Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/8tkw8iGU-gTM_lQTNZaV1u6D0tM.roa
File: 8tkw8iGU-gTM_lQTNZaV1u6D0tM.roa (raw, json)
Hash identifier: kJwGO4+OsGxSgCm2WenCeAHy2/gXo/ER0S7FEhxOzng=
Subject key identifier: F2:D9:30:F2:21:94:FA:04:CC:FE:54:13:35:96:95:D6:EE:83:D2:D3
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 018441931886F790E60BB8217DAAF1674D06
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/8tkw8iGU-gTM_lQTNZaV1u6D0tM.roa
Signing time: Fri 04 Nov 2022 07:37:49 +0000
ROA not before: Fri 04 Nov 2022 07:37:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49981
IP address blocks: 217.23.0.0/20 maxlen: 20
185.132.132.0/22 maxlen: 22
185.184.192.0/22 maxlen: 22
185.183.32.0/22 maxlen: 22
185.182.192.0/22 maxlen: 22
185.182.192.0/24 maxlen: 24
62.112.8.0/22 maxlen: 22
185.165.240.0/22 maxlen: 22
185.21.60.0/22 maxlen: 22
185.21.63.0/24 maxlen: 24
45.14.132.0/22 maxlen: 22
178.218.196.0/22 maxlen: 22
80.79.4.0/22 maxlen: 22
185.100.232.0/22 maxlen: 22
185.185.48.0/22 maxlen: 22
91.232.105.0/24 maxlen: 24
185.132.176.0/22 maxlen: 22
89.38.96.0/22 maxlen: 22
45.82.64.0/22 maxlen: 22
193.200.164.0/24 maxlen: 24
93.190.136.0/21 maxlen: 22
93.190.140.0/22 maxlen: 22
91.229.23.0/24 maxlen: 24
185.173.160.0/22 maxlen: 22
185.2.80.0/22 maxlen: 22
185.177.124.0/22 maxlen: 22
178.132.0.0/21 maxlen: 21
185.180.220.0/22 maxlen: 22
89.39.104.0/22 maxlen: 22
185.191.0.0/22 maxlen: 22
2.59.168.0/22 maxlen: 22
194.88.104.0/22 maxlen: 22
212.8.240.0/24 maxlen: 24
212.8.242.0/23 maxlen: 23
109.236.80.0/20 maxlen: 20
212.8.252.0/23 maxlen: 23
212.8.248.0/23 maxlen: 23
212.8.250.0/24 maxlen: 24
185.172.88.0/22 maxlen: 22
2a00:7c82::/32 maxlen: 32
2a00:7c81::/32 maxlen: 32
2a00:7c83::/32 maxlen: 32
2a00:7c80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:93:18:86:f7:90:e6:0b:b8:21:7d:aa:f1:67:4d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: Nov 4 07:37:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2d930f22194fa04ccfe5413359695d6ee83d2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:71:cf:97:94:b3:3a:71:00:52:d7:07:82:90:
16:9d:45:0f:7e:14:07:9a:f6:9a:94:e1:6b:7e:28:
e5:f6:42:b5:39:30:3e:0a:11:57:16:7b:96:96:bc:
ef:ce:3b:65:e8:f5:be:47:07:cc:59:6b:1a:16:33:
22:b6:74:81:e8:cb:d7:3c:56:2d:60:5e:23:cf:82:
bd:3a:3c:a3:ba:51:00:73:b1:e2:8a:c3:49:1e:43:
05:a0:18:3f:71:62:bd:27:08:ea:16:14:2b:a7:22:
44:e1:42:a1:9c:e0:e3:e8:26:33:8a:74:ab:43:e3:
d5:2a:2d:db:2e:d9:a4:df:12:c6:a9:66:9a:1e:47:
ed:2a:c3:db:13:4e:66:38:2d:c6:a4:01:77:7d:e9:
5a:00:39:b4:4d:ba:34:5e:19:59:6f:15:99:3b:df:
6a:e3:83:bc:02:e7:d0:67:fe:bb:6a:4e:01:a8:a3:
23:80:d4:63:86:f3:ed:b5:9e:61:d6:27:45:ca:01:
29:ff:e9:8e:2a:15:7e:79:d2:84:de:f2:d0:ba:41:
c9:d3:20:c5:1a:e3:42:23:87:ec:8d:6d:bc:56:86:
a5:fa:34:1d:eb:8d:8f:7b:96:07:61:c5:ff:46:12:
17:e7:20:3f:3c:7c:5b:5b:21:14:92:7f:21:8f:2a:
f7:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D9:30:F2:21:94:FA:04:CC:FE:54:13:35:96:95:D6:EE:83:D2:D3
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/8tkw8iGU-gTM_lQTNZaV1u6D0tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.168.0/22
45.14.132.0/22
45.82.64.0/22
62.112.8.0/22
80.79.4.0/22
89.38.96.0/22
89.39.104.0/22
91.229.23.0/24
91.232.105.0/24
93.190.136.0/21
109.236.80.0/20
178.132.0.0/21
178.218.196.0/22
185.2.80.0/22
185.21.60.0/22
185.100.232.0/22
185.132.132.0/22
185.132.176.0/22
185.165.240.0/22
185.172.88.0/22
185.173.160.0/22
185.177.124.0/22
185.180.220.0/22
185.182.192.0/22
185.183.32.0/22
185.184.192.0/22
185.185.48.0/22
185.191.0.0/22
193.200.164.0/24
194.88.104.0/22
212.8.240.0/24
212.8.242.0/23
212.8.248.0-212.8.250.255
212.8.252.0/23
217.23.0.0/20
IPv6:
2a00:7c80::/29
Signature Algorithm: sha256WithRSAEncryption
9f:7f:d9:91:5c:93:81:03:cc:e4:05:1e:ac:35:15:b0:50:30:
6a:d4:65:5b:95:16:34:d4:e8:97:b8:fa:bf:df:1c:60:ed:4f:
d0:b0:69:32:80:64:9f:1f:b9:16:cd:f3:45:70:68:60:52:d7:
fb:75:5d:42:26:f6:b3:59:a8:56:31:e7:6e:fb:ea:25:21:73:
31:53:ff:ca:42:31:9e:dc:61:f7:62:20:84:da:3b:cf:20:e2:
ef:67:7a:3b:8d:e6:ad:0f:91:99:0c:e7:ea:86:22:b6:7a:c8:
b4:c8:af:f1:96:34:62:9e:fa:cb:0f:e2:9c:95:62:01:5a:3a:
5d:35:c0:2c:10:b7:96:d7:5b:58:9b:61:eb:05:d4:97:ab:fc:
89:3b:27:50:86:22:9a:f9:31:f2:ee:88:08:00:9a:e1:ab:64:
4b:1d:59:1f:6c:48:d1:68:99:ad:30:6c:d6:48:25:9a:d8:48:
7e:34:b7:0a:d8:b7:1c:d8:79:49:02:db:00:b1:7d:45:4b:af:
80:a2:34:68:b4:ee:f8:d4:10:90:13:69:34:27:51:74:2e:1a:
9b:f1:e1:cd:34:dd:09:5b:17:ae:16:1a:28:07:8c:35:88:3e:
72:7d:37:67:1a:3e:f9:d7:a1:03:8e:a8:e4:78:97:fc:ca:f2:
2a:70:93:d2
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYRBkxiG95DmC7ghfarxZ00GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjIxMTA0MDczNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQ5MzBmMjIxOTRmYTA0Y2NmZTU0MTMzNTk2OTVkNmVlODNkMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHHPl5SzOnEAUtcHgpAWnUUPfhQH
mvaalOFrfijl9kK1OTA+ChFXFnuWlrzvzjtl6PW+RwfMWWsaFjMitnSB6MvXPFYt
YF4jz4K9OjyjulEAc7HiisNJHkMFoBg/cWK9JwjqFhQrpyJE4UKhnODj6CYzinSr
Q+PVKi3bLtmk3xLGqWaaHkftKsPbE05mOC3GpAF3felaADm0Tbo0XhlZbxWZO99q
44O8AufQZ/67ak4BqKMjgNRjhvPttZ5h1idFygEp/+mOKhV+edKE3vLQukHJ0yDF
GuNCI4fsjW28Voal+jQd642Pe5YHYcX/RhIX5yA/PHxbWyEUkn8hjyr3lQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFPLZMPIhlPoEzP5UEzWWldbug9LTMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvOHRrdzhpR1UtZ1RNX2xRVE5aYVYxdTZEMHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQC
AjuoAwQCLQ6EAwQCLVJAAwQCPnAIAwQCUE8EAwQCWSZgAwQCWSdoAwQAW+UXAwQA
W+hpAwQDXb6IAwQEbexQAwQDsoQAAwQCstrEAwQCuQJQAwQCuRU8AwQCuWToAwQC
uYSEAwQCuYSwAwQCuaXwAwQCuaxYAwQCua2gAwQCubF8AwQCubTcAwQCubbAAwQC
ubcgAwQCubjAAwQCubkwAwQCub8AAwQAwcikAwQCwlhoAwQA1AjwAwQB1AjyMAwD
BAPUCPgDBADUCPoDBAHUCPwDBATZFwAwDQQCAAIwBwMFAyoAfIAwDQYJKoZIhvcN
AQELBQADggEBAJ9/2ZFck4EDzOQFHqw1FbBQMGrUZVuVFjTU6Je4+r/fHGDtT9Cw
aTKAZJ8fuRbN80VwaGBS1/t1XUIm9rNZqFYx52776iUhczFT/8pCMZ7cYfdiIITa
O88g4u9nejuN5q0PkZkM5+qGIrZ6yLTIr/GWNGKe+ssP4pyVYgFaOl01wCwQt5bX
W1ibYesF1Jer/Ik7J1CGIpr5MfLuiAgAmuGrZEsdWR9sSNFoma0wbNZIJZrYSH40
twrYtxzYeUkC2wCxfUVLr4CiNGi07vjUEJATaTQnUXQuGpvx4c003QlbF64WGigH
jDWIPnJ9N2caPvnXoQOOqOR4l/zK8ipwk9I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:26 2024 by rpki-client on console-ams.rpki-client.org