Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t8JAt3wX0x1BxoYVMLVJDwaPaNA.roa
File: t8JAt3wX0x1BxoYVMLVJDwaPaNA.roa (raw, json)
Hash identifier: 7OCy/kU+wOSWS4QkK82XiDX5vXmloK03t31aj40NN6M=
Subject key identifier: B7:C2:40:B7:7C:17:D3:1D:41:C6:86:15:30:B5:49:0F:06:8F:68:D0
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184E7B099A1F14CA56D03F1A0B607761F7E
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t8JAt3wX0x1BxoYVMLVJDwaPaNA.roa
Signing time: Tue 06 Dec 2022 13:47:01 +0000
ROA not before: Tue 06 Dec 2022 13:47:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:b0:99:a1:f1:4c:a5:6d:03:f1:a0:b6:07:76:1f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Dec 6 13:47:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7c240b77c17d31d41c6861530b5490f068f68d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:ff:92:6a:c9:06:a2:9b:ff:23:fa:9d:79:
18:5b:db:bf:63:71:e0:c3:8a:da:dc:41:4e:ec:b1:
0d:02:95:c8:33:8b:70:d2:3d:e7:a9:9b:0d:00:f3:
be:c1:bc:65:b5:c4:fb:9b:fb:27:0b:33:75:4f:8c:
31:8f:72:85:be:a3:a4:f6:fa:51:c0:e2:ca:db:de:
17:6f:8f:d9:0b:3a:d0:8d:95:db:ab:28:da:25:6c:
57:e2:a4:82:88:21:81:96:8b:05:3f:3c:be:be:13:
f9:51:a0:2a:2e:cf:d3:6e:e0:de:96:0d:d1:ff:f8:
de:13:0d:12:15:16:00:f4:07:7e:f1:8d:dd:8e:de:
2e:16:9c:e8:37:a7:d2:2b:03:f7:73:01:a5:e1:15:
94:41:24:71:37:28:f1:33:31:02:9a:ab:76:6d:a3:
18:fb:f1:30:32:e5:c2:d2:52:64:3c:0f:23:25:fa:
0d:4e:7f:22:5a:0d:c0:16:c4:b8:05:c3:bf:16:a2:
87:34:e4:6d:2a:a5:24:36:ff:e5:e8:34:e5:60:20:
aa:04:45:94:0c:5b:05:ca:51:ba:c1:f3:68:0d:04:
f1:89:42:94:51:d9:9d:a0:5a:7d:d6:42:71:41:70:
84:7c:00:52:96:f4:d7:16:ad:0f:9e:40:d8:ea:fc:
90:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:C2:40:B7:7C:17:D3:1D:41:C6:86:15:30:B5:49:0F:06:8F:68:D0
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/t8JAt3wX0x1BxoYVMLVJDwaPaNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
46:00:6a:dc:95:e3:8a:e0:75:6e:f0:97:6f:6f:f1:f5:16:ce:
b7:27:c0:75:ee:00:05:15:d4:5a:93:13:1c:b8:c1:72:6a:94:
96:8c:1b:e9:70:7a:ff:04:44:79:b9:ac:40:20:29:49:6a:2f:
16:dc:7a:db:d5:6f:cd:ad:8f:0e:d6:ca:88:25:f6:a5:15:7e:
19:2b:a9:57:45:b0:c4:46:c4:ef:c7:56:7d:62:b2:a6:4a:ab:
89:ac:6b:05:ad:4e:4b:32:62:41:39:f2:2f:0a:c0:ab:9f:55:
12:31:75:5d:5b:a9:7b:f1:5e:63:0a:3a:e9:2a:38:39:ce:b6:
14:38:6b:78:7a:aa:95:bd:b1:a6:0d:cf:43:d0:e8:67:e3:55:
b3:e1:46:c5:ae:ec:74:c0:3b:bb:47:95:f0:37:da:e5:8c:cf:
b1:28:b6:e6:c3:85:39:03:51:79:37:3c:15:7c:1e:e4:69:78:
2d:e0:2c:95:0a:7c:29:32:35:81:95:91:15:57:9e:77:27:e3:
49:8d:f9:59:8b:b0:92:e1:1b:03:79:62:c5:4a:2f:7d:b2:67:
52:6c:bc:c1:c8:eb:10:65:75:e0:84:e7:65:31:9c:b7:79:79:
2c:e2:6f:fa:70:e7:d3:4c:a5:f5:46:4b:cd:bf:ad:7f:c1:0e:
10:00:cf:69
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAYTnsJmh8UylbQPxoLYHdh9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMjA2MTM0NzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2MyNDBiNzdjMTdkMzFkNDFjNjg2MTUzMGI1NDkwZjA2OGY2OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL//kmrJBqKb/yP6nXkYW9u/Y3Hg
w4ra3EFO7LENApXIM4tw0j3nqZsNAPO+wbxltcT7m/snCzN1T4wxj3KFvqOk9vpR
wOLK294Xb4/ZCzrQjZXbqyjaJWxX4qSCiCGBlosFPzy+vhP5UaAqLs/TbuDelg3R
//jeEw0SFRYA9Ad+8Y3djt4uFpzoN6fSKwP3cwGl4RWUQSRxNyjxMzECmqt2baMY
+/EwMuXC0lJkPA8jJfoNTn8iWg3AFsS4BcO/FqKHNORtKqUkNv/l6DTlYCCqBEWU
DFsFylG6wfNoDQTxiUKUUdmdoFp91kJxQXCEfABSlvTXFq0PnkDY6vyQMwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFLfCQLd8F9MdQcaGFTC1SQ8Gj2jQMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdDhKQXQzd1gweDFCeG9ZVk1MVkpEd2FQYU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCBkQQCAAEwgYoDBAIC
OKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QDBAJV
yqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uADBALB
HxwDBALBIkwDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawwwVQQCAAIwTwMH
BCoLC4IAAAMFASoLC4QDBwAqCwuH/7QDBwAqCwuH/9oDBwAqCwuH/+wDBwQqCwuH
//AwEgMHBCoLcIAAEAMHBioLcIAAAAMFACoNd8cwDQYJKoZIhvcNAQELBQADggEB
AEYAatyV44rgdW7wl29v8fUWzrcnwHXuAAUV1FqTExy4wXJqlJaMG+lwev8ERHm5
rEAgKUlqLxbcetvVb82tjw7Wyogl9qUVfhkrqVdFsMRGxO/HVn1isqZKq4msawWt
TksyYkE58i8KwKufVRIxdV1bqXvxXmMKOukqODnOthQ4a3h6qpW9saYNz0PQ6Gfj
VbPhRsWu7HTAO7tHlfA32uWMz7EotubDhTkDUXk3PBV8HuRpeC3gLJUKfCkyNYGV
kRVXnncn40mN+VmLsJLhGwN5YsVKL32yZ1JsvMHI6xBldeCE52UxnLd5eSzib/pw
59NMpfVGS82/rX/BDhAAz2k=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:39 2023 by rpki-client on console-fra.rpki-client.org