Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Jflhm504G3-5yWvSQzazqYKfNow.roa
File: Jflhm504G3-5yWvSQzazqYKfNow.roa (raw, json)
Hash identifier: ZZtMzC/cREXg2b3m10sqoSYcluOChZKStvpUkiusPaw=
Subject key identifier: 25:F9:61:9B:9D:38:1B:7F:B9:C9:6B:D2:43:36:B3:A9:82:9F:36:8C
Certificate issuer: /CN=61b534437503668815add93cd17d0ad3e1b1a877
Certificate serial: 0BB35893
Authority key identifier: 61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Jflhm504G3-5yWvSQzazqYKfNow.roa
Signing time: Thu 13 Jan 2022 07:35:59 +0000
ROA not before: Thu 13 Jan 2022 07:35:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13127
IP address blocks: 82.172.0.0/16 maxlen: 24
82.173.192.0/19 maxlen: 24
62.166.51.0/24 maxlen: 24
62.166.50.0/24 maxlen: 24
62.166.56.0/24 maxlen: 24
82.173.0.0/16 maxlen: 24
82.173.128.0/18 maxlen: 24
143.176.0.0/16 maxlen: 24
62.166.0.0/17 maxlen: 24
87.214.0.0/15 maxlen: 24
82.173.81.0/24 maxlen: 24
82.175.0.0/16 maxlen: 24
82.172.128.0/17 maxlen: 24
62.250.0.0/17 maxlen: 24
81.58.0.0/16 maxlen: 24
217.149.216.0/24 maxlen: 24
81.58.0.0/15 maxlen: 24
62.58.0.0/15 maxlen: 24
87.213.0.0/16 maxlen: 24
143.179.0.0/16 maxlen: 24
87.211.0.0/16 maxlen: 24
81.59.128.0/17 maxlen: 24
2a01:380:6000::/43 maxlen: 43
2a01:380::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196302995 (0xbb35893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b534437503668815add93cd17d0ad3e1b1a877
Validity
Not Before: Jan 13 07:35:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=25f9619b9d381b7fb9c96bd24336b3a9829f368c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fa:09:18:f6:78:0d:c9:53:fe:fe:4e:5e:fc:
04:03:6a:42:00:d6:42:25:99:a5:e7:5b:73:d8:de:
c5:2e:71:b6:5a:f9:37:40:ce:14:05:7c:22:05:9a:
a5:7d:7a:d0:51:9c:32:51:0d:2e:b4:96:ae:93:c1:
68:da:ee:76:0c:4b:8c:7a:ba:05:65:b5:58:b1:ce:
a7:b0:69:8c:58:71:07:10:f1:80:98:bf:2c:86:bd:
fd:4a:03:e8:92:7a:51:de:06:70:b5:29:60:28:be:
75:ba:ae:df:50:bb:b6:ab:a3:52:e8:fc:ed:0c:f2:
31:73:d4:ef:d9:c3:64:39:4f:3c:ce:34:4b:42:53:
77:75:46:00:b4:70:34:c0:17:81:79:fd:88:6c:9f:
06:79:5d:e0:f4:1c:b8:45:48:f9:af:f7:18:84:be:
df:89:2e:ed:74:1d:a2:8a:24:72:33:b4:e2:92:aa:
45:bc:0b:7b:48:a6:32:19:0a:d4:f2:3c:d3:fe:8d:
fb:06:22:2c:a4:a9:ca:35:02:fa:bc:12:84:a8:0b:
51:b9:ac:4a:6a:41:9d:b8:5a:9d:97:2c:70:1a:47:
7e:59:d2:f6:77:44:e1:33:7a:e3:26:d6:11:c2:b6:
e9:de:b2:7a:41:d3:43:41:79:9e:d9:31:29:9c:cb:
8b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F9:61:9B:9D:38:1B:7F:B9:C9:6B:D2:43:36:B3:A9:82:9F:36:8C
X509v3 Authority Key Identifier:
keyid:61:B5:34:43:75:03:66:88:15:AD:D9:3C:D1:7D:0A:D3:E1:B1:A8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbU0Q3UDZogVrdk80X0K0-GxqHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/Jflhm504G3-5yWvSQzazqYKfNow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c1acd6-230a-4e36-a58f-f555e2e68a10/1/YbU0Q3UDZogVrdk80X0K0-GxqHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.58.0.0/15
62.166.0.0/17
62.250.0.0/17
81.58.0.0/15
82.172.0.0/15
82.175.0.0/16
87.211.0.0/16
87.213.0.0-87.215.255.255
143.176.0.0/16
143.179.0.0/16
217.149.216.0/24
IPv6:
2a01:380::/32
Signature Algorithm: sha256WithRSAEncryption
12:fe:7c:7b:3a:81:53:86:bf:2a:8c:13:da:63:9f:02:ec:90:
7a:5d:4f:54:8a:ff:23:ad:6b:5f:b1:e6:65:d3:74:57:91:86:
84:d7:e3:56:5f:83:40:94:d5:0b:0c:47:7a:20:d6:49:41:28:
a6:e6:77:4f:c2:c4:89:41:d3:d3:f9:6e:22:59:b6:5d:33:55:
8f:6e:d8:2a:6f:69:ad:c4:5b:35:89:9b:a2:30:ad:ec:dd:3a:
52:bb:ba:a4:98:df:c3:9a:3b:d1:9e:c1:67:8a:de:e2:9d:6a:
96:ef:d5:ee:7d:3c:0c:68:87:90:16:a8:7b:23:e3:34:e1:db:
3b:01:e5:b1:cb:d6:92:7c:5c:ce:e5:10:9c:88:d3:92:ef:60:
94:2a:9e:9b:d1:a0:f9:05:0d:e4:6b:26:18:b5:1c:6b:78:34:
bc:33:46:66:63:13:c0:1d:d8:d3:21:dd:c1:65:f4:4e:00:19:
58:5b:07:51:0e:98:0c:f7:aa:66:1d:44:35:7a:31:b3:4f:17:
be:ed:8d:39:61:1e:e2:cf:d9:43:ff:d8:22:36:3b:d5:9b:d4:
79:72:60:24:71:64:65:e4:9f:b3:dc:aa:ac:ce:cd:46:2f:9a:
0c:3b:5a:35:04:f5:7b:89:da:b4:1f:30:32:91:14:7b:e9:16:
94:33:38:c0
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIEC7NYkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWI1MzQ0Mzc1MDM2Njg4MTVhZGQ5M2NkMTdkMGFkM2UxYjFhODc3MB4XDTIyMDEx
MzA3MzU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjVmOTYxOWI5ZDM4
MWI3ZmI5Yzk2YmQyNDMzNmIzYTk4MjlmMzY4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK36CRj2eA3JU/7+Tl78BANqQgDWQiWZpedbc9jexS5xtlr5
N0DOFAV8IgWapX160FGcMlENLrSWrpPBaNrudgxLjHq6BWW1WLHOp7BpjFhxBxDx
gJi/LIa9/UoD6JJ6Ud4GcLUpYCi+dbqu31C7tqujUuj87QzyMXPU79nDZDlPPM40
S0JTd3VGALRwNMAXgXn9iGyfBnld4PQcuEVI+a/3GIS+34ku7XQdoookcjO04pKq
RbwLe0imMhkK1PI80/6N+wYiLKSpyjUC+rwShKgLUbmsSmpBnbhanZcscBpHflnS
9ndE4TN64ybWEcK26d6yekHTQ0F5ntkxKZzLi/8CAwEAAaOCAlMwggJPMB0GA1Ud
DgQWBBQl+WGbnTgbf7nJa9JDNrOpgp82jDAfBgNVHSMEGDAWgBRhtTRDdQNmiBWt
2TzRfQrT4bGodzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1liVTBRM1VEWm9nVnJkazgwWDBLMC1HeHFIYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvYzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8x
L0pmbGhtNTA0RzMtNXlXdlNRemF6cVlLZk5vdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
YzFhY2Q2LTIzMGEtNGUzNi1hNThmLWY1NTVlMmU2OGExMC8xL1liVTBRM1VEWm9n
VnJkazgwWDBLMC1HeHFIYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBp
BggrBgEFBQcBBwEB/wRaMFgwRwQCAAEwQQMDAT46AwQHPqYAAwQHPvoAAwMBUToD
AwFSrAMDAFKvAwMAV9MwCgMDAFfVAwMDV9ADAwCPsAMDAI+zAwQA2ZXYMA0EAgAC
MAcDBQAqAQOAMA0GCSqGSIb3DQEBCwUAA4IBAQAS/nx7OoFThr8qjBPaY58C7JB6
XU9Uiv8jrWtfseZl03RXkYaE1+NWX4NAlNULDEd6INZJQSim5ndPwsSJQdPT+W4i
WbZdM1WPbtgqb2mtxFs1iZuiMK3s3TpSu7qkmN/DmjvRnsFnit7inWqW79XufTwM
aIeQFqh7I+M04ds7AeWxy9aSfFzO5RCciNOS72CUKp6b0aD5BQ3kayYYtRxreDS8
M0ZmYxPAHdjTId3BZfROABlYWwdRDpgM96pmHUQ1ejGzTxe+7Y05YR7iz9lD/9gi
NjvVm9R5cmAkcWRl5J+z3Kqszs1GL5oMO1o1BPV7idq0HzAykRR76RaUMzjA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org