Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jcmg_k6mqbzmbkCAh6kCO4g2Rc.roa
File: 2jcmg_k6mqbzmbkCAh6kCO4g2Rc.roa (raw, json)
Hash identifier: ekJ9VVn+ONFh+gToG5deMaAATr6h5fK8dgBaB5vr3oc=
Subject key identifier: DA:37:26:83:F9:3A:9A:A6:F3:99:B9:02:02:1E:A4:08:EE:20:D9:17
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01835A49364C5A8C176699C828923C163C7E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jcmg_k6mqbzmbkCAh6kCO4g2Rc.roa
Signing time: Tue 20 Sep 2022 09:44:50 +0000
ROA not before: Tue 20 Sep 2022 09:44:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29066
IP address blocks: 185.255.125.0/24 maxlen: 24
185.255.126.0/24 maxlen: 24
185.240.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:49:36:4c:5a:8c:17:66:99:c8:28:92:3c:16:3c:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 20 09:44:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da372683f93a9aa6f399b902021ea408ee20d917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:63:1a:e3:79:e8:d4:1c:f8:e0:95:28:36:
2d:3b:04:e4:ae:72:80:9d:0d:c0:2d:ed:76:4d:91:
0b:bd:b6:0a:ba:10:c4:27:a1:13:68:5d:0f:8a:16:
74:a3:01:c7:c8:bd:7a:0a:48:e5:90:e3:2f:72:90:
6c:62:e4:b2:2f:18:5d:eb:1f:29:3e:e0:6a:74:76:
94:c9:51:d7:f1:de:9b:39:1d:83:26:f4:d7:19:c7:
66:f7:b7:82:47:ec:f7:6c:45:ec:ca:fd:aa:86:fd:
45:f7:5b:26:41:0c:f5:10:d0:13:35:91:c9:3d:30:
10:fe:77:ce:fb:5f:4b:b6:64:50:22:d4:06:6c:1b:
cd:bf:84:dd:09:67:3e:48:f5:d5:bd:a8:05:d5:2c:
19:14:84:ca:eb:06:f2:7f:63:05:74:ff:99:41:28:
ba:9d:42:86:bd:ae:4c:97:59:bb:f9:4e:6b:57:f0:
a8:09:d5:60:04:6d:cc:8b:da:a3:74:1f:f5:7f:20:
b3:0a:a8:30:b7:b4:6f:94:41:97:2d:7f:a5:74:7b:
ad:3d:04:b7:fa:94:9f:0e:29:08:54:94:a9:02:25:
9e:07:5a:23:4b:6b:09:cb:23:e9:cc:66:2b:8c:9d:
c9:53:85:1d:b6:46:f9:f5:bc:97:2b:be:26:08:26:
77:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:37:26:83:F9:3A:9A:A6:F3:99:B9:02:02:1E:A4:08:EE:20:D9:17
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2jcmg_k6mqbzmbkCAh6kCO4g2Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.123.0/24
185.255.125.0-185.255.126.255
Signature Algorithm: sha256WithRSAEncryption
90:cb:a8:45:0a:2d:d4:0a:6e:e4:f1:f4:d2:94:42:de:ba:7f:
c1:4a:05:78:75:64:64:c1:98:90:f1:99:b2:ec:3a:06:2f:44:
27:9c:01:76:97:87:c7:77:8a:e7:70:f5:84:0b:81:2b:f0:8d:
4a:d1:67:51:25:6b:69:a6:e6:14:ad:78:77:99:0e:93:c7:ef:
65:f2:a9:3a:d6:38:89:bb:a8:ad:d9:4d:12:2d:18:82:77:86:
0b:ac:d6:9a:86:48:fa:af:78:ad:e6:39:6a:93:3f:05:3e:6b:
77:03:bb:15:12:5c:f1:53:94:2b:91:3c:f2:d2:36:05:72:ba:
87:21:3d:90:43:c6:53:b5:1b:76:09:53:56:6c:25:0f:ab:51:
e5:7b:bc:fa:8d:c8:10:af:a7:8b:8c:c7:70:fa:b5:a4:c5:d2:
14:9e:6f:3b:ff:0a:3f:5f:32:89:7d:24:7a:46:65:84:0c:42:
4a:ed:d1:0b:07:04:64:80:99:3a:c5:30:6c:52:cc:a3:45:8b:
68:a6:04:78:6b:47:f3:01:18:2e:1c:82:38:6a:cd:b3:9e:32:
ce:95:de:b9:76:06:e6:e8:7a:e5:4b:b5:6a:9d:81:ea:54:68:
36:80:be:4c:83:79:5d:40:09:6f:ff:cc:fa:2e:2e:88:0b:b2:
70:0a:36:37
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYNaSTZMWowXZpnIKJI8Fjx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIwOTIwMDk0NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTM3MjY4M2Y5M2E5YWE2ZjM5OWI5MDIwMjFlYTQwOGVlMjBkOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho5jGuN56NQc+OCVKDYtOwTkrnKA
nQ3ALe12TZELvbYKuhDEJ6ETaF0PihZ0owHHyL16CkjlkOMvcpBsYuSyLxhd6x8p
PuBqdHaUyVHX8d6bOR2DJvTXGcdm97eCR+z3bEXsyv2qhv1F91smQQz1ENATNZHJ
PTAQ/nfO+19LtmRQItQGbBvNv4TdCWc+SPXVvagF1SwZFITK6wbyf2MFdP+ZQSi6
nUKGva5Ml1m7+U5rV/CoCdVgBG3Mi9qjdB/1fyCzCqgwt7RvlEGXLX+ldHutPQS3
+pSfDikIVJSpAiWeB1ojS2sJyyPpzGYrjJ3JU4Udtkb59byXK74mCCZ3lwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNo3JoP5Opqm85m5AgIepAjuINkXMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMmpjbWdfazZtcWJ6bWJrQ0FoNmtDTzRnMlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAufB7MAwD
BAC5/30DBAC5/34wDQYJKoZIhvcNAQELBQADggEBAJDLqEUKLdQKbuTx9NKUQt66
f8FKBXh1ZGTBmJDxmbLsOgYvRCecAXaXh8d3iudw9YQLgSvwjUrRZ1Ela2mm5hSt
eHeZDpPH72XyqTrWOIm7qK3ZTRItGIJ3hgus1pqGSPqveK3mOWqTPwU+a3cDuxUS
XPFTlCuRPPLSNgVyuochPZBDxlO1G3YJU1ZsJQ+rUeV7vPqNyBCvp4uMx3D6taTF
0hSebzv/Cj9fMol9JHpGZYQMQkrt0QsHBGSAmTrFMGxSzKNFi2imBHhrR/MBGC4c
gjhqzbOeMs6V3rl2BuboeuVLtWqdgepUaDaAvkyDeV1ACW//zPouLogLsnAKNjc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org