Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/h8F4VygLDBOpy41egZJNkdOl8kc.roa
File: h8F4VygLDBOpy41egZJNkdOl8kc.roa (raw, json)
Hash identifier: +OlDLkbBe3MPuRaeF6hiEsmmgt4Z+jkhXxTcQOUfifs=
Subject key identifier: 87:C1:78:57:28:0B:0C:13:A9:CB:8D:5E:81:92:4D:91:D3:A5:F2:47
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 155E2510
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/h8F4VygLDBOpy41egZJNkdOl8kc.roa
Signing time: Sat 01 Jan 2022 08:04:49 +0000
ROA not before: Sat 01 Jan 2022 08:04:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 62.100.220.0/22 maxlen: 22
185.71.220.0/22 maxlen: 22
157.97.145.0/24 maxlen: 24
185.92.27.0/24 maxlen: 24
93.188.68.0/22 maxlen: 22
62.100.192.0/22 maxlen: 22
62.100.196.0/22 maxlen: 24
62.100.200.0/22 maxlen: 24
62.100.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358491408 (0x155e2510)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 08:04:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87c17857280b0c13a9cb8d5e81924d91d3a5f247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2d:47:a9:4d:9b:2b:ec:ec:d4:da:59:c5:dc:
70:2b:73:a8:e1:cf:7e:bd:ea:3b:5b:c3:5b:82:19:
cc:31:2a:e3:56:29:a0:09:54:42:bf:12:0b:9f:c5:
7d:41:30:ec:fd:f4:cf:a5:2d:bb:cc:76:5f:cc:78:
f1:a2:2a:72:82:b4:21:18:f6:50:bd:7c:eb:7f:c6:
41:fe:c1:98:ae:4c:77:68:38:23:6d:03:86:d9:41:
54:1d:93:05:33:b8:45:24:79:c8:26:ac:63:99:e4:
be:9f:0d:78:c9:ed:57:0a:86:b5:29:1c:f3:ae:b9:
5a:93:b3:39:54:c6:28:f1:24:5a:11:42:a6:37:a6:
fc:09:73:e9:db:ac:73:93:20:63:ca:4f:80:4f:16:
77:e2:89:7f:3b:94:6c:5b:e2:60:fc:04:d4:20:25:
df:c0:66:c2:76:72:4e:35:a6:f1:84:6e:61:34:74:
83:4a:e8:57:0b:9d:43:db:c9:72:1f:82:05:33:d1:
ce:ea:c0:d1:11:8a:0e:2e:8b:3a:4e:a0:c5:02:d4:
66:c5:86:6b:e5:71:03:10:45:85:f4:93:21:c0:d4:
f8:25:ab:7d:71:9e:14:3b:9d:2e:dc:d8:98:54:e0:
81:aa:d0:0a:4c:31:6b:49:9c:23:6c:da:ca:fd:e2:
38:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C1:78:57:28:0B:0C:13:A9:CB:8D:5E:81:92:4D:91:D3:A5:F2:47
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/h8F4VygLDBOpy41egZJNkdOl8kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.192.0-62.100.203.255
62.100.212.0/22
62.100.220.0/22
93.188.68.0/22
157.97.145.0/24
185.71.220.0/22
185.92.27.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:73:f0:19:f9:9f:76:16:c7:64:51:07:e4:99:7b:e6:83:1b:
4e:f9:3e:2a:b1:c5:06:19:68:13:e7:d2:7c:66:fa:a3:bf:a0:
a8:a6:86:bb:68:37:92:07:a7:b5:4e:39:af:6b:1b:1b:97:35:
7f:a3:0b:25:3f:44:f3:b3:40:ad:36:40:b3:04:15:ce:5d:05:
b9:a8:13:d0:db:d9:6c:47:4f:a7:be:ab:65:38:66:00:16:dc:
eb:81:f5:b5:0d:6f:b5:be:75:22:df:c0:15:32:59:02:f2:60:
b2:02:ea:ea:76:54:c6:b3:80:27:f2:4c:70:d9:26:63:2f:bd:
f7:02:a0:29:3b:2c:4e:91:6a:ed:90:fc:7a:01:df:dc:84:c3:
66:56:0e:c0:6f:b6:73:52:f0:1e:6c:75:56:76:a9:76:e4:78:
c3:8f:e6:10:be:91:cf:ef:cf:11:b2:4b:d2:8a:7f:51:17:dc:
20:3e:bf:1f:35:ec:8f:91:41:fc:3f:0f:b5:de:4e:11:e4:4c:
0f:b0:7f:c1:21:d9:54:20:96:5f:40:3a:f2:4a:b5:25:e3:0a:
6e:e7:70:0e:e8:2d:2a:5e:a6:5d:1c:e7:cf:d0:77:f2:1d:8a:
d9:3a:5a:96:4b:46:ae:a0:d5:ee:60:ba:da:54:ba:b5:1b:d9:
71:00:85:04
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEFV4lEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZjA3NDM0OTZjN2ZmM2VmZmI4NzA2MDExMzljYWQ5ZDJmMjcxZTEwMB4XDTIyMDEw
MTA4MDQ0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdjMTc4NTcyODBi
MGMxM2E5Y2I4ZDVlODE5MjRkOTFkM2E1ZjI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIotR6lNmyvs7NTaWcXccCtzqOHPfr3qO1vDW4IZzDEq41Yp
oAlUQr8SC5/FfUEw7P30z6Utu8x2X8x48aIqcoK0IRj2UL1863/GQf7BmK5Md2g4
I20DhtlBVB2TBTO4RSR5yCasY5nkvp8NeMntVwqGtSkc8665WpOzOVTGKPEkWhFC
pjem/Alz6dusc5MgY8pPgE8Wd+KJfzuUbFviYPwE1CAl38BmwnZyTjWm8YRuYTR0
g0roVwudQ9vJch+CBTPRzurA0RGKDi6LOk6gxQLUZsWGa+VxAxBFhfSTIcDU+CWr
fXGeFDudLtzYmFTggarQCkwxa0mcI2zayv3iOGsCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBSHwXhXKAsME6nLjV6Bkk2R06XyRzAfBgNVHSMEGDAWgBSfB0NJbH/z7/uH
BgETnK2dLyceEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L253ZERTV3hfOC1fN2h3WUJFNXl0blM4bkhoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvMjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8x
L2g4RjRWeWdMREJPcHk0MWVnWkpOa2RPbDhrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
MjJiN2FiLWZjMTEtNDA3YS1iZDNjLTYzNDExMzY3ZDkwYS8xL253ZERTV3hfOC1f
N2h3WUJFNXl0blM4bkhoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMjAMAwQGPmTAAwQCPmTIAwQCPmTUAwQC
PmTcAwQCXbxEAwQAnWGRAwQCuUfcAwQAuVwbMA0GCSqGSIb3DQEBCwUAA4IBAQAK
c/AZ+Z92FsdkUQfkmXvmgxtO+T4qscUGGWgT59J8Zvqjv6Copoa7aDeSB6e1Tjmv
axsblzV/owslP0Tzs0CtNkCzBBXOXQW5qBPQ29lsR0+nvqtlOGYAFtzrgfW1DW+1
vnUi38AVMlkC8mCyAurqdlTGs4An8kxw2SZjL733AqApOyxOkWrtkPx6Ad/chMNm
Vg7Ab7ZzUvAebHVWdql25HjDj+YQvpHP788RskvSin9RF9wgPr8fNeyPkUH8Pw+1
3k4R5EwPsH/BIdlUIJZfQDrySrUl4wpu53AO6C0qXqZdHOfP0HfyHYrZOlqWS0au
oNXuYLraVLq1G9lxAIUE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:15 2023 by rpki-client on console-ams.rpki-client.org