Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/JQP0CuF79bQ6Hxuwq4EYShJt7u8.roa
File: JQP0CuF79bQ6Hxuwq4EYShJt7u8.roa (raw, json)
Hash identifier: 6iGjPtPtrstzQubx3+ChIwBjq9WjaMBGolt6n65vpXc=
Subject key identifier: 25:03:F4:0A:E1:7B:F5:B4:3A:1F:1B:B0:AB:81:18:4A:12:6D:EE:EF
Certificate issuer: /CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Certificate serial: 09CE94
Authority key identifier: B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/JQP0CuF79bQ6Hxuwq4EYShJt7u8.roa
Signing time: Wed 16 Feb 2022 09:07:07 +0000
ROA not before: Wed 16 Feb 2022 09:07:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35019
IP address blocks: 85.158.133.0/24 maxlen: 24
85.158.134.0/24 maxlen: 24
85.158.135.0/24 maxlen: 24
185.156.239.0/24 maxlen: 24
185.156.238.0/24 maxlen: 24
185.156.236.0/24 maxlen: 24
185.156.237.0/24 maxlen: 24
85.158.132.0/24 maxlen: 24
85.158.131.0/24 maxlen: 24
85.158.129.0/24 maxlen: 24
85.158.128.0/21 maxlen: 21
85.158.130.0/24 maxlen: 24
85.158.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 642708 (0x9ce94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6cf4e57cbc15ce4ecef44f50e5b8592fbeeeea0
Validity
Not Before: Feb 16 09:07:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2503f40ae17bf5b43a1f1bb0ab81184a126deeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d6:04:08:d8:6c:94:63:93:33:73:28:aa:6c:
94:66:1b:b6:3e:93:28:96:2c:e8:22:bb:89:fc:21:
31:c2:e0:fb:a3:3a:a4:0f:05:24:5a:f8:16:3e:6f:
47:c7:94:c4:24:6d:07:c6:ad:d8:a7:4d:06:54:ee:
c5:c1:ab:2c:1e:55:42:83:78:34:84:6b:ca:05:69:
29:f7:00:7e:b9:a9:11:6c:be:05:3f:e3:80:2a:80:
5c:35:67:7d:fd:6a:25:f1:34:83:41:fd:02:8c:41:
76:83:84:45:27:e0:f1:c4:81:d7:9b:2b:66:9d:86:
16:a1:d9:12:86:1d:7a:2b:9e:21:0a:ea:6d:d8:75:
1e:b6:d0:54:35:b6:a3:73:df:6b:bd:f2:ff:ef:48:
fd:73:f1:93:df:dc:be:8c:4f:9d:88:7d:0a:b6:db:
21:49:49:96:6e:2e:e5:ab:42:41:75:50:c7:94:d5:
e9:f8:36:74:15:58:c2:60:5d:17:38:0e:71:54:c2:
31:74:50:3f:b4:f6:0b:b0:92:42:a4:e4:b3:c1:98:
bf:ed:68:0f:60:6e:ca:1b:b9:28:74:fd:f3:08:8a:
d4:fe:38:b6:fa:46:74:2a:cc:0c:29:86:13:00:f0:
b5:f6:d4:87:e0:45:d6:4b:a4:c0:3d:b1:96:bd:d4:
3f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:03:F4:0A:E1:7B:F5:B4:3A:1F:1B:B0:AB:81:18:4A:12:6D:EE:EF
X509v3 Authority Key Identifier:
keyid:B6:CF:4E:57:CB:C1:5C:E4:EC:EF:44:F5:0E:5B:85:92:FB:EE:EE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ts9OV8vBXOTs70T1DluFkvvu7qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/JQP0CuF79bQ6Hxuwq4EYShJt7u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/4e897f-e435-4715-a3c5-85be425d3199/1/ts9OV8vBXOTs70T1DluFkvvu7qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.128.0/21
185.156.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:8f:05:44:2b:e7:a6:fc:f8:cb:b4:b2:2f:20:f2:a5:c0:e2:
20:55:ba:d2:b3:3b:dd:ea:63:a3:fc:e7:61:92:76:bb:60:18:
ca:b0:c5:b9:29:3a:f9:94:41:0b:31:f2:3d:1f:47:ed:5a:46:
12:c2:bb:e8:df:6b:04:1b:f0:7b:00:b8:32:d6:98:04:0f:87:
46:b6:47:02:d2:5a:99:3b:fb:11:f0:83:1b:1f:23:4a:c4:f5:
c4:6c:13:c6:fb:3c:34:b1:45:79:47:d2:4c:c6:e5:f3:0a:fd:
8f:dd:39:2d:53:04:24:cc:eb:b3:fa:fc:7a:64:32:22:99:c0:
28:77:01:f2:d9:00:37:3b:69:00:d5:06:01:9c:43:1d:7e:5b:
dd:09:e2:98:ea:5a:d7:93:19:c6:9a:a7:5d:4e:66:39:6b:f3:
e3:d6:13:40:36:86:b6:6e:ac:06:84:be:4c:b9:8a:7c:d6:9b:
e3:7d:48:58:2d:70:c2:3f:6a:9c:f4:17:a0:62:3d:6e:f7:a4:
e7:36:da:0e:38:28:2e:3e:47:77:de:4d:97:04:76:48:c9:d6:
96:d8:ff:2b:ae:1a:9f:93:35:e9:f5:73:be:c1:c6:c2:d9:41:
d9:bf:d0:21:0e:c2:cc:4d:f2:91:07:5c:88:67:79:fd:b7:69:
d7:12:f6:2d
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDCc6UMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI2
Y2Y0ZTU3Y2JjMTVjZTRlY2VmNDRmNTBlNWI4NTkyZmJlZWVlYTAwHhcNMjIwMjE2
MDkwNzA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyNTAzZjQwYWUxN2Jm
NWI0M2ExZjFiYjBhYjgxMTg0YTEyNmRlZWVmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuNYECNhslGOTM3MoqmyUZhu2PpMolizoIruJ/CExwuD7ozqk
DwUkWvgWPm9Hx5TEJG0Hxq3Yp00GVO7FwassHlVCg3g0hGvKBWkp9wB+uakRbL4F
P+OAKoBcNWd9/Wol8TSDQf0CjEF2g4RFJ+DxxIHXmytmnYYWodkShh16K54hCupt
2HUettBUNbajc99rvfL/70j9c/GT39y+jE+diH0KttshSUmWbi7lq0JBdVDHlNXp
+DZ0FVjCYF0XOA5xVMIxdFA/tPYLsJJCpOSzwZi/7WgPYG7KG7kodP3zCIrU/ji2
+kZ0KswMKYYTAPC19tSH4EXWS6TAPbGWvdQ/mwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFCUD9Arhe/W0Oh8bsKuBGEoSbe7vMB8GA1UdIwQYMBaAFLbPTlfLwVzk7O9E
9Q5bhZL77u6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dHM5T1Y4dkJYT1RzNzBUMURsdUZrdnZ1N3FBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wNy80ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5LzEv
SlFQMEN1Rjc5YlE2SHh1d3E0RVlTaEp0N3U4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80
ZTg5N2YtZTQzNS00NzE1LWEzYzUtODViZTQyNWQzMTk5LzEvdHM5T1Y4dkJYT1Rz
NzBUMURsdUZrdnZ1N3FBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ6AAwQCuZzsMA0GCSqGSIb3DQEB
CwUAA4IBAQAcjwVEK+em/PjLtLIvIPKlwOIgVbrSszvd6mOj/Odhkna7YBjKsMW5
KTr5lEELMfI9H0ftWkYSwrvo32sEG/B7ALgy1pgED4dGtkcC0lqZO/sR8IMbHyNK
xPXEbBPG+zw0sUV5R9JMxuXzCv2P3TktUwQkzOuz+vx6ZDIimcAodwHy2QA3O2kA
1QYBnEMdflvdCeKY6lrXkxnGmqddTmY5a/Pj1hNANoa2bqwGhL5MuYp81pvjfUhY
LXDCP2qc9BegYj1u96TnNtoOOCguPkd33k2XBHZIydaW2P8rrhqfkzXp9XO+wcbC
2UHZv9AhDsLMTfKRB1yIZ3n9t2nXEvYt
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:33 2023 by rpki-client on console.sobornost.net