Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1A8-hvLPnomiCPNi01PVUVngQl4.roa
File: 1A8-hvLPnomiCPNi01PVUVngQl4.roa (raw, json)
Hash identifier: B8LPlRmACseVJZLCkjPBbYT1gkyWgJSPQe1elnikCtA=
Subject key identifier: D4:0F:3E:86:F2:CF:9E:89:A2:08:F3:62:D3:53:D5:51:59:E0:42:5E
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 018369B981D88D91AB170F6426CE008D9796
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1A8-hvLPnomiCPNi01PVUVngQl4.roa
Signing time: Fri 23 Sep 2022 09:41:48 +0000
ROA not before: Fri 23 Sep 2022 09:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
193.164.2.0/24 maxlen: 24
193.164.2.0/23 maxlen: 23
185.45.180.0/22 maxlen: 24
193.148.6.0/23 maxlen: 24
193.161.254.0/23 maxlen: 23
91.221.146.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:69:b9:81:d8:8d:91:ab:17:0f:64:26:ce:00:8d:97:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Sep 23 09:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d40f3e86f2cf9e89a208f362d353d55159e0425e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:22:f7:63:a1:f1:cc:2a:1a:77:e2:a7:1b:f7:
fb:ae:ce:53:16:be:65:cb:67:12:b3:c1:96:ad:21:
0b:38:fb:9c:79:30:4f:7e:ea:96:85:d7:23:0c:8e:
5b:2f:1b:f9:e2:09:d5:99:01:eb:e3:68:e6:fa:52:
e4:4c:e5:80:05:24:58:e2:51:5f:33:48:ff:21:72:
5e:69:a0:cd:f7:7a:73:23:57:97:35:f0:67:6f:be:
92:78:68:42:56:a3:2b:01:df:7c:3d:eb:b4:87:75:
74:b1:cc:43:61:d9:f2:9d:3d:10:a2:5e:ef:3f:d2:
59:2c:2e:1a:7e:98:ac:74:2d:ec:54:5e:93:61:ab:
09:b4:19:4d:10:61:44:35:5d:a6:bb:31:e4:4c:29:
47:3b:34:99:80:4d:cf:c1:94:c8:b5:86:30:99:0b:
b4:3c:23:cd:53:c8:34:df:48:82:67:d4:4c:1a:b5:
52:25:9f:97:68:06:9b:d0:52:52:20:4d:a8:be:a0:
ed:ac:a8:1a:af:97:99:8a:40:ef:96:a4:3c:eb:67:
f5:a4:15:04:f0:8d:96:70:03:1e:8b:15:75:52:3f:
19:6b:84:95:94:0e:b1:71:f6:3a:2d:32:f8:df:76:
60:e7:32:e8:59:3d:48:58:30:1b:7c:c0:fe:53:e8:
35:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0F:3E:86:F2:CF:9E:89:A2:08:F3:62:D3:53:D5:51:59:E0:42:5E
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1A8-hvLPnomiCPNi01PVUVngQl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.146.0/23
185.45.180.0/22
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
Signature Algorithm: sha256WithRSAEncryption
03:0a:2a:27:c3:15:92:d1:32:93:d9:79:ed:ff:45:5a:66:aa:
d9:06:62:03:eb:e7:35:7b:9f:7f:66:d9:17:ed:42:58:42:79:
4b:90:ee:7d:7f:54:94:c1:29:e5:55:af:46:4a:c6:f4:92:ea:
9e:be:d9:5b:54:fe:5c:0b:72:3e:16:75:bc:44:91:ab:65:36:
fa:9e:17:9f:b4:2c:7b:75:2a:fb:00:67:b6:8e:91:56:11:30:
1c:45:9d:fc:d7:a5:2c:d4:14:fb:32:6c:75:3f:4e:dd:95:5a:
4f:6b:df:78:f2:be:cd:36:54:5b:19:2b:fb:db:ea:f3:b9:26:
6a:28:65:c1:bd:ed:49:d2:fa:67:61:09:1d:a8:33:1a:67:63:
c1:3b:4c:25:4b:58:d9:4d:eb:6f:0e:fb:c7:eb:22:e4:67:44:
ab:86:9d:0d:0d:cb:fe:f5:7d:c1:dc:81:f7:ba:3e:6c:86:23:
f0:95:90:b2:7f:5e:21:08:12:e8:9a:4d:72:03:1a:d1:60:82:
c9:1e:54:a4:a0:e1:43:e1:ea:00:54:79:a9:ff:63:22:33:9e:
af:c5:cc:92:5c:7a:7c:8b:8f:b0:61:31:02:4e:63:77:aa:92:
a2:d0:18:d0:25:a4:4c:c4:a9:8a:a6:0c:5e:f3:fe:15:29:38:
6a:b8:67:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYNpuYHYjZGrFw9kJs4AjZeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjIwOTIzMDk0MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDBmM2U4NmYyY2Y5ZTg5YTIwOGYzNjJkMzUzZDU1MTU5ZTA0MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyL3Y6HxzCoad+KnG/f7rs5TFr5l
y2cSs8GWrSELOPuceTBPfuqWhdcjDI5bLxv54gnVmQHr42jm+lLkTOWABSRY4lFf
M0j/IXJeaaDN93pzI1eXNfBnb76SeGhCVqMrAd98Peu0h3V0scxDYdnynT0Qol7v
P9JZLC4afpisdC3sVF6TYasJtBlNEGFENV2muzHkTClHOzSZgE3PwZTItYYwmQu0
PCPNU8g030iCZ9RMGrVSJZ+XaAab0FJSIE2ovqDtrKgar5eZikDvlqQ862f1pBUE
8I2WcAMeixV1Uj8Za4SVlA6xcfY6LTL433Zg5zLoWT1IWDAbfMD+U+g1GwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNQPPobyz56JogjzYtNT1VFZ4EJeMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xLzFBOC1odkxQbm9taUNQTmkwMVBWVVZuZ1FsNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAFb3ZID
BAK5LbQDBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIwDQYJKoZIhvcNAQELBQADggEB
AAMKKifDFZLRMpPZee3/RVpmqtkGYgPr5zV7n39m2RftQlhCeUuQ7n1/VJTBKeVV
r0ZKxvSS6p6+2VtU/lwLcj4WdbxEkatlNvqeF5+0LHt1KvsAZ7aOkVYRMBxFnfzX
pSzUFPsybHU/Tt2VWk9r33jyvs02VFsZK/vb6vO5JmooZcG97UnS+mdhCR2oMxpn
Y8E7TCVLWNlN628O+8frIuRnRKuGnQ0Ny/71fcHcgfe6PmyGI/CVkLJ/XiEIEuia
TXIDGtFggskeVKSg4UPh6gBUean/YyIznq/FzJJcenyLj7BhMQJOY3eqkqLQGNAl
pEzEqYqmDF7z/hUpOGq4Z3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:12 2024 by rpki-client on console-fra.rpki-client.org