Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/jPnAtlCkiWJh3jGKHo_Gls8pdhY.roa
File: jPnAtlCkiWJh3jGKHo_Gls8pdhY.roa (raw, json)
Hash identifier: Z5yZnMm9zGoU6ZXyQxIUxAg+agffMeiAvkgo5ollozE=
Subject key identifier: 8C:F9:C0:B6:50:A4:89:62:61:DE:31:8A:1E:8F:C6:96:CF:29:76:16
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 01886B62EBD6F2E30664A9364CF46A11B6FC
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/jPnAtlCkiWJh3jGKHo_Gls8pdhY.roa
Signing time: Tue 30 May 2023 06:40:24 +0000
ROA not before: Tue 30 May 2023 06:40:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59613
IP address blocks: 185.158.208.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
2a02:2278:fffd::/48 maxlen: 48
2a02:2278:ff00::/40 maxlen: 40
2a02:2278:fffe::/48 maxlen: 48
2a02:2278:fffc::/48 maxlen: 48
2a02:2278:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6b:62:eb:d6:f2:e3:06:64:a9:36:4c:f4:6a:11:b6:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: May 30 06:40:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cf9c0b650a4896261de318a1e8fc696cf297616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b4:12:f5:ca:ad:35:9b:2f:31:e0:a1:e1:84:
8f:48:a6:a0:b6:28:db:05:d4:57:1c:b3:ae:22:18:
d3:86:82:33:12:0f:c7:8c:ea:92:6a:f4:5c:29:3d:
64:ab:9b:b1:91:de:ef:65:aa:e9:1e:91:a9:07:b5:
30:e0:31:ae:9e:4d:53:16:4e:df:60:0e:fc:95:5b:
c3:2b:f8:b2:f3:f5:19:a4:bf:42:cc:90:d2:09:7d:
25:44:98:23:af:ef:07:a2:1b:cc:c1:e3:95:3f:5c:
61:f3:ef:f4:58:ad:44:3d:7a:be:c0:96:3a:93:a8:
f7:a3:04:d5:78:1e:93:86:af:f6:77:9a:2c:83:8d:
11:ac:20:bc:71:e5:0a:04:84:b3:44:cd:b1:9c:ab:
a2:bb:92:b1:7e:ef:58:f3:57:71:1c:52:6b:34:76:
28:c7:f8:d7:e7:b7:37:b5:69:d9:db:41:86:24:9b:
2a:be:32:90:d6:ad:3c:cc:5f:a9:4b:f3:45:1e:ac:
c1:3b:6b:7b:07:ab:82:2f:b1:77:35:fb:04:d6:28:
c6:b2:94:1a:a0:9e:1d:b9:5d:a7:b7:3f:16:e2:0e:
5f:33:89:a8:b7:f9:a1:37:f5:a6:87:b9:72:a1:ff:
60:50:dd:99:27:43:f5:1f:7b:a8:dc:0e:f9:7e:e5:
81:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F9:C0:B6:50:A4:89:62:61:DE:31:8A:1E:8F:C6:96:CF:29:76:16
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/jPnAtlCkiWJh3jGKHo_Gls8pdhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
af:a1:23:70:42:b2:60:94:29:67:23:35:f5:1a:ca:07:e9:06:
ad:34:68:08:35:bb:6f:76:41:55:d3:5b:d0:c0:13:4a:75:b0:
f7:29:67:99:2f:6e:e2:e8:11:71:98:94:02:7c:f0:7f:ff:76:
a4:6c:65:bc:73:fe:fb:63:fe:fe:35:63:c4:de:80:f2:c9:95:
51:5b:b4:19:cf:0d:10:33:e6:ba:03:d4:59:20:cf:c0:07:7e:
b0:4b:65:b8:91:0f:54:91:fe:24:16:d5:2d:6f:76:70:70:d0:
0f:c8:06:b6:85:db:b1:c7:4b:a8:91:86:4a:ee:45:2b:eb:86:
75:5d:33:9f:e3:15:b6:16:bd:99:16:c8:38:76:0e:15:4f:b2:
ed:a9:dc:fb:ca:ac:e2:0a:28:95:61:d0:54:17:48:ee:d3:51:
ea:f1:ec:0f:41:41:50:52:a0:73:3a:bd:32:65:a4:30:cc:e8:
5c:83:6e:f7:1e:b7:c3:be:22:38:55:8e:2b:fa:9f:9b:cc:52:
36:de:f7:c8:5b:fe:00:17:af:f0:46:06:6f:b8:47:22:6b:a8:
4c:44:e7:45:24:1e:9e:2c:f6:c4:2f:3f:de:11:1b:8e:6e:ed:
1d:03:ea:09:c0:c1:08:05:6c:94:16:61:27:06:24:89:bf:aa:
d1:2d:69:4a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYhrYuvW8uMGZKk2TPRqEbb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwNTMwMDY0MDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2Y5YzBiNjUwYTQ4OTYyNjFkZTMxOGExZThmYzY5NmNmMjk3NjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7QS9cqtNZsvMeCh4YSPSKagtijb
BdRXHLOuIhjThoIzEg/HjOqSavRcKT1kq5uxkd7vZarpHpGpB7Uw4DGunk1TFk7f
YA78lVvDK/iy8/UZpL9CzJDSCX0lRJgjr+8HohvMweOVP1xh8+/0WK1EPXq+wJY6
k6j3owTVeB6Thq/2d5osg40RrCC8ceUKBISzRM2xnKuiu5Kxfu9Y81dxHFJrNHYo
x/jX57c3tWnZ20GGJJsqvjKQ1q08zF+pS/NFHqzBO2t7B6uCL7F3NfsE1ijGspQa
oJ4duV2ntz8W4g5fM4mot/mhN/Wmh7lyof9gUN2ZJ0P1H3uo3A75fuWB8QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIz5wLZQpIliYd4xih6PxpbPKXYWMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvalBuQXRsQ2tpV0poM2pHS0hvX0dsczhwZGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuZ7QMA4E
AgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEAr6EjcEKyYJQpZyM19RrK
B+kGrTRoCDW7b3ZBVdNb0MATSnWw9ylnmS9u4ugRcZiUAnzwf/92pGxlvHP++2P+
/jVjxN6A8smVUVu0Gc8NEDPmugPUWSDPwAd+sEtluJEPVJH+JBbVLW92cHDQD8gG
toXbscdLqJGGSu5FK+uGdV0zn+MVtha9mRbIOHYOFU+y7anc+8qs4goolWHQVBdI
7tNR6vHsD0FBUFKgczq9MmWkMMzoXINu9x63w74iOFWOK/qfm8xSNt73yFv+ABev
8EYGb7hHImuoTETnRSQeniz2xC8/3hEbjm7tHQPqCcDBCAVslBZhJwYkib+q0S1p
Sg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:38 2025 by rpki-client