Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JFU-KqD2gu8yvBmHeUX76SkIDl0.roa
File: JFU-KqD2gu8yvBmHeUX76SkIDl0.roa (raw, json)
Hash identifier: cZTkatE7NfOGVKTaUghRlBspRu3lb8rRZy06DAjWUAA=
Subject key identifier: 24:55:3E:2A:A0:F6:82:EF:32:BC:19:87:79:45:FB:E9:29:08:0E:5D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0DBCDE85
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JFU-KqD2gu8yvBmHeUX76SkIDl0.roa
Signing time: Fri 01 Apr 2022 12:13:18 +0000
ROA not before: Fri 01 Apr 2022 12:13:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 185.121.122.0/23 maxlen: 24
185.121.121.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
220.158.196.0/22 maxlen: 24
45.144.226.0/24 maxlen: 24
62.197.138.0/23 maxlen: 24
193.239.164.0/23 maxlen: 24
62.197.137.0/24 maxlen: 24
62.197.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 230481541 (0xdbcde85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 1 12:13:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24553e2aa0f682ef32bc19877945fbe929080e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:72:94:13:88:c0:a6:0b:58:5a:0e:86:55:
44:c4:ce:e5:98:47:9e:12:18:e5:5d:2c:c4:ea:75:
f4:6d:1a:0c:67:c3:d8:79:9b:dd:a7:b4:a8:15:3f:
a7:de:63:c0:f3:83:e7:40:a9:01:cb:3b:90:97:cf:
a5:ff:3e:77:34:f7:3c:92:96:79:f7:7c:b9:b6:83:
52:00:c0:98:72:b5:04:17:e6:a7:22:2c:47:88:89:
da:db:58:1f:a4:56:dc:9d:2c:1c:ab:5b:3c:0f:c6:
60:9f:62:45:60:fa:57:3f:25:27:0b:c7:8e:28:1f:
c6:58:f3:8f:66:b1:a6:b8:8c:08:3c:79:93:21:2a:
4f:a2:a6:d8:e8:74:5d:58:fc:8e:7a:5f:fb:35:08:
a9:ca:af:28:cf:d9:df:8b:33:8c:bc:69:7d:11:22:
e7:38:a2:d3:21:9c:7a:46:fe:32:32:79:7c:89:f7:
a1:dd:be:ca:6f:19:12:f4:06:ba:39:a0:8c:76:4c:
df:22:e1:c2:3e:1e:22:fc:21:73:02:24:4a:bc:4d:
b8:33:cf:25:bf:41:7d:8f:4a:1e:ce:37:91:4d:09:
d8:f0:54:39:44:f8:dc:d7:2f:ab:71:a3:bd:d5:59:
45:c4:b1:14:77:ca:3b:52:ef:ae:94:c3:57:89:63:
81:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:55:3E:2A:A0:F6:82:EF:32:BC:19:87:79:45:FB:E9:29:08:0E:5D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JFU-KqD2gu8yvBmHeUX76SkIDl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.226.0/24
62.197.137.0-62.197.143.255
185.121.121.0-185.121.123.255
185.239.243.0/24
193.239.164.0/23
220.158.196.0/22
Signature Algorithm: sha256WithRSAEncryption
36:f0:0e:0a:e3:d4:d6:63:f2:f1:14:86:c5:93:90:c2:11:53:
01:b5:1d:a6:5d:a9:1a:0f:ee:62:74:77:e0:d4:b0:e3:da:71:
5d:d4:4e:4b:29:d4:cb:8d:35:ac:bf:06:63:e2:9c:33:63:f9:
6a:75:a9:10:91:b1:2d:59:d2:83:72:44:42:df:f1:b3:0e:00:
40:5e:05:98:1d:9a:37:af:18:fb:3f:2a:23:e2:cb:80:d2:35:
dd:5e:83:d9:bd:10:9a:1c:0e:70:25:ac:4c:ec:cb:5e:8a:3b:
77:f0:96:18:d8:9d:0e:dc:65:d9:cc:78:8a:d4:e5:29:a4:0e:
56:45:2d:1b:3c:fa:78:5b:93:1a:26:75:12:97:0a:69:09:fb:
97:22:34:f7:42:d0:86:e1:32:9e:e2:18:1b:43:c8:7d:06:6f:
b0:19:fa:79:24:33:8c:80:2d:f5:42:73:68:54:33:4f:2e:40:
f4:40:2e:29:e1:f4:09:60:36:73:75:b2:a8:ff:16:61:0c:90:
3c:69:07:62:d6:d6:14:9d:76:a9:8f:6e:ab:a2:de:a7:28:75:
49:4e:9e:a7:56:db:96:39:6c:95:d6:de:d2:ce:82:f3:d1:c3:
af:7c:a6:21:66:b6:d8:53:59:db:1a:ec:8a:1c:29:6f:ab:d6:
a0:68:f2:ef
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEDbzehTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDQw
MTEyMTMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ1NTNlMmFhMGY2
ODJlZjMyYmMxOTg3Nzk0NWZiZTkyOTA4MGU1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSccpQTiMCmC1haDoZVRMTO5ZhHnhIY5V0sxOp19G0aDGfD
2Hmb3ae0qBU/p95jwPOD50CpAcs7kJfPpf8+dzT3PJKWefd8ubaDUgDAmHK1BBfm
pyIsR4iJ2ttYH6RW3J0sHKtbPA/GYJ9iRWD6Vz8lJwvHjigfxljzj2axpriMCDx5
kyEqT6Km2Oh0XVj8jnpf+zUIqcqvKM/Z34szjLxpfREi5zii0yGcekb+MjJ5fIn3
od2+ym8ZEvQGujmgjHZM3yLhwj4eIvwhcwIkSrxNuDPPJb9BfY9KHs43kU0J2PBU
OUT43Ncvq3GjvdVZRcSxFHfKO1LvrpTDV4ljgccCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQkVT4qoPaC7zK8GYd5RfvpKQgOXTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0pGVS1LcUQyZ3U4eXZCbUhlVVg3NlNrSURsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAC2Q4jAMAwQAPsWJAwQEPsWAMAwD
BAC5eXkDBAK5eXgDBAC57/MDBAHB76QDBALcnsQwDQYJKoZIhvcNAQELBQADggEB
ADbwDgrj1NZj8vEUhsWTkMIRUwG1HaZdqRoP7mJ0d+DUsOPacV3UTksp1MuNNay/
BmPinDNj+Wp1qRCRsS1Z0oNyRELf8bMOAEBeBZgdmjevGPs/KiPiy4DSNd1eg9m9
EJocDnAlrEzsy16KO3fwlhjYnQ7cZdnMeIrU5SmkDlZFLRs8+nhbkxomdRKXCmkJ
+5ciNPdC0IbhMp7iGBtDyH0Gb7AZ+nkkM4yALfVCc2hUM08uQPRALinh9AlgNnN1
sqj/FmEMkDxpB2LW1hSddqmPbqui3qcodUlOnqdW25Y5bJXW3tLOgvPRw698piFm
tthTWdsa7IocKW+r1qBo8u8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org