Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JXuW-3d-aSY-hNvBd0hSy8hFqU0.roa
File: JXuW-3d-aSY-hNvBd0hSy8hFqU0.roa (raw, json)
Hash identifier: b9TBLr4rdyfzhTzzo9FFunmEVvcr3UaTGT6fBqJkrsM=
Subject key identifier: 25:7B:96:FB:77:7E:69:26:3E:84:DB:C1:77:48:52:CB:C8:45:A9:4D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182F77B836FBF413DEF9FF9100BA4A7A5E1
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JXuW-3d-aSY-hNvBd0hSy8hFqU0.roa
Signing time: Thu 01 Sep 2022 05:17:23 +0000
ROA not before: Thu 01 Sep 2022 05:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210644
IP address blocks: 185.174.137.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
2a0e:d607::/48 maxlen: 48
2a0e:d606::/48 maxlen: 48
2a0e:d602:1::/48 maxlen: 48
2a0e:d602::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:7b:83:6f:bf:41:3d:ef:9f:f9:10:0b:a4:a7:a5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 1 05:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=257b96fb777e69263e84dbc1774852cbc845a94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9b:1c:32:72:68:76:34:eb:27:45:3c:34:2b:
f3:77:42:4b:41:1c:b0:94:68:6b:13:23:5e:50:27:
cb:f9:82:04:a5:33:d7:70:14:73:71:ed:83:65:b9:
67:2a:f1:b3:3d:f1:24:75:55:6b:a3:1b:0a:fc:ee:
e1:28:65:81:ca:63:69:99:b7:ba:47:84:45:17:82:
28:36:a7:78:c0:0b:a6:0b:80:d3:b0:fa:d7:42:8e:
d2:46:03:b1:e3:04:bb:6d:19:8d:7a:d3:17:3a:35:
31:a0:ca:f8:7d:48:58:19:8a:1a:40:0e:e3:58:ec:
ff:72:b3:9b:d4:c3:76:f1:c1:a5:58:18:2c:f3:b4:
10:87:be:13:2f:4b:bf:c5:a6:2a:f5:81:29:2f:43:
1e:ff:04:62:75:54:66:c4:b0:89:1e:89:0f:66:4a:
ef:3e:52:75:a1:0b:17:15:09:49:d3:1a:85:bb:9c:
8e:17:84:b4:91:a5:08:39:24:04:d9:0b:77:31:a2:
ab:b6:49:e0:b5:3c:f7:5e:f0:17:0b:46:bf:0a:e4:
d0:0a:dc:c3:38:a0:63:be:b0:92:49:de:f2:e8:37:
7a:e2:a3:0f:6b:4d:94:5a:5a:fa:3d:50:df:58:9d:
e4:6e:02:e2:57:d8:20:78:b5:8c:08:a0:65:ec:2d:
57:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7B:96:FB:77:7E:69:26:3E:84:DB:C1:77:48:52:CB:C8:45:A9:4D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/JXuW-3d-aSY-hNvBd0hSy8hFqU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
185.17.0.0/24
185.106.94.0/24
185.112.83.0/24
185.174.136.0/23
185.229.66.0/24
IPv6:
2a0e:d602::/47
2a0e:d606::/48
2a0e:d607::/48
Signature Algorithm: sha256WithRSAEncryption
ad:b2:b6:21:1f:7a:6b:8f:6a:d7:03:7b:f7:f8:0e:5d:4c:b0:
54:00:cb:bc:ef:7b:80:a8:2e:f0:16:e4:75:8e:92:e5:ab:7c:
e8:f6:8d:bd:78:42:31:2d:1c:9b:16:c3:88:14:31:6a:1c:c6:
36:56:43:af:21:ea:7d:40:35:3b:c7:dd:e8:b9:a1:71:54:30:
e6:73:f2:fe:d9:da:67:57:04:28:94:25:c3:45:a0:ef:4a:8f:
2b:3e:4c:08:25:83:2f:34:06:27:34:5b:8d:59:8c:08:64:85:
ed:ff:be:e2:cc:f3:6c:89:50:8e:8a:cf:77:d6:b9:d8:c4:ee:
d1:a6:57:21:b3:65:14:75:85:77:8f:54:6d:bd:89:3b:5e:91:
26:4d:ad:ff:cc:cf:b2:0c:c2:38:b4:5e:57:89:22:9e:68:55:
3e:52:ee:23:74:a1:3b:51:8b:af:92:4c:27:95:3a:3b:02:0f:
c2:d6:87:5c:ff:e7:f3:24:ad:2d:30:a0:09:b9:9d:43:f0:08:
22:e2:7e:8d:69:47:06:3d:cf:95:05:c6:7e:08:7e:64:be:d9:
57:0e:d9:8b:e9:b6:e3:03:9c:57:24:cd:e7:7f:81:a1:e7:f0:
3a:9f:50:23:31:01:09:dd:12:c6:5e:cb:ee:27:ae:55:97:c3:
37:df:31:ad
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYL3e4Nvv0E975/5EAukp6XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTAxMDUxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdiOTZmYjc3N2U2OTI2M2U4NGRiYzE3NzQ4NTJjYmM4NDVhOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZscMnJodjTrJ0U8NCvzd0JLQRyw
lGhrEyNeUCfL+YIEpTPXcBRzce2DZblnKvGzPfEkdVVroxsK/O7hKGWBymNpmbe6
R4RFF4IoNqd4wAumC4DTsPrXQo7SRgOx4wS7bRmNetMXOjUxoMr4fUhYGYoaQA7j
WOz/crOb1MN28cGlWBgs87QQh74TL0u/xaYq9YEpL0Me/wRidVRmxLCJHokPZkrv
PlJ1oQsXFQlJ0xqFu5yOF4S0kaUIOSQE2Qt3MaKrtkngtTz3XvAXC0a/CuTQCtzD
OKBjvrCSSd7y6Dd64qMPa02UWlr6PVDfWJ3kbgLiV9ggeLWMCKBl7C1XQQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFCV7lvt3fmkmPoTbwXdIUsvIRalNMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSlh1Vy0zZC1hU1ktaE52QmQwaFN5OGhGcVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA2BAIAATAwAwQABfx2AwQA
LYpKAwQALY56AwQAuREAAwQAuWpeAwQAuXBTAwQBua6IAwQAueVCMCEEAgACMBsD
BwEqDtYCAAADBwAqDtYGAAADBwAqDtYHAAAwDQYJKoZIhvcNAQELBQADggEBAK2y
tiEfemuPatcDe/f4Dl1MsFQAy7zve4CoLvAW5HWOkuWrfOj2jb14QjEtHJsWw4gU
MWocxjZWQ68h6n1ANTvH3ei5oXFUMOZz8v7Z2mdXBCiUJcNFoO9Kjys+TAglgy80
Bic0W41ZjAhkhe3/vuLM82yJUI6Kz3fWudjE7tGmVyGzZRR1hXePVG29iTtekSZN
rf/Mz7IMwji0XleJIp5oVT5S7iN0oTtRi6+STCeVOjsCD8LWh1z/5/MkrS0woAm5
nUPwCCLifo1pRwY9z5UFxn4IfmS+2VcO2YvptuMDnFckzed/gaHn8DqfUCMxAQnd
EsZey+4nrlWXwzffMa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org