Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JBZoTZzocgNNObXVxvp1YksJP6I.roa
File: JBZoTZzocgNNObXVxvp1YksJP6I.roa (raw, json)
Hash identifier: blbkd4erHRpQ5+JUZ5XgRnS6L9GHiQGejQeFx3EO4QE=
Subject key identifier: 24:16:68:4D:9C:E8:72:03:4D:39:B5:D5:C6:FA:75:62:4B:09:3F:A2
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01839976E0AC9393D32433271B3B1A1F8129
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JBZoTZzocgNNObXVxvp1YksJP6I.roa
Signing time: Sun 02 Oct 2022 16:10:48 +0000
ROA not before: Sun 02 Oct 2022 16:10:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 45.128.56.0/24 maxlen: 24
45.128.74.0/24 maxlen: 24
45.92.165.0/24 maxlen: 24
45.92.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:99:76:e0:ac:93:93:d3:24:33:27:1b:3b:1a:1f:81:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 2 16:10:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2416684d9ce872034d39b5d5c6fa75624b093fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:cb:e1:2d:8b:d2:70:77:1a:0b:22:66:5b:
a6:3f:04:53:a5:c6:a5:e7:fc:d0:fa:3c:5c:ef:eb:
31:ca:ab:80:92:92:a8:e8:6d:08:b2:df:d5:e4:bc:
d2:94:ef:69:86:8a:23:05:7b:f4:2d:e0:a5:ca:7a:
a4:9b:25:b2:ad:f1:5c:10:ee:3b:e0:9a:18:8e:5f:
89:3d:c2:ae:e9:f4:e0:57:6f:60:cb:f4:94:5a:b4:
e9:3d:00:9b:5e:16:79:44:df:43:86:68:c8:df:e8:
64:23:7d:13:79:d0:bf:10:79:64:82:a5:4a:31:3f:
fb:d7:6e:26:45:b2:ea:24:cc:49:17:ec:4a:0a:5b:
0f:5e:17:1e:02:57:55:21:3a:da:99:61:d7:1c:cb:
92:60:27:1c:cd:42:55:8e:fb:41:54:7d:f6:8c:c3:
b0:9b:12:37:c2:eb:81:d1:50:97:b9:a4:26:24:40:
fc:af:93:1a:60:c8:eb:76:98:84:bd:72:35:9c:d7:
c5:92:f1:3b:29:64:d0:be:35:e0:4b:d2:89:b2:21:
30:4d:a1:1a:a4:35:4c:f1:5e:a1:9d:1b:41:62:45:
47:eb:20:d5:ee:f6:43:08:28:cd:87:95:f7:84:f8:
01:de:72:ab:32:0c:11:8c:b7:04:0a:74:7f:03:b5:
f5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:16:68:4D:9C:E8:72:03:4D:39:B5:D5:C6:FA:75:62:4B:09:3F:A2
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/JBZoTZzocgNNObXVxvp1YksJP6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.164.0/23
45.128.56.0/24
45.128.74.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:31:bb:b0:87:b6:fb:3c:55:f8:41:ae:43:d8:9a:e3:c9:70:
5d:dd:94:d0:97:09:11:b7:e5:3a:0d:3c:66:a5:6d:11:05:73:
94:a3:c6:7d:25:2f:bd:57:18:45:82:35:fc:16:36:f3:0f:fd:
ce:f2:bd:34:2b:ff:66:ce:f9:af:7f:85:2a:4b:3b:3d:99:51:
8b:af:bc:1a:f5:34:4b:24:86:4f:82:f5:55:e8:b8:2d:d4:5b:
c0:de:b4:bc:1e:b4:1d:25:35:6a:48:47:6a:eb:b5:f6:9e:57:
61:81:69:6e:8b:6c:4c:29:44:30:94:50:97:99:0c:b8:40:97:
8d:0a:cb:eb:4b:ea:5c:08:fb:1c:e5:28:8f:21:60:c8:11:c7:
aa:5e:8e:3f:62:c7:e0:a4:10:5a:97:07:6f:e7:f0:1f:25:a4:
da:15:06:66:3a:19:7e:3f:66:24:94:17:d3:24:26:7b:93:47:
60:eb:3a:a6:c6:c5:ff:85:0b:a7:e5:4a:20:04:bf:b8:fa:04:
6e:42:e6:cd:3f:92:63:72:5c:39:dc:49:30:d7:a2:86:af:d8:
b1:5a:b8:06:e8:9d:f4:d4:08:3e:ec:cb:c1:68:a7:dc:7a:40:
56:b3:38:91:b2:57:9d:1e:81:4a:19:9a:0a:48:fe:33:8d:87:
31:49:bc:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOZduCsk5PTJDMnGzsaH4EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIxMDAyMTYxMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDE2Njg0ZDljZTg3MjAzNGQzOWI1ZDVjNmZhNzU2MjRiMDkzZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC/L4S2L0nB3GgsiZlumPwRTpcal
5/zQ+jxc7+sxyquAkpKo6G0Ist/V5LzSlO9phoojBXv0LeClynqkmyWyrfFcEO47
4JoYjl+JPcKu6fTgV29gy/SUWrTpPQCbXhZ5RN9DhmjI3+hkI30TedC/EHlkgqVK
MT/7124mRbLqJMxJF+xKClsPXhceAldVITramWHXHMuSYCcczUJVjvtBVH32jMOw
mxI3wuuB0VCXuaQmJED8r5MaYMjrdpiEvXI1nNfFkvE7KWTQvjXgS9KJsiEwTaEa
pDVM8V6hnRtBYkVH6yDV7vZDCCjNh5X3hPgB3nKrMgwRjLcECnR/A7X1wwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCQWaE2c6HIDTTm11cb6dWJLCT+iMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSkJab1Raem9jZ05OT2JYVnh2cDFZa3NKUDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVykAwQA
LYA4AwQALYBKMA0GCSqGSIb3DQEBCwUAA4IBAQDSMbuwh7b7PFX4Qa5D2JrjyXBd
3ZTQlwkRt+U6DTxmpW0RBXOUo8Z9JS+9VxhFgjX8FjbzD/3O8r00K/9mzvmvf4Uq
Szs9mVGLr7wa9TRLJIZPgvVV6Lgt1FvA3rS8HrQdJTVqSEdq67X2nldhgWlui2xM
KUQwlFCXmQy4QJeNCsvrS+pcCPsc5SiPIWDIEceqXo4/YsfgpBBalwdv5/AfJaTa
FQZmOhl+P2YklBfTJCZ7k0dg6zqmxsX/hQun5UogBL+4+gRuQubNP5Jjclw53Ekw
16KGr9ixWrgG6J301Ag+7MvBaKfcekBWsziRsledHoFKGZoKSP4zjYcxSbwD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:29 2023 by rpki-client on console-fra.rpki-client.org