Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/p8G39PGenP0J4s3WrSfw-zZJ8_k.roa
File: p8G39PGenP0J4s3WrSfw-zZJ8_k.roa (raw, json)
Hash identifier: h1xGIba6D/GAk1tqBSdN0PPnisqeAwcedHDX8AtCB1I=
Subject key identifier: A7:C1:B7:F4:F1:9E:9C:FD:09:E2:CD:D6:AD:27:F0:FB:36:49:F3:F9
Certificate issuer: /CN=a600fc96404289ac58b61047ddf862187f5ab27e
Certificate serial: 19693E6F
Authority key identifier: A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/p8G39PGenP0J4s3WrSfw-zZJ8_k.roa
Signing time: Tue 15 Mar 2022 10:07:34 +0000
ROA not before: Tue 15 Mar 2022 10:07:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198024
IP address blocks: 185.227.44.0/22 maxlen: 22
31.172.152.0/21 maxlen: 21
37.44.48.0/21 maxlen: 21
185.59.116.0/22 maxlen: 22
185.127.60.0/22 maxlen: 22
185.127.84.0/22 maxlen: 22
2a06:c780::/29 maxlen: 29
2a06:c840::/29 maxlen: 29
2a03:7b80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426327663 (0x19693e6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a600fc96404289ac58b61047ddf862187f5ab27e
Validity
Not Before: Mar 15 10:07:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7c1b7f4f19e9cfd09e2cdd6ad27f0fb3649f3f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a0:25:66:44:b1:21:7c:4f:3d:21:ea:5a:9b:
4c:47:d5:08:3e:cf:2c:fe:3e:e9:91:da:21:59:d3:
10:a6:54:02:64:57:17:ce:1f:29:d6:6f:52:c6:be:
12:97:ff:13:e0:3f:a5:c0:42:63:a1:85:cb:ff:ec:
fa:82:82:03:d3:09:db:64:b5:dc:55:fc:54:e3:25:
97:f1:75:d9:d9:07:28:ac:68:18:5a:1a:80:3d:58:
4f:9b:00:a1:e6:ae:dc:79:e5:d8:2f:28:31:81:25:
37:55:20:de:ee:06:bb:be:83:ad:68:92:74:c1:f8:
6c:ff:6c:73:2a:a7:81:21:ab:cc:f1:e8:8f:43:2b:
bc:a0:60:6d:9e:e1:30:4a:f8:11:95:e5:ff:b0:f1:
c6:c6:e4:e4:09:1b:4d:5d:36:bd:94:42:05:58:c2:
e8:e2:77:46:a4:15:c2:90:4c:22:da:34:db:e8:f3:
0f:11:4e:ba:f7:ad:fb:ec:79:bf:35:7e:b7:5f:1e:
63:97:9b:d3:4b:11:3b:43:06:4e:e2:36:15:10:db:
53:b6:31:a5:d4:06:c6:94:11:26:02:0a:ea:b7:5d:
2a:04:ef:9a:ad:56:f6:d1:46:37:5c:7f:6b:9a:07:
7a:d5:d2:bb:16:44:bb:44:00:75:a1:4d:00:22:23:
da:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:C1:B7:F4:F1:9E:9C:FD:09:E2:CD:D6:AD:27:F0:FB:36:49:F3:F9
X509v3 Authority Key Identifier:
keyid:A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/p8G39PGenP0J4s3WrSfw-zZJ8_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.152.0/21
37.44.48.0/21
185.59.116.0/22
185.127.60.0/22
185.127.84.0/22
185.227.44.0/22
IPv6:
2a03:7b80::/32
2a06:c780::/29
2a06:c840::/29
Signature Algorithm: sha256WithRSAEncryption
0d:91:bc:42:b4:01:a1:5c:7f:78:8b:35:cf:e4:cd:5a:54:86:
a7:93:0c:c5:35:35:5d:47:b1:13:27:08:32:b0:e1:3e:7f:2e:
f4:3b:dd:b5:1c:d2:67:cf:f6:77:7b:29:06:37:b0:46:5a:a7:
5d:02:63:7b:13:31:f9:e8:e1:d3:22:5f:b0:7a:00:76:fa:bc:
61:23:ed:58:76:f8:8d:c8:f3:48:34:13:d1:58:d8:29:5a:7f:
b9:5b:70:bc:7f:0e:5b:19:f2:9b:ff:43:91:30:b8:da:71:98:
9b:da:d4:2f:93:6b:0f:12:c9:25:36:de:8a:64:4c:8e:25:b0:
28:ba:c5:5e:93:60:0f:77:f9:2f:8b:62:f1:ea:54:62:9d:63:
54:30:cc:dd:29:9e:8f:f8:fa:e7:75:d0:7d:75:86:fa:f2:49:
0f:3f:3c:fa:3a:34:ac:f5:61:a2:a7:13:79:0f:b4:24:0e:53:
e8:c2:11:17:70:36:b8:e4:cb:12:3d:23:ad:ef:74:9a:44:01:
b5:9d:11:83:07:e0:b3:25:35:7a:82:e2:f2:08:3c:54:39:89:
61:b2:23:04:10:43:92:50:b6:a3:75:44:46:00:b7:92:6b:d9:
62:e7:a3:8f:b5:2f:1c:55:4c:a5:43:af:b7:c8:49:96:00:6a:
3f:bc:13:e2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIEGWk+bzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjAwZmM5NjQwNDI4OWFjNThiNjEwNDdkZGY4NjIxODdmNWFiMjdlMB4XDTIyMDMx
NTEwMDczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdjMWI3ZjRmMTll
OWNmZDA5ZTJjZGQ2YWQyN2YwZmIzNjQ5ZjNmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGgJWZEsSF8Tz0h6lqbTEfVCD7PLP4+6ZHaIVnTEKZUAmRX
F84fKdZvUsa+Epf/E+A/pcBCY6GFy//s+oKCA9MJ22S13FX8VOMll/F12dkHKKxo
GFoagD1YT5sAoeau3Hnl2C8oMYElN1Ug3u4Gu76DrWiSdMH4bP9scyqngSGrzPHo
j0MrvKBgbZ7hMEr4EZXl/7Dxxsbk5AkbTV02vZRCBVjC6OJ3RqQVwpBMIto02+jz
DxFOuvet++x5vzV+t18eY5eb00sRO0MGTuI2FRDbU7YxpdQGxpQRJgIK6rddKgTv
mq1W9tFGN1x/a5oHetXSuxZEu0QAdaFNACIj2sECAwEAAaOCAkQwggJAMB0GA1Ud
DgQWBBSnwbf08Z6c/QnizdatJ/D7Nknz+TAfBgNVHSMEGDAWgBSmAPyWQEKJrFi2
EEfd+GIYf1qyfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BnRDhsa0JDaWF4WXRoQkgzZmhpR0g5YXNuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvM2Q3YjhhLWUwNzQtNGYxNi1hNjI5LTIxMjhkODQwYzQyOS8x
L3A4RzM5UEdlblAwSjRzM1dyU2Z3LXpaSjhfay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
M2Q3YjhhLWUwNzQtNGYxNi1hNjI5LTIxMjhkODQwYzQyOS8xL3BnRDhsa0JDaWF4
WXRoQkgzZmhpR0g5YXNuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBa
BggrBgEFBQcBBwEB/wRLMEkwKgQCAAEwJAMEAx+smAMEAyUsMAMEArk7dAMEArl/
PAMEArl/VAMEArnjLDAbBAIAAjAVAwUAKgN7gAMFAyoGx4ADBQMqBshAMA0GCSqG
SIb3DQEBCwUAA4IBAQANkbxCtAGhXH94izXP5M1aVIankwzFNTVdR7ETJwgysOE+
fy70O921HNJnz/Z3eykGN7BGWqddAmN7EzH56OHTIl+wegB2+rxhI+1YdviNyPNI
NBPRWNgpWn+5W3C8fw5bGfKb/0ORMLjacZib2tQvk2sPEsklNt6KZEyOJbAousVe
k2APd/kvi2Lx6lRinWNUMMzdKZ6P+PrnddB9dYb68kkPPzz6OjSs9WGipxN5D7Qk
DlPowhEXcDa45MsSPSOt73SaRAG1nRGDB+CzJTV6guLyCDxUOYlhsiMEEEOSULaj
dURGALeSa9li56OPtS8cVUylQ6+3yEmWAGo/vBPi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:52 2024 by rpki-client on console-fra.rpki-client.org