Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/rJbyLrcaJZOnfM6lq76Dud_tZKQ.roa
File: rJbyLrcaJZOnfM6lq76Dud_tZKQ.roa (raw, json)
Hash identifier: NWynHGmTOsrdjxNf1AVj+AMB991cp0FCveMWWK5a0EE=
Subject key identifier: AC:96:F2:2E:B7:1A:25:93:A7:7C:CE:A5:AB:BE:83:B9:DF:ED:64:A4
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 01849FE85F42E22177B9C1D0DDE8E1450B6D
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/rJbyLrcaJZOnfM6lq76Dud_tZKQ.roa
Signing time: Tue 22 Nov 2022 15:15:16 +0000
ROA not before: Tue 22 Nov 2022 15:15:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.230.0/25 maxlen: 25
185.1.230.128/25 maxlen: 25
212.237.192.0/24 maxlen: 24
212.237.193.0/24 maxlen: 24
195.69.118.0/24 maxlen: 24
195.69.117.0/24 maxlen: 24
195.69.116.0/24 maxlen: 24
195.69.119.0/24 maxlen: 24
195.245.240.0/24 maxlen: 24
2001:7f8:122::/49 maxlen: 49
2001:7f8:122:8000::/49 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:e8:5f:42:e2:21:77:b9:c1:d0:dd:e8:e1:45:0b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Nov 22 15:15:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac96f22eb71a2593a77ccea5abbe83b9dfed64a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:61:94:1a:31:1e:45:99:e2:08:bb:8c:50:5d:
d9:60:29:b3:cc:01:15:81:1d:d8:bc:23:20:18:0a:
07:7f:70:93:f1:cc:89:44:7d:26:f2:90:fd:18:6c:
7b:12:8a:1a:02:31:8e:df:f4:cd:f6:bf:58:c1:57:
fe:d6:e7:d6:b2:c5:47:8b:3b:18:0d:e7:7c:10:54:
9f:0b:fc:f6:95:b6:75:7c:09:bd:f5:79:31:90:7d:
0d:78:30:d0:74:26:86:67:69:1a:3d:89:0d:7f:5d:
92:db:ba:cb:9d:fc:ae:d9:0d:bc:cc:88:ae:6c:7d:
d5:12:46:22:73:38:ef:70:ce:7e:7e:18:4b:1a:47:
a0:95:aa:3c:cb:2c:e5:94:3e:db:5a:15:cf:9f:5f:
44:40:23:1b:7c:b9:c4:52:3a:5f:8f:ef:ba:e7:b4:
96:ce:19:90:65:49:a2:f8:8b:f9:65:4b:cb:8b:60:
d2:52:2d:60:c0:d1:6e:5a:6b:2b:f1:70:02:4c:a0:
39:ec:ae:86:05:c7:10:ed:84:52:5a:29:54:cc:be:
fc:94:fc:91:d2:a2:67:62:fc:55:0d:6c:65:ae:0c:
24:dc:8a:92:b3:0a:c6:84:cd:ee:3f:7b:5a:61:e8:
2a:1d:fe:96:26:e4:92:ab:26:2c:fb:d8:c8:c2:ec:
d4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:96:F2:2E:B7:1A:25:93:A7:7C:CE:A5:AB:BE:83:B9:DF:ED:64:A4
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/rJbyLrcaJZOnfM6lq76Dud_tZKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.230.0/24
195.69.116.0/22
195.245.240.0/24
212.237.192.0/23
IPv6:
2001:7f8:122::/48
Signature Algorithm: sha256WithRSAEncryption
a1:af:c8:8f:6a:7f:77:7e:fa:c2:41:63:03:8b:c6:99:66:33:
77:4c:47:ac:5c:50:ab:1e:e1:13:dc:43:5b:ba:87:cd:ed:bb:
24:52:97:f1:bc:94:82:65:2d:92:8a:e9:9a:23:8a:6b:1a:60:
f2:1c:8f:89:03:14:49:bf:d6:4a:b8:a8:7a:9f:46:e4:5a:14:
15:e6:0b:d3:05:cc:49:91:43:5c:dc:75:3c:cb:49:94:7d:fd:
f5:91:e9:12:27:92:19:13:1d:57:4d:81:c4:4f:c5:9b:a7:39:
6a:b9:41:aa:7f:b5:fc:f2:4c:ea:dc:be:11:51:fe:95:8e:33:
a7:4e:93:55:19:b1:0d:42:47:14:1c:1b:d3:6f:f2:d4:90:ca:
6c:36:d2:ae:92:7a:5a:4b:91:87:c8:ed:fd:62:43:82:db:0f:
b2:a7:71:39:ac:1d:a4:83:17:57:ea:79:22:5a:d2:c7:a0:48:
ba:a6:e4:76:4d:1e:15:17:0b:9f:79:05:7f:63:24:57:71:66:
4e:3a:9e:66:e3:d1:46:c6:ba:36:ea:f5:82:59:fb:7d:1c:0b:
18:1b:de:1a:5b:02:75:9c:7a:7d:22:a6:4e:17:b9:d0:e7:03:
c1:9e:11:62:d6:47:47:ec:18:ab:6c:5f:7e:33:66:30:bc:bd:
63:0d:9c:e2
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYSf6F9C4iF3ucHQ3ejhRQttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjIxMTIyMTUxNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzk2ZjIyZWI3MWEyNTkzYTc3Y2NlYTVhYmJlODNiOWRmZWQ2NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32GUGjEeRZniCLuMUF3ZYCmzzAEV
gR3YvCMgGAoHf3CT8cyJRH0m8pD9GGx7EooaAjGO3/TN9r9YwVf+1ufWssVHizsY
Ded8EFSfC/z2lbZ1fAm99XkxkH0NeDDQdCaGZ2kaPYkNf12S27rLnfyu2Q28zIiu
bH3VEkYiczjvcM5+fhhLGkeglao8yyzllD7bWhXPn19EQCMbfLnEUjpfj++657SW
zhmQZUmi+Iv5ZUvLi2DSUi1gwNFuWmsr8XACTKA57K6GBccQ7YRSWilUzL78lPyR
0qJnYvxVDWxlrgwk3IqSswrGhM3uP3taYegqHf6WJuSSqyYs+9jIwuzUBwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKyW8i63GiWTp3zOpau+g7nf7WSkMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvckpieUxyY2FKWk9uZk02bHE3NkR1ZF90WktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAuQHmAwQC
w0V0AwQAw/XwAwQB1O3AMA8EAgACMAkDBwAgAQf4ASIwDQYJKoZIhvcNAQELBQAD
ggEBAKGvyI9qf3d++sJBYwOLxplmM3dMR6xcUKse4RPcQ1u6h83tuyRSl/G8lIJl
LZKK6ZojimsaYPIcj4kDFEm/1kq4qHqfRuRaFBXmC9MFzEmRQ1zcdTzLSZR9/fWR
6RInkhkTHVdNgcRPxZunOWq5Qap/tfzyTOrcvhFR/pWOM6dOk1UZsQ1CRxQcG9Nv
8tSQymw20q6SelpLkYfI7f1iQ4LbD7KncTmsHaSDF1fqeSJa0segSLqm5HZNHhUX
C595BX9jJFdxZk46nmbj0UbGujbq9YJZ+30cCxgb3hpbAnWcen0ipk4XudDnA8Ge
EWLWR0fsGKtsX34zZjC8vWMNnOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:34 2024 by rpki-client on console-fra.rpki-client.org