Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/jXjyyZF53WLYMznTfcxNZLFM-Es.roa
File: jXjyyZF53WLYMznTfcxNZLFM-Es.roa (raw, json)
Hash identifier: brRdiPwz6pC5PjWaES5AxC8pJcAKGDWZnGeHtraRYH8=
Subject key identifier: 8D:78:F2:C9:91:79:DD:62:D8:33:39:D3:7D:CC:4D:64:B1:4C:F8:4B
Certificate issuer: /CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Certificate serial: 074FD4B3
Authority key identifier: EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/jXjyyZF53WLYMznTfcxNZLFM-Es.roa
Signing time: Sat 01 Jan 2022 09:53:08 +0000
ROA not before: Sat 01 Jan 2022 09:53:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42929
IP address blocks: 185.142.136.0/22 maxlen: 22
45.156.244.0/22 maxlen: 22
193.36.182.0/24 maxlen: 24
193.104.36.0/24 maxlen: 24
193.33.222.0/23 maxlen: 23
2a07:2d80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122672307 (0x74fd4b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Validity
Not Before: Jan 1 09:53:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d78f2c99179dd62d83339d37dcc4d64b14cf84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:01:39:d2:bc:55:9f:86:d7:a2:a2:90:28:5d:
e3:62:b3:bf:f1:3b:f3:9f:c8:e2:43:3d:52:c3:ce:
32:93:b7:4f:f8:99:16:61:b7:c4:fb:b4:c4:23:2e:
cd:53:55:ab:f6:db:f4:5c:81:86:2b:40:60:6d:19:
e6:cd:76:1d:ff:1a:5c:f1:68:fd:54:6b:0b:7a:a2:
45:a8:13:5e:07:e6:9e:03:ac:61:93:c3:85:9a:5f:
5a:da:b1:e7:a0:a2:1b:f4:68:6f:ba:74:5e:c7:2f:
e4:d7:c9:28:90:6d:6f:05:8b:eb:6c:2d:ca:0c:a1:
5e:ed:44:ba:67:b7:df:97:5d:d3:50:39:31:d0:77:
e1:cc:a1:13:bd:76:27:68:b0:3f:5e:4f:c9:5a:9f:
a1:2c:b6:a6:21:e1:f7:49:14:dc:78:c8:14:09:e1:
ff:c1:e8:e7:89:38:04:da:fa:96:6f:a5:91:22:39:
b4:8d:4c:92:3f:92:8c:32:7f:79:c1:06:12:40:24:
0e:9d:ec:83:51:b3:65:53:42:26:40:f1:3b:7d:26:
02:3d:98:5d:a2:37:7d:1b:a4:a6:c3:f0:af:ad:b9:
cb:35:6f:0f:85:de:8c:93:9f:e9:39:f1:c7:3a:55:
7d:1b:80:db:4f:34:3e:8c:62:52:f2:7f:0e:e2:56:
eb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:78:F2:C9:91:79:DD:62:D8:33:39:D3:7D:CC:4D:64:B1:4C:F8:4B
X509v3 Authority Key Identifier:
keyid:EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/jXjyyZF53WLYMznTfcxNZLFM-Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/758eOCZUELPCqSLTFpxPKZUUGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.244.0/22
185.142.136.0/22
193.33.222.0/23
193.36.182.0/24
193.104.36.0/24
IPv6:
2a07:2d80::/29
Signature Algorithm: sha256WithRSAEncryption
4e:4e:fa:92:97:39:88:73:1f:c3:e0:93:55:ce:49:ea:19:86:
66:b0:32:83:d1:7f:02:ac:78:7e:84:9e:e4:c9:5b:e7:58:f5:
9b:4f:08:c3:21:8a:cf:1f:98:28:3d:85:b7:df:10:f8:ed:d8:
b7:9e:ed:13:a9:3c:f7:20:35:7b:05:fe:fb:17:e2:dc:4e:d6:
43:11:9f:57:74:52:12:c1:dd:dd:82:55:f3:9f:3b:68:5f:f5:
b0:a4:fe:d2:7d:2a:89:f8:84:6b:3e:6f:f1:b5:fa:44:c3:b5:
a5:1d:b8:4b:5a:39:b4:56:14:b3:43:af:6c:97:08:a2:90:98:
06:8f:00:1c:fe:88:9f:77:a8:0d:bd:4b:d4:8c:b4:ce:33:4a:
ff:6f:e8:3b:eb:0e:b3:7e:f0:d3:cb:7e:ce:99:7e:a4:64:d7:
2d:cf:34:63:41:8f:f7:e4:f5:b9:e5:1b:7f:91:d5:2b:ea:69:
13:bc:2c:ea:5f:92:6a:14:c4:ac:a4:eb:de:cd:3c:fc:96:78:
ff:22:ab:f4:64:c1:85:19:b2:f1:23:8f:46:35:8f:f0:89:f6:
da:21:73:a2:96:66:50:93:1e:b6:03:9f:ca:0c:93:89:d9:67:
9b:1e:74:86:6c:a8:96:ca:29:8b:d4:c2:6c:9f:48:2b:b7:a0:
64:5d:ef:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEB0/UszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjlmMWUzODI2NTQxMGIzYzJhOTIyZDMxNjljNGYyOTk1MTQxYTJkMB4XDTIyMDEw
MTA5NTMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ3OGYyYzk5MTc5
ZGQ2MmQ4MzMzOWQzN2RjYzRkNjRiMTRjZjg0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8BOdK8VZ+G16KikChd42Kzv/E785/I4kM9UsPOMpO3T/iZ
FmG3xPu0xCMuzVNVq/bb9FyBhitAYG0Z5s12Hf8aXPFo/VRrC3qiRagTXgfmngOs
YZPDhZpfWtqx56CiG/Rob7p0Xscv5NfJKJBtbwWL62wtygyhXu1Eume335dd01A5
MdB34cyhE712J2iwP15PyVqfoSy2piHh90kU3HjIFAnh/8Ho54k4BNr6lm+lkSI5
tI1Mkj+SjDJ/ecEGEkAkDp3sg1GzZVNCJkDxO30mAj2YXaI3fRukpsPwr625yzVv
D4XejJOf6TnxxzpVfRuA2080PoxiUvJ/DuJW668CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSNePLJkXndYtgzOdN9zE1ksUz4SzAfBgNVHSMEGDAWgBTvnx44JlQQs8Kp
ItMWnE8plRQaLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc1OGVPQ1pVRUxQQ3FTTFRGcHhQS1pVVUdpMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvZDZmYjFjLTk1YzMtNGJmZi04NTU2LTgwNTdkYTc1NDQ1Mi8x
L2pYanl5WkY1M1dMWU16blRmY3hOWkxGTS1Fcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
ZDZmYjFjLTk1YzMtNGJmZi04NTU2LTgwNTdkYTc1NDQ1Mi8xLzc1OGVPQ1pVRUxQ
Q3FTTFRGcHhQS1pVVUdpMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAi2c9AMEArmOiAMEAcEh3gMEAMEk
tgMEAMFoJDANBAIAAjAHAwUDKgctgDANBgkqhkiG9w0BAQsFAAOCAQEATk76kpc5
iHMfw+CTVc5J6hmGZrAyg9F/Aqx4foSe5Mlb51j1m08IwyGKzx+YKD2Ft98Q+O3Y
t57tE6k89yA1ewX++xfi3E7WQxGfV3RSEsHd3YJV8587aF/1sKT+0n0qifiEaz5v
8bX6RMO1pR24S1o5tFYUs0OvbJcIopCYBo8AHP6In3eoDb1L1Iy0zjNK/2/oO+sO
s37w08t+zpl+pGTXLc80Y0GP9+T1ueUbf5HVK+ppE7ws6l+SahTErKTr3s08/JZ4
/yKr9GTBhRmy8SOPRjWP8In22iFzopZmUJMetgOfygyTidlnmx50hmyolsopi9TC
bJ9IK7egZF3vww==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:59 2023 by rpki-client on console-fra.rpki-client.org