Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/jZjtab-gvc9ZSi3Vt_IjhPUFuKU.roa
File: jZjtab-gvc9ZSi3Vt_IjhPUFuKU.roa (raw, json)
Hash identifier: Awz9Kxo7Sp0VUFaACbVtgQcFmhC3piEE59cSxN0RJ9E=
Subject key identifier: 8D:98:ED:69:BF:A0:BD:CF:59:4A:2D:D5:B7:F2:23:84:F5:05:B8:A5
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 016CC30F
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/jZjtab-gvc9ZSi3Vt_IjhPUFuKU.roa
Signing time: Wed 26 Jan 2022 00:52:46 +0000
ROA not before: Wed 26 Jan 2022 00:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
185.97.4.0/22 maxlen: 22
194.104.149.0/24 maxlen: 24
185.97.6.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23905039 (0x16cc30f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 26 00:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d98ed69bfa0bdcf594a2dd5b7f22384f505b8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f2:d2:0a:64:e8:a0:1d:68:41:85:61:38:c1:
63:96:a2:9a:9c:3f:fd:67:41:1a:74:ae:b5:37:5c:
22:46:c9:a2:ef:ca:a9:a9:20:3e:ad:fd:fd:f0:40:
31:47:76:b2:e2:ec:02:bd:de:9c:fe:18:78:2e:7a:
d1:9a:a7:75:7b:38:0d:3b:2c:53:d0:f7:dc:e4:ce:
d2:10:6b:73:89:e7:e8:43:5b:06:64:1b:47:1c:b1:
94:38:20:5b:a0:29:1b:bc:ec:3a:d8:15:ac:70:48:
bf:24:36:b7:7c:ed:97:f5:eb:a0:e0:b9:a7:79:31:
be:63:27:ed:e5:1e:94:d1:4f:7e:cf:d0:ac:ee:33:
e0:f8:1c:9e:63:d7:9b:e0:06:da:eb:48:8b:db:5b:
0b:42:40:c0:5d:22:78:7e:86:e1:b5:83:9e:12:76:
fe:54:2a:03:80:15:ef:6c:60:29:5e:8c:4b:f3:bd:
42:91:15:f7:0b:ba:31:a5:94:30:91:dd:06:af:a1:
2d:e2:48:02:11:c7:3f:35:e7:c9:7e:08:54:db:56:
0f:b1:ca:60:cc:24:f2:b6:17:6b:5e:e5:e7:ec:f5:
50:40:51:79:4a:22:d5:6c:e5:1e:0e:6b:eb:93:19:
15:22:53:c1:b8:25:ea:21:2e:86:73:6b:0f:4e:c2:
6d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:98:ED:69:BF:A0:BD:CF:59:4A:2D:D5:B7:F2:23:84:F5:05:B8:A5
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/jZjtab-gvc9ZSi3Vt_IjhPUFuKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
90:98:ce:69:a1:4c:97:b2:d9:58:03:10:e3:2a:14:6d:6e:cf:
7a:3e:f0:75:74:51:8d:cb:7b:a5:a7:91:fd:43:df:a0:84:53:
3b:35:8d:86:e5:7c:52:72:2e:88:e4:3a:d7:5f:d1:50:41:a1:
b4:55:14:2b:09:dd:d9:ff:f4:a4:9c:e9:ad:ca:3d:91:27:b3:
5f:b7:44:47:3d:01:6a:7d:b5:d3:1e:a7:08:af:3d:5c:26:b3:
cb:5a:14:a6:83:e0:5c:bd:91:89:3a:3e:e1:f3:45:03:c1:d7:
8b:e8:3e:8d:52:7c:23:13:17:4d:20:1b:6e:fb:56:d4:c4:8d:
56:10:ef:19:fd:96:71:b9:40:94:06:a9:f9:fc:53:fc:8e:b6:
36:49:d7:06:98:ae:b9:ca:73:42:70:97:f3:9d:c5:29:9f:76:
56:50:32:a0:d2:c3:9b:d6:79:05:d8:73:ff:e7:56:c8:11:b1:
e3:a1:ae:44:d9:92:2d:98:a5:e6:4a:c5:d9:93:d4:78:cb:0e:
23:f1:df:64:10:d7:f6:7b:93:62:9a:04:d1:4b:da:1d:7d:75:
39:e2:f0:48:58:1b:10:a4:eb:8b:a0:d9:63:d5:fe:4f:c5:f8:
cc:3e:4c:8d:27:95:39:32:27:cc:46:0e:af:46:39:01:a8:5f:
67:15:cf:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAWzDDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGQ1OTZjMWVhN2VjYmIxYmUxNzc3ZmMwZDM4ZWQwNmNhNDBlYWJlMB4XDTIyMDEy
NjAwNTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ5OGVkNjliZmEw
YmRjZjU5NGEyZGQ1YjdmMjIzODRmNTA1YjhhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvy0gpk6KAdaEGFYTjBY5aimpw//WdBGnSutTdcIkbJou/K
qakgPq39/fBAMUd2suLsAr3enP4YeC560ZqndXs4DTssU9D33OTO0hBrc4nn6ENb
BmQbRxyxlDggW6ApG7zsOtgVrHBIvyQ2t3ztl/XroOC5p3kxvmMn7eUelNFPfs/Q
rO4z4PgcnmPXm+AG2utIi9tbC0JAwF0ieH6G4bWDnhJ2/lQqA4AV72xgKV6MS/O9
QpEV9wu6MaWUMJHdBq+hLeJIAhHHPzXnyX4IVNtWD7HKYMwk8rYXa17l5+z1UEBR
eUoi1WzlHg5r65MZFSJTwbgl6iEuhnNrD07CbYsCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSNmO1pv6C9z1lKLdW38iOE9QW4pTAfBgNVHSMEGDAWgBQt1ZbB6n7Lsb4X
d/wNOO0GykDqvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xkV1d3ZXAteTdHLUYzZjhEVGp0QnNwQTZyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvMzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8x
L2paanRhYi1ndmM5WlNpM1Z0X0lqaFBVRnVLVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
MzYzZWNjLTJhYTEtNDI4MS05NWIxLThiMGZjMDc4NThkNi8xL0xkV1d3ZXAteTdH
LUYzZjhEVGp0QnNwQTZyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEACXkggMEAF73jwMEArlhBAMEAcJo
cgMEAMJolTANBAIAAjAHAwUCKgYBwDANBgkqhkiG9w0BAQsFAAOCAQEAkJjOaaFM
l7LZWAMQ4yoUbW7Pej7wdXRRjct7paeR/UPfoIRTOzWNhuV8UnIuiOQ611/RUEGh
tFUUKwnd2f/0pJzprco9kSezX7dERz0Ban210x6nCK89XCazy1oUpoPgXL2RiTo+
4fNFA8HXi+g+jVJ8IxMXTSAbbvtW1MSNVhDvGf2WcblAlAap+fxT/I62NknXBpiu
ucpzQnCX853FKZ92VlAyoNLDm9Z5Bdhz/+dWyBGx46GuRNmSLZil5krF2ZPUeMsO
I/HfZBDX9nuTYpoE0UvaHX11OeLwSFgbEKTri6DZY9X+T8X4zD5MjSeVOTInzEYO
r0Y5AahfZxXPag==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:41 2024 by rpki-client on console-ams.rpki-client.org