Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/JfzE_kd5Son46lUOj0fAY3I6NNM.roa
File: JfzE_kd5Son46lUOj0fAY3I6NNM.roa (raw, json)
Hash identifier: HEmJiOvz0XU2U0qEitlUVIgKBBTo8xzFQqNoAGemYq4=
Subject key identifier: 25:FC:C4:FE:47:79:4A:89:F8:EA:55:0E:8F:47:C0:63:72:3A:34:D3
Certificate issuer: /CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Certificate serial: 05418DD8
Authority key identifier: 9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/JfzE_kd5Son46lUOj0fAY3I6NNM.roa
Signing time: Wed 23 Mar 2022 14:44:12 +0000
ROA not before: Wed 23 Mar 2022 14:44:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204903
IP address blocks: 185.236.106.0/24 maxlen: 24
185.236.107.0/24 maxlen: 24
185.236.105.0/24 maxlen: 24
185.236.104.0/24 maxlen: 24
185.236.104.0/22 maxlen: 22
2a12:7bc0:104::/48 maxlen: 48
2a12:7bc0:105::/48 maxlen: 48
2a12:7bc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88182232 (0x5418dd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Validity
Not Before: Mar 23 14:44:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25fcc4fe47794a89f8ea550e8f47c063723a34d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4f:1c:7d:75:51:27:16:54:0e:e9:9b:97:60:
88:b2:99:62:30:be:62:83:45:1f:6f:0e:24:ef:0e:
d1:f9:e6:76:5c:ba:c5:46:e7:a2:ea:b2:3e:b9:5d:
3b:bb:f7:39:8f:a7:b5:9c:52:8b:dd:47:f6:e6:51:
a8:a3:43:1e:77:56:70:84:28:85:0f:cc:9a:3d:4c:
8e:40:87:c2:e0:6d:27:05:81:e9:d8:06:72:5b:09:
56:60:8d:d0:d0:dc:6b:aa:d5:6e:a3:98:bd:21:f4:
05:31:b3:6b:9c:89:6e:40:99:0b:b5:6a:0d:fb:d6:
4b:c7:45:76:ad:e9:a8:90:1e:74:5d:84:28:a4:8b:
c9:97:34:f8:b8:6e:37:d5:81:32:1e:35:06:f1:4e:
de:ae:44:85:f8:d5:58:72:ec:bb:a4:58:7e:f9:09:
f6:69:15:62:5c:fe:40:7f:24:55:cf:8e:25:38:cc:
ad:34:01:7b:48:ac:a9:36:41:39:a1:77:22:22:a7:
b1:22:29:7c:d3:ea:3e:57:ec:fb:a3:3d:6c:58:3d:
07:22:8c:d9:49:6d:74:05:c6:92:7d:dc:a8:34:79:
fe:87:af:7f:1c:a7:38:c2:7f:92:f8:95:f7:c5:da:
37:fd:07:2e:94:8d:e2:08:58:f8:94:4c:52:a8:81:
7a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FC:C4:FE:47:79:4A:89:F8:EA:55:0E:8F:47:C0:63:72:3A:34:D3
X509v3 Authority Key Identifier:
keyid:9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/JfzE_kd5Son46lUOj0fAY3I6NNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.104.0/22
IPv6:
2a12:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
52:d8:d5:e6:8b:e9:01:a4:7f:8f:f6:c7:65:86:71:67:52:6d:
18:aa:54:1c:30:90:d6:da:1f:fe:40:ec:80:1e:97:86:ea:d2:
35:a4:d2:fe:8f:10:73:84:fa:dc:2f:18:94:95:b4:a8:61:bc:
31:bd:89:57:ef:74:68:f3:c0:69:d5:64:a1:ea:51:a7:57:b8:
a9:c0:15:45:15:1c:7c:8b:1d:d5:99:43:99:36:4d:b8:b0:01:
c7:9c:87:66:5a:0b:16:96:d5:46:f3:f3:ba:00:10:26:25:55:
c3:2d:72:51:7c:31:17:18:fa:59:42:51:74:a7:7d:16:06:95:
93:87:e2:ba:28:ba:0a:1d:cf:18:e9:8c:c2:be:c4:bc:6e:4e:
f3:f1:8f:76:a4:f0:df:17:53:23:a8:98:bf:f0:e1:3a:cf:1a:
a1:ad:d9:ce:42:fa:1d:cd:38:04:4d:57:99:4b:13:0f:a8:0f:
82:45:b1:08:50:9d:06:8a:3c:04:65:f2:66:c7:49:dc:1d:45:
06:7d:95:1c:3d:83:87:07:b7:92:9c:b2:d2:a4:43:88:3f:03:
e5:2a:87:58:1e:a2:29:c9:e6:ff:f5:6c:14:14:a7:20:3e:75:
ce:10:30:50:27:d0:5b:66:6e:c7:6f:d6:be:6c:7c:ed:d9:4a:
30:e7:d7:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBUGN2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFhMDg2OTJmMjI4ZGEwYzQxYjMxN2M2ZmE3Y2M1YzNiZWM1MWUxMB4XDTIyMDMy
MzE0NDQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVmY2M0ZmU0Nzc5
NGE4OWY4ZWE1NTBlOGY0N2MwNjM3MjNhMzRkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1PHH11UScWVA7pm5dgiLKZYjC+YoNFH28OJO8O0fnmdly6
xUbnouqyPrldO7v3OY+ntZxSi91H9uZRqKNDHndWcIQohQ/Mmj1MjkCHwuBtJwWB
6dgGclsJVmCN0NDca6rVbqOYvSH0BTGza5yJbkCZC7VqDfvWS8dFdq3pqJAedF2E
KKSLyZc0+LhuN9WBMh41BvFO3q5EhfjVWHLsu6RYfvkJ9mkVYlz+QH8kVc+OJTjM
rTQBe0isqTZBOaF3IiKnsSIpfNPqPlfs+6M9bFg9ByKM2UltdAXGkn3cqDR5/oev
fxynOMJ/kviV98XaN/0HLpSN4ghY+JRMUqiBessCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQl/MT+R3lKifjqVQ6PR8Bjcjo00zAfBgNVHSMEGDAWgBSaGghpLyKNoMQb
MXxvp8xcO+xR4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21ob0lhUzhpamFERUd6RjhiNmZNWER2c1VlRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvZDBmYWQxLWI4YjEtNDk2MC1iNjdmLTAyZWRmMDhmN2NmOC8x
L0pmekVfa2Q1U29uNDZsVU9qMGZBWTNJNk5OTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
ZDBmYWQxLWI4YjEtNDk2MC1iNjdmLTAyZWRmMDhmN2NmOC8xL21ob0lhUzhpamFE
RUd6RjhiNmZNWER2c1VlRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnsaDANBAIAAjAHAwUAKhJ7wDAN
BgkqhkiG9w0BAQsFAAOCAQEAUtjV5ovpAaR/j/bHZYZxZ1JtGKpUHDCQ1tof/kDs
gB6XhurSNaTS/o8Qc4T63C8YlJW0qGG8Mb2JV+90aPPAadVkoepRp1e4qcAVRRUc
fIsd1ZlDmTZNuLABx5yHZloLFpbVRvPzugAQJiVVwy1yUXwxFxj6WUJRdKd9FgaV
k4fiuii6Ch3PGOmMwr7EvG5O8/GPdqTw3xdTI6iYv/DhOs8aoa3ZzkL6Hc04BE1X
mUsTD6gPgkWxCFCdBoo8BGXyZsdJ3B1FBn2VHD2Dhwe3kpyy0qRDiD8D5SqHWB6i
Kcnm//VsFBSnID51zhAwUCfQW2Zux2/Wvmx87dlKMOfXXQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:49:57 2025 by rpki-client