Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JRXhfjmnjjsvvgT5mjBBGzFSvg8.roa
File: JRXhfjmnjjsvvgT5mjBBGzFSvg8.roa (raw, json)
Hash identifier: kVM7dvJirw+1fLxCLMpStaxjkCLCk2KMwZS8IzC4V4I=
Subject key identifier: 25:15:E1:7E:39:A7:8E:3B:2F:BE:04:F9:9A:30:41:1B:31:52:BE:0F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 09CE23D3
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JRXhfjmnjjsvvgT5mjBBGzFSvg8.roa
Signing time: Mon 02 May 2022 15:08:09 +0000
ROA not before: Mon 02 May 2022 15:08:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46450
IP address blocks: 162.218.95.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
94.154.183.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164504531 (0x9ce23d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 2 15:08:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2515e17e39a78e3b2fbe04f99a30411b3152be0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a7:64:f9:6e:bb:9b:5d:8c:07:26:72:b4:4c:
27:28:02:e9:ce:70:8b:65:77:7f:c7:df:16:4e:92:
d4:78:f0:68:9a:50:9f:b9:25:41:64:02:69:59:83:
74:ae:4b:17:3b:b2:83:08:d3:c3:3d:22:e3:fd:72:
1c:3a:68:4e:7b:a8:02:54:e5:34:71:0b:a6:aa:9b:
0b:9c:46:cb:13:1b:fa:42:3e:5d:6c:ae:7b:c6:bd:
6c:de:a6:42:c7:c6:33:b5:7c:35:e3:79:02:1f:21:
8c:5b:8d:89:ed:a1:a3:22:a5:48:92:c4:0c:d2:34:
56:c0:a1:d2:09:be:29:b9:3a:cc:08:35:6b:f1:5b:
a2:f2:0c:5c:45:23:28:93:68:67:c1:52:37:dd:3c:
22:62:99:65:75:a4:d0:d5:e8:ea:db:89:8d:e9:4c:
46:fa:9b:3e:ce:ff:75:3e:25:ed:65:25:a1:5e:43:
0f:eb:20:5d:3b:88:d6:51:87:fc:dc:32:78:47:e2:
d8:bb:a1:13:b2:51:d3:df:1c:5c:a3:be:56:b5:d8:
09:42:8c:13:b4:de:99:f5:d5:e7:d1:dd:d1:fa:73:
46:7c:3d:09:4f:05:3b:74:ff:d0:a9:21:99:79:ba:
fb:fe:c1:c2:8e:c2:61:f0:6a:4e:7b:f3:db:76:2d:
67:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:15:E1:7E:39:A7:8E:3B:2F:BE:04:F9:9A:30:41:1B:31:52:BE:0F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/JRXhfjmnjjsvvgT5mjBBGzFSvg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
63.246.150.0/24
94.154.183.0/24
162.218.95.0/24
Signature Algorithm: sha256WithRSAEncryption
82:23:04:d8:d8:d4:20:ef:c8:1b:1a:f3:f4:a2:7a:88:f6:29:
2e:5a:a2:23:fb:45:da:c2:da:3b:33:6b:6d:e4:f4:95:84:94:
4f:4c:6d:04:19:ec:32:00:6b:80:f5:2d:70:82:55:3c:d0:12:
f6:79:51:f6:a2:64:79:e3:50:c7:e6:ea:e8:3b:30:aa:4c:e2:
44:b1:55:e5:8a:0e:89:0f:ed:d1:a6:2d:21:b2:87:ee:da:fd:
59:bd:d2:d3:1e:01:c8:64:33:a4:9b:d6:44:da:01:89:f8:42:
49:15:77:75:66:07:2f:af:a8:21:f5:fc:60:9a:7f:1d:ca:4c:
b8:cb:a8:a0:22:a5:8c:22:6b:7d:11:6f:15:61:01:0e:a4:a2:
86:75:25:ec:30:6b:f6:62:d4:5f:e2:fe:64:0c:a1:e8:82:da:
ed:94:f1:e3:6e:1a:92:8a:b9:98:4b:61:ab:09:43:83:33:27:
ff:8c:f7:d2:26:24:f1:7e:8b:51:ea:6f:7f:6f:b0:85:8a:1a:
fc:af:65:48:0a:21:74:45:31:6e:ea:fb:d1:be:ca:01:51:03:
aa:fd:a2:0a:6f:28:2c:8c:9e:ac:f0:49:e2:d1:bc:66:0a:ba:
b0:df:58:d7:43:c7:83:3d:b2:84:2a:b6:50:d0:30:07:47:94:
37:1f:4f:30
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECc4j0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDUw
MjE1MDgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUxNWUxN2UzOWE3
OGUzYjJmYmUwNGY5OWEzMDQxMWIzMTUyYmUwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWnZPluu5tdjAcmcrRMJygC6c5wi2V3f8ffFk6S1HjwaJpQ
n7klQWQCaVmDdK5LFzuygwjTwz0i4/1yHDpoTnuoAlTlNHELpqqbC5xGyxMb+kI+
XWyue8a9bN6mQsfGM7V8NeN5Ah8hjFuNie2hoyKlSJLEDNI0VsCh0gm+Kbk6zAg1
a/FbovIMXEUjKJNoZ8FSN908ImKZZXWk0NXo6tuJjelMRvqbPs7/dT4l7WUloV5D
D+sgXTuI1lGH/NwyeEfi2LuhE7JR098cXKO+VrXYCUKME7TemfXV59Hd0fpzRnw9
CU8FO3T/0KkhmXm6+/7Bwo7CYfBqTnvz23YtZ80CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQlFeF+OaeOOy++BPmaMEEbMVK+DzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L0pSWGhmam1uampzdnZnVDVtakJCR3pGU3ZnOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAD/2lgMEAF6atwMEAKLaXzANBgkq
hkiG9w0BAQsFAAOCAQEAgiME2NjUIO/IGxrz9KJ6iPYpLlqiI/tF2sLaOzNrbeT0
lYSUT0xtBBnsMgBrgPUtcIJVPNAS9nlR9qJkeeNQx+bq6DswqkziRLFV5YoOiQ/t
0aYtIbKH7tr9Wb3S0x4ByGQzpJvWRNoBifhCSRV3dWYHL6+oIfX8YJp/HcpMuMuo
oCKljCJrfRFvFWEBDqSihnUl7DBr9mLUX+L+ZAyh6ILa7ZTx424akoq5mEthqwlD
gzMn/4z30iYk8X6LUepvf2+whYoa/K9lSAohdEUxbur70b7KAVEDqv2iCm8oLIye
rPBJ4tG8Zgq6sN9Y10PHgz2yhCq2UNAwB0eUNx9PMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org