Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8hsXN_jD0EZ_tRHbTR5KLGSrqFo.roa
File: 8hsXN_jD0EZ_tRHbTR5KLGSrqFo.roa (raw, json)
Hash identifier: emSdbIwNPiNDENhoSL6WjPQKFEuuB8d9CcM+NFaJrl0=
Subject key identifier: F2:1B:17:37:F8:C3:D0:46:7F:B5:11:DB:4D:1E:4A:2C:64:AB:A8:5A
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01840DD200EBCBAD2ACAF37FE5BD9A85D4F8
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8hsXN_jD0EZ_tRHbTR5KLGSrqFo.roa
Signing time: Tue 25 Oct 2022 06:26:17 +0000
ROA not before: Tue 25 Oct 2022 06:26:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 62.60.220.0/22 maxlen: 24
213.176.68.0/22 maxlen: 24
62.60.132.0/22 maxlen: 24
62.60.148.0/22 maxlen: 24
213.176.20.0/22 maxlen: 24
62.60.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:d2:00:eb:cb:ad:2a:ca:f3:7f:e5:bd:9a:85:d4:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 25 06:26:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f21b1737f8c3d0467fb511db4d1e4a2c64aba85a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4c:7f:62:79:f4:83:59:32:17:92:1c:a5:00:
1d:e8:e7:7e:2d:9d:55:be:d5:56:3f:41:53:1f:f4:
b6:51:dc:20:ad:75:90:aa:28:5c:85:f8:8a:1e:da:
9d:bd:79:af:d2:c7:1b:29:4b:1f:17:df:83:2b:5b:
54:98:66:bf:3e:77:e3:58:28:b7:48:f1:8f:55:30:
bf:a8:25:a7:d2:76:6a:2e:5b:99:6d:90:6a:42:5d:
ff:96:59:14:4b:78:f5:bf:39:73:5c:dd:c8:2e:a1:
d3:76:8e:62:31:be:35:e7:e5:d8:ae:34:ba:76:b9:
9c:dd:f2:d5:26:7e:d3:6b:ad:ef:dc:9d:9e:fe:c3:
7e:88:4a:12:9b:60:63:97:ae:9b:e1:c3:f9:df:68:
30:1d:fd:1c:c7:11:91:f1:0d:aa:87:a2:dd:0c:f6:
c0:e2:3f:7e:57:ad:53:5f:c2:ce:3d:4b:da:dc:dd:
a3:64:ba:02:6f:da:2a:aa:e4:57:96:17:9e:06:81:
a4:bc:d8:ce:74:1c:82:55:04:71:f1:4b:7b:de:5e:
90:d8:8e:24:90:f2:ce:8f:0c:b7:28:be:0f:33:6d:
b0:da:ad:46:3b:02:bf:e0:77:49:55:7a:c8:92:5d:
bc:3a:0d:3b:a9:de:dd:47:a9:9c:5a:71:5b:cf:68:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1B:17:37:F8:C3:D0:46:7F:B5:11:DB:4D:1E:4A:2C:64:AB:A8:5A
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/8hsXN_jD0EZ_tRHbTR5KLGSrqFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.132.0/22
62.60.148.0/22
62.60.212.0/22
62.60.220.0/22
213.176.20.0/22
213.176.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:a8:2e:b2:b0:dd:98:e3:c3:5e:5e:2b:c5:80:cd:02:fd:bc:
7c:44:1c:26:9f:f8:b8:e6:42:5d:32:7b:3c:c2:55:2c:05:ac:
96:3b:ab:61:db:53:59:e4:af:2c:6f:2b:1a:c3:cb:e6:d0:91:
41:5c:58:ce:57:f7:5a:a2:8a:17:09:32:2b:76:fd:38:7e:37:
d2:24:1e:35:6c:a2:48:e7:c8:63:da:d5:4f:fc:27:55:bf:ed:
40:ab:2c:a6:20:21:00:13:e6:0c:d9:23:5a:ea:67:60:38:c3:
cf:45:25:88:a8:11:52:14:c6:fd:dc:cb:bc:28:c5:5d:e6:05:
a4:14:f1:8d:4b:b2:05:15:3d:ed:76:8f:18:82:60:d4:4d:fa:
a4:52:6e:73:0f:52:2d:ab:03:c4:92:a3:31:23:5e:01:07:d4:
79:59:f1:64:4f:00:dd:4c:42:3e:75:2f:7e:c0:e7:78:35:2d:
5c:1b:11:74:67:9a:82:e5:79:37:1c:ee:18:22:6c:5c:79:60:
31:92:a1:03:44:9b:6f:52:b5:33:12:f0:13:be:09:9e:bf:95:
ea:5c:5d:46:e5:aa:9e:17:7b:a0:9f:56:a9:12:d6:b2:f8:d6:
8c:ad:ef:c5:c9:dc:21:c0:d3:1f:ea:09:e3:e7:3e:8d:3b:38:
ef:af:b0:dc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQN0gDry60qyvN/5b2ahdT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMDI1MDYyNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFiMTczN2Y4YzNkMDQ2N2ZiNTExZGI0ZDFlNGEyYzY0YWJhODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUx/Ynn0g1kyF5IcpQAd6Od+LZ1V
vtVWP0FTH/S2UdwgrXWQqihchfiKHtqdvXmv0scbKUsfF9+DK1tUmGa/PnfjWCi3
SPGPVTC/qCWn0nZqLluZbZBqQl3/llkUS3j1vzlzXN3ILqHTdo5iMb415+XYrjS6
drmc3fLVJn7Ta63v3J2e/sN+iEoSm2Bjl66b4cP532gwHf0cxxGR8Q2qh6LdDPbA
4j9+V61TX8LOPUva3N2jZLoCb9oqquRXlheeBoGkvNjOdByCVQRx8Ut73l6Q2I4k
kPLOjwy3KL4PM22w2q1GOwK/4HdJVXrIkl28Og07qd7dR6mcWnFbz2g2vwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPIbFzf4w9BGf7UR200eSixkq6haMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvOGhzWE5fakQwRVpfdFJIYlRSNUtMR1NycUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCPjyEAwQC
PjyUAwQCPjzUAwQCPjzcAwQC1bAUAwQC1bBEMA0GCSqGSIb3DQEBCwUAA4IBAQAr
qC6ysN2Y48NeXivFgM0C/bx8RBwmn/i45kJdMns8wlUsBayWO6th21NZ5K8sbysa
w8vm0JFBXFjOV/daoooXCTIrdv04fjfSJB41bKJI58hj2tVP/CdVv+1AqyymICEA
E+YM2SNa6mdgOMPPRSWIqBFSFMb93Mu8KMVd5gWkFPGNS7IFFT3tdo8YgmDUTfqk
Um5zD1ItqwPEkqMxI14BB9R5WfFkTwDdTEI+dS9+wOd4NS1cGxF0Z5qC5Xk3HO4Y
ImxceWAxkqEDRJtvUrUzEvATvgmev5XqXF1G5aqeF3ugn1apEtay+NaMre/Fydwh
wNMf6gnj5z6NOzjvr7Dc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org