Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CJ-mvIKyxwmqn-7oj1E0rLQRj8Q.roa
File: CJ-mvIKyxwmqn-7oj1E0rLQRj8Q.roa (raw, json)
Hash identifier: isB/CBVz21knK4osFd9Kg/xy0rZI7QpYHJmEWPwZsWc=
Subject key identifier: 08:9F:A6:BC:82:B2:C7:09:AA:9F:EE:E8:8F:51:34:AC:B4:11:8F:C4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CBD95E0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CJ-mvIKyxwmqn-7oj1E0rLQRj8Q.roa
Signing time: Sat 01 Jan 2022 05:05:03 +0000
ROA not before: Sat 01 Jan 2022 05:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133736
IP address blocks: 185.245.112.0/22 maxlen: 22
195.38.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213751264 (0xcbd95e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=089fa6bc82b2c709aa9feee88f5134acb4118fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5e:6b:c2:b2:bc:05:85:51:c7:f5:5f:92:46:
79:5c:1a:f4:24:74:7b:64:38:c2:07:80:d7:a0:7a:
10:0d:b8:4e:02:78:95:65:f7:65:28:ab:f3:d7:92:
29:02:35:2e:f8:b0:36:78:4a:94:6a:90:66:0c:07:
af:75:06:c1:c2:c8:15:84:54:e2:c6:26:11:6c:26:
cc:3c:f6:a5:e8:0b:e9:c0:df:d7:6b:db:7a:14:32:
de:0e:84:af:f6:50:47:52:48:0f:78:4c:b5:d9:ac:
d4:f2:66:8f:ba:85:b0:bc:d1:6f:8b:20:f3:07:3b:
57:63:da:59:97:7e:09:1d:bd:63:94:c7:6f:41:f6:
03:7a:e3:e2:88:1d:c5:55:57:d3:b1:eb:41:b6:2d:
51:0f:79:3a:d3:98:a1:7a:93:8c:9a:a8:f6:a4:fa:
22:a1:95:4b:1f:9b:ca:26:e3:96:a2:49:f2:61:00:
2e:77:22:ec:44:39:53:56:4d:d3:0c:e7:94:a5:ec:
5c:ba:db:6b:1c:95:c8:aa:39:68:60:a2:29:bf:c1:
1d:60:ba:00:a0:ec:fe:8e:34:16:e0:86:13:20:75:
73:8f:8c:c1:00:97:54:88:be:75:b1:54:8a:71:ef:
54:00:fc:69:6e:f3:57:9e:85:cc:e9:9d:2c:36:7e:
2e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9F:A6:BC:82:B2:C7:09:AA:9F:EE:E8:8F:51:34:AC:B4:11:8F:C4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/CJ-mvIKyxwmqn-7oj1E0rLQRj8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.112.0/22
195.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
18:52:ba:82:b1:d4:79:84:7e:4d:a8:7a:ce:ba:12:60:24:43:
30:c3:ba:a1:e3:33:29:fd:8e:47:67:1a:02:50:bf:0e:93:3e:
a4:b4:7c:16:c0:cc:ca:45:75:52:2b:99:e4:69:fd:7e:42:89:
59:ae:94:19:70:01:ae:6c:7f:2e:d6:cc:a3:70:c8:3e:60:e7:
c4:c4:41:e4:12:2e:9d:c6:bd:c0:44:09:1d:6b:2f:8a:e4:c0:
0c:2a:d5:0d:64:7d:d9:8c:c9:80:20:78:5a:43:14:47:1e:9b:
c0:52:34:31:00:73:9b:d6:8a:18:c8:41:85:ca:a2:a2:f4:38:
bb:00:6e:83:2c:14:33:93:cc:da:41:56:76:25:ca:19:26:29:
5a:f1:41:b9:0f:a8:f5:2e:09:7c:fa:4b:5d:ce:00:fb:0d:d6:
c3:4a:e2:be:b6:3a:1d:8a:76:ef:28:33:64:dd:29:16:19:9f:
05:23:a5:88:61:2b:bf:71:9f:14:6b:b0:16:84:7f:31:dd:e7:
72:97:b9:19:28:8f:8c:a6:01:66:4f:0e:41:66:6c:95:4f:50:
20:f5:c9:ff:f2:ec:7d:14:62:50:53:2a:e6:b9:53:b5:20:9a:
29:48:a0:92:2a:01:1b:f1:97:f7:c5:fd:74:a4:a9:6f:f3:bf:
de:91:ec:14
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDL2V4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg5ZmE2YmM4MmIy
YzcwOWFhOWZlZWU4OGY1MTM0YWNiNDExOGZjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdea8KyvAWFUcf1X5JGeVwa9CR0e2Q4wgeA16B6EA24TgJ4
lWX3ZSir89eSKQI1LviwNnhKlGqQZgwHr3UGwcLIFYRU4sYmEWwmzDz2pegL6cDf
12vbehQy3g6Er/ZQR1JID3hMtdms1PJmj7qFsLzRb4sg8wc7V2PaWZd+CR29Y5TH
b0H2A3rj4ogdxVVX07HrQbYtUQ95OtOYoXqTjJqo9qT6IqGVSx+byibjlqJJ8mEA
Lnci7EQ5U1ZN0wznlKXsXLrbaxyVyKo5aGCiKb/BHWC6AKDs/o40FuCGEyB1c4+M
wQCXVIi+dbFUinHvVAD8aW7zV56FzOmdLDZ+Lp0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQIn6a8grLHCaqf7uiPUTSstBGPxDAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0NKLW12SUt5eHdtcW4tN29qMUUwckxRUmo4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArn1cAMEAsMmBDANBgkqhkiG9w0B
AQsFAAOCAQEAGFK6grHUeYR+Tah6zroSYCRDMMO6oeMzKf2OR2caAlC/DpM+pLR8
FsDMykV1UiuZ5Gn9fkKJWa6UGXABrmx/LtbMo3DIPmDnxMRB5BIunca9wEQJHWsv
iuTADCrVDWR92YzJgCB4WkMURx6bwFI0MQBzm9aKGMhBhcqiovQ4uwBugywUM5PM
2kFWdiXKGSYpWvFBuQ+o9S4JfPpLXc4A+w3Ww0rivrY6HYp27ygzZN0pFhmfBSOl
iGErv3GfFGuwFoR/Md3ncpe5GSiPjKYBZk8OQWZslU9QIPXJ//LsfRRiUFMq5rlT
tSCaKUigkioBG/GX98X9dKSpb/O/3pHsFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org