Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/t3In-J3fHG7WckxvasFJGtlxcLE.roa
File: t3In-J3fHG7WckxvasFJGtlxcLE.roa (raw, json)
Hash identifier: MLnTINuDk/WIhnprKzen09OanrbP+GDpOU3wZR68HkI=
Subject key identifier: B7:72:27:F8:9D:DF:1C:6E:D6:72:4C:6F:6A:C1:49:1A:D9:71:70:B1
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 11F5A533
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/t3In-J3fHG7WckxvasFJGtlxcLE.roa
Signing time: Sat 01 Jan 2022 15:04:49 +0000
ROA not before: Sat 01 Jan 2022 15:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51184
IP address blocks: 185.17.12.0/22 maxlen: 24
178.251.64.0/21 maxlen: 24
185.128.244.0/22 maxlen: 24
116.204.196.0/22 maxlen: 24
185.68.248.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
217.116.176.0/20 maxlen: 24
91.206.8.0/23 maxlen: 24
193.238.236.0/22 maxlen: 24
2a02:1748::/32 maxlen: 48
2a0c:ad40::/29 maxlen: 48
2a06:d500::/29 maxlen: 48
2001:1b98::/32 maxlen: 48
2a06:d180::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301311283 (0x11f5a533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 1 15:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b77227f89ddf1c6ed6724c6f6ac1491ad97170b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b1:1e:bb:61:00:6e:e0:67:5c:ff:3e:10:7d:
2f:d3:5f:f8:0b:aa:f6:84:09:47:64:05:24:6c:36:
ff:5a:0d:63:9a:99:dd:c4:58:9c:ee:da:f0:d2:a5:
70:24:1b:07:c1:d8:95:80:fc:6f:a1:85:fb:d7:9f:
0a:dc:c8:2e:ec:d1:c2:24:89:f3:46:30:ba:60:a7:
63:aa:b7:2f:da:3d:06:0e:94:d9:53:07:d5:d0:8b:
75:d9:0d:6f:5d:f0:fc:e0:cd:ae:de:71:30:ab:6c:
41:7e:9d:6d:21:c2:c6:02:90:43:0c:93:41:2f:ed:
8d:87:24:c5:08:f3:79:98:48:75:74:f3:32:43:1a:
43:65:6c:f8:67:d9:7b:e8:12:2d:18:3c:db:89:d8:
46:c5:6c:d7:39:1c:3e:4a:a8:31:f6:95:94:8f:51:
31:80:4d:49:4a:de:f4:f8:d4:44:56:06:6e:22:3e:
70:97:16:77:9d:82:90:03:cd:ae:7d:2f:3d:58:3b:
57:49:6b:75:13:38:fe:18:9b:69:7c:eb:f3:8b:75:
24:ec:43:4f:83:9b:0a:7f:ea:a0:60:1c:73:f9:3c:
e2:62:02:01:c6:d3:ae:5c:4f:be:af:31:50:b7:ea:
85:70:0a:a9:f8:be:97:79:ab:4b:3b:e7:1f:fa:b4:
a0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:72:27:F8:9D:DF:1C:6E:D6:72:4C:6F:6A:C1:49:1A:D9:71:70:B1
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/t3In-J3fHG7WckxvasFJGtlxcLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.8.0/23
116.204.196.0/22
178.251.64.0/21
185.17.12.0/22
185.68.248.0/22
185.128.244.0/22
185.129.172.0/22
193.238.236.0/22
217.116.176.0/20
IPv6:
2001:1b98::/32
2a02:1748::/32
2a06:d180::/29
2a06:d500::/29
2a0c:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
ab:c2:7a:28:b5:c3:10:6a:24:02:8d:24:50:7b:09:36:87:30:
07:99:e1:03:08:78:be:e5:c6:73:9d:2b:64:1a:bd:1d:fb:86:
66:94:90:2c:53:13:12:4e:9b:09:4f:9c:9a:10:44:54:db:31:
80:bf:ed:2d:7a:ff:10:94:70:35:68:79:7c:6f:b2:ae:e6:1f:
d5:5d:1c:28:27:79:ff:18:72:e5:a2:e6:cf:03:3e:f4:11:78:
15:24:56:e2:3e:37:5f:74:a5:cd:d9:e4:53:2e:c9:fb:4b:bf:
b6:3f:cc:e8:32:82:f9:a9:81:94:8f:2a:11:cc:4d:a5:61:5b:
47:d5:05:0b:a0:6d:19:2d:bc:29:e5:b1:bc:3f:25:81:32:86:
eb:59:58:db:60:e9:29:3c:7b:46:ca:c6:d5:6c:cb:ea:74:a0:
2e:50:13:b0:fc:c7:03:bc:af:90:fe:f9:6c:54:25:ef:d2:95:
15:48:65:1a:9d:7d:6a:4f:82:1d:f6:d7:d6:ec:8c:33:67:5a:
8f:e7:2b:3e:5e:b4:ee:06:51:e1:85:27:b8:03:53:2a:ff:80:
65:85:f4:59:d8:b6:f1:e9:ea:c1:e3:32:a5:7a:27:3d:a7:55:
ff:c7:29:26:e1:1d:37:ee:e6:11:6d:c5:52:59:e3:5d:d9:5d:
b0:70:0e:2b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIEEfWlMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Yzc3MDEzZTQ4OGEwOWM3MDliNjMyMjQ2ZDk0MDVkYTQ1OGM1NTM4MB4XDTIyMDEw
MTE1MDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc3MjI3Zjg5ZGRm
MWM2ZWQ2NzI0YzZmNmFjMTQ5MWFkOTcxNzBiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKexHrthAG7gZ1z/PhB9L9Nf+Auq9oQJR2QFJGw2/1oNY5qZ
3cRYnO7a8NKlcCQbB8HYlYD8b6GF+9efCtzILuzRwiSJ80YwumCnY6q3L9o9Bg6U
2VMH1dCLddkNb13w/ODNrt5xMKtsQX6dbSHCxgKQQwyTQS/tjYckxQjzeZhIdXTz
MkMaQ2Vs+GfZe+gSLRg824nYRsVs1zkcPkqoMfaVlI9RMYBNSUre9PjURFYGbiI+
cJcWd52CkAPNrn0vPVg7V0lrdRM4/hibaXzr84t1JOxDT4ObCn/qoGAcc/k84mIC
AcbTrlxPvq8xULfqhXAKqfi+l3mrSzvnH/q0oOUCAwEAAaOCAmQwggJgMB0GA1Ud
DgQWBBS3cif4nd8cbtZyTG9qwUka2XFwsTAfBgNVHSMEGDAWgBSMdwE+SIoJxwm2
MiRtlAXaRYxVODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pIY0JQa2lLQ2NjSnRqSWtiWlFGMmtXTVZUZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMTY4NTA5LTJjZjMtNDgzZC1iY2Q4LTAyMTI5NTMzYTMzZC8x
L3QzSW4tSjNmSEc3V2NreHZhc0ZKR3RseGNMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
MTY4NTA5LTJjZjMtNDgzZC1iY2Q4LTAyMTI5NTMzYTMzZC8xL2pIY0JQa2lLQ2Nj
SnRqSWtiWlFGMmtXTVZUZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6
BggrBgEFBQcBBwEB/wRrMGkwPAQCAAEwNgMEAVvOCAMEAnTMxAMEA7L7QAMEArkR
DAMEArlE+AMEArmA9AMEArmBrAMEAsHu7AMEBNl0sDApBAIAAjAjAwUAIAEbmAMF
ACoCF0gDBQMqBtGAAwUDKgbVAAMFAyoMrUAwDQYJKoZIhvcNAQELBQADggEBAKvC
eii1wxBqJAKNJFB7CTaHMAeZ4QMIeL7lxnOdK2QavR37hmaUkCxTExJOmwlPnJoQ
RFTbMYC/7S16/xCUcDVoeXxvsq7mH9VdHCgnef8YcuWi5s8DPvQReBUkVuI+N190
pc3Z5FMuyftLv7Y/zOgygvmpgZSPKhHMTaVhW0fVBQugbRktvCnlsbw/JYEyhutZ
WNtg6Sk8e0bKxtVsy+p0oC5QE7D8xwO8r5D++WxUJe/SlRVIZRqdfWpPgh3219bs
jDNnWo/nKz5etO4GUeGFJ7gDUyr/gGWF9FnYtvHp6sHjMqV6Jz2nVf/HKSbhHTfu
5hFtxVJZ413ZXbBwDis=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:00 2023 by rpki-client on console-ams.rpki-client.org