Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/jNr3fjbU1nNB802IGtRyzHvlDnA.roa
File: jNr3fjbU1nNB802IGtRyzHvlDnA.roa (raw, json)
Hash identifier: EOA2+deVwCK7S1vF3he3NK6hF+Uqug3Pb81vZsRZOdk=
Subject key identifier: 8C:DA:F7:7E:36:D4:D6:73:41:F3:4D:88:1A:D4:72:CC:7B:E5:0E:70
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 018C6702301D7E2AE306ADFFC17B560F0D4E
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/jNr3fjbU1nNB802IGtRyzHvlDnA.roa
Signing time: Thu 14 Dec 2023 06:27:25 +0000
ROA not before: Thu 14 Dec 2023 06:27:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216246
IP address blocks: 85.192.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:02:30:1d:7e:2a:e3:06:ad:ff:c1:7b:56:0f:0d:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Dec 14 06:27:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8cdaf77e36d4d67341f34d881ad472cc7be50e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:75:a7:d9:26:e6:a1:de:bb:21:d6:b3:6d:f5:
27:e5:0e:70:46:2f:1c:6c:4b:70:d9:ca:2d:d1:27:
0a:8a:d9:52:56:94:58:6f:2a:15:93:80:34:90:3c:
d8:59:06:d9:2f:fc:b0:a5:b6:b9:5c:54:7c:fb:a5:
c4:c5:fb:30:f1:b4:5a:a9:b9:ef:51:f3:19:7e:b6:
6c:29:b8:f0:17:9e:03:88:d2:5d:c4:40:09:bf:1a:
72:01:f2:26:5f:01:d0:03:79:06:55:dc:8c:43:16:
6b:2a:96:e8:f0:24:ef:df:f1:eb:d0:4b:03:55:ef:
1c:67:a5:46:62:cc:85:94:21:3d:62:06:d7:bd:c8:
17:10:87:a3:91:e4:01:62:df:dc:8c:51:bd:bb:a6:
70:c7:90:84:f5:43:8f:95:81:92:31:d3:83:b0:22:
12:94:e0:68:67:7b:f4:a2:25:9f:ae:09:80:a3:21:
43:a1:1a:15:11:84:41:bd:87:d1:01:76:2f:7e:24:
92:c0:25:8e:7c:6d:78:f7:c4:c0:69:88:08:eb:01:
c5:68:58:3e:6a:6d:43:59:3c:d4:18:22:8d:a2:ae:
05:f2:07:67:55:63:4d:21:da:2e:5f:58:54:9b:61:
34:dc:ca:93:2b:43:af:ed:b3:46:2f:69:fd:2e:d0:
81:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DA:F7:7E:36:D4:D6:73:41:F3:4D:88:1A:D4:72:CC:7B:E5:0E:70
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/jNr3fjbU1nNB802IGtRyzHvlDnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.192.56.0/24
Signature Algorithm: sha256WithRSAEncryption
11:79:e0:60:20:b8:14:af:d6:5a:c4:18:35:76:bb:49:b3:52:
21:31:55:2d:f1:bf:dd:ee:64:b2:22:2b:fd:11:a2:11:c8:82:
6e:57:20:92:15:19:1d:66:94:74:cd:ef:90:15:f9:1b:c1:e1:
02:96:9b:1e:41:62:85:f0:09:09:08:c4:8e:8a:00:00:f4:51:
31:bc:a1:3b:17:d4:7d:02:b8:ab:cd:dd:2b:48:d2:c8:8d:7a:
e5:12:54:8b:6f:95:13:af:8f:5e:3e:54:92:9b:2e:67:95:c7:
3b:60:72:3c:53:c7:7b:e4:78:f9:82:fc:03:ae:6c:8a:7b:59:
77:85:ae:c8:5d:aa:1c:a4:cb:09:74:e4:f9:b5:f6:0c:8b:da:
80:e6:5b:0f:9f:2a:51:81:e5:b6:8a:95:53:2c:cf:f8:50:55:
6b:c0:85:58:90:f2:8e:80:21:a4:d9:78:6c:80:5d:f7:a0:db:
07:b8:94:86:0e:63:1d:ff:6d:47:15:4c:40:2f:cd:fc:fb:49:
8d:cb:85:c1:a4:98:d1:8c:42:a3:54:c4:5b:94:f7:27:a1:e5:
34:d6:b1:5d:d7:b1:a0:57:be:46:38:36:77:ed:0e:28:a3:d6:
63:95:16:a7:12:f0:09:38:93:a6:db:63:e7:68:9a:6f:9d:7c:
f0:d8:45:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxnAjAdfirjBq3/wXtWDw1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjMxMjE0MDYyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2RhZjc3ZTM2ZDRkNjczNDFmMzRkODgxYWQ0NzJjYzdiZTUwZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHWn2Sbmod67IdazbfUn5Q5wRi8c
bEtw2cot0ScKitlSVpRYbyoVk4A0kDzYWQbZL/ywpba5XFR8+6XExfsw8bRaqbnv
UfMZfrZsKbjwF54DiNJdxEAJvxpyAfImXwHQA3kGVdyMQxZrKpbo8CTv3/Hr0EsD
Ve8cZ6VGYsyFlCE9YgbXvcgXEIejkeQBYt/cjFG9u6Zwx5CE9UOPlYGSMdODsCIS
lOBoZ3v0oiWfrgmAoyFDoRoVEYRBvYfRAXYvfiSSwCWOfG1498TAaYgI6wHFaFg+
am1DWTzUGCKNoq4F8gdnVWNNIdouX1hUm2E03MqTK0Ov7bNGL2n9LtCB8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIza93421NZzQfNNiBrUcsx75Q5wMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvak5yM2ZqYlUxbk5CODAySUd0Unl6SHZsRG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcA4MA0G
CSqGSIb3DQEBCwUAA4IBAQAReeBgILgUr9ZaxBg1drtJs1IhMVUt8b/d7mSyIiv9
EaIRyIJuVyCSFRkdZpR0ze+QFfkbweEClpseQWKF8AkJCMSOigAA9FExvKE7F9R9
Arirzd0rSNLIjXrlElSLb5UTr49ePlSSmy5nlcc7YHI8U8d75Hj5gvwDrmyKe1l3
ha7IXaocpMsJdOT5tfYMi9qA5lsPnypRgeW2ipVTLM/4UFVrwIVYkPKOgCGk2Xhs
gF33oNsHuJSGDmMd/21HFUxAL838+0mNy4XBpJjRjEKjVMRblPcnoeU01rFd17Gg
V75GODZ37Q4oo9ZjlRanEvAJOJOm22PnaJpvnXzw2EVo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:21 2025 by rpki-client