Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/jJxL2I-Hda7PTEZlnScgJ7_pKs8.roa
File: jJxL2I-Hda7PTEZlnScgJ7_pKs8.roa (raw, json)
Hash identifier: hx7Ul0I+GjSwBEvwqvXFnBZLQqX1oGsXx1qzkIQd0jw=
Subject key identifier: 8C:9C:4B:D8:8F:87:75:AE:CF:4C:46:65:9D:27:20:27:BF:E9:2A:CF
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 08580018
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/jJxL2I-Hda7PTEZlnScgJ7_pKs8.roa
Signing time: Fri 25 Feb 2022 07:57:03 +0000
ROA not before: Fri 25 Feb 2022 07:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.155.78.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
45.141.54.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139984920 (0x8580018)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Feb 25 07:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c9c4bd88f8775aecf4c46659d272027bfe92acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:23:07:2e:53:38:3e:3a:b9:62:a2:61:51:bf:
c7:f2:f6:dc:4a:3f:b3:4f:48:ae:29:7f:09:d2:22:
dc:c3:11:d2:2f:24:a9:e4:9f:9f:cb:1c:5f:fd:49:
b3:f1:a0:25:ef:ae:dd:93:92:8b:13:f4:9a:00:e1:
f4:c7:2c:1e:ca:06:a4:f7:28:df:9c:29:a6:70:19:
ff:a5:9c:d1:58:96:c2:9e:07:e5:12:af:33:db:13:
34:59:e8:60:21:60:d3:14:37:77:ae:14:6f:28:78:
e6:11:4e:58:09:c2:31:5b:88:f1:67:59:e4:e0:77:
4d:23:5f:f2:71:20:45:18:98:a1:04:14:2c:bb:7f:
0e:ba:95:35:c0:33:9c:32:2c:f9:b1:83:06:32:a0:
4c:e9:1e:5e:39:4b:31:50:7b:1f:31:2b:ca:3f:55:
d7:32:dc:04:5b:65:03:bb:1c:74:0f:4b:c2:47:c4:
d2:ea:60:f4:22:cc:48:de:03:7e:d9:86:a1:07:3e:
ef:b6:64:17:b5:b3:85:10:db:e5:be:d4:48:23:54:
10:aa:ab:4d:93:b0:db:bf:1d:79:bd:af:d8:79:e2:
5f:51:ec:1f:a4:6a:96:f3:ae:8b:93:a7:3e:05:39:
85:79:44:b3:a1:ec:35:ec:23:4c:80:c0:2e:b3:bc:
eb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:9C:4B:D8:8F:87:75:AE:CF:4C:46:65:9D:27:20:27:BF:E9:2A:CF
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/jJxL2I-Hda7PTEZlnScgJ7_pKs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.78.0/23
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
00:46:dc:a9:fc:d0:8e:eb:a2:c6:5c:7a:b7:d7:0f:85:8d:68:
bc:99:0f:97:48:e8:16:cc:96:1b:c6:25:c7:a0:39:17:96:5d:
7a:a1:48:50:9d:34:d0:20:e0:fa:f3:0a:4e:08:cd:9b:75:d9:
80:ba:34:35:f8:f5:f0:14:62:4a:a9:6c:d7:8d:77:1d:ad:46:
ae:23:2e:9e:4a:41:a9:d5:e4:64:b0:d9:60:2c:ca:13:36:8c:
56:7c:4e:aa:55:ef:8b:fd:ab:36:92:d9:a2:4f:f5:54:eb:e7:
a6:b4:2e:52:67:bc:2c:48:13:44:b9:44:46:bd:05:34:ca:c3:
99:f2:5d:3b:07:ca:65:cc:0e:a9:70:df:9d:13:f8:2b:b1:15:
48:8f:9a:18:75:ec:fe:48:4b:c4:ee:8b:80:e1:66:83:95:6b:
37:13:ae:d0:8e:4a:b3:69:a0:2d:6d:f7:53:79:37:76:f5:62:
a0:e6:a6:55:5e:18:28:be:31:35:2b:c8:93:ec:6a:93:82:4d:
39:bd:23:7a:95:31:dd:5a:0d:12:21:96:16:a9:5d:bb:09:d4:
af:37:89:61:1b:55:be:23:1b:fd:8c:a4:d5:39:e6:19:7b:62:
da:ff:fe:26:1f:1c:1b:55:2c:b6:8d:b8:8e:96:6e:9a:48:a1:
57:53:39:a8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECFgAGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjQ3NGFjN2NhODVlMDljMmQ0OGIzM2U3YmY2NmY4ZWQ3NjRkZTBmMB4XDTIyMDIy
NTA3NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGM5YzRiZDg4Zjg3
NzVhZWNmNGM0NjY1OWQyNzIwMjdiZmU5MmFjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0jBy5TOD46uWKiYVG/x/L23Eo/s09Iril/CdIi3MMR0i8k
qeSfn8scX/1Js/GgJe+u3ZOSixP0mgDh9McsHsoGpPco35wppnAZ/6Wc0ViWwp4H
5RKvM9sTNFnoYCFg0xQ3d64Ubyh45hFOWAnCMVuI8WdZ5OB3TSNf8nEgRRiYoQQU
LLt/DrqVNcAznDIs+bGDBjKgTOkeXjlLMVB7HzEryj9V1zLcBFtlA7scdA9LwkfE
0upg9CLMSN4DftmGoQc+77ZkF7WzhRDb5b7USCNUEKqrTZOw278deb2v2HniX1Hs
H6RqlvOui5OnPgU5hXlEs6HsNewjTIDALrO860cCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSMnEvYj4d1rs9MRmWdJyAnv+kqzzAfBgNVHSMEGDAWgBQyR0rHyoXgnC1I
sz579m+O12TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01rZEt4OHFGNEp3dFNMTS1lX1p2anRkazNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8x
L2pKeEwySS1IZGE3UFRFWmxuU2NnSjdfcEtzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8xL01rZEt4OHFGNEp3
dFNMTS1lX1p2anRkazNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2NNAMEAS2bTgMEAblJ8DANBAIA
AjAHAwUAKgVHQDANBgkqhkiG9w0BAQsFAAOCAQEAAEbcqfzQjuuixlx6t9cPhY1o
vJkPl0joFsyWG8Ylx6A5F5ZdeqFIUJ000CDg+vMKTgjNm3XZgLo0Nfj18BRiSqls
1413Ha1GriMunkpBqdXkZLDZYCzKEzaMVnxOqlXvi/2rNpLZok/1VOvnprQuUme8
LEgTRLlERr0FNMrDmfJdOwfKZcwOqXDfnRP4K7EVSI+aGHXs/khLxO6LgOFmg5Vr
NxOu0I5Ks2mgLW33U3k3dvVioOamVV4YKL4xNSvIk+xqk4JNOb0jepUx3VoNEiGW
FqlduwnUrzeJYRtVviMb/Yyk1TnmGXti2v/+Jh8cG1Usto24jpZumkihV1M5qA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:06 2023 by rpki-client on console-fra.rpki-client.org