Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/8qkIPSA556xgsx4wJ_L5RlHt0nc.roa
File: 8qkIPSA556xgsx4wJ_L5RlHt0nc.roa (raw, json)
Hash identifier: Q+7HU7CAqvIuv4tSrQKfL6pOSUxLIzLpMCNliiFfhTo=
Subject key identifier: F2:A9:08:3D:20:39:E7:AC:60:B3:1E:30:27:F2:F9:46:51:ED:D2:77
Certificate issuer: /CN=d44de659759b0274124a7b481d0976840b7ade06
Certificate serial: 15D4EF1C
Authority key identifier: D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/8qkIPSA556xgsx4wJ_L5RlHt0nc.roa
Signing time: Sat 01 Jan 2022 04:58:42 +0000
ROA not before: Sat 01 Jan 2022 04:58:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52023
IP address blocks: 91.212.148.0/24 maxlen: 24
37.143.165.0/24 maxlen: 24
37.143.166.0/24 maxlen: 24
37.143.162.0/24 maxlen: 24
37.143.164.0/24 maxlen: 24
37.143.163.0/24 maxlen: 24
37.143.167.0/24 maxlen: 24
37.143.170.0/24 maxlen: 24
2a03:8f84::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 366276380 (0x15d4ef1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d44de659759b0274124a7b481d0976840b7ade06
Validity
Not Before: Jan 1 04:58:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2a9083d2039e7ac60b31e3027f2f94651edd277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:ef:5f:5f:75:bf:a4:3f:de:fe:18:50:31:
54:8b:ea:7e:7f:ea:4d:f3:89:6e:a6:87:3a:10:c3:
d9:27:59:78:fe:ce:1e:86:42:57:9a:8f:47:95:d7:
eb:7d:82:e6:5f:92:7e:c8:e2:1a:37:cc:4f:3f:ed:
cf:af:40:07:ab:12:54:52:2f:cb:77:23:bf:e2:7b:
9b:74:53:0a:15:67:20:9a:64:4f:1c:d9:4a:75:a5:
01:4a:7e:51:37:3c:ed:b1:6b:df:f5:39:ac:18:76:
fe:b7:aa:e3:c2:c0:8b:5d:d0:94:ee:b9:c6:b9:8b:
5a:64:00:c7:33:5d:09:13:ab:93:b9:83:8e:d5:71:
9b:c0:7d:3c:17:a5:cd:29:a4:74:b6:4c:28:5c:91:
80:bc:86:4d:d7:63:e1:af:7d:b6:42:dc:da:f2:1d:
e3:f1:60:e2:8e:41:14:59:9f:0a:b4:f8:e7:fc:32:
3e:10:03:ad:0b:e9:41:79:a1:a2:ab:12:db:51:5a:
35:32:12:6d:82:ea:e6:94:f4:89:77:36:eb:68:86:
a1:4e:a0:a3:19:00:26:ed:6b:fc:46:dc:0e:11:58:
de:5b:e0:a7:40:6a:8e:bd:45:de:8a:76:4b:5c:dd:
57:73:32:bb:58:d3:a5:45:5e:a3:12:9e:46:cf:29:
51:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A9:08:3D:20:39:E7:AC:60:B3:1E:30:27:F2:F9:46:51:ED:D2:77
X509v3 Authority Key Identifier:
keyid:D4:4D:E6:59:75:9B:02:74:12:4A:7B:48:1D:09:76:84:0B:7A:DE:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1E3mWXWbAnQSSntIHQl2hAt63gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/8qkIPSA556xgsx4wJ_L5RlHt0nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/75216d-684b-47cc-a95e-db4d39dc4ec7/1/1E3mWXWbAnQSSntIHQl2hAt63gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.162.0-37.143.167.255
37.143.170.0/24
91.212.148.0/24
IPv6:
2a03:8f84::/32
Signature Algorithm: sha256WithRSAEncryption
a1:7b:9a:85:db:5a:8f:65:ce:2f:86:15:00:33:f1:bb:a2:2c:
c8:a0:c4:ed:fe:0f:d9:dc:25:aa:44:a0:93:da:de:c0:40:b5:
a9:7f:d0:44:ba:a9:89:f3:5b:13:6d:89:91:d7:21:3f:01:40:
29:94:3f:1c:19:13:2a:81:35:24:5a:55:59:b2:e3:07:0c:db:
42:7f:c5:96:2b:6c:3b:b9:74:1f:df:65:ab:75:d8:8b:92:c2:
58:be:e3:2c:d7:e6:3d:ae:51:71:2f:19:65:48:db:75:a4:cf:
c1:95:7f:6d:e5:d1:bf:b4:93:7c:17:52:06:dc:5a:9b:17:0d:
bb:8f:67:47:84:c4:1c:7b:1f:25:88:7e:08:ce:e9:2e:3e:f9:
0a:2e:c4:51:e5:10:56:ef:1a:45:6a:93:b3:6e:5d:97:2c:7a:
c0:6b:c4:0b:1e:0f:e1:20:c3:02:4e:7c:f6:44:d3:cc:0c:98:
50:1e:8a:29:33:b8:a0:ca:b2:29:02:3d:1b:33:ef:d8:05:66:
6c:d1:ae:cd:3a:52:03:3b:5e:eb:af:a5:08:e9:90:5f:49:61:
18:76:e0:73:a8:aa:19:42:0a:1f:01:e4:1f:40:c4:ee:8d:67:
24:8d:6a:82:e6:93:10:7a:4b:8d:e4:25:af:32:5e:ff:9b:19:
40:0e:65:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEFdTvHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDRkZTY1OTc1OWIwMjc0MTI0YTdiNDgxZDA5NzY4NDBiN2FkZTA2MB4XDTIyMDEw
MTA0NTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjJhOTA4M2QyMDM5
ZTdhYzYwYjMxZTMwMjdmMmY5NDY1MWVkZDI3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG8719fdb+kP97+GFAxVIvqfn/qTfOJbqaHOhDD2SdZeP7O
HoZCV5qPR5XX632C5l+SfsjiGjfMTz/tz69AB6sSVFIvy3cjv+J7m3RTChVnIJpk
TxzZSnWlAUp+UTc87bFr3/U5rBh2/req48LAi13QlO65xrmLWmQAxzNdCROrk7mD
jtVxm8B9PBelzSmkdLZMKFyRgLyGTddj4a99tkLc2vId4/Fg4o5BFFmfCrT45/wy
PhADrQvpQXmhoqsS21FaNTISbYLq5pT0iXc262iGoU6goxkAJu1r/EbcDhFY3lvg
p0Bqjr1F3op2S1zdV3Myu1jTpUVeoxKeRs8pUZUCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTyqQg9IDnnrGCzHjAn8vlGUe3SdzAfBgNVHSMEGDAWgBTUTeZZdZsCdBJK
e0gdCXaEC3reBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFFM21XWFdiQW5RU1NudElIUWwyaEF0NjNnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvNzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8x
Lzhxa0lQU0E1NTZ4Z3N4NHdKX0w1UmxIdDBuYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
NzUyMTZkLTY4NGItNDdjYy1hOTVlLWRiNGQzOWRjNGVjNy8xLzFFM21XWFdiQW5R
U1NudElIUWwyaEF0NjNnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQBJY+iAwQDJY+gAwQAJY+qAwQA
W9SUMA0EAgACMAcDBQAqA4+EMA0GCSqGSIb3DQEBCwUAA4IBAQChe5qF21qPZc4v
hhUAM/G7oizIoMTt/g/Z3CWqRKCT2t7AQLWpf9BEuqmJ81sTbYmR1yE/AUAplD8c
GRMqgTUkWlVZsuMHDNtCf8WWK2w7uXQf32WrddiLksJYvuMs1+Y9rlFxLxllSNt1
pM/BlX9t5dG/tJN8F1IG3FqbFw27j2dHhMQcex8liH4IzukuPvkKLsRR5RBW7xpF
apOzbl2XLHrAa8QLHg/hIMMCTnz2RNPMDJhQHoopM7igyrIpAj0bM+/YBWZs0a7N
OlIDO17rr6UI6ZBfSWEYduBzqKoZQgofAeQfQMTujWckjWqC5pMQekuN5CWvMl7/
mxlADmUn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-ams.rpki-client.org