)
Hash identifier: zBvZQFvh2F20ddAo2tCu+/Atkj4LrRVZ0/hRc3u2FnE=
Subject key identifier: C4:22:59:2D:94:56:FC:8D:06:8E:4C:90:9B:2C:41:C4:80:EA:E6:0B
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 07386A30
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/xCJZLZRW_I0GjkyQmyxBxIDq5gs.roa
Signing time: Sat 01 Jan 2022 01:55:34 +0000
ROA not before: Sat 01 Jan 2022 01:55:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202806
IP address blocks: 85.234.115.0/24 maxlen: 24
85.234.114.0/23 maxlen: 24
85.234.114.0/24 maxlen: 24
2a0a:6f40:2::/48 maxlen: 48
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 121137712 (0x7386a30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Jan 1 01:55:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c422592d9456fc8d068e4c909b2c41c480eae60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:46:5e:ef:5e:21:b4:dc:5e:5e:33:d9:85:3b:
79:70:25:86:0f:3a:a8:b3:eb:c0:15:64:8c:e8:77:
a4:34:bc:7f:93:34:a8:5b:fe:8b:9e:1d:94:42:b9:
31:eb:3c:f1:6e:77:8f:98:56:41:51:27:d6:0d:a4:
e5:2a:2d:91:0a:24:50:5a:13:ca:b6:b2:80:96:1f:
c6:fd:4c:32:5a:fb:99:20:4b:fb:45:44:b7:48:5c:
d0:62:db:c8:ec:b2:12:ee:c7:d2:45:e1:aa:52:25:
0c:ab:55:ff:61:f4:a8:d3:02:9b:f4:e2:f8:89:3d:
e0:75:3f:24:80:02:fd:d6:d8:eb:2b:9f:84:a1:2b:
c9:fd:6c:2b:70:6a:dd:79:51:2d:90:12:5b:ed:ce:
b2:2a:5e:e9:86:2f:75:5f:a3:6c:1b:a0:28:d5:cf:
0f:d1:a1:53:5d:85:00:ea:88:b0:74:25:23:ce:61:
44:82:83:b3:23:a7:a8:d7:19:be:6a:f3:91:d9:d2:
1d:34:cc:ae:f9:3e:38:80:db:17:89:f4:ca:94:8a:
22:7b:a1:f1:7b:6b:09:2f:22:6e:b5:6d:ab:32:a9:
8c:83:4b:60:ef:f2:fe:88:73:d5:73:a8:40:e6:5a:
ef:fe:26:ec:2a:14:d7:1c:a2:7e:64:8d:d9:84:5e:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:22:59:2D:94:56:FC:8D:06:8E:4C:90:9B:2C:41:C4:80:EA:E6:0B
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/xCJZLZRW_I0GjkyQmyxBxIDq5gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.114.0/23
IPv6:
2a0a:6f40:2::/47
Signature Algorithm: sha256WithRSAEncryption
72:13:67:fd:31:6a:97:ef:8e:27:9e:98:02:1f:19:90:75:65:
8a:61:d2:28:90:65:b4:75:24:ab:38:8e:6b:b5:14:ce:bd:d4:
6e:7f:e8:1c:1e:c1:88:f4:0e:72:9b:08:84:a7:e0:a8:75:44:
09:49:68:33:c0:4a:8e:42:33:ef:73:0b:ba:1d:90:db:0c:48:
34:99:91:21:76:15:f3:2d:12:b7:72:3b:c2:4b:ab:5e:ea:aa:
3d:4a:dd:da:62:42:ed:1b:96:5f:2d:31:4d:9c:04:e0:f8:41:
35:35:d3:23:37:af:c1:90:03:ef:4f:98:94:71:6e:10:fe:95:
9c:2b:c5:6b:37:f1:52:5a:4f:92:49:74:cd:50:1e:20:9e:bf:
35:0b:a0:d6:13:8a:41:f6:75:0e:e7:75:e1:ab:a8:02:08:e3:
ae:42:5a:87:c9:45:9f:cf:2e:a0:6a:5b:49:5a:8f:c7:e0:b4:
61:a9:65:71:da:88:a7:88:26:0f:59:63:63:e5:fa:45:e0:b7:
07:30:12:99:a1:7f:8f:3b:0a:a6:73:f4:d5:7c:6e:0a:78:34:
aa:6e:d1:71:73:1a:c2:8f:ac:33:ce:c8:8e:c1:53:19:18:df:
41:0c:d6:d2:e2:60:15:99:9d:aa:63:e5:79:6e:4b:9a:c5:07:
41:54:d8:34
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBzhqMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzJiODljM2M1N2EzZTI5NmFhNDA2MWU5NjI4NDBiZTdhZThmMDE4MB4XDTIyMDEw
MTAxNTUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQyMjU5MmQ5NDU2
ZmM4ZDA2OGU0YzkwOWIyYzQxYzQ4MGVhZTYwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpGXu9eIbTcXl4z2YU7eXAlhg86qLPrwBVkjOh3pDS8f5M0
qFv+i54dlEK5Mes88W53j5hWQVEn1g2k5SotkQokUFoTyraygJYfxv1MMlr7mSBL
+0VEt0hc0GLbyOyyEu7H0kXhqlIlDKtV/2H0qNMCm/Ti+Ik94HU/JIAC/dbY6yuf
hKEryf1sK3Bq3XlRLZASW+3Osipe6YYvdV+jbBugKNXPD9GhU12FAOqIsHQlI85h
RIKDsyOnqNcZvmrzkdnSHTTMrvk+OIDbF4n0ypSKInuh8XtrCS8ibrVtqzKpjINL
YO/y/ohz1XOoQOZa7/4m7CoU1xyifmSN2YReoucCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTEIlktlFb8jQaOTJCbLEHEgOrmCzAfBgNVHSMEGDAWgBRMK4nDxXo+KWqk
Bh6WKEC+eujwGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RDdUp3OFY2UGlscXBBWWVsaWhBdm5ybzhCZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNzIxNTVhLWQxMDktNGMyZC1iOTc0LTExMjhlNWNlNmE1Yi8x
L3hDSlpMWlJXX0kwR2preVFteXhCeElEcTVncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NzIxNTVhLWQxMDktNGMyZC1iOTc0LTExMjhlNWNlNmE1Yi8xL1RDdUp3OFY2UGls
cXBBWWVsaWhBdm5ybzhCZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAVXqcjAPBAIAAjAJAwcBKgpvQAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQByE2f9MWqX744nnpgCHxmQdWWKYdIokGW0dSSr
OI5rtRTOvdRuf+gcHsGI9A5ymwiEp+CodUQJSWgzwEqOQjPvcwu6HZDbDEg0mZEh
dhXzLRK3cjvCS6te6qo9St3aYkLtG5ZfLTFNnATg+EE1NdMjN6/BkAPvT5iUcW4Q
/pWcK8VrN/FSWk+SSXTNUB4gnr81C6DWE4pB9nUO53Xhq6gCCOOuQlqHyUWfzy6g
altJWo/H4LRhqWVx2oiniCYPWWNj5fpF4LcHMBKZoX+POwqmc/TVfG4KeDSqbtFx
cxrCj6wzzsiOwVMZGN9BDNbS4mAVmZ2qY+V5bkuaxQdBVNg0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:34 2024 by rpki-client on console-ams.rpki-client.org