Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/A8a7vUgK6I5ys3BiYQOewU62SIY.roa
File: A8a7vUgK6I5ys3BiYQOewU62SIY.roa (raw, json)
Hash identifier: vHsTpvDRhmjwcm2Pno4KclAE+7a50r2MK6kEhSEtqP0=
Subject key identifier: 03:C6:BB:BD:48:0A:E8:8E:72:B3:70:62:61:03:9E:C1:4E:B6:48:86
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 018511C35A2E2149FAE37E7B47A7655ADCCF
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/A8a7vUgK6I5ys3BiYQOewU62SIY.roa
Signing time: Wed 14 Dec 2022 17:51:33 +0000
ROA not before: Wed 14 Dec 2022 17:51:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6881
IP address blocks: 194.50.100.0/24 maxlen: 32
185.1.34.0/24 maxlen: 32
91.207.230.0/23 maxlen: 23
91.207.234.0/23 maxlen: 23
195.47.235.0/24 maxlen: 32
91.210.16.0/22 maxlen: 32
194.30.187.0/24 maxlen: 32
93.190.128.0/21 maxlen: 32
2001:7f8:14::/48 maxlen: 128
2a02:38::/32 maxlen: 32
2001:7f8:91::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:11:c3:5a:2e:21:49:fa:e3:7e:7b:47:a7:65:5a:dc:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Dec 14 17:51:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03c6bbbd480ae88e72b3706261039ec14eb64886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2b:21:92:0b:b3:09:cc:db:59:a0:ea:5e:25:
ed:7a:f7:b1:fb:b0:83:a9:90:4b:dd:65:83:1c:2b:
7a:ee:43:01:de:47:a0:75:98:32:ba:20:2b:f5:ec:
81:1c:b2:69:96:c5:00:bf:7b:13:0d:bf:16:a9:6e:
70:09:c8:99:a8:87:c1:cf:af:ee:52:2a:4d:85:0b:
44:e7:2f:88:50:d5:b5:c9:eb:0a:4c:6d:c8:9f:af:
8d:04:d6:2b:39:73:8c:36:bc:10:67:82:c7:1f:97:
43:de:e3:22:46:75:56:07:50:8e:dc:22:6e:2a:b9:
48:76:80:f3:97:63:7c:74:ed:be:1e:b1:8d:ec:e4:
43:a1:8f:34:c7:81:7a:25:9e:24:a9:75:f7:0b:0a:
b2:46:5f:ba:8c:64:cd:4b:65:86:ea:79:35:73:be:
d8:4e:75:27:84:83:a1:54:ed:36:a3:22:36:59:e7:
0a:c8:76:34:3d:5b:4c:54:8b:a6:fc:69:6e:2d:89:
38:c1:8a:c0:c7:9f:4a:cf:b7:69:3f:48:17:e8:8a:
88:84:aa:e2:86:c3:06:73:c3:25:8b:93:f9:dc:02:
f0:58:d3:30:4c:32:5f:ed:25:06:df:21:4a:3d:11:
cf:98:a2:74:16:89:15:b3:31:8d:70:5b:f4:13:7d:
94:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C6:BB:BD:48:0A:E8:8E:72:B3:70:62:61:03:9E:C1:4E:B6:48:86
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/A8a7vUgK6I5ys3BiYQOewU62SIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
91.207.234.0/23
91.210.16.0/22
93.190.128.0/21
185.1.34.0/24
194.30.187.0/24
194.50.100.0/24
195.47.235.0/24
IPv6:
2001:7f8:14::/48
2001:7f8:91::/48
2a02:38::/32
Signature Algorithm: sha256WithRSAEncryption
96:5e:93:ab:c1:43:4b:a3:39:a0:de:0b:15:bb:77:80:b8:99:
6c:a9:25:03:37:ec:f5:15:37:34:f3:91:51:5a:6c:f0:eb:69:
15:ef:51:2a:f8:09:e5:2b:2f:8c:b6:4f:1c:71:d3:6f:5f:b0:
30:4a:98:7c:73:93:81:3f:2c:ad:07:e6:ec:24:fe:35:b8:62:
11:62:16:98:b8:47:a3:fc:88:20:6a:5e:7f:2e:1d:dc:6f:b3:
c1:a0:16:f5:48:ab:81:2c:26:72:18:c1:39:e6:4c:c2:ec:c9:
c1:28:4d:c4:0d:16:85:89:5c:01:27:01:ef:f9:5c:92:3e:9d:
e3:a2:19:6c:ce:36:a0:06:12:19:60:df:a2:a4:b5:ba:06:40:
e9:61:bd:d1:aa:bf:18:ba:9a:9e:a1:79:86:58:47:87:9e:2b:
e0:87:f9:73:3c:22:14:30:3c:7c:4d:85:4d:cc:96:09:f0:b9:
7a:a1:75:17:e7:2c:24:c2:81:a8:62:b9:da:0e:2f:49:b4:6f:
b0:98:50:14:75:eb:3e:75:8d:42:86:f0:dd:71:9c:8b:dd:88:
61:c9:71:72:78:bd:fd:66:90:a6:7c:3f:75:b6:5b:51:9e:f7:
01:58:5c:d9:88:6f:7d:94:a5:fd:63:58:17:2b:6f:d5:d2:7b:
5e:29:0d:70
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYURw1ouIUn64357R6dlWtzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTA5ZGE2NjJmOWQzMDJmZmYyYzVjNGI0YWZiOGY5NDdm
ZWMxYzAwHhcNMjIxMjE0MTc1MTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2M2YmJiZDQ4MGFlODhlNzJiMzcwNjI2MTAzOWVjMTRlYjY0ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSshkguzCczbWaDqXiXtevex+7CD
qZBL3WWDHCt67kMB3kegdZgyuiAr9eyBHLJplsUAv3sTDb8WqW5wCciZqIfBz6/u
UipNhQtE5y+IUNW1yesKTG3In6+NBNYrOXOMNrwQZ4LHH5dD3uMiRnVWB1CO3CJu
KrlIdoDzl2N8dO2+HrGN7ORDoY80x4F6JZ4kqXX3CwqyRl+6jGTNS2WG6nk1c77Y
TnUnhIOhVO02oyI2WecKyHY0PVtMVIum/GluLYk4wYrAx59Kz7dpP0gX6IqIhKri
hsMGc8Mli5P53ALwWNMwTDJf7SUG3yFKPRHPmKJ0FokVszGNcFv0E32UgwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFAPGu71ICuiOcrNwYmEDnsFOtkiGMB8GA1UdIwQY
MBaAFCkQnaZi+dMC//LFxLSvuPlH/sHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzct
ZjRmYjVjODgwNTA5LzEvQThhN3ZVZ0s2STV5czNCaVlRT2V3VTYyU0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzctZjRmYjVjODgwNTA5
LzEvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTA2BAIAATAwAwQBW8/mAwQB
W8/qAwQCW9IQAwQDXb6AAwQAuQEiAwQAwh67AwQAwjJkAwQAwy/rMB8EAgACMBkD
BwAgAQf4ABQDBwAgAQf4AJEDBQAqAgA4MA0GCSqGSIb3DQEBCwUAA4IBAQCWXpOr
wUNLozmg3gsVu3eAuJlsqSUDN+z1FTc085FRWmzw62kV71Eq+AnlKy+Mtk8ccdNv
X7AwSph8c5OBPyytB+bsJP41uGIRYhaYuEej/Iggal5/Lh3cb7PBoBb1SKuBLCZy
GME55kzC7MnBKE3EDRaFiVwBJwHv+VySPp3johlszjagBhIZYN+ipLW6BkDpYb3R
qr8YupqeoXmGWEeHnivgh/lzPCIUMDx8TYVNzJYJ8Ll6oXUX5ywkwoGoYrnaDi9J
tG+wmFAUdes+dY1ChvDdcZyL3YhhyXFyeL39ZpCmfD91tltRnvcBWFzZiG99lKX9
Y1gXK2/V0nteKQ1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:06 2024 by rpki-client on console-ams.rpki-client.org