Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/jau0NnlRIbpprlBD-jL-PTV1q5g.roa
File: jau0NnlRIbpprlBD-jL-PTV1q5g.roa (raw, json)
Hash identifier: k5RouerAG35GsfIXKMhTY2ckayK1S5EEXjir8TMMEFg=
Subject key identifier: 8D:AB:B4:36:79:51:21:BA:69:AE:50:43:FA:32:FE:3D:35:75:AB:98
Certificate issuer: /CN=d648294443aed16d06b86af14f5a5f0a5083774a
Certificate serial: 27CEA968
Authority key identifier: D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/jau0NnlRIbpprlBD-jL-PTV1q5g.roa
Signing time: Tue 18 Jan 2022 21:12:07 +0000
ROA not before: Tue 18 Jan 2022 21:12:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197712
IP address blocks: 185.34.192.0/22 maxlen: 24
46.16.56.0/21 maxlen: 24
185.42.104.0/22 maxlen: 24
134.0.8.0/21 maxlen: 24
185.66.40.0/22 maxlen: 24
185.22.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 667855208 (0x27cea968)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d648294443aed16d06b86af14f5a5f0a5083774a
Validity
Not Before: Jan 18 21:12:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dabb436795121ba69ae5043fa32fe3d3575ab98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:2d:d1:9a:05:c2:da:86:47:59:ef:9c:a5:
5c:2c:e0:49:8d:12:dd:39:0d:2b:4e:b9:20:5d:96:
7c:79:91:14:62:62:fb:f1:1d:ca:1d:f4:63:49:43:
cf:95:b9:71:75:7a:c9:8c:2d:b1:74:d6:6b:4a:a3:
18:34:22:49:47:43:d7:ba:63:b5:a8:25:86:df:37:
27:d5:9b:56:98:92:d1:82:dd:8b:81:c4:05:7d:29:
5a:19:03:58:e4:df:8f:c9:21:a6:6a:5d:2c:37:52:
d1:29:8b:96:6a:68:16:f5:e3:13:e7:92:1c:10:8a:
4b:3d:38:13:f7:de:51:df:af:98:2b:04:18:43:7a:
66:fd:6b:8d:4f:f9:62:f3:4d:e2:4d:0d:cb:c7:c9:
da:85:fe:04:53:5c:11:39:b8:98:8f:71:33:8b:15:
b3:b9:af:89:92:77:a3:8c:19:df:6e:77:3a:a7:11:
4c:e4:f4:7d:23:8a:2f:de:3f:4e:79:9e:9a:df:32:
21:5d:3b:de:01:b8:c5:7b:fa:2d:7b:cf:54:3b:5b:
b2:5c:2f:a2:8a:5b:87:7e:96:18:7c:7a:56:3a:b4:
b1:2d:f8:0d:ec:9d:8f:40:82:bb:15:e5:55:52:98:
4c:f6:49:9f:b4:42:b4:5c:d0:4d:71:00:8e:c1:b2:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AB:B4:36:79:51:21:BA:69:AE:50:43:FA:32:FE:3D:35:75:AB:98
X509v3 Authority Key Identifier:
keyid:D6:48:29:44:43:AE:D1:6D:06:B8:6A:F1:4F:5A:5F:0A:50:83:77:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1kgpREOu0W0GuGrxT1pfClCDd0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/jau0NnlRIbpprlBD-jL-PTV1q5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b587e9-33a9-4a86-8cd9-e57cc81f5233/1/1kgpREOu0W0GuGrxT1pfClCDd0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.56.0/21
134.0.8.0/21
185.22.200.0/22
185.34.192.0/22
185.42.104.0/22
185.66.40.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:cc:61:3d:0e:78:2d:42:96:11:6e:8d:da:27:cd:5a:fd:cf:
5a:47:c2:48:84:5f:b8:99:f4:17:4a:9c:2f:9e:eb:22:bc:20:
16:c4:65:9b:8e:14:af:35:e4:2a:b3:9a:28:b5:91:03:f7:13:
30:f8:7e:30:7a:6d:a9:66:79:c8:cd:8b:c7:53:82:50:51:6d:
74:b4:82:91:92:c3:a2:84:96:60:29:99:09:5b:4e:80:c3:99:
e5:33:ed:0e:e1:42:70:05:1a:38:28:e3:3e:83:4d:37:8f:d6:
b0:8f:40:73:f6:ae:77:dc:a3:e9:34:33:21:80:15:cd:31:df:
e9:9e:e1:38:b7:6e:5e:8b:48:e9:ea:11:2c:7f:cc:b9:3f:6f:
02:0e:23:6b:2a:9d:98:2e:12:1d:a7:1c:e6:52:60:df:35:c5:
9a:2f:43:8d:1e:36:f9:d8:1b:66:ba:33:1c:fa:2f:e2:25:63:
66:5a:81:0d:6b:46:4b:4d:c8:92:7e:d7:39:a0:62:60:69:eb:
72:c1:d9:e4:3b:1c:39:56:86:c2:f1:8d:03:71:5a:2a:9e:c8:
e0:e4:d5:d3:a5:7f:e7:ff:0f:21:4e:f1:0d:91:9a:a9:91:23:
6f:a1:dc:a7:81:07:e9:c9:98:99:fe:67:fa:90:cf:2b:2d:63:
5d:a1:aa:8a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEJ86paDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjQ4Mjk0NDQzYWVkMTZkMDZiODZhZjE0ZjVhNWYwYTUwODM3NzRhMB4XDTIyMDEx
ODIxMTIwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRhYmI0MzY3OTUx
MjFiYTY5YWU1MDQzZmEzMmZlM2QzNTc1YWI5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl5LdGaBcLahkdZ75ylXCzgSY0S3TkNK065IF2WfHmRFGJi
+/Edyh30Y0lDz5W5cXV6yYwtsXTWa0qjGDQiSUdD17pjtaglht83J9WbVpiS0YLd
i4HEBX0pWhkDWOTfj8khpmpdLDdS0SmLlmpoFvXjE+eSHBCKSz04E/feUd+vmCsE
GEN6Zv1rjU/5YvNN4k0Ny8fJ2oX+BFNcETm4mI9xM4sVs7mviZJ3o4wZ3253OqcR
TOT0fSOKL94/Tnmemt8yIV073gG4xXv6LXvPVDtbslwvoopbh36WGHx6Vjq0sS34
Deydj0CCuxXlVVKYTPZJn7RCtFzQTXEAjsGyONsCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSNq7Q2eVEhummuUEP6Mv49NXWrmDAfBgNVHSMEGDAWgBTWSClEQ67RbQa4
avFPWl8KUIN3SjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFrZ3BSRU91MFcwR3VHcnhUMXBmQ2xDRGQwby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvYjU4N2U5LTMzYTktNGE4Ni04Y2Q5LWU1N2NjODFmNTIzMy8x
L2phdTBObmxSSWJwcHJsQkQtakwtUFRWMXE1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
YjU4N2U5LTMzYTktNGE4Ni04Y2Q5LWU1N2NjODFmNTIzMy8xLzFrZ3BSRU91MFcw
R3VHcnhUMXBmQ2xDRGQwby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAy4QOAMEA4YACAMEArkWyAMEArki
wAMEArkqaAMEArlCKDANBgkqhkiG9w0BAQsFAAOCAQEArsxhPQ54LUKWEW6N2ifN
Wv3PWkfCSIRfuJn0F0qcL57rIrwgFsRlm44UrzXkKrOaKLWRA/cTMPh+MHptqWZ5
yM2Lx1OCUFFtdLSCkZLDooSWYCmZCVtOgMOZ5TPtDuFCcAUaOCjjPoNNN4/WsI9A
c/aud9yj6TQzIYAVzTHf6Z7hOLduXotI6eoRLH/MuT9vAg4jayqdmC4SHacc5lJg
3zXFmi9DjR42+dgbZrozHPov4iVjZlqBDWtGS03Ikn7XOaBiYGnrcsHZ5DscOVaG
wvGNA3FaKp7I4OTV06V/5/8PIU7xDZGaqZEjb6Hcp4EH6cmYmf5n+pDPKy1jXaGq
ig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org