Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/0-8B2FHV_JNntK9ypRnl_VSfwag.roa
File: 0-8B2FHV_JNntK9ypRnl_VSfwag.roa (raw, json)
Hash identifier: ij6n4z9Eab0k8Suy/C1UFkah/kjqZRTfsIAiX6tRFVA=
Subject key identifier: D3:EF:01:D8:51:D5:FC:93:67:B4:AF:72:A5:19:E5:FD:54:9F:C1:A8
Certificate issuer: /CN=78988b2081d9942203d22248acd805db3a13dcc5
Certificate serial: 01E3FC75
Authority key identifier: 78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/0-8B2FHV_JNntK9ypRnl_VSfwag.roa
Signing time: Sat 01 Jan 2022 02:54:22 +0000
ROA not before: Sat 01 Jan 2022 02:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206293
IP address blocks: 195.62.44.0/23 maxlen: 23
91.198.163.0/24 maxlen: 24
185.20.188.0/22 maxlen: 22
194.6.226.0/24 maxlen: 24
194.9.10.0/23 maxlen: 23
91.195.140.0/23 maxlen: 23
2a00:4fa0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31718517 (0x1e3fc75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78988b2081d9942203d22248acd805db3a13dcc5
Validity
Not Before: Jan 1 02:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3ef01d851d5fc9367b4af72a519e5fd549fc1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:72:8a:a6:03:ad:fd:ee:f1:1c:db:64:b8:5c:
e8:1e:8a:68:54:67:45:06:4d:1c:09:dd:da:72:86:
38:b3:bd:e7:e9:d9:18:f6:39:c7:e0:e4:14:77:80:
42:76:f0:74:57:f5:ae:fe:c8:ec:52:dc:27:63:04:
de:e1:15:76:d5:c4:8f:0a:27:1d:04:c5:d9:0a:75:
50:2a:a5:92:bc:fd:5f:9d:25:49:f4:f9:8c:a7:19:
e8:ee:1f:9a:b9:37:7f:08:79:5d:51:f2:5c:30:94:
b5:75:ca:54:0e:f3:6c:d1:6a:af:3b:93:53:88:c7:
8d:a9:67:e3:4a:06:aa:59:e5:32:b8:ee:a8:41:6d:
d8:64:dc:32:ab:91:88:9f:98:80:bf:0b:38:05:1c:
53:cc:e4:b0:94:0e:5a:0c:2a:e7:d8:ab:f8:c0:6b:
99:3d:9f:b3:21:93:16:72:a2:e7:95:9e:fd:01:f2:
20:b2:6f:56:77:5f:1a:a0:b1:de:7f:8a:1a:76:8f:
d2:c9:10:0b:16:69:7a:24:71:77:09:82:01:f6:60:
d2:05:c4:e2:86:e6:27:f1:2f:5a:b1:f0:de:ce:74:
0d:45:59:ca:d0:57:f7:f1:e6:58:02:99:6f:57:7f:
bf:ba:23:f1:00:f0:ba:07:f8:6b:ca:09:ec:71:e4:
a0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EF:01:D8:51:D5:FC:93:67:B4:AF:72:A5:19:E5:FD:54:9F:C1:A8
X509v3 Authority Key Identifier:
keyid:78:98:8B:20:81:D9:94:22:03:D2:22:48:AC:D8:05:DB:3A:13:DC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eJiLIIHZlCID0iJIrNgF2zoT3MU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/0-8B2FHV_JNntK9ypRnl_VSfwag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5c29c1-194a-410d-8c76-bbd01d425084/1/eJiLIIHZlCID0iJIrNgF2zoT3MU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.140.0/23
91.198.163.0/24
185.20.188.0/22
194.6.226.0/24
194.9.10.0/23
195.62.44.0/23
IPv6:
2a00:4fa0::/29
Signature Algorithm: sha256WithRSAEncryption
29:41:0b:67:cb:3c:0c:04:82:86:37:3c:8d:6c:90:e2:5a:a0:
7e:5b:98:b7:df:75:ef:06:68:37:0a:fa:15:f2:ea:2d:12:2d:
61:d8:b3:f7:1d:8b:52:e7:97:3c:32:d7:45:55:30:80:8e:7f:
e8:bd:eb:2c:6f:1f:2c:86:6a:c5:7b:16:4f:b3:bd:59:a1:73:
20:f6:40:49:4b:aa:18:b3:38:1b:9e:8f:37:b8:6c:8d:8b:07:
22:2e:57:ea:8b:c8:c9:b6:0f:52:5b:c2:68:ff:da:ea:ff:ef:
45:dd:6b:2e:3b:3a:3f:a8:34:e9:14:bd:7e:00:5e:4d:46:02:
22:62:46:2b:a5:5d:9c:80:79:a0:a7:6c:f1:4b:4e:b7:13:df:
20:04:c9:0b:56:1e:74:22:fc:05:ab:a6:9c:52:85:cf:f2:14:
dc:99:a7:00:ac:3c:74:2e:55:8d:d8:65:6d:a6:ce:6b:9a:ee:
ef:5e:39:4f:dc:52:20:94:65:de:a3:73:69:83:ed:ff:c3:14:
e0:60:46:06:fd:f5:fe:27:58:2a:04:c6:5f:ad:bb:f5:30:3d:
36:f2:1d:b0:50:be:92:62:ad:9d:88:49:79:32:2d:51:1e:b4:
db:2e:04:63:df:f8:af:a7:c6:8e:28:ba:8b:8d:5e:b1:e8:44:
47:5c:86:ad
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEAeP8dTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODk4OGIyMDgxZDk5NDIyMDNkMjIyNDhhY2Q4MDVkYjNhMTNkY2M1MB4XDTIyMDEw
MTAyNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNlZjAxZDg1MWQ1
ZmM5MzY3YjRhZjcyYTUxOWU1ZmQ1NDlmYzFhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJRyiqYDrf3u8RzbZLhc6B6KaFRnRQZNHAnd2nKGOLO95+nZ
GPY5x+DkFHeAQnbwdFf1rv7I7FLcJ2ME3uEVdtXEjwonHQTF2Qp1UCqlkrz9X50l
SfT5jKcZ6O4fmrk3fwh5XVHyXDCUtXXKVA7zbNFqrzuTU4jHjaln40oGqlnlMrju
qEFt2GTcMquRiJ+YgL8LOAUcU8zksJQOWgwq59ir+MBrmT2fsyGTFnKi55We/QHy
ILJvVndfGqCx3n+KGnaP0skQCxZpeiRxdwmCAfZg0gXE4obmJ/EvWrHw3s50DUVZ
ytBX9/HmWAKZb1d/v7oj8QDwugf4a8oJ7HHkoNcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTT7wHYUdX8k2e0r3KlGeX9VJ/BqDAfBgNVHSMEGDAWgBR4mIsggdmUIgPS
Ikis2AXbOhPcxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VKaUxJSUhabENJRDBpSklyTmdGMnpvVDNNVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvNWMyOWMxLTE5NGEtNDEwZC04Yzc2LWJiZDAxZDQyNTA4NC8x
LzAtOEIyRkhWX0pObnRLOXlwUm5sX1ZTZndhZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
NWMyOWMxLTE5NGEtNDEwZC04Yzc2LWJiZDAxZDQyNTA4NC8xL2VKaUxJSUhabENJ
RDBpSklyTmdGMnpvVDNNVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAVvDjAMEAFvGowMEArkUvAMEAMIG
4gMEAcIJCgMEAcM+LDANBAIAAjAHAwUDKgBPoDANBgkqhkiG9w0BAQsFAAOCAQEA
KUELZ8s8DASChjc8jWyQ4lqgfluYt9917wZoNwr6FfLqLRItYdiz9x2LUueXPDLX
RVUwgI5/6L3rLG8fLIZqxXsWT7O9WaFzIPZASUuqGLM4G56PN7hsjYsHIi5X6ovI
ybYPUlvCaP/a6v/vRd1rLjs6P6g06RS9fgBeTUYCImJGK6VdnIB5oKds8UtOtxPf
IATJC1YedCL8BaumnFKFz/IU3JmnAKw8dC5VjdhlbabOa5ru7145T9xSIJRl3qNz
aYPt/8MU4GBGBv31/idYKgTGX6279TA9NvIdsFC+kmKtnYhJeTItUR602y4EY9/4
r6fGjii6i41esehER1yGrQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:25 2023 by rpki-client on console-fra.rpki-client.org