Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1jldqYw0FVvG0BnVQ7cfPQkfB7w.roa
File: 1jldqYw0FVvG0BnVQ7cfPQkfB7w.roa (raw, json)
Hash identifier: oKOrHT0JsgBcPBov0upL2EO6dKKMPGPt7OxdOL23IdU=
Subject key identifier: D6:39:5D:A9:8C:34:15:5B:C6:D0:19:D5:43:B7:1F:3D:09:1F:07:BC
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01850716819893459D964E8CB707D3D12C66
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1jldqYw0FVvG0BnVQ7cfPQkfB7w.roa
Signing time: Mon 12 Dec 2022 16:06:33 +0000
ROA not before: Mon 12 Dec 2022 16:06:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.14.155.0/24 maxlen: 24
194.68.127.0/24 maxlen: 24
194.14.156.0/24 maxlen: 24
194.14.154.0/24 maxlen: 24
194.103.240.0/20 maxlen: 20
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
194.132.95.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
192.165.95.0/24 maxlen: 24
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:16:81:98:93:45:9d:96:4e:8c:b7:07:d3:d1:2c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 12 16:06:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6395da98c34155bc6d019d543b71f3d091f07bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:31:97:ef:57:06:3a:4d:92:6b:35:d0:49:0f:
aa:d8:ec:c8:bc:49:9f:c8:8c:1f:a6:01:57:69:38:
07:b3:3c:ff:13:49:38:33:bd:5d:0e:ae:45:58:c7:
59:c1:e9:19:40:a6:ff:aa:d3:07:3c:f1:8d:78:9d:
a1:50:23:19:94:dd:eb:71:e1:ac:7a:e7:33:49:61:
b1:a8:a6:ab:fd:43:bf:90:0a:46:fd:41:a6:75:17:
b4:50:4d:17:cc:fb:e7:a0:63:12:d8:27:c1:43:b9:
96:3d:ae:af:2d:e4:d6:2c:3d:c2:fe:c2:f6:70:36:
7d:1b:d7:b8:52:03:7d:08:3a:60:0d:b2:49:ba:cc:
70:25:c2:89:8e:93:7c:6f:3a:cb:e0:7f:2b:8b:3a:
d6:64:49:aa:5a:78:88:e7:77:01:23:b6:91:e4:22:
c8:59:ea:ac:60:f5:7c:09:d6:f4:5e:b0:c3:c3:11:
62:87:23:53:02:13:87:73:0a:9e:42:44:88:53:42:
dc:50:91:20:fc:63:05:9a:26:6f:08:44:21:05:02:
7d:eb:8c:56:20:e1:06:49:dd:6c:3c:85:61:d4:96:
fb:cd:9a:48:85:ae:b7:d0:29:ef:37:6d:1d:91:85:
af:80:69:00:35:a4:fe:73:27:8a:61:51:64:85:d2:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:39:5D:A9:8C:34:15:5B:C6:D0:19:D5:43:B7:1F:3D:09:1F:07:BC
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1jldqYw0FVvG0BnVQ7cfPQkfB7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.95.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
194.14.154.0-194.14.156.255
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.95.0/24
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:ed:ab:25:bf:9c:d7:30:55:6b:ee:c4:a6:19:8e:4a:12:9a:
fb:4b:85:c3:d0:f0:0f:06:35:0a:1d:5e:91:5f:22:ff:90:8a:
23:58:3c:1b:00:0c:b8:03:f8:81:4a:58:9b:f8:bd:c2:db:47:
c5:05:db:93:b2:9c:b7:06:0f:ba:d1:bc:26:5d:b4:93:d1:a0:
5f:3e:c6:e1:0b:fa:a3:59:2f:31:8d:73:91:2c:59:df:96:98:
58:6c:d8:9b:cc:ee:2e:24:e5:a8:3a:d3:8a:71:07:4b:63:5a:
8c:76:48:10:d8:44:16:6d:d2:6e:fb:fc:1b:f8:80:fe:76:78:
76:0a:d4:63:e6:a7:c4:92:67:84:94:66:fa:f0:71:f2:51:6f:
a8:52:35:9f:25:be:71:4b:46:62:56:6c:99:6e:fe:ba:8f:c3:
b7:e8:78:ac:73:10:3c:dc:6c:96:8a:48:63:f6:32:b4:d9:67:
1f:01:66:2b:b1:06:d5:61:6f:74:84:40:2f:5a:ba:a7:c9:2b:
e1:af:a5:a4:9e:dc:91:bc:12:0b:18:41:22:70:f2:48:96:fe:
0e:78:52:b9:ba:82:96:be:bf:5b:36:a0:b0:20:43:98:13:f5:
dd:e5:dc:9c:87:e2:63:2d:a0:02:ae:2f:8c:ef:ae:d3:43:f8:
0f:ee:bd:0c
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYUHFoGYk0Wdlk6MtwfT0SxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjEyMTYwNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM5NWRhOThjMzQxNTViYzZkMDE5ZDU0M2I3MWYzZDA5MWYwN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDGX71cGOk2SazXQSQ+q2OzIvEmf
yIwfpgFXaTgHszz/E0k4M71dDq5FWMdZwekZQKb/qtMHPPGNeJ2hUCMZlN3rceGs
euczSWGxqKar/UO/kApG/UGmdRe0UE0XzPvnoGMS2CfBQ7mWPa6vLeTWLD3C/sL2
cDZ9G9e4UgN9CDpgDbJJusxwJcKJjpN8bzrL4H8rizrWZEmqWniI53cBI7aR5CLI
WeqsYPV8Cdb0XrDDwxFihyNTAhOHcwqeQkSIU0LcUJEg/GMFmiZvCEQhBQJ964xW
IOEGSd1sPIVh1Jb7zZpIha630CnvN20dkYWvgGkANaT+cyeKYVFkhdKz+wIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFNY5XamMNBVbxtAZ1UO3Hz0JHwe8MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMWpsZHFZdzBGVnZHMEJuVlE3Y2ZQUWtmQjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBADA
JGADBADAeSgwDAMEAcB5MgMEAMB5NAMEAMB5cwMEAMB55QMEAMClDAMEAMClHwME
AMClXwMEAMClrQMEAMCltAMEAMCl5QMEAMCwfAMEAMG0BzAMAwQAwbSvAwQAwbSw
AwQAwbZrAwQAwbZ+AwQBwbaYAwQAwba+AwQCwbfkAwQBwbfsMAwDBAHCDpoDBADC
DpwDBADCDvUwDAMEA8JESAMEAcJETAMEAMJETwMEAMJEfwMEBMJn8AMEAMKEXwME
AsKEvDANBgkqhkiG9w0BAQsFAAOCAQEAtu2rJb+c1zBVa+7EphmOShKa+0uFw9Dw
DwY1Ch1ekV8i/5CKI1g8GwAMuAP4gUpYm/i9wttHxQXbk7KctwYPutG8Jl20k9Gg
Xz7G4Qv6o1kvMY1zkSxZ35aYWGzYm8zuLiTlqDrTinEHS2NajHZIENhEFm3Sbvv8
G/iA/nZ4dgrUY+anxJJnhJRm+vBx8lFvqFI1nyW+cUtGYlZsmW7+uo/Dt+h4rHMQ
PNxslopIY/YytNlnHwFmK7EG1WFvdIRAL1q6p8kr4a+lpJ7ckbwSCxhBInDySJb+
DnhSubqClr6/WzagsCBDmBP13eXcnIfiYy2gAq4vjO+u00P4D+69DA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:01 2025 by rpki-client