Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JIb8KuEF9ci-Ej0SpUXjnOiKs5M.roa
File: JIb8KuEF9ci-Ej0SpUXjnOiKs5M.roa (raw, json)
Hash identifier: wz7RMshMUJ59prkBkSVZGjQ6LPiudBA30M6PCb7V+XQ=
Subject key identifier: 24:86:FC:2A:E1:05:F5:C8:BE:12:3D:12:A5:45:E3:9C:E8:8A:B3:93
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CB8D5F6
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JIb8KuEF9ci-Ej0SpUXjnOiKs5M.roa
Signing time: Sat 01 Jan 2022 05:05:00 +0000
ROA not before: Sat 01 Jan 2022 05:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 54103
IP address blocks: 193.26.112.0/23 maxlen: 24
185.67.137.0/24 maxlen: 24
185.67.139.0/24 maxlen: 24
5.10.193.0/24 maxlen: 24
5.10.195.0/24 maxlen: 24
5.10.197.0/24 maxlen: 24
5.10.199.0/24 maxlen: 24
194.76.132.0/23 maxlen: 24
185.216.3.0/24 maxlen: 24
185.216.1.0/24 maxlen: 24
185.163.208.0/22 maxlen: 22
45.134.129.0/24 maxlen: 24
45.134.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213439990 (0xcb8d5f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2486fc2ae105f5c8be123d12a545e39ce88ab393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6b:88:56:dc:9e:18:b4:46:dc:74:8a:de:37:
be:c5:92:cf:34:33:9d:f2:94:43:0e:95:3d:25:b6:
c0:33:73:4c:a2:ba:bb:11:6e:91:3f:c0:5f:27:6b:
7c:42:8e:ff:b1:54:bb:8e:87:e5:9c:71:69:00:83:
e8:28:af:26:a2:a4:2a:54:14:4d:6a:de:35:1d:38:
d8:d0:f4:20:20:c7:05:47:fe:3a:47:29:2d:b6:e1:
fc:2f:8d:dc:c5:3e:79:f1:15:ca:93:71:08:c5:db:
c5:d2:e3:c0:e4:56:fb:6a:00:94:ff:e1:2f:42:4e:
d6:ff:90:41:96:3b:14:1c:df:c5:5b:f6:fc:a0:8c:
8b:25:61:9b:7a:83:ff:85:d6:94:6e:b7:de:90:95:
54:73:49:63:c9:b0:63:7b:10:3f:49:c8:f4:ad:04:
3a:72:f7:01:c0:ba:e1:81:2a:a2:04:c9:c5:f6:e1:
cf:a4:d1:a2:10:00:35:1f:6c:f5:c8:2a:da:1f:63:
a8:57:f3:fb:d7:d8:39:70:9f:0c:5e:40:39:d4:a0:
a3:fd:a9:a9:71:8e:45:c5:e5:29:bf:01:83:6f:9d:
f0:ee:86:e0:86:01:27:5c:3c:6e:65:a6:78:b9:9c:
67:1e:c0:57:ca:f5:3e:78:fc:3a:c7:7b:47:1a:e4:
af:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:86:FC:2A:E1:05:F5:C8:BE:12:3D:12:A5:45:E3:9C:E8:8A:B3:93
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JIb8KuEF9ci-Ej0SpUXjnOiKs5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.193.0/24
5.10.195.0/24
5.10.197.0/24
5.10.199.0/24
45.134.129.0/24
45.134.131.0/24
185.67.137.0/24
185.67.139.0/24
185.163.208.0/22
185.216.1.0/24
185.216.3.0/24
193.26.112.0/23
194.76.132.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:d7:9a:9f:24:81:be:07:de:ef:c3:00:d9:e7:12:61:1b:09:
0e:49:16:9a:b8:48:97:fa:80:d0:92:a3:3c:fc:0d:9c:cb:d1:
4a:65:b0:77:5f:f7:66:74:a0:41:d3:74:60:8e:50:1c:1e:5e:
0a:9f:5d:8e:08:22:e8:44:25:99:38:6c:04:fc:59:68:c0:b4:
06:67:4f:af:c9:45:f4:2a:af:2d:50:b1:e7:ff:4e:55:51:62:
21:74:45:63:16:43:7e:aa:c7:e4:72:ca:e8:85:5c:b1:07:d6:
c1:b9:67:4b:4d:a7:c8:e6:79:55:96:5f:46:44:20:13:0e:d9:
0a:67:40:7a:b0:66:62:b5:84:3a:50:b1:23:8e:53:cd:c3:1d:
cf:94:e2:3b:f3:c6:20:74:bd:fc:94:14:c0:77:7d:e7:d4:d3:
f3:e1:cf:97:53:55:38:b3:e9:d1:4a:7d:6a:c9:3e:7f:90:05:
31:df:fe:4a:8a:9f:63:1a:6e:42:e9:b4:88:4a:bd:f4:32:e8:
8e:84:c7:05:f3:67:5a:13:36:c8:bc:38:13:33:e2:25:1b:e4:
d4:25:3b:a8:64:83:a1:31:f2:7b:86:71:35:68:2e:c4:a8:0e:
9e:ab:f4:e2:bd:7c:fc:3a:8b:7d:dc:82:4a:07:45:6f:87:59:
33:55:22:01
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEDLjV9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQ4NmZjMmFlMTA1
ZjVjOGJlMTIzZDEyYTU0NWUzOWNlODhhYjM5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRriFbcnhi0Rtx0it43vsWSzzQznfKUQw6VPSW2wDNzTKK6
uxFukT/AXydrfEKO/7FUu46H5ZxxaQCD6CivJqKkKlQUTWreNR042ND0ICDHBUf+
OkcpLbbh/C+N3MU+efEVypNxCMXbxdLjwORW+2oAlP/hL0JO1v+QQZY7FBzfxVv2
/KCMiyVhm3qD/4XWlG633pCVVHNJY8mwY3sQP0nI9K0EOnL3AcC64YEqogTJxfbh
z6TRohAANR9s9cgq2h9jqFfz+9fYOXCfDF5AOdSgo/2pqXGORcXlKb8Bg2+d8O6G
4IYBJ1w8bmWmeLmcZx7AV8r1Pnj8Osd7RxrkrwUCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBQkhvwq4QX1yL4SPRKlReOc6IqzkzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0pJYjhLdUVGOWNpLUVqMFNwVVhqbk9pS3M1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAAUKwQMEAAUKwwMEAAUKxQMEAAUK
xwMEAC2GgQMEAC2GgwMEALlDiQMEALlDiwMEArmj0AMEALnYAQMEALnYAwMEAcEa
cAMEAcJMhDANBgkqhkiG9w0BAQsFAAOCAQEAOteanySBvgfe78MA2ecSYRsJDkkW
mrhIl/qA0JKjPPwNnMvRSmWwd1/3ZnSgQdN0YI5QHB5eCp9djggi6EQlmThsBPxZ
aMC0BmdPr8lF9CqvLVCx5/9OVVFiIXRFYxZDfqrH5HLK6IVcsQfWwblnS02nyOZ5
VZZfRkQgEw7ZCmdAerBmYrWEOlCxI45TzcMdz5TiO/PGIHS9/JQUwHd959TT8+HP
l1NVOLPp0Up9ask+f5AFMd/+SoqfYxpuQum0iEq99DLojoTHBfNnWhM2yLw4EzPi
JRvk1CU7qGSDoTHye4ZxNWguxKgOnqv04r18/DqLfdyCSgdFb4dZM1UiAQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:01 2023 by rpki-client on console-fra.rpki-client.org