Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/J99dKNqq4jyMDozgVWQ9zqEqdbM.roa
File: J99dKNqq4jyMDozgVWQ9zqEqdbM.roa (raw, json)
Hash identifier: Vqfp+ocjclxfJkc+n0COV5HZIArUpRYr5Kc2i1YZ1fc=
Subject key identifier: 27:DF:5D:28:DA:AA:E2:3C:8C:0E:8C:E0:55:64:3D:CE:A1:2A:75:B3
Certificate issuer: /CN=1c683f95c98d2cfe9d79cdd3db8ee8138bb35772
Certificate serial: 382CDF8B
Authority key identifier: 1C:68:3F:95:C9:8D:2C:FE:9D:79:CD:D3:DB:8E:E8:13:8B:B3:57:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGg_lcmNLP6dec3T247oE4uzV3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/J99dKNqq4jyMDozgVWQ9zqEqdbM.roa
Signing time: Sat 01 Jan 2022 10:56:29 +0000
ROA not before: Sat 01 Jan 2022 10:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8426
IP address blocks: 194.158.160.0/19 maxlen: 19
212.61.0.0/16 maxlen: 16
195.38.192.0/18 maxlen: 18
2a02:830::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942464907 (0x382cdf8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c683f95c98d2cfe9d79cdd3db8ee8138bb35772
Validity
Not Before: Jan 1 10:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27df5d28daaae23c8c0e8ce055643dcea12a75b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:7e:f4:f4:17:c2:f1:85:95:05:c2:14:d7:
5b:43:c8:98:13:73:f4:a6:bc:7f:bb:0e:ca:9e:56:
82:ae:a0:cd:4e:d4:6e:87:e0:48:33:d6:48:c7:41:
7a:39:96:e9:09:fb:fd:ab:7e:9f:c6:79:e5:74:8d:
22:04:aa:a7:98:34:6d:44:61:1e:7d:a9:8e:b5:e1:
b0:e6:2c:0f:25:ad:75:fc:6c:67:6e:f9:b0:01:b3:
0d:7d:f2:4b:7f:9a:ef:b0:bf:66:2f:f6:a2:d9:2f:
2a:f0:4d:5d:47:7a:76:f9:d6:7c:c3:98:77:99:73:
cf:14:a5:94:dc:0a:79:39:90:f0:6f:6d:a9:58:fd:
b3:79:73:35:97:b7:f2:9f:e7:45:cf:72:cb:d4:79:
f3:53:7c:6f:03:9d:dd:99:57:ae:55:92:63:ce:88:
d0:e5:f6:7a:eb:ed:68:e1:3d:7a:58:8a:86:ad:93:
c6:a6:ef:9d:00:f6:35:3a:8d:e5:d9:5f:73:86:22:
6c:5a:53:1e:ea:cb:76:8e:c8:99:28:1b:d5:3d:9e:
cb:48:5e:9d:ab:c6:cb:2f:9f:92:57:72:78:ec:f4:
b1:c3:5a:67:76:af:78:41:0a:41:32:5a:4b:b9:c3:
0a:5d:de:41:de:4a:c2:9d:a1:67:fc:72:24:d1:10:
d0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DF:5D:28:DA:AA:E2:3C:8C:0E:8C:E0:55:64:3D:CE:A1:2A:75:B3
X509v3 Authority Key Identifier:
keyid:1C:68:3F:95:C9:8D:2C:FE:9D:79:CD:D3:DB:8E:E8:13:8B:B3:57:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGg_lcmNLP6dec3T247oE4uzV3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/J99dKNqq4jyMDozgVWQ9zqEqdbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/506f3d-c863-462f-87eb-b3ae1e4c32b7/1/HGg_lcmNLP6dec3T247oE4uzV3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.158.160.0/19
195.38.192.0/18
212.61.0.0/16
IPv6:
2a02:830::/32
Signature Algorithm: sha256WithRSAEncryption
89:0a:ba:8d:4e:9f:4a:16:63:fe:af:4e:76:68:5b:e5:01:b2:
50:3b:cd:f8:ae:a2:94:e2:e9:4d:4a:d6:b3:3b:22:8e:1f:c5:
8f:9d:65:63:7e:13:68:d3:aa:0c:5b:03:fd:61:6a:77:82:10:
0f:1e:e9:fc:06:00:98:3e:5d:d5:e1:6c:41:bb:de:2a:dc:2b:
13:1c:28:3e:ae:d8:04:9f:5e:df:83:df:98:ca:1c:a4:22:e0:
ef:1c:f6:f6:78:e1:b3:bf:3b:b7:05:4c:3a:1e:81:d0:eb:18:
fb:cd:06:27:55:9d:25:28:c2:b4:e9:3c:12:c9:7a:39:af:9b:
d3:c4:a4:dd:88:4f:8f:f9:db:37:aa:f2:e7:ce:a2:f9:4f:12:
f9:73:1d:50:d1:bc:b5:d5:ab:e7:53:42:a9:98:9d:27:3b:e8:
e4:3f:22:6e:38:a3:d0:4e:28:3e:85:2c:7f:49:51:31:a0:86:
8d:60:ab:79:a5:56:e0:8e:e9:57:64:a4:de:e2:af:61:65:7a:
36:f1:95:90:43:bc:a7:13:24:2a:fe:0e:b7:25:6d:fc:44:39:
c9:57:fe:38:8f:38:7f:9e:61:aa:6b:5c:b5:fe:dd:16:c6:3f:
0b:f5:17:f8:5e:42:a5:70:a1:b0:7d:f5:b3:7a:89:a4:aa:d1:
6f:5b:63:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEOCzfizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzY4M2Y5NWM5OGQyY2ZlOWQ3OWNkZDNkYjhlZTgxMzhiYjM1NzcyMB4XDTIyMDEw
MTEwNTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdkZjVkMjhkYWFh
ZTIzYzhjMGU4Y2UwNTU2NDNkY2VhMTJhNzViMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI2fvT0F8LxhZUFwhTXW0PImBNz9Ka8f7sOyp5Wgq6gzU7U
bofgSDPWSMdBejmW6Qn7/at+n8Z55XSNIgSqp5g0bURhHn2pjrXhsOYsDyWtdfxs
Z275sAGzDX3yS3+a77C/Zi/2otkvKvBNXUd6dvnWfMOYd5lzzxSllNwKeTmQ8G9t
qVj9s3lzNZe38p/nRc9yy9R581N8bwOd3ZlXrlWSY86I0OX2euvtaOE9eliKhq2T
xqbvnQD2NTqN5dlfc4YibFpTHurLdo7ImSgb1T2ey0henavGyy+fkldyeOz0scNa
Z3aveEEKQTJaS7nDCl3eQd5Kwp2hZ/xyJNEQ0PECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQn310o2qriPIwOjOBVZD3OoSp1szAfBgNVHSMEGDAWgBQcaD+VyY0s/p15
zdPbjugTi7NXcjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hHZ19sY21OTFA2ZGVjM1QyNDdvRTR1elYzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTAvNTA2ZjNkLWM4NjMtNDYyZi04N2ViLWIzYWUxZTRjMzJiNy8x
L0o5OWRLTnFxNGp5TURvemdWV1E5enFFcWRiTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTAv
NTA2ZjNkLWM4NjMtNDYyZi04N2ViLWIzYWUxZTRjMzJiNy8xL0hHZ19sY21OTFA2
ZGVjM1QyNDdvRTR1elYzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMEBcKeoAMEBsMmwAMDANQ9MA0EAgAC
MAcDBQAqAggwMA0GCSqGSIb3DQEBCwUAA4IBAQCJCrqNTp9KFmP+r052aFvlAbJQ
O834rqKU4ulNStazOyKOH8WPnWVjfhNo06oMWwP9YWp3ghAPHun8BgCYPl3V4WxB
u94q3CsTHCg+rtgEn17fg9+YyhykIuDvHPb2eOGzvzu3BUw6HoHQ6xj7zQYnVZ0l
KMK06TwSyXo5r5vTxKTdiE+P+ds3qvLnzqL5TxL5cx1Q0by11avnU0KpmJ0nO+jk
PyJuOKPQTig+hSx/SVExoIaNYKt5pVbgjulXZKTe4q9hZXo28ZWQQ7ynEyQq/g63
JW38RDnJV/44jzh/nmGqa1y1/t0Wxj8L9Rf4XkKlcKGwffWzeomkqtFvW2Pp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:24 2023 by rpki-client on console-fra.rpki-client.org