Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/JZIAUORkSyTqxlPu1Lw5elvgHtU.roa
File: JZIAUORkSyTqxlPu1Lw5elvgHtU.roa (raw, json)
Hash identifier: APRHn6Qlz60IhXZ9UnwS2raEzBxbdLkIz52hvRZqNvY=
Subject key identifier: 25:92:00:50:E4:64:4B:24:EA:C6:53:EE:D4:BC:39:7A:5B:E0:1E:D5
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 44CFBB6D
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/JZIAUORkSyTqxlPu1Lw5elvgHtU.roa
Signing time: Sat 01 Jan 2022 14:06:48 +0000
ROA not before: Sat 01 Jan 2022 14:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21155
IP address blocks: 91.216.162.0/24 maxlen: 24
81.4.112.0/22 maxlen: 22
81.4.116.0/22 maxlen: 22
81.4.64.0/19 maxlen: 19
185.95.68.0/22 maxlen: 22
81.4.96.0/22 maxlen: 22
193.93.172.0/22 maxlen: 22
91.142.240.0/20 maxlen: 20
85.158.248.0/21 maxlen: 21
80.84.224.0/19 maxlen: 19
193.242.119.0/24 maxlen: 24
83.96.128.0/17 maxlen: 17
91.205.32.0/22 maxlen: 22
141.255.176.0/22 maxlen: 24
2001:828::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154464621 (0x44cfbb6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 14:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25920050e4644b24eac653eed4bc397a5be01ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:01:21:41:94:94:02:8f:93:3c:27:93:a1:1b:
85:68:fe:b4:ec:40:a6:a7:03:53:17:9c:77:cf:ca:
ba:13:2a:70:0e:89:7d:85:9c:33:d5:a5:19:b4:a8:
51:1a:3a:c9:be:1a:ed:63:42:26:ee:9b:84:26:de:
ad:96:0f:17:04:82:73:60:e5:35:8d:e5:02:88:ca:
b7:89:88:60:68:1a:c9:e4:1c:5c:3e:63:33:e5:bf:
36:57:a5:a8:11:f1:d1:7b:4e:98:75:f2:79:59:fc:
6e:6d:8a:e2:20:db:3e:8a:f5:32:78:af:2c:da:73:
5f:f0:12:d3:31:66:f6:f5:d6:87:9b:40:27:e9:78:
8b:8e:82:ef:ad:3a:d4:5e:ac:a7:f6:4c:17:ff:6b:
46:c0:44:c0:64:68:07:97:39:d0:5f:ea:8c:57:9f:
f9:36:62:80:e0:62:d3:ce:ca:fa:27:10:75:55:ca:
82:a5:ad:f7:11:ff:ad:b1:47:48:c2:82:42:47:30:
af:97:d7:77:42:40:61:2a:87:06:5a:b6:a8:23:c4:
99:ed:3a:93:6a:7d:91:e9:c0:04:5f:a6:d3:ad:87:
48:d5:31:53:a7:88:69:43:f1:01:04:ee:3d:68:53:
4f:49:5c:65:4c:17:d2:3f:90:01:93:cc:f5:91:da:
9d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:92:00:50:E4:64:4B:24:EA:C6:53:EE:D4:BC:39:7A:5B:E0:1E:D5
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/JZIAUORkSyTqxlPu1Lw5elvgHtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.224.0/19
81.4.64.0-81.4.99.255
81.4.112.0/21
83.96.128.0/17
85.158.248.0/21
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
141.255.176.0/22
185.95.68.0/22
193.93.172.0/22
193.242.119.0/24
IPv6:
2001:828::/32
Signature Algorithm: sha256WithRSAEncryption
1d:08:ff:96:89:32:1f:96:e3:9b:72:b1:96:dc:78:62:f1:bd:
94:be:97:7e:32:7f:7b:ae:fc:1a:1b:f1:b7:54:2f:d2:e6:83:
82:30:23:28:75:f5:7a:f7:ca:3d:e1:bb:56:56:e6:aa:0c:fe:
b2:c1:73:a2:a4:5b:c3:1f:ec:a7:9b:ef:60:1c:dc:23:de:4c:
e7:71:1c:52:ea:80:3d:9e:47:ac:e3:17:8d:20:72:b9:40:58:
5f:00:00:68:f9:a7:5c:7e:f9:a5:95:c3:54:90:76:ba:24:65:
b5:20:81:5f:47:79:36:24:8d:c6:00:5a:a6:7a:49:ef:a5:f0:
86:d5:b3:51:e4:38:5a:24:dd:52:0b:93:74:58:d8:7e:bd:eb:
70:02:3e:91:34:f5:6c:b8:d4:cb:d2:18:78:ff:65:04:94:46:
c4:07:cb:f9:f1:06:b3:1b:d5:b9:be:4b:06:90:fa:e1:e8:05:
d8:b5:1a:5a:22:2c:e3:b2:d7:74:18:81:c0:60:00:a2:40:2f:
5b:51:e8:60:fe:4b:f9:14:04:65:53:79:1c:ee:51:26:d7:5f:
7b:14:9c:e6:65:66:76:cc:b9:37:5d:d6:50:3a:71:00:91:c7:
37:be:c4:b7:b4:cb:7a:fe:b5:44:04:ae:2b:02:9f:2e:63:de:
27:92:79:ca
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIERM+7bTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTEzNjljY2JmODZiMWU4NGUxYWViNDZlNmQzMzZkMzlmNzUyYWU3MB4XDTIyMDEw
MTE0MDY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjU5MjAwNTBlNDY0
NGIyNGVhYzY1M2VlZDRiYzM5N2E1YmUwMWVkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIUBIUGUlAKPkzwnk6EbhWj+tOxApqcDUxecd8/KuhMqcA6J
fYWcM9WlGbSoURo6yb4a7WNCJu6bhCberZYPFwSCc2DlNY3lAojKt4mIYGgayeQc
XD5jM+W/NlelqBHx0XtOmHXyeVn8bm2K4iDbPor1MnivLNpzX/AS0zFm9vXWh5tA
J+l4i46C76061F6sp/ZMF/9rRsBEwGRoB5c50F/qjFef+TZigOBi087K+icQdVXK
gqWt9xH/rbFHSMKCQkcwr5fXd0JAYSqHBlq2qCPEme06k2p9kenABF+m062HSNUx
U6eIaUPxAQTuPWhTT0lcZUwX0j+QAZPM9ZHanQkCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQlkgBQ5GRLJOrGU+7UvDl6W+Ae1TAfBgNVHSMEGDAWgBT1E2nMv4ax6E4a
60bm0zbTn3Uq5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8x
L0paSUFVT1JrU3lUcXhsUHUxTHc1ZWx2Z0h0VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8xLzlSTnB6TC1Hc2Vo
T0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwVgQCAAEwUAMEBVBU4DAMAwQGUQRAAwQCUQRgAwQD
UQRwAwQHU2CAAwQDVZ74AwQEW47wAwQCW80gAwQAW9iiAwQCjf+wAwQCuV9EAwQC
wV2sAwQAwfJ3MA0EAgACMAcDBQAgAQgoMA0GCSqGSIb3DQEBCwUAA4IBAQAdCP+W
iTIfluObcrGW3Hhi8b2Uvpd+Mn97rvwaG/G3VC/S5oOCMCModfV698o94btWVuaq
DP6ywXOipFvDH+ynm+9gHNwj3kzncRxS6oA9nkes4xeNIHK5QFhfAABo+adcfvml
lcNUkHa6JGW1IIFfR3k2JI3GAFqmeknvpfCG1bNR5DhaJN1SC5N0WNh+vetwAj6R
NPVsuNTL0hh4/2UElEbEB8v58QazG9W5vksGkPrh6AXYtRpaIizjstd0GIHAYACi
QC9bUehg/kv5FARlU3kc7lEm1197FJzmZWZ2zLk3XdZQOnEAkcc3vsS3tMt6/rVE
BK4rAp8uY94nknnK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org