Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/h8lVsz3qKvH7nx_8G2XwDpjDMgk.roa
File: h8lVsz3qKvH7nx_8G2XwDpjDMgk.roa (raw, json)
Hash identifier: BLCOjZOYgBfl4mXdjIT7QT9dBB6HFzkZNnZ4vPqOqfw=
Subject key identifier: 87:C9:55:B3:3D:EA:2A:F1:FB:9F:1F:FC:1B:65:F0:0E:98:C3:32:09
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018291E37FC8930C48F1E9D4A5EC06CCABC4
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/h8lVsz3qKvH7nx_8G2XwDpjDMgk.roa
Signing time: Fri 12 Aug 2022 11:49:41 +0000
ROA not before: Fri 12 Aug 2022 11:49:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61400
IP address blocks: 77.220.216.0/21 maxlen: 21
62.76.24.0/22 maxlen: 22
91.107.85.0/24 maxlen: 24
91.107.84.0/24 maxlen: 24
91.107.86.0/23 maxlen: 23
185.126.92.0/22 maxlen: 24
185.62.103.0/24 maxlen: 24
46.21.252.0/22 maxlen: 24
62.76.112.0/22 maxlen: 32
185.111.216.0/23 maxlen: 23
185.111.219.0/24 maxlen: 24
185.111.218.0/24 maxlen: 24
212.8.232.0/22 maxlen: 22
89.248.236.0/24 maxlen: 24
185.40.28.0/22 maxlen: 22
31.200.248.0/21 maxlen: 21
62.76.88.0/22 maxlen: 22
91.227.34.0/23 maxlen: 23
62.76.100.0/22 maxlen: 22
2a03:220::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:91:e3:7f:c8:93:0c:48:f1:e9:d4:a5:ec:06:cc:ab:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 12 11:49:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87c955b33dea2af1fb9f1ffc1b65f00e98c33209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:eb:4a:55:7f:61:04:e5:35:15:09:81:93:1b:
06:37:f8:47:ba:95:f0:49:06:92:1d:a6:23:34:48:
51:2f:f2:f4:79:80:d7:d7:e8:9e:96:ec:8d:69:09:
8a:93:49:49:bf:5b:bf:56:26:6e:d0:41:69:63:07:
69:8c:e3:13:a5:da:45:dd:dd:13:b8:87:96:06:2b:
b4:1b:96:58:96:b4:f6:18:b2:45:55:87:dc:16:43:
31:df:b7:17:90:68:26:1f:57:bf:28:33:51:75:fb:
5f:9e:73:33:e8:4e:8e:3c:22:78:3a:3e:f8:d7:b2:
43:44:46:22:27:03:8d:91:6b:e8:48:ca:5c:f2:3f:
15:2f:8d:3f:07:1e:53:06:af:9d:b8:2e:94:36:5e:
cd:ec:37:75:8b:08:68:9d:f4:0d:e0:62:26:53:6a:
e3:9e:8a:14:fa:e8:d9:2a:1e:e0:41:5d:d8:c2:dd:
a2:60:7a:95:d5:68:8f:55:22:50:2b:cc:b4:da:c3:
f8:22:b3:ab:71:ed:b2:af:a1:5b:c8:24:df:f3:2b:
71:0c:61:5d:38:75:17:83:5b:58:d1:39:76:06:45:
ca:b9:69:f6:28:4b:79:80:fa:ef:41:5c:2b:5f:52:
8a:cf:41:0e:e2:88:57:2e:ab:c7:1d:19:5d:08:d5:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C9:55:B3:3D:EA:2A:F1:FB:9F:1F:FC:1B:65:F0:0E:98:C3:32:09
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/h8lVsz3qKvH7nx_8G2XwDpjDMgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.248.0/21
46.21.252.0/22
62.76.24.0/22
62.76.88.0/22
62.76.100.0/22
62.76.112.0/22
77.220.216.0/21
89.248.236.0/24
91.107.84.0/22
91.227.34.0/23
185.40.28.0/22
185.62.103.0/24
185.111.216.0/22
185.126.92.0/22
212.8.232.0/22
IPv6:
2a03:220::/32
Signature Algorithm: sha256WithRSAEncryption
93:16:bf:5d:29:88:35:84:bd:75:8c:7c:ee:5f:a2:31:2f:6b:
de:fa:50:7f:0b:57:29:30:65:00:30:15:07:1f:e7:b1:af:89:
1c:76:11:87:7a:3a:8a:8f:ba:9e:58:d4:91:2d:78:5a:04:95:
7f:a7:bc:4c:5e:09:dd:d7:68:01:22:4a:a0:a8:24:1e:3e:18:
47:57:72:19:e3:7b:62:c7:83:14:f2:40:b7:dc:dd:a9:06:5d:
79:a4:ce:48:d9:85:78:ce:93:93:0c:74:fe:f2:2d:7c:fc:aa:
2a:e8:64:d2:e7:4b:ce:86:36:59:5c:48:15:8a:97:f2:f4:95:
8b:43:12:c1:14:3b:c0:02:7c:10:72:e2:ff:3a:85:1e:c0:e5:
88:f8:51:5d:d9:b3:2c:55:86:3e:72:8c:1a:9e:6b:1e:e7:98:
de:2d:de:d0:b4:da:89:7c:50:d2:ed:09:39:fe:d8:74:f0:f9:
97:33:f8:cd:c9:15:71:07:60:d7:4f:38:17:7a:1d:23:41:d0:
aa:cf:e3:c9:9a:96:f8:a4:3a:d3:6e:42:7b:04:9b:f4:9d:e5:
21:5d:45:e6:71:af:53:0c:7e:2a:e8:b0:a5:48:70:e3:ba:34:
5b:8f:4b:09:4b:24:69:61:92:30:52:80:b2:cc:ec:6f:ac:ad:
5d:41:e2:ee
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYKR43/IkwxI8enUpewGzKvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODEyMTE0OTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M5NTViMzNkZWEyYWYxZmI5ZjFmZmMxYjY1ZjAwZTk4YzMzMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA++tKVX9hBOU1FQmBkxsGN/hHupXw
SQaSHaYjNEhRL/L0eYDX1+ieluyNaQmKk0lJv1u/ViZu0EFpYwdpjOMTpdpF3d0T
uIeWBiu0G5ZYlrT2GLJFVYfcFkMx37cXkGgmH1e/KDNRdftfnnMz6E6OPCJ4Oj74
17JDREYiJwONkWvoSMpc8j8VL40/Bx5TBq+duC6UNl7N7Dd1iwhonfQN4GImU2rj
nooU+ujZKh7gQV3Ywt2iYHqV1WiPVSJQK8y02sP4IrOrce2yr6FbyCTf8ytxDGFd
OHUXg1tY0Tl2BkXKuWn2KEt5gPrvQVwrX1KKz0EO4ohXLqvHHRldCNXThQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFIfJVbM96irx+58f/Btl8A6YwzIJMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvaDhsVnN6M3FLdkg3bnhfOEcyWHdEcGpETWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAx/I+AME
Ai4V/AMEAj5MGAMEAj5MWAMEAj5MZAMEAj5McAMEA03c2AMEAFn47AMEAltrVAME
AVvjIgMEArkoHAMEALk+ZwMEArlv2AMEArl+XAMEAtQI6DANBAIAAjAHAwUAKgMC
IDANBgkqhkiG9w0BAQsFAAOCAQEAkxa/XSmINYS9dYx87l+iMS9r3vpQfwtXKTBl
ADAVBx/nsa+JHHYRh3o6io+6nljUkS14WgSVf6e8TF4J3ddoASJKoKgkHj4YR1dy
GeN7YseDFPJAt9zdqQZdeaTOSNmFeM6Tkwx0/vItfPyqKuhk0udLzoY2WVxIFYqX
8vSVi0MSwRQ7wAJ8EHLi/zqFHsDliPhRXdmzLFWGPnKMGp5rHueY3i3e0LTaiXxQ
0u0JOf7YdPD5lzP4zckVcQdg1084F3odI0HQqs/jyZqW+KQ6025CewSb9J3lIV1F
5nGvUwx+KuiwpUhw47o0W49LCUskaWGSMFKAsszsb6ytXUHi7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:48 2024 by rpki-client on console-ams.rpki-client.org