Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/9q21xBfIgJoS5hxu-jjLS5uGngE.roa
File: 9q21xBfIgJoS5hxu-jjLS5uGngE.roa (raw, json)
Hash identifier: HWfzhpbh6Yj5yW4v8PXthrpqRvh1RgkFji+Vek4BeBA=
Subject key identifier: F6:AD:B5:C4:17:C8:80:9A:12:E6:1C:6E:FA:38:CB:4B:9B:86:9E:01
Certificate issuer: /CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Certificate serial: 0B5C377F
Authority key identifier: 24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/9q21xBfIgJoS5hxu-jjLS5uGngE.roa
Signing time: Sat 01 Jan 2022 02:00:29 +0000
ROA not before: Sat 01 Jan 2022 02:00:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1850
IP address blocks: 195.130.211.0/24 maxlen: 24
193.4.58.0/23 maxlen: 23
185.93.156.0/22 maxlen: 22
2001:67c:6c::/48 maxlen: 48
2001:7f8:48::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190592895 (0xb5c377f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2421ffb68eab97e24a90626d90498be7ed7066f0
Validity
Not Before: Jan 1 02:00:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6adb5c417c8809a12e61c6efa38cb4b9b869e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cf:ed:71:47:2f:ef:52:89:f7:8d:99:fc:3a:
9a:d9:bf:15:37:90:8b:52:fe:ef:6e:3a:44:7d:9a:
d7:bd:29:da:70:eb:32:c8:11:3b:97:c7:d0:80:bf:
88:1d:9c:0d:14:08:52:31:63:7d:d2:46:b3:26:0d:
58:39:92:f4:5b:e1:09:37:85:6e:d2:ee:8a:82:24:
a1:ea:69:d4:60:e0:bb:38:bd:d5:9f:ef:fb:e1:f6:
9e:2a:c4:fb:af:04:ef:27:aa:67:40:fd:14:a4:59:
66:29:90:46:2b:d3:65:cf:bf:19:07:46:ec:f4:37:
60:cc:d5:0d:8d:83:a7:a9:39:78:63:a0:d2:7d:50:
f5:2f:51:78:19:34:49:e1:3d:95:38:b6:e6:2d:ba:
f6:b8:f1:6e:8d:c9:1d:5a:64:62:13:9b:83:62:1c:
6a:99:11:83:fe:7d:38:0f:31:65:a5:12:7b:75:16:
4e:0a:6f:45:19:40:b0:87:41:bf:55:76:3c:ab:a7:
60:1c:c3:9e:65:42:1f:7f:92:30:68:c4:e4:7d:b3:
10:4d:09:5a:42:3a:86:e4:ed:65:6d:2b:85:2b:b7:
35:79:a1:9b:09:03:b4:38:90:83:e0:d8:ba:ed:e6:
ef:ab:d2:d2:44:dc:87:5c:f5:7a:09:a8:56:ff:ae:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:AD:B5:C4:17:C8:80:9A:12:E6:1C:6E:FA:38:CB:4B:9B:86:9E:01
X509v3 Authority Key Identifier:
keyid:24:21:FF:B6:8E:AB:97:E2:4A:90:62:6D:90:49:8B:E7:ED:70:66:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JCH_to6rl-JKkGJtkEmL5-1wZvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/9q21xBfIgJoS5hxu-jjLS5uGngE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/ae020b-e0d7-451d-bb05-d908faf34ef8/1/JCH_to6rl-JKkGJtkEmL5-1wZvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.156.0/22
193.4.58.0/23
195.130.211.0/24
IPv6:
2001:67c:6c::/48
2001:7f8:48::/48
Signature Algorithm: sha256WithRSAEncryption
ac:53:54:22:8d:25:31:ba:0d:33:41:d4:45:29:34:1f:e7:72:
38:3f:19:e1:d9:f0:22:8a:6f:5a:c9:17:81:b3:38:70:27:d2:
0b:70:05:06:7e:01:15:27:29:ba:e4:28:3b:47:1e:79:d2:ca:
01:94:17:3c:9c:4a:9b:5a:4f:21:83:15:ec:99:4b:87:f5:00:
19:70:7f:5d:30:86:92:f4:09:92:ce:d3:f6:07:2a:fa:a0:4c:
3e:4b:d8:fa:94:71:aa:ac:98:8e:be:d7:a8:b9:28:2c:42:a1:
fb:64:ee:82:ca:8a:5e:50:f6:79:d1:9c:3c:9a:31:0b:d1:c2:
e2:d0:a2:62:1a:68:1f:f8:63:32:b0:13:0b:0f:1c:59:a6:b2:
be:de:37:bd:bb:9d:fb:af:d2:92:56:81:c6:a9:32:f8:d4:95:
59:24:02:de:be:c2:2d:17:33:cc:0b:e3:1f:cb:08:8c:b2:9b:
9f:5e:9a:fc:a2:00:26:ca:38:7e:98:a3:e0:9c:3c:10:9b:ba:
35:cb:33:1e:6e:47:11:fc:09:26:24:ed:93:75:05:d1:ed:b3:
d4:63:69:eb:df:eb:3c:2d:fd:c6:08:20:c2:e6:34:8d:d8:b5:
c5:df:c0:8e:8f:fe:49:e5:55:99:e2:61:a8:27:bf:62:58:1b:
93:dd:4d:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEC1w3fzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDIxZmZiNjhlYWI5N2UyNGE5MDYyNmQ5MDQ5OGJlN2VkNzA2NmYwMB4XDTIyMDEw
MTAyMDAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZhZGI1YzQxN2M4
ODA5YTEyZTYxYzZlZmEzOGNiNGI5Yjg2OWUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzP7XFHL+9SifeNmfw6mtm/FTeQi1L+7246RH2a170p2nDr
MsgRO5fH0IC/iB2cDRQIUjFjfdJGsyYNWDmS9FvhCTeFbtLuioIkoepp1GDguzi9
1Z/v++H2nirE+68E7yeqZ0D9FKRZZimQRivTZc+/GQdG7PQ3YMzVDY2Dp6k5eGOg
0n1Q9S9ReBk0SeE9lTi25i269rjxbo3JHVpkYhObg2IcapkRg/59OA8xZaUSe3UW
TgpvRRlAsIdBv1V2PKunYBzDnmVCH3+SMGjE5H2zEE0JWkI6huTtZW0rhSu3NXmh
mwkDtDiQg+DYuu3m76vS0kTch1z1egmoVv+u4jECAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBT2rbXEF8iAmhLmHG76OMtLm4aeATAfBgNVHSMEGDAWgBQkIf+2jquX4kqQ
Ym2QSYvn7XBm8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pDSF90bzZybC1KS2tHSnRrRW1MNS0xd1p2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYWUwMjBiLWUwZDctNDUxZC1iYjA1LWQ5MDhmYWYzNGVmOC8x
LzlxMjF4QmZJZ0pvUzVoeHUtampMUzV1R25nRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YWUwMjBiLWUwZDctNDUxZC1iYjA1LWQ5MDhmYWYzNGVmOC8xL0pDSF90bzZybC1K
S2tHSnRrRW1MNS0xd1p2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEArldnAMEAcEEOgMEAMOC0zAYBAIA
AjASAwcAIAEGfABsAwcAIAEH+ABIMA0GCSqGSIb3DQEBCwUAA4IBAQCsU1QijSUx
ug0zQdRFKTQf53I4Pxnh2fAiim9ayReBszhwJ9ILcAUGfgEVJym65Cg7Rx550soB
lBc8nEqbWk8hgxXsmUuH9QAZcH9dMIaS9AmSztP2Byr6oEw+S9j6lHGqrJiOvteo
uSgsQqH7ZO6CyopeUPZ50Zw8mjEL0cLi0KJiGmgf+GMysBMLDxxZprK+3je9u537
r9KSVoHGqTL41JVZJALevsItFzPMC+MfywiMspufXpr8ogAmyjh+mKPgnDwQm7o1
yzMebkcR/AkmJO2TdQXR7bPUY2nr3+s8Lf3GCCDC5jSN2LXF38COj/5J5VWZ4mGo
J79iWBuT3U1i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:09 2024 by rpki-client on console-fra.rpki-client.org