Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JnziCZKcTtd4KqFQqyX_RrQSBGM.roa
File: JnziCZKcTtd4KqFQqyX_RrQSBGM.roa (raw, json)
Hash identifier: GoFFHVNlyShiyqxtuauFvrP/rD8jWuYXzGtFoNFkoew=
Subject key identifier: 26:7C:E2:09:92:9C:4E:D7:78:2A:A1:50:AB:25:FF:46:B4:12:04:63
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 01843886CEEC1A56B1A2C1222BB449695FC6
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JnziCZKcTtd4KqFQqyX_RrQSBGM.roa
Signing time: Wed 02 Nov 2022 13:27:49 +0000
ROA not before: Wed 02 Nov 2022 13:27:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50818
IP address blocks: 82.196.16.0/22 maxlen: 24
82.196.20.0/24 maxlen: 24
82.196.20.0/22 maxlen: 22
185.20.42.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:86:ce:ec:1a:56:b1:a2:c1:22:2b:b4:49:69:5f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Nov 2 13:27:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=267ce209929c4ed7782aa150ab25ff46b4120463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:89:6a:ef:f9:50:61:4d:dc:bc:66:61:23:8f:
4b:4e:99:16:f6:fe:fe:e5:f8:cd:c1:c6:bc:b4:1c:
24:b0:00:d3:c2:61:c2:43:b5:5f:90:73:00:bf:a5:
7e:21:f9:32:05:7d:f8:8e:ba:01:8a:60:eb:67:1b:
99:5a:c6:38:05:f0:70:be:fa:1a:cb:e9:b9:89:e0:
b2:02:f1:b1:b1:60:f5:82:9f:20:d9:6e:bb:1a:b5:
bf:0b:b7:ac:f6:da:ec:c5:11:4b:2b:55:3e:83:47:
60:b8:44:ae:28:20:76:7a:a4:21:73:97:74:0e:4b:
70:ab:f5:3e:05:4b:4f:f6:cf:cc:00:05:07:5d:16:
18:12:70:77:c8:75:6a:32:46:ed:d4:70:fc:df:dd:
fd:5f:39:ca:37:ae:97:51:a2:f7:8a:b8:7d:09:dd:
a9:5d:06:0a:95:02:62:3b:2c:af:f2:d8:97:04:15:
ce:f6:f9:30:a7:a0:3e:e6:35:01:73:2e:b2:1e:b4:
d9:08:59:a4:0f:f3:8c:30:8f:6e:2b:70:6e:f5:96:
23:55:8a:63:26:13:5d:08:3b:b2:40:d8:5a:ba:6e:
1f:75:d5:90:70:51:69:32:36:00:ff:d0:d1:9a:01:
73:dd:59:f6:83:06:fb:28:57:5d:bd:0e:c7:7c:51:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7C:E2:09:92:9C:4E:D7:78:2A:A1:50:AB:25:FF:46:B4:12:04:63
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/JnziCZKcTtd4KqFQqyX_RrQSBGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
185.20.42.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
4f:e8:b0:17:de:76:4c:61:d3:bf:6a:f8:ab:bc:3a:cc:5a:ee:
fc:00:46:d9:08:6e:30:42:1f:93:04:0b:1e:7a:bb:c0:e9:1e:
87:1a:52:e2:bd:4c:22:f3:d7:77:4b:05:17:09:6f:5d:cd:84:
d0:57:50:3e:1e:ba:db:e6:86:24:76:aa:47:b3:0a:0d:0b:54:
3c:ee:e8:f1:5d:b2:85:87:d0:1a:6e:17:40:3c:4f:11:f0:fe:
ef:67:14:7b:a3:3e:d1:05:0b:f5:7c:a1:8f:c0:d3:f7:a6:2f:
8c:de:67:82:48:1d:57:0e:0a:54:d9:a0:cf:d7:43:39:10:7a:
8c:d1:7b:2c:f4:6e:26:37:69:08:d2:b9:0e:25:c0:df:3e:15:
c3:0d:23:fc:62:b4:d6:3b:ec:0e:b5:84:ba:05:4e:b2:92:f6:
91:82:ef:a2:81:d0:d8:bf:3a:24:f2:e3:8f:5e:86:48:06:d1:
2c:9b:b7:e4:c8:a3:78:fa:00:43:e9:78:bc:2f:51:05:58:60:
08:fb:8e:01:84:5b:64:99:63:61:a7:3b:d0:94:93:b6:b9:e0:
91:09:7d:3e:e8:3c:e1:2c:54:1f:2a:6b:ff:87:c9:5c:7e:f8:
4d:cf:51:18:0e:3d:3c:71:72:ea:8e:1e:d7:7d:44:46:fa:b6:
43:83:d4:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQ4hs7sGlaxosEiK7RJaV/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjIxMTAyMTMyNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjdjZTIwOTkyOWM0ZWQ3NzgyYWExNTBhYjI1ZmY0NmI0MTIwNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYlq7/lQYU3cvGZhI49LTpkW9v7+
5fjNwca8tBwksADTwmHCQ7VfkHMAv6V+IfkyBX34jroBimDrZxuZWsY4BfBwvvoa
y+m5ieCyAvGxsWD1gp8g2W67GrW/C7es9trsxRFLK1U+g0dguESuKCB2eqQhc5d0
Dktwq/U+BUtP9s/MAAUHXRYYEnB3yHVqMkbt1HD83939XznKN66XUaL3irh9Cd2p
XQYKlQJiOyyv8tiXBBXO9vkwp6A+5jUBcy6yHrTZCFmkD/OMMI9uK3Bu9ZYjVYpj
JhNdCDuyQNhaum4fddWQcFFpMjYA/9DRmgFz3Vn2gwb7KFddvQ7HfFEIrQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCZ84gmSnE7XeCqhUKsl/0a0EgRjMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvSm56aUNaS2NUdGQ0S3FGUXF5WF9SclFTQkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDUsQQAwQA
uRQqMA0EAgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IBAQBP6LAX3nZMYdO/
avirvDrMWu78AEbZCG4wQh+TBAseervA6R6HGlLivUwi89d3SwUXCW9dzYTQV1A+
Hrrb5oYkdqpHswoNC1Q87ujxXbKFh9AabhdAPE8R8P7vZxR7oz7RBQv1fKGPwNP3
pi+M3meCSB1XDgpU2aDP10M5EHqM0Xss9G4mN2kI0rkOJcDfPhXDDSP8YrTWO+wO
tYS6BU6ykvaRgu+igdDYvzok8uOPXoZIBtEsm7fkyKN4+gBD6Xi8L1EFWGAI+44B
hFtkmWNhpzvQlJO2ueCRCX0+6DzhLFQfKmv/h8lcfvhNz1EYDj08cXLqjh7XfURG
+rZDg9Rg
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:23 2023 by rpki-client on console.sobornost.net