Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/jXK-OTmpLRH6lMVWcBrb-yXVDWU.roa
File: jXK-OTmpLRH6lMVWcBrb-yXVDWU.roa (raw, json)
Hash identifier: IIa8+7g3g60CDbWwm6fCQ89KGW0bcbqKHioxyz9duBY=
Subject key identifier: 8D:72:BE:39:39:A9:2D:11:FA:94:C5:56:70:1A:DB:FB:25:D5:0D:65
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 07FFCBF9
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/jXK-OTmpLRH6lMVWcBrb-yXVDWU.roa
Signing time: Wed 27 Apr 2022 12:53:25 +0000
ROA not before: Wed 27 Apr 2022 12:53:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 185.231.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134204409 (0x7ffcbf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Apr 27 12:53:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d72be3939a92d11fa94c556701adbfb25d50d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6b:17:67:2a:1c:9f:fb:64:bf:28:81:ed:2d:
8a:36:b0:0f:72:5b:61:91:85:8b:f2:f7:2b:a6:7c:
27:03:46:a3:ab:2b:e4:8e:16:14:e0:cb:0a:7d:a9:
4a:ed:27:d0:d1:60:59:1f:cb:f1:48:3e:30:bc:cc:
43:24:69:97:3d:5c:99:ea:df:4a:1e:b0:66:29:ad:
f9:70:56:eb:87:59:48:27:28:e0:90:c1:89:16:f3:
00:21:fa:a1:73:e8:d6:af:05:18:b4:65:3a:91:69:
d6:d1:cd:2d:66:1a:77:00:8a:68:84:c5:5c:c0:6b:
d2:ab:d6:82:f0:46:a8:82:64:3c:ba:26:71:bf:ed:
65:ba:91:6d:e6:96:f2:cf:1e:99:7d:2d:02:57:9a:
dd:6c:56:b3:e7:ef:4a:53:8a:9e:35:4a:86:9b:be:
05:36:76:06:b7:9f:d6:00:94:b8:a4:f3:c6:bf:25:
3c:4e:4e:32:16:3b:16:79:d9:f3:00:d8:72:e9:0c:
8f:a3:89:0f:5b:63:b4:61:ac:28:68:8b:a9:b3:72:
f3:02:1d:3e:04:e6:27:ad:d1:4b:9c:63:b7:df:a8:
2d:c4:08:1a:7b:bb:34:46:1c:a4:c6:31:fb:f3:7c:
cd:a7:6f:9e:10:70:d3:dd:c6:4e:f8:73:92:2e:33:
e7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:72:BE:39:39:A9:2D:11:FA:94:C5:56:70:1A:DB:FB:25:D5:0D:65
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/jXK-OTmpLRH6lMVWcBrb-yXVDWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:41:f7:4e:0e:eb:5f:2e:87:6a:1d:6b:b7:27:6f:38:c0:01:
d8:57:b9:27:68:48:37:ca:98:6d:bc:ad:11:96:b8:8d:f3:0b:
26:b7:a8:92:d0:cf:a8:5d:50:40:d7:a1:58:a8:a1:30:1f:fd:
a8:e9:b3:49:77:1d:89:01:9b:62:d8:c9:b8:67:4d:12:6d:fe:
80:85:98:14:33:9e:55:1e:9e:db:cf:4c:41:db:48:14:76:b6:
8a:90:95:94:81:4a:01:7a:42:e6:3b:1c:7f:ac:20:65:f9:98:
cd:2c:22:8e:c1:e9:08:7c:85:48:14:4d:b1:bf:ef:85:89:98:
26:cf:e0:e7:e2:48:67:60:4f:56:3b:57:58:97:70:ee:7d:1f:
2d:4c:a1:c1:d3:e3:40:ca:ea:52:1b:8a:30:3c:3c:00:18:9d:
9d:de:eb:fe:b3:fb:86:fe:27:91:f4:d4:ba:d0:5c:5c:43:31:
a8:e9:60:e8:d1:27:3d:2e:a3:f2:a7:22:ae:b6:c0:da:67:84:
88:84:51:8e:8f:61:bb:cf:c2:6b:1c:94:fe:63:af:aa:77:33:
91:0c:1e:ac:03:97:3d:15:9f:82:de:92:b9:0e:2c:4e:61:15:
eb:96:73:fe:8c:72:8a:a5:e2:d7:c4:4a:8f:fa:7a:9a:70:69:
1d:00:e4:0d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEB//L+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTJlNzJhYmY3YjE3MjhmZGE2YWEwYjA0MTNkODg1NDgxMmVhMzYxMB4XDTIyMDQy
NzEyNTMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ3MmJlMzkzOWE5
MmQxMWZhOTRjNTU2NzAxYWRiZmIyNWQ1MGQ2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKRrF2cqHJ/7ZL8oge0tijawD3JbYZGFi/L3K6Z8JwNGo6sr
5I4WFODLCn2pSu0n0NFgWR/L8Ug+MLzMQyRplz1cmerfSh6wZimt+XBW64dZSCco
4JDBiRbzACH6oXPo1q8FGLRlOpFp1tHNLWYadwCKaITFXMBr0qvWgvBGqIJkPLom
cb/tZbqRbeaW8s8emX0tAlea3WxWs+fvSlOKnjVKhpu+BTZ2Bref1gCUuKTzxr8l
PE5OMhY7FnnZ8wDYcukMj6OJD1tjtGGsKGiLqbNy8wIdPgTmJ63RS5xjt9+oLcQI
Gnu7NEYcpMYx+/N8zadvnhBw093GTvhzki4z5x8CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSNcr45OaktEfqUxVZwGtv7JdUNZTAfBgNVHSMEGDAWgBT6LnKr97Fyj9pq
oLBBPYhUgS6jYTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzljL2Y2MTU5MS03Y2E4LTRhOWEtODk5Zi1hMzY2ZGEyNTFhODMv
MS9qWEstT1RtcExSSDZsTVZXY0JyYi15WFZEV1Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlj
L2Y2MTU5MS03Y2E4LTRhOWEtODk5Zi1hMzY2ZGEyNTFhODMvMS8xLWk1eXFfZXhj
b19hYXFDd1FUMklWSUV1bzJFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuefdMA0GCSqGSIb3DQEBCwUA
A4IBAQBMQfdODutfLodqHWu3J284wAHYV7knaEg3yphtvK0RlriN8wsmt6iS0M+o
XVBA16FYqKEwH/2o6bNJdx2JAZti2Mm4Z00Sbf6AhZgUM55VHp7bz0xB20gUdraK
kJWUgUoBekLmOxx/rCBl+ZjNLCKOwekIfIVIFE2xv++FiZgmz+Dn4khnYE9WO1dY
l3DufR8tTKHB0+NAyupSG4owPDwAGJ2d3uv+s/uG/ieR9NS60FxcQzGo6WDo0Sc9
LqPypyKutsDaZ4SIhFGOj2G7z8JrHJT+Y6+qdzORDB6sA5c9FZ+C3pK5DixOYRXr
lnP+jHKKpeLXxEqP+nqacGkdAOQN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:54 2024 by rpki-client on console-fra.rpki-client.org