Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/Ae2-dnolKiG5SJJHT4u9y9d4_Rw.roa
File: Ae2-dnolKiG5SJJHT4u9y9d4_Rw.roa (raw, json)
Hash identifier: ZWRGT9SO1f7L47nW/Q/sMLx8LX9Lodg9+pF3wwHh3Xc=
Subject key identifier: 01:ED:BE:76:7A:25:2A:21:B9:48:92:47:4F:8B:BD:CB:D7:78:FD:1C
Certificate issuer: /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial: 018368E9ADD360568E3557C159457B24DDD5
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/Ae2-dnolKiG5SJJHT4u9y9d4_Rw.roa
Signing time: Fri 23 Sep 2022 05:54:48 +0000
ROA not before: Fri 23 Sep 2022 05:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8301
IP address blocks: 178.208.192.0/19 maxlen: 24
217.65.48.0/20 maxlen: 24
212.120.224.0/19 maxlen: 24
195.244.192.0/19 maxlen: 24
195.244.204.0/24 maxlen: 24
185.74.72.0/22 maxlen: 24
2a01:8c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:68:e9:ad:d3:60:56:8e:35:57:c1:59:45:7b:24:dd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Validity
Not Before: Sep 23 05:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01edbe767a252a21b94892474f8bbdcbd778fd1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a9:58:1a:4b:d9:97:71:7f:21:eb:5b:29:9c:
78:b5:45:e9:4a:d6:bc:3a:87:38:57:a1:23:84:7f:
03:44:b8:75:c1:f8:03:58:7c:83:5c:ea:dd:cc:24:
3b:97:a2:69:d8:0b:55:90:4c:69:71:23:0e:f7:15:
0c:c9:41:3a:18:b9:d1:30:d5:c8:ca:a4:ac:f7:0c:
7b:eb:3a:9a:a3:9e:c7:f3:00:86:18:c4:37:44:a6:
e5:f9:3a:e8:c0:6b:63:8a:4d:70:8c:0b:79:5f:f5:
ea:5a:64:37:00:5b:12:95:c3:59:5b:90:86:9a:7d:
ca:42:15:db:7d:f1:46:06:10:52:e1:b6:cd:b5:82:
d8:8c:7c:e4:1a:92:be:2f:b2:1e:b0:9f:df:a2:fa:
9d:67:df:99:d5:61:91:a9:33:b2:13:1e:85:da:05:
22:ea:12:2b:5b:25:9c:e2:54:00:aa:87:be:23:2a:
64:c7:b5:1a:f4:6b:8e:38:a0:5a:7d:7c:3e:12:2c:
fa:d0:1d:b1:dd:3e:50:6c:0f:2a:3d:0c:17:fe:ba:
ca:78:c9:9e:30:b2:45:af:93:31:d5:af:e0:7a:0f:
6d:36:1d:4a:40:5f:9c:96:50:8c:74:61:d7:6b:a4:
17:46:a6:8c:5e:87:ea:03:44:11:97:07:b1:62:04:
50:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:ED:BE:76:7A:25:2A:21:B9:48:92:47:4F:8B:BD:CB:D7:78:FD:1C
X509v3 Authority Key Identifier:
keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/Ae2-dnolKiG5SJJHT4u9y9d4_Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.192.0/19
185.74.72.0/22
195.244.192.0/19
212.120.224.0/19
217.65.48.0/20
IPv6:
2a01:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:2c:3e:ea:c4:46:7c:32:f9:04:78:ce:a5:d1:f2:cd:6b:60:
a8:58:3d:3d:02:da:e6:de:11:e7:66:e6:e8:8e:23:2c:a9:f5:
3b:28:9d:82:9b:cd:d0:fd:56:c1:f9:ce:8b:d5:45:09:8d:9a:
c3:de:b5:7c:fa:40:31:dd:b8:30:09:ea:19:71:b7:ff:51:05:
30:a2:40:41:e6:bf:8e:87:85:6f:8a:0a:c3:1a:0d:76:6c:f2:
59:9c:d4:fc:97:dc:55:01:4a:1b:f7:09:3f:7e:76:22:2f:f3:
79:3d:95:e7:b4:5a:93:35:7e:9a:fc:8b:45:93:cb:42:07:ce:
51:08:37:d1:33:9c:ca:d4:63:ab:35:ff:85:fd:e4:61:21:38:
04:89:9c:f9:c5:50:b6:11:47:3e:b5:a2:35:7f:9f:8e:6b:7a:
18:a9:ee:0a:a2:a8:48:16:e0:a8:b2:31:c6:13:bb:72:19:6e:
13:06:c9:a1:ca:fe:75:57:0f:85:bc:fe:74:68:7d:5f:3c:29:
04:50:fa:bf:c0:97:c8:d6:35:bf:bc:a1:2d:82:ee:39:5b:2b:
f2:ec:48:01:5f:c7:12:7d:75:43:59:43:3f:f3:0c:5a:d9:d7:
35:49:4c:d7:85:b3:69:ce:41:03:e1:6b:ed:cf:70:72:34:e0:
9e:a7:82:31
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYNo6a3TYFaONVfBWUV7JN3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmI3MjI3MTVmOTFiZTc5MmExZWMzYzMxZTc3ZWQ5ZGEw
NWNiZTEwHhcNMjIwOTIzMDU1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWVkYmU3NjdhMjUyYTIxYjk0ODkyNDc0ZjhiYmRjYmQ3NzhmZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKlYGkvZl3F/IetbKZx4tUXpSta8
Ooc4V6EjhH8DRLh1wfgDWHyDXOrdzCQ7l6Jp2AtVkExpcSMO9xUMyUE6GLnRMNXI
yqSs9wx76zqao57H8wCGGMQ3RKbl+TrowGtjik1wjAt5X/XqWmQ3AFsSlcNZW5CG
mn3KQhXbffFGBhBS4bbNtYLYjHzkGpK+L7IesJ/fovqdZ9+Z1WGRqTOyEx6F2gUi
6hIrWyWc4lQAqoe+Iypkx7Ua9GuOOKBafXw+Eiz60B2x3T5QbA8qPQwX/rrKeMme
MLJFr5Mx1a/geg9tNh1KQF+cllCMdGHXa6QXRqaMXofqA0QRlwexYgRQBQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAHtvnZ6JSohuUiSR0+LvcvXeP0cMB8GA1UdIwQY
MBaAFLgrcicV+RvnkqHsPDHnftnaBcvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMt
YTE1YTE4NjEzZGE2LzEvQWUyLWRub2xLaUc1U0pKSFQ0dTl5OWQ0X1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMtYTE1YTE4NjEzZGE2
LzEvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFstDAAwQC
uUpIAwQFw/TAAwQF1HjgAwQE2UEwMA0EAgACMAcDBQAqAYxAMA0GCSqGSIb3DQEB
CwUAA4IBAQA+LD7qxEZ8MvkEeM6l0fLNa2CoWD09Atrm3hHnZubojiMsqfU7KJ2C
m83Q/VbB+c6L1UUJjZrD3rV8+kAx3bgwCeoZcbf/UQUwokBB5r+Oh4VvigrDGg12
bPJZnNT8l9xVAUob9wk/fnYiL/N5PZXntFqTNX6a/ItFk8tCB85RCDfRM5zK1GOr
Nf+F/eRhITgEiZz5xVC2EUc+taI1f5+Oa3oYqe4KoqhIFuCosjHGE7tyGW4TBsmh
yv51Vw+FvP50aH1fPCkEUPq/wJfI1jW/vKEtgu45Wyvy7EgBX8cSfXVDWUM/8wxa
2dc1SUzXhbNpzkED4Wvtz3ByNOCep4Ix
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org