Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SH8IvPpXXRmgCjHoYBW7AV9lSbM.roa
File: SH8IvPpXXRmgCjHoYBW7AV9lSbM.roa (raw, json)
Hash identifier: Nqf+6RnZ2RTzAfxiAYwpcdYkOIgEF9LNPqK7c0ngAX0=
Subject key identifier: 48:7F:08:BC:FA:57:5D:19:A0:0A:31:E8:60:15:BB:01:5F:65:49:B3
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01842ECA3278C8A296E5F92A93BB30C6DD82
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SH8IvPpXXRmgCjHoYBW7AV9lSbM.roa
Signing time: Mon 31 Oct 2022 16:05:13 +0000
ROA not before: Mon 31 Oct 2022 16:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
62.182.32.0/23 maxlen: 23
62.182.34.0/23 maxlen: 23
139.28.240.0/23 maxlen: 23
139.28.242.0/23 maxlen: 23
5.133.100.0/23 maxlen: 23
5.133.102.0/23 maxlen: 23
31.40.204.0/23 maxlen: 23
31.40.206.0/23 maxlen: 23
212.107.4.0/23 maxlen: 23
212.107.6.0/23 maxlen: 23
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
139.28.212.0/22 maxlen: 22
92.249.62.0/23 maxlen: 23
92.249.60.0/23 maxlen: 23
193.187.108.0/22 maxlen: 22
176.53.156.0/23 maxlen: 23
176.53.158.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:ca:32:78:c8:a2:96:e5:f9:2a:93:bb:30:c6:dd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 31 16:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=487f08bcfa575d19a00a31e86015bb015f6549b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1a:7d:6f:d4:f4:e0:60:2d:78:09:fc:71:34:
a7:43:06:77:22:e8:6c:30:4d:ba:b0:d2:86:75:5d:
d2:86:46:ec:f8:57:5a:9e:8c:fe:a7:a6:11:32:96:
2b:bb:ee:92:07:45:eb:b6:94:2c:7c:8c:91:3a:87:
b5:69:04:ef:d0:7c:84:1e:6d:35:d7:b8:58:38:65:
dc:39:58:12:4b:d4:95:14:89:d3:e5:45:55:09:3d:
0e:48:dd:00:2b:f9:7a:d5:85:77:f9:b4:dd:42:71:
a3:89:31:51:70:73:40:fd:59:8f:0a:f2:87:e7:74:
3c:0f:57:cf:d0:49:43:82:fd:5e:1c:94:c8:4b:a0:
e5:48:3f:5f:17:10:b0:1e:6e:53:c9:da:35:a3:cd:
b9:7b:eb:63:a5:58:70:8c:9e:79:2e:9c:85:cf:bd:
b2:06:6a:84:8b:8d:aa:81:6d:ea:b9:b7:73:57:3e:
5a:68:a4:07:25:28:ad:86:57:6f:52:a6:3b:17:a3:
a7:ca:f9:1f:b7:33:0c:6f:38:6c:97:30:12:68:68:
6a:47:59:1c:3b:95:43:08:96:83:22:9e:4b:b1:e7:
34:68:e4:89:d7:c9:6e:3c:35:66:22:4d:66:bf:e5:
68:af:ac:03:b2:a7:d5:15:a8:f5:0a:9c:e7:9c:84:
1f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7F:08:BC:FA:57:5D:19:A0:0A:31:E8:60:15:BB:01:5F:65:49:B3
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/SH8IvPpXXRmgCjHoYBW7AV9lSbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
62.182.32.0/22
84.54.0.0/22
85.8.144.0/22
85.8.160.0/22
92.249.60.0/22
139.28.212.0/22
139.28.240.0/22
176.53.156.0/22
193.187.108.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:c4:75:da:5e:30:5e:da:37:64:c5:99:8e:74:7d:bc:17:34:
5b:15:30:e4:40:8e:28:87:c0:1c:99:c8:e0:e0:2d:ae:57:d0:
0c:c2:2f:d2:68:17:f0:a5:fc:69:7e:ed:e8:d0:db:28:cd:41:
83:ff:a8:64:2c:d1:4f:db:4d:37:49:7b:84:4d:53:b3:aa:af:
2b:e1:0c:4c:73:6a:45:e8:fc:8b:69:74:d4:eb:ec:7c:0b:d4:
69:f4:bc:46:ff:7f:b2:8d:70:77:c8:1f:ac:bf:e9:27:eb:bf:
c1:25:01:56:80:54:38:0b:c2:59:01:d0:8f:36:ae:58:b4:08:
ed:12:b4:9f:94:2f:10:ab:65:34:f6:d9:f0:c8:a6:86:ef:b5:
3b:1a:45:30:8b:b4:a0:1b:31:d8:4b:b7:37:53:3a:ca:65:e3:
f7:b3:ed:ee:25:c5:8f:db:5b:6e:57:c8:e4:9c:ec:7f:e3:82:
b1:81:4b:32:7c:b3:f9:99:e0:a8:23:69:4f:73:4a:44:ee:bc:
71:ca:6c:ee:e2:58:e4:38:68:e3:85:e9:9a:5d:8e:98:84:f1:
15:f4:f8:b0:83:3e:93:a6:08:18:01:41:47:ea:88:7e:f0:22:
31:50:ca:cc:31:da:76:c1:3c:5f:79:a9:d6:6a:f0:77:5c:03:
1a:11:80:3e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYQuyjJ4yKKW5fkqk7swxt2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjIxMDMxMTYwNTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODdmMDhiY2ZhNTc1ZDE5YTAwYTMxZTg2MDE1YmIwMTVmNjU0OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxp9b9T04GAteAn8cTSnQwZ3Iuhs
ME26sNKGdV3Shkbs+Fdanoz+p6YRMpYru+6SB0XrtpQsfIyROoe1aQTv0HyEHm01
17hYOGXcOVgSS9SVFInT5UVVCT0OSN0AK/l61YV3+bTdQnGjiTFRcHNA/VmPCvKH
53Q8D1fP0ElDgv1eHJTIS6DlSD9fFxCwHm5Tydo1o825e+tjpVhwjJ55LpyFz72y
BmqEi42qgW3qubdzVz5aaKQHJSithldvUqY7F6OnyvkftzMMbzhslzASaGhqR1kc
O5VDCJaDIp5Lsec0aOSJ18luPDVmIk1mv+Vor6wDsqfVFaj1CpznnIQf3QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEh/CLz6V10ZoAox6GAVuwFfZUmzMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvU0g4SXZQcFhYUm1nQ2pIb1lCVzdBVjlsU2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCBYVkAwQC
HyjMAwQCPrYgAwQCVDYAAwQCVQiQAwQCVQigAwQCXPk8AwQCixzUAwQCixzwAwQC
sDWcAwQCwbtsAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQDAxHXaXjBe2jdkxZmO
dH28FzRbFTDkQI4oh8Acmcjg4C2uV9AMwi/SaBfwpfxpfu3o0NsozUGD/6hkLNFP
2003SXuETVOzqq8r4QxMc2pF6PyLaXTU6+x8C9Rp9LxG/3+yjXB3yB+sv+kn67/B
JQFWgFQ4C8JZAdCPNq5YtAjtErSflC8Qq2U09tnwyKaG77U7GkUwi7SgGzHYS7c3
UzrKZeP3s+3uJcWP21tuV8jknOx/44KxgUsyfLP5meCoI2lPc0pE7rxxymzu4ljk
OGjjhemaXY6YhPEV9Piwgz6TpggYAUFH6oh+8CIxUMrMMdp2wTxfeanWavB3XAMa
EYA+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org