Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8EtJzhz2YxdQJuP1-ioqaIDacEg.roa
File: 8EtJzhz2YxdQJuP1-ioqaIDacEg.roa (raw, json)
Hash identifier: bawKBdxVIp9LG3HdP2uvpxcLQDxCK4JnIknrIXrbEgY=
Subject key identifier: F0:4B:49:CE:1C:F6:63:17:50:26:E3:F5:FA:2A:2A:68:80:DA:70:48
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 43903E8F
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8EtJzhz2YxdQJuP1-ioqaIDacEg.roa
Signing time: Mon 24 Jan 2022 08:16:11 +0000
ROA not before: Mon 24 Jan 2022 08:16:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20836
IP address blocks: 151.236.18.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
2a03:f80:39::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1133526671 (0x43903e8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 24 08:16:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f04b49ce1cf663175026e3f5fa2a2a6880da7048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1c:a0:67:84:ea:ea:b0:e9:c0:0d:81:84:a0:
74:5e:f2:e4:a3:4d:8c:35:18:4c:ba:4d:85:cb:30:
24:74:58:9f:70:b4:16:99:63:bc:6a:9b:ae:2d:04:
5a:13:8b:c5:5c:75:fd:c6:24:c8:72:80:15:20:e5:
23:5f:b0:c4:f3:41:a4:b1:d8:f3:62:79:e4:10:bb:
11:e9:10:9a:b8:2f:3b:96:41:41:24:65:f8:d0:d3:
24:a2:af:39:e1:b3:09:ef:1d:0c:5b:09:fc:c8:77:
75:29:d7:ce:27:50:eb:de:c5:f4:a6:9e:97:07:18:
ce:be:8c:22:30:1c:08:3c:0f:64:fb:58:37:b5:8b:
fc:f1:81:e9:62:c1:6c:df:cb:c9:f9:67:a1:0d:0d:
ac:19:b8:2d:56:8a:7b:68:29:13:8c:4b:7c:22:32:
97:44:5b:6a:36:d4:bf:cb:18:c7:a7:7b:61:bf:40:
80:3c:87:aa:10:da:18:43:54:6b:38:6a:17:88:92:
47:1d:3a:d4:5c:2d:bc:70:ba:39:b5:9c:fd:b3:1b:
5a:23:9f:d0:62:21:6f:66:58:0f:cb:ef:d6:cc:a1:
26:99:7a:3b:0f:97:ef:b4:11:ce:02:fb:cb:80:00:
21:b3:65:03:43:c8:90:47:d8:32:30:65:60:5d:43:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4B:49:CE:1C:F6:63:17:50:26:E3:F5:FA:2A:2A:68:80:DA:70:48
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/8EtJzhz2YxdQJuP1-ioqaIDacEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.154.157.0/24
151.236.18.0/24
IPv6:
2a03:f80:39::/48
Signature Algorithm: sha256WithRSAEncryption
57:b0:05:c9:10:a2:5c:8f:83:e7:04:16:22:3b:71:e6:92:7d:
f9:10:c8:a6:1a:41:44:b1:4f:53:02:d7:6d:c8:09:7b:ec:8d:
8e:76:45:a2:2d:25:d2:43:b2:c1:85:9e:01:66:03:f1:4f:de:
5c:66:c6:c1:3d:32:0e:41:e1:93:11:33:21:64:61:1c:bf:75:
26:90:a3:a4:e7:b2:29:c0:9c:fa:6b:f2:63:ba:d7:32:12:e1:
0c:a7:5a:f6:30:0a:c3:30:75:de:be:0d:ff:41:9b:f4:54:e6:
53:92:2a:bf:e1:6c:cb:35:7c:86:ae:ea:71:a4:85:01:1b:3f:
fe:a1:a6:a9:68:98:b6:11:b0:0a:28:3d:b6:75:f6:3c:60:23:
f9:e5:56:af:5f:2f:b0:aa:25:e9:3c:83:84:ea:d1:60:a5:4b:
a3:1f:6f:87:ad:a7:d4:1a:cc:ab:53:2d:98:b2:66:aa:14:a7:
b2:50:7e:f1:39:b2:78:23:7d:fc:3f:0a:20:cc:c1:a8:5f:f6:
5c:e0:24:73:38:86:96:20:9e:db:16:cc:04:62:2a:3a:7f:c4:
0a:c6:5c:8b:d6:25:8c:15:82:54:63:4c:1e:ef:f7:3b:96:68:
19:48:0c:48:8c:d2:18:41:76:a4:b8:63:a1:ff:4c:45:82:1f:
3e:d8:f8:d7
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEQ5A+jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjE3YjQ3MmM4NDFjMWQ2ODU1MGEyNGYxOTM2ZDI5Y2M2YzI4ZjZhMB4XDTIyMDEy
NDA4MTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA0YjQ5Y2UxY2Y2
NjMxNzUwMjZlM2Y1ZmEyYTJhNjg4MGRhNzA0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4coGeE6uqw6cANgYSgdF7y5KNNjDUYTLpNhcswJHRYn3C0
FpljvGqbri0EWhOLxVx1/cYkyHKAFSDlI1+wxPNBpLHY82J55BC7EekQmrgvO5ZB
QSRl+NDTJKKvOeGzCe8dDFsJ/Mh3dSnXzidQ697F9KaelwcYzr6MIjAcCDwPZPtY
N7WL/PGB6WLBbN/LyflnoQ0NrBm4LVaKe2gpE4xLfCIyl0RbajbUv8sYx6d7Yb9A
gDyHqhDaGENUazhqF4iSRx061FwtvHC6ObWc/bMbWiOf0GIhb2ZYD8vv1syhJpl6
Ow+X77QRzgL7y4AAIbNlA0PIkEfYMjBlYF1D4t0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTwS0nOHPZjF1Am4/X6KipogNpwSDAfBgNVHSMEGDAWgBTSF7RyyEHB1oVQ
ok8ZNtKcxsKPajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBoZTBjc2hCd2RhRlVLSlBHVGJTbk1iQ2oyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvMjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8x
LzhFdEp6aHoyWXhkUUp1UDEtaW9xYUlEYWNFZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
MjkwZTQ0LWI0NzktNDZjZi1hYjRiLWIzOGUyNjc3YjNkYy8xLzBoZTBjc2hCd2Rh
RlVLSlBHVGJTbk1iQ2oyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAJWanQMEAJfsEjAPBAIAAjAJAwcA
KgMPgAA5MA0GCSqGSIb3DQEBCwUAA4IBAQBXsAXJEKJcj4PnBBYiO3Hmkn35EMim
GkFEsU9TAtdtyAl77I2OdkWiLSXSQ7LBhZ4BZgPxT95cZsbBPTIOQeGTETMhZGEc
v3UmkKOk57IpwJz6a/JjutcyEuEMp1r2MArDMHXevg3/QZv0VOZTkiq/4WzLNXyG
rupxpIUBGz/+oaapaJi2EbAKKD22dfY8YCP55VavXy+wqiXpPIOE6tFgpUujH2+H
rafUGsyrUy2YsmaqFKeyUH7xObJ4I338PwogzMGoX/Zc4CRzOIaWIJ7bFswEYio6
f8QKxlyL1iWMFYJUY0we7/c7lmgZSAxIjNIYQXakuGOh/0xFgh8+2PjX
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:09 2023 by rpki-client on console-fra.rpki-client.org