Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/8Nxf_L8rof4r9OZbmiB3Ohk69-M.roa
File: 8Nxf_L8rof4r9OZbmiB3Ohk69-M.roa (raw, json)
Hash identifier: IQSz3kFlZ6DxVZyw7W+51vxQ4L7/cG6/rBVv0RoT8Fg=
Subject key identifier: F0:DC:5F:FC:BF:2B:A1:FE:2B:F4:E6:5B:9A:20:77:3A:19:3A:F7:E3
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 1AADB9EA
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/8Nxf_L8rof4r9OZbmiB3Ohk69-M.roa
Signing time: Sat 01 Jan 2022 12:02:41 +0000
ROA not before: Sat 01 Jan 2022 12:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 185.135.212.0/22 maxlen: 24
45.43.88.0/22 maxlen: 24
198.105.96.0/22 maxlen: 24
198.105.104.0/22 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.113.0/24 maxlen: 24
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 24
155.254.50.0/23 maxlen: 24
155.254.52.0/22 maxlen: 24
155.254.56.0/22 maxlen: 24
45.43.92.0/22 maxlen: 24
185.53.131.0/24 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
107.181.137.0/24 maxlen: 24
107.181.156.0/22 maxlen: 22
91.210.64.0/22 maxlen: 24
103.206.232.0/22 maxlen: 24
94.177.5.0/24 maxlen: 24
43.239.88.0/22 maxlen: 22
87.239.252.0/23 maxlen: 24
2a02:2ca0::/32 maxlen: 32
2a07:9942:39d8::/48 maxlen: 48
2a07:9942:39d9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447592938 (0x1aadb9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jan 1 12:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0dc5ffcbf2ba1fe2bf4e65b9a20773a193af7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:15:a1:8b:0e:6d:9a:43:51:1e:b6:c3:be:
9d:cb:72:46:dd:17:da:5c:85:b7:e5:2d:09:6d:85:
1c:3a:95:75:c4:0c:a5:2a:25:84:03:6b:c5:85:cb:
f3:d1:9b:36:ce:e8:36:56:04:d9:90:f9:a5:b9:40:
55:37:61:5a:f8:e3:5f:81:28:d9:1a:b7:a2:16:b0:
d3:4f:21:09:cc:28:45:36:12:09:2f:0e:ed:e5:17:
c7:bd:f6:92:5c:74:79:30:67:26:a8:0e:05:62:9a:
46:47:0d:56:f8:63:91:79:2a:03:03:38:b7:4a:0a:
13:5d:44:cc:57:5c:ad:b7:9a:ed:3a:f3:87:40:0d:
c1:c1:01:75:75:d5:f6:33:6e:4b:a1:cd:23:ad:7b:
cd:39:98:d2:bd:7b:a8:b5:1c:d4:64:4c:62:56:d5:
24:40:d6:6d:39:66:61:66:ef:2e:0b:bb:12:18:1e:
63:18:00:6b:07:8f:a8:50:db:a1:b4:66:36:1f:4d:
a3:3a:3f:99:f7:3e:e0:a5:bd:ed:6e:36:4e:c6:bf:
cb:95:7c:d6:48:ba:fc:b0:1a:b6:fb:d3:f1:6d:3f:
6b:5e:5b:9d:97:c4:e1:a1:a6:59:5b:38:b1:7b:d0:
26:78:a6:ed:23:df:87:d7:b5:60:9a:c8:65:de:41:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DC:5F:FC:BF:2B:A1:FE:2B:F4:E6:5B:9A:20:77:3A:19:3A:F7:E3
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/8Nxf_L8rof4r9OZbmiB3Ohk69-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
45.43.88.0/21
87.239.252.0/23
91.210.64.0/22
94.177.5.0/24
103.206.232.0/22
107.181.137.0/24
107.181.156.0/22
155.254.40.0/21
155.254.50.0-155.254.59.255
185.53.128.0/22
185.83.216.0/22
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
198.105.112.0/22
IPv6:
2a02:2ca0::/32
2a07:9942:39d8::/47
Signature Algorithm: sha256WithRSAEncryption
0f:ba:34:b3:d2:72:0c:9d:3b:79:a8:1f:93:44:b9:61:fc:28:
a6:a8:90:84:0b:e6:71:70:b0:8f:a0:4d:1f:5a:46:01:41:41:
ea:60:6f:42:fc:32:2c:41:54:4e:70:9b:bd:e8:56:8e:c1:25:
da:91:a0:56:04:5a:5b:ce:a6:14:a4:98:47:c2:36:50:c0:e2:
9d:10:cf:e6:3d:20:53:a7:26:92:e2:d3:ee:ad:5d:fd:3b:d5:
f5:2f:c4:bf:70:6b:1d:33:26:12:32:7c:fd:f7:46:9b:dc:cd:
5a:e7:5f:27:2c:de:5f:ab:f1:08:0d:7a:87:bb:c7:34:50:d4:
0d:c8:fd:67:7b:4a:9b:ed:04:5e:6c:67:78:27:bc:36:1f:7e:
d3:b9:e1:61:82:98:b1:03:99:3b:10:33:c8:b4:aa:2e:9a:e9:
63:cb:cd:a9:69:1f:f2:da:f9:ff:13:c9:ad:48:98:49:2c:e0:
d3:6d:2e:b4:c8:3f:94:a9:14:ac:dc:0d:8c:13:ae:f8:d9:19:
ac:9a:5f:54:99:23:0d:e1:ef:11:2d:36:77:0f:ef:fa:df:22:
43:3c:fe:38:b6:96:26:f3:0f:4f:04:b6:ad:99:a1:2a:f2:7f:
fa:56:18:36:cb:f6:06:fc:a4:af:a5:7c:98:d0:23:66:03:6b:
e8:0a:fc:f5
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIEGq256jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzU0YzM0N2Q2OGQxNTQ5M2RlNzFiYjk2MmYwYTU2N2UxMzRkNjAzMB4XDTIyMDEw
MTEyMDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBkYzVmZmNiZjJi
YTFmZTJiZjRlNjViOWEyMDc3M2ExOTNhZjdlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPdFaGLDm2aQ1EetsO+nctyRt0X2lyFt+UtCW2FHDqVdcQM
pSolhANrxYXL89GbNs7oNlYE2ZD5pblAVTdhWvjjX4Eo2Rq3ohaw008hCcwoRTYS
CS8O7eUXx732klx0eTBnJqgOBWKaRkcNVvhjkXkqAwM4t0oKE11EzFdcrbea7Trz
h0ANwcEBdXXV9jNuS6HNI617zTmY0r17qLUc1GRMYlbVJEDWbTlmYWbvLgu7Ehge
YxgAawePqFDbobRmNh9Nozo/mfc+4KW97W42Tsa/y5V81ki6/LAatvvT8W0/a15b
nZfE4aGmWVs4sXvQJnim7SPfh9e1YJrIZd5BKIECAwEAAaOCAoYwggKCMB0GA1Ud
DgQWBBTw3F/8vyuh/iv05luaIHc6GTr34zAfBgNVHSMEGDAWgBTnVMNH1o0VST3n
G7li8KVn4TTWAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUxVERSOWFORlVrOTV4dTVZdkNsWi1FMDFnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8x
LzhOeGZfTDhyb2Y0cjlPWmJtaUIzT2hrNjktTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NDZkYjNhLWE1NzMtNGYyOC1iNDNiLTM3YjYyZDIyMzkyNC8xLzUxVERSOWFORlVr
OTV4dTVZdkNsWi1FMDFnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mwYIKwYBBQUHAQcBAf8EgYswgYgwbgQCAAEwaAMEAivvWAMEAy0rWAMEAVfv/AME
AlvSQAMEAF6xBQMEAmfO6AMEAGu1iQMEAmu1nAMEA5v+KDAMAwQBm/4yAwQCm/44
AwQCuTWAAwQCuVPYAwQCuYfUAwQCxmlgAwQCxmloAwQCxmlwMBYEAgACMBADBQAq
AiygAwcBKgeZQjnYMA0GCSqGSIb3DQEBCwUAA4IBAQAPujSz0nIMnTt5qB+TRLlh
/CimqJCEC+ZxcLCPoE0fWkYBQUHqYG9C/DIsQVROcJu96FaOwSXakaBWBFpbzqYU
pJhHwjZQwOKdEM/mPSBTpyaS4tPurV39O9X1L8S/cGsdMyYSMnz990ab3M1a518n
LN5fq/EIDXqHu8c0UNQNyP1ne0qb7QRebGd4J7w2H37TueFhgpixA5k7EDPItKou
muljy82paR/y2vn/E8mtSJhJLODTbS60yD+UqRSs3A2ME6742Rmsml9UmSMN4e8R
LTZ3D+/63yJDPP44tpYm8w9PBLatmaEq8n/6Vhg2y/YG/KSvpXyY0CNmA2voCvz1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:13 2023 by rpki-client on console-ams.rpki-client.org