Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/CJ1-zEAka8uFpRveOgg1sCorY4s.roa
File: CJ1-zEAka8uFpRveOgg1sCorY4s.roa (raw, json)
Hash identifier: kaCA0o9082JHkcfmuTV86gTxu1HZP4OUOCobnT9ospU=
Subject key identifier: 08:9D:7E:CC:40:24:6B:CB:85:A5:1B:DE:3A:08:35:B0:2A:2B:63:8B
Certificate issuer: /CN=3069ba7ebc3b672dd09ec0344e1f80aa1131efd0
Certificate serial: 0CBF0AD6
Authority key identifier: 30:69:BA:7E:BC:3B:67:2D:D0:9E:C0:34:4E:1F:80:AA:11:31:EF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGm6frw7Zy3QnsA0Th-AqhEx79A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/CJ1-zEAka8uFpRveOgg1sCorY4s.roa
Signing time: Sat 01 Jan 2022 09:01:40 +0000
ROA not before: Sat 01 Jan 2022 09:01:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201241
IP address blocks: 185.237.228.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213846742 (0xcbf0ad6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3069ba7ebc3b672dd09ec0344e1f80aa1131efd0
Validity
Not Before: Jan 1 09:01:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=089d7ecc40246bcb85a51bde3a0835b02a2b638b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d5:28:aa:40:95:02:60:52:81:8d:55:1d:5e:
7a:72:4a:17:48:2e:1b:a5:bd:5b:f8:c0:5a:87:2c:
ee:e6:2d:28:c6:6c:f0:62:8a:c2:6a:93:78:25:ae:
61:c8:a4:0e:a7:39:9d:b8:4c:3e:d4:c3:c4:fc:6d:
2b:fe:ad:9b:2a:bd:50:3a:0a:d7:72:4f:1c:6d:71:
d8:3e:13:da:77:ff:c1:e7:75:36:9a:e6:63:ab:5b:
ca:ab:a8:c5:35:2f:60:60:02:ff:ee:f2:b0:03:03:
c5:c4:3a:45:7b:1e:85:76:4e:3d:1a:74:0b:da:fc:
11:5f:9a:ad:35:6c:29:d2:46:93:63:fc:a3:a6:ea:
70:fd:25:e3:81:24:92:a6:d5:e6:30:12:8f:ec:31:
44:1e:76:d1:d3:12:03:82:7a:05:89:1c:83:01:02:
ac:6c:82:90:02:38:b3:a1:f9:f9:5a:0d:a9:bc:31:
fc:bf:7a:8e:09:aa:fa:ea:b8:4b:5e:e6:57:92:86:
11:c8:73:28:98:69:ec:4a:e0:ad:c0:1d:29:12:01:
57:44:df:1d:32:46:75:d9:3b:48:65:70:22:67:7e:
ac:e6:d0:42:f1:be:92:a0:7d:57:07:43:9d:56:38:
1e:d6:29:e3:9d:48:dc:48:c9:a3:1f:4b:22:85:9a:
fe:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9D:7E:CC:40:24:6B:CB:85:A5:1B:DE:3A:08:35:B0:2A:2B:63:8B
X509v3 Authority Key Identifier:
keyid:30:69:BA:7E:BC:3B:67:2D:D0:9E:C0:34:4E:1F:80:AA:11:31:EF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGm6frw7Zy3QnsA0Th-AqhEx79A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/CJ1-zEAka8uFpRveOgg1sCorY4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/MGm6frw7Zy3QnsA0Th-AqhEx79A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.228.0/22
Signature Algorithm: sha256WithRSAEncryption
10:8d:b6:43:82:01:fe:73:6b:7c:f9:ca:fc:e4:d2:00:a4:79:
c1:7d:cc:12:35:e0:79:9e:58:c2:0a:0a:15:54:43:ac:10:7e:
02:5b:45:5f:d0:cb:58:46:9f:da:14:a7:c6:4d:5b:cf:e7:ef:
b1:b2:2e:39:d0:84:e8:f0:b0:b6:72:23:f5:30:31:72:a2:a9:
c0:54:51:e4:ba:79:45:23:eb:9c:80:fe:28:c7:d9:bb:86:e1:
ec:92:4f:b8:9f:e1:f2:fb:0e:39:f1:47:02:8a:e2:98:23:09:
fd:4c:73:1c:3e:08:70:53:2d:76:3c:f9:42:c7:b8:1a:f4:cd:
27:c6:db:c8:78:77:d8:c7:11:40:e8:4a:be:89:42:ee:68:dc:
28:af:7f:57:3f:f6:75:9b:d3:a7:ee:76:02:2e:28:fd:e2:e5:
7e:5b:8a:99:76:54:be:9e:0f:56:9e:51:c7:8e:38:d6:0c:8e:
a0:a2:25:82:e8:49:88:88:84:89:d0:28:ce:ba:aa:3e:c2:19:
c9:cc:65:f3:6f:5a:a3:8e:e1:38:d2:a0:11:f4:4d:03:f7:26:
83:d0:81:13:d4:0c:38:e3:75:66:eb:90:16:76:dc:42:e2:79:
47:5a:68:cb:51:f5:37:01:83:f4:ab:3f:46:75:ce:c4:d9:29:
bc:a1:45:88
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDL8K1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDY5YmE3ZWJjM2I2NzJkZDA5ZWMwMzQ0ZTFmODBhYTExMzFlZmQwMB4XDTIyMDEw
MTA5MDE0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg5ZDdlY2M0MDI0
NmJjYjg1YTUxYmRlM2EwODM1YjAyYTJiNjM4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIzVKKpAlQJgUoGNVR1eenJKF0guG6W9W/jAWocs7uYtKMZs
8GKKwmqTeCWuYcikDqc5nbhMPtTDxPxtK/6tmyq9UDoK13JPHG1x2D4T2nf/wed1
NprmY6tbyquoxTUvYGAC/+7ysAMDxcQ6RXsehXZOPRp0C9r8EV+arTVsKdJGk2P8
o6bqcP0l44EkkqbV5jASj+wxRB520dMSA4J6BYkcgwECrGyCkAI4s6H5+VoNqbwx
/L96jgmq+uq4S17mV5KGEchzKJhp7ErgrcAdKRIBV0TfHTJGddk7SGVwImd+rObQ
QvG+kqB9VwdDnVY4HtYp451I3EjJox9LIoWa/gkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQInX7MQCRry4WlG946CDWwKitjizAfBgNVHSMEGDAWgBQwabp+vDtnLdCe
wDROH4CqETHv0DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01HbTZmcnc3WnkzUW5zQTBUaC1BcWhFeDc5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNGNiYTJmLTRhNWItNDQzNS04YWVjLTkyM2NiNTBhYmUyZS8x
L0NKMS16RUFrYTh1RnBSdmVPZ2cxc0Nvclk0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NGNiYTJmLTRhNWItNDQzNS04YWVjLTkyM2NiNTBhYmUyZS8xL01HbTZmcnc3Wnkz
UW5zQTBUaC1BcWhFeDc5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnt5DANBgkqhkiG9w0BAQsFAAOC
AQEAEI22Q4IB/nNrfPnK/OTSAKR5wX3MEjXgeZ5YwgoKFVRDrBB+AltFX9DLWEaf
2hSnxk1bz+fvsbIuOdCE6PCwtnIj9TAxcqKpwFRR5Lp5RSPrnID+KMfZu4bh7JJP
uJ/h8vsOOfFHAorimCMJ/UxzHD4IcFMtdjz5Qse4GvTNJ8bbyHh32McRQOhKvolC
7mjcKK9/Vz/2dZvTp+52Ai4o/eLlfluKmXZUvp4PVp5Rx4441gyOoKIlguhJiIiE
idAozrqqPsIZycxl829ao47hONKgEfRNA/cmg9CBE9QMOON1ZuuQFnbcQuJ5R1po
y1H1NwGD9Ks/RnXOxNkpvKFFiA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:29 2025 by rpki-client