Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/jox4nqfGG1oU9MjWL704JfBdMQM.roa
File: jox4nqfGG1oU9MjWL704JfBdMQM.roa (raw, json)
Hash identifier: hriQ0Pa2HATyP4buc8bOAK3hJYgu9lVXukdHBpVY05U=
Subject key identifier: 8E:8C:78:9E:A7:C6:1B:5A:14:F4:C8:D6:2F:BD:38:25:F0:5D:31:03
Certificate issuer: /CN=1820f13139161384eaf13a1f7db60e2c68a43956
Certificate serial: 0A47A754
Authority key identifier: 18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/jox4nqfGG1oU9MjWL704JfBdMQM.roa
Signing time: Wed 27 Apr 2022 15:43:04 +0000
ROA not before: Wed 27 Apr 2022 15:43:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42611
IP address blocks: 84.18.224.0/19 maxlen: 24
85.208.12.0/22 maxlen: 24
91.193.8.0/22 maxlen: 24
2a09:8040::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172468052 (0xa47a754)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1820f13139161384eaf13a1f7db60e2c68a43956
Validity
Not Before: Apr 27 15:43:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8e8c789ea7c61b5a14f4c8d62fbd3825f05d3103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6f:ad:4c:03:4e:e3:2d:10:51:41:36:a7:3e:
fd:36:7c:d5:c9:28:bc:1a:2c:c7:86:c7:40:bd:7c:
ff:c1:d5:ef:de:7d:6a:10:c6:aa:2f:e2:35:7b:6b:
e2:3d:96:cb:6d:40:18:f9:0e:d9:6e:3d:70:62:52:
ac:f6:5d:d2:5f:24:5f:5e:1a:bf:78:11:0a:4f:1e:
eb:7a:e6:6a:3c:c2:e8:42:24:89:9f:84:33:e0:cd:
4a:f7:07:13:e6:7a:53:47:6a:5b:92:76:b4:a3:9e:
ce:5a:07:55:e7:57:9b:7c:fc:32:d0:e6:98:1b:a7:
e3:5b:c8:62:0c:7c:55:77:68:fb:fa:e2:91:04:de:
a9:db:e0:7f:f0:e8:8c:50:21:29:92:55:09:d7:68:
d8:0b:9d:67:32:ab:30:5a:a2:c3:75:1d:46:a7:56:
6f:52:a1:5d:94:21:64:e4:1d:7a:0c:e7:1a:aa:65:
88:97:b6:aa:46:89:17:4b:b8:49:8c:b2:a5:ba:d4:
0d:99:f7:5e:26:3d:c4:80:f3:6e:60:67:48:0b:5c:
af:1f:b6:ce:87:43:8e:2a:6e:75:ec:e6:4e:d3:a0:
6c:eb:47:4b:08:53:db:2a:17:10:6a:db:1f:49:a5:
0f:c7:12:49:e4:32:1f:7d:2e:f3:7e:91:5c:20:1e:
8f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:8C:78:9E:A7:C6:1B:5A:14:F4:C8:D6:2F:BD:38:25:F0:5D:31:03
X509v3 Authority Key Identifier:
keyid:18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/jox4nqfGG1oU9MjWL704JfBdMQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.224.0/19
85.208.12.0/22
91.193.8.0/22
IPv6:
2a09:8040::/29
Signature Algorithm: sha256WithRSAEncryption
6a:99:87:5a:dd:e8:d1:ae:d0:f6:e7:f4:e9:8f:da:ac:09:35:
b3:1f:38:9d:66:b1:66:b6:65:e6:23:43:7b:b9:f6:c8:79:22:
a4:e9:47:cd:c9:46:4b:00:5f:c0:83:7e:8c:73:4c:82:1d:dd:
bc:d0:df:cd:48:f1:f3:18:ba:5e:9e:cd:68:3a:21:dc:47:3b:
43:32:ce:2e:11:21:00:29:e9:79:16:00:86:2a:31:09:89:93:
4d:2a:2c:5b:1d:ae:ff:b3:5e:d5:c7:be:45:7c:66:64:89:40:
9d:d9:d9:c5:36:ec:b7:7d:be:a1:aa:67:ea:5c:56:24:f4:df:
ce:94:e2:0b:a9:b6:d4:25:9e:65:75:c7:ce:e6:ea:85:c7:19:
48:77:e1:1e:c0:fe:f7:93:70:b8:72:25:ed:87:8b:53:92:27:
23:df:f6:fe:b3:37:1a:23:18:73:dc:e4:b5:ce:c7:43:37:91:
19:b4:b7:18:a1:bc:d8:27:26:28:15:4f:4e:38:25:b5:17:ed:
b5:9e:63:61:4c:af:75:b1:a6:3e:86:c0:7c:ab:bb:7e:6e:15:
dc:61:c3:6f:9d:d9:33:d5:41:e3:34:cd:d7:4d:e0:d3:60:78:
5a:fe:fb:83:d5:7e:5a:54:f3:71:7c:86:3c:fb:eb:61:7b:a9:
10:77:0c:da
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECkenVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODIwZjEzMTM5MTYxMzg0ZWFmMTNhMWY3ZGI2MGUyYzY4YTQzOTU2MB4XDTIyMDQy
NzE1NDMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGU4Yzc4OWVhN2M2
MWI1YTE0ZjRjOGQ2MmZiZDM4MjVmMDVkMzEwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZvrUwDTuMtEFFBNqc+/TZ81ckovBosx4bHQL18/8HV7959
ahDGqi/iNXtr4j2Wy21AGPkO2W49cGJSrPZd0l8kX14av3gRCk8e63rmajzC6EIk
iZ+EM+DNSvcHE+Z6U0dqW5J2tKOezloHVedXm3z8MtDmmBun41vIYgx8VXdo+/ri
kQTeqdvgf/DojFAhKZJVCddo2AudZzKrMFqiw3UdRqdWb1KhXZQhZOQdegznGqpl
iJe2qkaJF0u4SYyypbrUDZn3XiY9xIDzbmBnSAtcrx+2zodDjipudezmTtOgbOtH
SwhT2yoXEGrbH0mlD8cSSeQyH30u836RXCAejxECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSOjHiep8YbWhT0yNYvvTgl8F0xAzAfBgNVHSMEGDAWgBQYIPExORYThOrx
Oh99tg4saKQ5VjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dDRHhNVGtXRTRUcThUb2ZmYllPTEdpa09WWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWYvNjBkYzBmLTBhZWQtNGJlZS05MGI3LTM2N2RjMzg1MjYxYS8x
L2pveDRucWZHRzFvVTlNaldMNzA0SmZCZE1RTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYv
NjBkYzBmLTBhZWQtNGJlZS05MGI3LTM2N2RjMzg1MjYxYS8xL0dDRHhNVGtXRTRU
cThUb2ZmYllPTEdpa09WWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBVQS4AMEAlXQDAMEAlvBCDANBAIA
AjAHAwUDKgmAQDANBgkqhkiG9w0BAQsFAAOCAQEAapmHWt3o0a7Q9uf06Y/arAk1
sx84nWaxZrZl5iNDe7n2yHkipOlHzclGSwBfwIN+jHNMgh3dvNDfzUjx8xi6Xp7N
aDoh3Ec7QzLOLhEhACnpeRYAhioxCYmTTSosWx2u/7Ne1ce+RXxmZIlAndnZxTbs
t32+oapn6lxWJPTfzpTiC6m21CWeZXXHzubqhccZSHfhHsD+95NwuHIl7YeLU5In
I9/2/rM3GiMYc9zktc7HQzeRGbS3GKG82CcmKBVPTjgltRfttZ5jYUyvdbGmPobA
fKu7fm4V3GHDb53ZM9VB4zTN103g02B4Wv77g9V+WlTzcXyGPPvrYXupEHcM2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:29 2024 by rpki-client on console-ams.rpki-client.org