Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JsVxbx8MWlWDasHs2SQYm0nQQlA.roa
File: JsVxbx8MWlWDasHs2SQYm0nQQlA.roa (raw, json)
Hash identifier: hpLvCVoYyH8imVESQflaZfQr7bu8hNN+wpgEASEv62g=
Subject key identifier: 26:C5:71:6F:1F:0C:5A:55:83:6A:C1:EC:D9:24:18:9B:49:D0:42:50
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 03EA22F3
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JsVxbx8MWlWDasHs2SQYm0nQQlA.roa
Signing time: Sat 01 Jan 2022 09:54:13 +0000
ROA not before: Sat 01 Jan 2022 09:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 193.118.32.0/19 maxlen: 24
185.207.112.0/22 maxlen: 24
23.90.128.0/18 maxlen: 24
193.118.96.0/19 maxlen: 19
192.169.96.0/19 maxlen: 24
199.182.232.0/21 maxlen: 24
104.166.128.0/18 maxlen: 24
2a0b:21c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65676019 (0x3ea22f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 1 09:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26c5716f1f0c5a55836ac1ecd924189b49d04250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:9c:4f:08:e0:15:d6:44:63:1e:1c:3b:02:
8c:fb:b3:f8:42:08:bb:6a:cb:ba:c5:04:60:94:c7:
de:b5:7a:a5:aa:27:55:fa:fe:9d:2c:c8:fa:36:55:
5e:94:14:f9:e8:1a:52:86:a4:cc:83:be:32:81:d2:
7e:b5:2f:97:3f:81:51:00:1d:22:db:e3:aa:4e:95:
68:32:2b:a5:2a:ec:00:ad:c9:56:bb:fb:4e:de:cb:
4d:15:ee:77:98:03:13:4c:80:c5:67:4c:ab:ff:83:
ac:52:8d:1b:be:2c:26:54:43:25:f5:70:0f:fc:99:
a4:0b:05:a1:26:6f:75:0c:02:7d:ac:4d:cc:4f:5c:
56:fb:e4:4f:db:74:b7:38:67:e4:28:b9:c1:03:89:
f2:8c:01:c9:68:1c:18:48:6d:4d:87:25:af:4f:b1:
fb:0e:b6:61:3f:7b:7c:ad:af:58:fd:90:4f:e5:85:
b9:94:20:fa:73:bf:b3:51:ca:1b:5c:6e:ad:b1:66:
23:cf:e8:28:5f:01:8f:14:91:83:49:ba:ca:24:c3:
03:23:32:f4:ca:d1:80:82:c7:53:00:f4:2f:61:90:
1a:d1:40:ff:81:07:47:c5:be:ee:94:27:1d:71:23:
50:3a:e5:5e:b3:de:5c:4a:97:68:08:da:3c:17:70:
80:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C5:71:6F:1F:0C:5A:55:83:6A:C1:EC:D9:24:18:9B:49:D0:42:50
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JsVxbx8MWlWDasHs2SQYm0nQQlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.128.0/18
104.166.128.0/18
185.207.112.0/22
192.169.96.0/19
193.118.32.0/19
193.118.96.0/19
199.182.232.0/21
IPv6:
2a0b:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:93:98:92:1c:4a:ca:f1:f9:8c:54:74:6d:a1:05:0f:8d:9c:
b7:61:05:e9:01:cb:7d:8e:db:f7:33:46:ec:50:36:e7:1d:db:
74:de:b6:48:d1:d7:35:75:5c:f6:ff:05:0a:fd:52:41:c2:f8:
aa:50:81:cc:88:1c:9e:a6:86:bc:1c:d5:77:8e:48:e7:97:34:
61:c3:22:22:87:8c:fe:4a:af:9a:a3:f7:dc:69:5a:d0:7e:57:
3f:4b:98:aa:6d:44:1a:94:97:f5:06:6f:06:78:a5:99:cd:55:
a4:e3:0b:71:94:23:67:48:1a:76:40:40:ef:d7:d9:60:83:cf:
0e:ea:41:65:22:fd:da:41:5e:05:18:e9:5f:4b:70:b2:76:41:
f5:50:82:45:70:00:fb:4e:3f:7e:eb:dc:37:06:dc:5e:d7:3d:
cd:36:b5:31:82:4c:d0:cd:8b:97:57:f3:7b:bd:ad:62:d0:42:
59:b4:26:1f:ce:5d:ae:dd:12:84:36:80:e7:3d:5e:0a:1f:61:
be:57:c5:ee:c8:53:e6:d4:1f:1b:98:92:e2:93:83:bd:cd:ff:
bc:73:a3:c9:46:84:09:f7:8b:15:3c:6c:dd:62:fa:92:74:91:
fe:66:a0:c9:f6:ec:91:26:1e:fe:5b:ee:4c:6e:45:4a:56:07:
2c:2d:27:42
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEA+oi8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTc3NmM3N2Y4ZWJlNzA5NGNhMDA3YWNlMWE5YzBiZmRjMmIzYWVjMB4XDTIyMDEw
MTA5NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjZjNTcxNmYxZjBj
NWE1NTgzNmFjMWVjZDkyNDE4OWI0OWQwNDI1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALH+nE8I4BXWRGMeHDsCjPuz+EIIu2rLusUEYJTH3rV6paon
Vfr+nSzI+jZVXpQU+egaUoakzIO+MoHSfrUvlz+BUQAdItvjqk6VaDIrpSrsAK3J
Vrv7Tt7LTRXud5gDE0yAxWdMq/+DrFKNG74sJlRDJfVwD/yZpAsFoSZvdQwCfaxN
zE9cVvvkT9t0tzhn5Ci5wQOJ8owByWgcGEhtTYclr0+x+w62YT97fK2vWP2QT+WF
uZQg+nO/s1HKG1xurbFmI8/oKF8BjxSRg0m6yiTDAyMy9MrRgILHUwD0L2GQGtFA
/4EHR8W+7pQnHXEjUDrlXrPeXEqXaAjaPBdwgH8CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQmxXFvHwxaVYNqwezZJBibSdBCUDAfBgNVHSMEGDAWgBQld2x3+OvnCUyg
B6zhqcC/3Cs67DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pYZHNkX2pyNXdsTW9BZXM0YW5Bdjl3ck91dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvNTdlMDhjLWNhM2EtNDA5OS1hZTc0LWU3ZGFlYzE5NGE2OS8x
L0pzVnhieDhNV2xXRGFzSHMyU1FZbTBuUVFsQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
NTdlMDhjLWNhM2EtNDA5OS1hZTc0LWU3ZGFlYzE5NGE2OS8xL0pYZHNkX2pyNXds
TW9BZXM0YW5Bdjl3ck91dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBhdagAMEBmimgAMEArnPcAMEBcCp
YAMEBcF2IAMEBcF2YAMEA8e26DANBAIAAjAHAwUDKgshwDANBgkqhkiG9w0BAQsF
AAOCAQEAIpOYkhxKyvH5jFR0baEFD42ct2EF6QHLfY7b9zNG7FA25x3bdN62SNHX
NXVc9v8FCv1SQcL4qlCBzIgcnqaGvBzVd45I55c0YcMiIoeM/kqvmqP33Gla0H5X
P0uYqm1EGpSX9QZvBnilmc1VpOMLcZQjZ0gadkBA79fZYIPPDupBZSL92kFeBRjp
X0twsnZB9VCCRXAA+04/fuvcNwbcXtc9zTa1MYJM0M2Ll1fze72tYtBCWbQmH85d
rt0ShDaA5z1eCh9hvlfF7shT5tQfG5iS4pODvc3/vHOjyUaECfeLFTxs3WL6knSR
/magyfbskSYe/lvuTG5FSlYHLC0nQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org