Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/jCq7gsVwhNFxeFecRPGZptANwnw.roa
File: jCq7gsVwhNFxeFecRPGZptANwnw.roa (raw, json)
Hash identifier: H1GCB94SML7CqxcL4qpUZrU2Z2yc3KLZpmyH5Tg1eII=
Subject key identifier: 8C:2A:BB:82:C5:70:84:D1:71:78:57:9C:44:F1:99:A6:D0:0D:C2:7C
Certificate issuer: /CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
Certificate serial: 0183BD5E5E5AD6461BF2C4BC620CE04520F2
Authority key identifier: 9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/jCq7gsVwhNFxeFecRPGZptANwnw.roa
Signing time: Sun 09 Oct 2022 15:30:21 +0000
ROA not before: Sun 09 Oct 2022 15:30:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42892
IP address blocks: 94.45.192.0/22 maxlen: 22
94.45.192.0/19 maxlen: 19
94.45.196.0/22 maxlen: 22
94.45.199.0/24 maxlen: 24
94.45.204.0/22 maxlen: 22
94.45.200.0/22 maxlen: 22
94.45.208.0/22 maxlen: 22
94.45.212.0/22 maxlen: 22
94.45.220.0/22 maxlen: 22
91.193.222.0/23 maxlen: 23
91.193.220.0/22 maxlen: 22
176.120.224.0/21 maxlen: 21
176.120.224.0/19 maxlen: 19
176.120.239.0/24 maxlen: 24
176.120.237.0/24 maxlen: 24
176.120.238.0/24 maxlen: 24
176.120.236.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bd:5e:5e:5a:d6:46:1b:f2:c4:bc:62:0c:e0:45:20:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
Validity
Not Before: Oct 9 15:30:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c2abb82c57084d17178579c44f199a6d00dc27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ac:a3:a2:66:53:4c:00:0e:db:b1:12:22:f3:
e4:63:e8:b7:10:aa:36:68:bb:eb:02:a9:e6:eb:bc:
20:12:78:07:31:3a:5b:bb:d6:6d:cf:34:fa:18:05:
64:1d:56:1b:db:18:8a:86:7e:ba:2d:36:8a:0a:13:
08:71:2c:0a:16:6c:b0:2f:ce:75:7c:47:50:dc:a2:
cb:87:c3:60:5e:d2:b0:67:c7:8b:bc:d3:b5:07:c0:
57:9b:42:1f:4c:7e:54:66:22:70:82:7d:44:9f:88:
97:d2:c3:15:26:df:d8:a0:27:1d:d5:cf:eb:8a:9c:
78:62:94:42:4d:f1:a8:82:86:c7:18:ac:3a:08:31:
74:07:43:45:7c:cf:24:85:df:0c:bb:6f:32:58:18:
22:49:c0:1f:83:23:2d:b1:46:71:8e:5e:4f:6c:fb:
41:d9:a6:35:8a:12:b1:9c:4a:f6:35:fb:ac:7b:79:
bb:81:29:1d:69:e1:de:48:0e:c9:50:d8:a4:21:9b:
13:ed:bb:d4:8b:8f:6f:24:d1:e9:6d:2a:ce:dc:f7:
52:df:4f:0c:2e:c7:48:35:c6:02:fb:f5:95:ff:54:
0a:07:54:8c:4b:f8:c9:57:7c:7e:e6:81:c6:2f:13:
40:90:b6:56:8b:ff:63:38:49:10:28:65:ff:c6:3c:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2A:BB:82:C5:70:84:D1:71:78:57:9C:44:F1:99:A6:D0:0D:C2:7C
X509v3 Authority Key Identifier:
keyid:9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/jCq7gsVwhNFxeFecRPGZptANwnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/n8wvPua1w_9txTRqdTVQb6gkEj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.220.0/22
94.45.192.0/19
176.120.224.0/19
Signature Algorithm: sha256WithRSAEncryption
43:04:75:eb:2e:ba:f3:2f:b0:8e:d3:41:f7:ec:5e:c9:53:ba:
7f:e7:10:ef:9c:44:02:72:ea:1d:8c:53:0f:dc:02:c9:a5:38:
27:9e:a1:df:c8:19:c4:a5:23:62:59:38:bd:88:dd:55:9a:7c:
4d:7c:5c:e7:2b:06:89:9f:d2:6d:fa:f2:ae:de:b8:87:6d:54:
8c:3e:c4:d0:07:02:d8:f3:9d:33:9f:c0:85:b2:8c:4e:00:20:
53:6c:af:43:22:6d:e1:80:95:49:eb:ac:69:6a:e5:1f:93:17:
13:80:7b:48:d1:1b:e7:8d:f4:12:94:c3:2a:4c:36:19:db:6d:
e1:a6:02:95:32:a9:00:be:ad:dd:dc:93:5d:b9:e1:22:b3:77:
b7:13:45:ad:da:e0:4b:ea:2c:74:65:0f:cf:07:cf:1f:f1:91:
05:f5:b4:c4:26:37:c6:21:98:01:5e:17:38:b9:42:d7:6d:45:
bd:35:4d:bd:44:51:06:48:26:cc:a9:8f:21:e2:94:2f:d8:fb:
d4:54:ac:23:5d:38:db:f6:7e:6e:49:fd:e4:db:c1:10:92:f4:
96:f3:1e:33:98:f7:72:87:8e:b0:94:6b:f4:e3:c6:8b:b7:36:
13:60:27:9c:95:b2:4e:40:b4:58:ac:13:79:22:b7:0b:5e:9d:
c3:12:d0:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYO9Xl5a1kYb8sS8YgzgRSDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmY2MyZjNlZTZiNWMzZmY2ZGM1MzQ2YTc1MzU1MDZmYTgy
NDEyM2UwHhcNMjIxMDA5MTUzMDIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzJhYmI4MmM1NzA4NGQxNzE3ODU3OWM0NGYxOTlhNmQwMGRjMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqyjomZTTAAO27ESIvPkY+i3EKo2
aLvrAqnm67wgEngHMTpbu9ZtzzT6GAVkHVYb2xiKhn66LTaKChMIcSwKFmywL851
fEdQ3KLLh8NgXtKwZ8eLvNO1B8BXm0IfTH5UZiJwgn1En4iX0sMVJt/YoCcd1c/r
ipx4YpRCTfGogobHGKw6CDF0B0NFfM8khd8Mu28yWBgiScAfgyMtsUZxjl5PbPtB
2aY1ihKxnEr2Nfuse3m7gSkdaeHeSA7JUNikIZsT7bvUi49vJNHpbSrO3PdS308M
LsdINcYC+/WV/1QKB1SMS/jJV3x+5oHGLxNAkLZWi/9jOEkQKGX/xjznbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIwqu4LFcITRcXhXnETxmabQDcJ8MB8GA1UdIwQY
MBaAFJ/MLz7mtcP/bcU0anU1UG+oJBI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUt
OGJmMDRhZjRiMmI0LzEvakNxN2dzVndoTkZ4ZUZlY1JQR1pwdEFOd253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUtOGJmMDRhZjRiMmI0
LzEvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8HcAwQF
Xi3AAwQFsHjgMA0GCSqGSIb3DQEBCwUAA4IBAQBDBHXrLrrzL7CO00H37F7JU7p/
5xDvnEQCcuodjFMP3ALJpTgnnqHfyBnEpSNiWTi9iN1VmnxNfFznKwaJn9Jt+vKu
3riHbVSMPsTQBwLY850zn8CFsoxOACBTbK9DIm3hgJVJ66xpauUfkxcTgHtI0Rvn
jfQSlMMqTDYZ223hpgKVMqkAvq3d3JNdueEis3e3E0Wt2uBL6ix0ZQ/PB88f8ZEF
9bTEJjfGIZgBXhc4uULXbUW9NU29RFEGSCbMqY8h4pQv2PvUVKwjXTjb9n5uSf3k
28EQkvSW8x4zmPdyh46wlGv048aLtzYTYCeclbJOQLRYrBN5IrcLXp3DEtCs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:05 2024 by rpki-client on console-ams.rpki-client.org