Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7of8avKxK7BsesobQWbqat7fdko.roa
File: 7of8avKxK7BsesobQWbqat7fdko.roa (raw, json)
Hash identifier: V3/akZ+psbHIg7X4xTiZRezyqvsD/6bE/pEnDA/HrNA=
Subject key identifier: EE:87:FC:6A:F2:B1:2B:B0:6C:7A:CA:1B:41:66:EA:6A:DE:DF:76:4A
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0183EC910A073B864AD2AA02A18261167DB7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7of8avKxK7BsesobQWbqat7fdko.roa
Signing time: Tue 18 Oct 2022 19:27:51 +0000
ROA not before: Tue 18 Oct 2022 19:27:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 109.122.43.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
109.122.41.0/24 maxlen: 24
109.122.42.0/24 maxlen: 24
109.122.47.0/24 maxlen: 24
109.122.45.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
87.237.167.0/24 maxlen: 24
91.226.57.0/24 maxlen: 24
91.226.58.0/23 maxlen: 24
193.93.54.0/23 maxlen: 24
193.93.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:91:0a:07:3b:86:4a:d2:aa:02:a1:82:61:16:7d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 18 19:27:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee87fc6af2b12bb06c7aca1b4166ea6adedf764a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1b:ef:a2:c0:93:a0:05:ce:13:b9:ee:8d:61:
8c:05:f0:fe:40:bc:92:b7:43:90:4c:fd:92:5b:4e:
55:f4:b7:16:45:da:9f:d6:a7:2a:98:5a:0f:79:11:
ba:8d:be:81:cc:5d:56:1e:67:70:de:db:4f:10:78:
31:69:cb:2b:14:1e:b7:85:02:6b:1a:58:59:82:7b:
d7:64:d6:1a:8d:bb:10:8a:d0:8c:7a:48:5d:a9:36:
27:d4:ad:aa:de:fb:27:98:be:55:dd:d4:f0:70:c2:
37:2d:7f:2d:d7:52:60:11:5d:27:43:f7:24:1a:28:
22:3d:4d:75:06:fe:69:4a:84:e7:57:92:f5:6b:d7:
49:6a:ec:ce:db:c8:29:5f:06:f2:25:64:08:2e:74:
aa:16:3f:57:a9:13:88:da:96:ae:7a:f0:f6:1d:9f:
52:de:52:23:e9:6c:11:59:3a:05:1a:2a:c6:d0:b9:
31:4c:fc:e0:44:09:41:c6:0c:36:05:ea:5a:11:9d:
63:d9:77:96:0c:2d:f8:f0:72:d1:d1:67:c1:a4:20:
c3:10:ee:39:f0:c9:c2:25:16:f5:bb:f0:54:58:30:
d0:14:d7:c4:d6:ad:8a:9a:52:d2:87:2f:5e:a6:32:
81:ce:dd:1b:d3:a3:01:46:fe:fa:38:1f:7b:f4:57:
94:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:87:FC:6A:F2:B1:2B:B0:6C:7A:CA:1B:41:66:EA:6A:DE:DF:76:4A
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/7of8avKxK7BsesobQWbqat7fdko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.167.0/24
91.226.57.0-91.226.59.255
109.122.40.0/21
193.93.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:81:7f:43:03:46:b9:0f:1f:cd:a4:bc:bf:a2:89:e0:60:ba:
e6:a3:1d:e5:26:b9:48:fe:c9:06:55:4b:cd:fc:fd:8d:c6:3b:
0c:10:95:8c:1c:0b:1a:ca:86:57:ef:00:ed:8d:b7:a7:82:eb:
b5:02:24:73:89:7e:9d:c9:0b:84:a8:f3:e1:64:85:0d:73:c5:
e3:f8:76:2e:b5:c7:bf:03:56:3f:95:08:ef:53:f5:8d:f8:94:
58:e7:ef:0a:48:3d:5c:c4:a4:cf:b0:e7:15:24:db:d5:b1:d0:
46:d1:01:a9:2e:ed:d5:e0:15:df:e6:54:89:ae:0e:2c:d7:32:
20:82:fc:60:eb:e3:c0:2c:14:64:ab:f0:2e:a5:88:4f:17:c4:
4d:40:cd:35:78:1e:5d:11:6e:17:c2:9e:92:1c:6b:0f:ce:4c:
1e:9b:ff:f5:28:8b:2c:c8:b6:b1:f1:be:a9:75:65:52:c3:d4:
ff:3c:09:84:97:ab:c2:4a:c8:98:14:ad:32:e2:c4:84:cc:6f:
38:ce:2a:ab:ae:c1:45:3d:4c:88:9f:ab:6d:71:4b:49:9d:84:
27:9c:1d:d0:8b:b7:24:3d:b8:2f:53:40:4c:d6:cf:51:12:d1:
c1:e0:a2:6d:6c:a1:5d:43:3e:52:88:16:d7:ad:f8:d4:7a:90:
6b:f9:94:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPskQoHO4ZK0qoCoYJhFn23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIxMDE4MTkyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg3ZmM2YWYyYjEyYmIwNmM3YWNhMWI0MTY2ZWE2YWRlZGY3NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxvvosCToAXOE7nujWGMBfD+QLyS
t0OQTP2SW05V9LcWRdqf1qcqmFoPeRG6jb6BzF1WHmdw3ttPEHgxacsrFB63hQJr
GlhZgnvXZNYajbsQitCMekhdqTYn1K2q3vsnmL5V3dTwcMI3LX8t11JgEV0nQ/ck
GigiPU11Bv5pSoTnV5L1a9dJauzO28gpXwbyJWQILnSqFj9XqROI2pauevD2HZ9S
3lIj6WwRWToFGirG0LkxTPzgRAlBxgw2BepaEZ1j2XeWDC348HLR0WfBpCDDEO45
8MnCJRb1u/BUWDDQFNfE1q2KmlLShy9epjKBzt0b06MBRv76OB979FeUPwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO6H/GrysSuwbHrKG0Fm6mre33ZKMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvN29mOGF2S3hLN0JzZXNvYlFXYnFhdDdmZGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAV+2nMAwD
BABb4jkDBAJb4jgDBANteigDBALBXTQwDQYJKoZIhvcNAQELBQADggEBAD2Bf0MD
RrkPH82kvL+iieBguuajHeUmuUj+yQZVS838/Y3GOwwQlYwcCxrKhlfvAO2Nt6eC
67UCJHOJfp3JC4So8+FkhQ1zxeP4di61x78DVj+VCO9T9Y34lFjn7wpIPVzEpM+w
5xUk29Wx0EbRAaku7dXgFd/mVImuDizXMiCC/GDr48AsFGSr8C6liE8XxE1AzTV4
Hl0RbhfCnpIcaw/OTB6b//UoiyzItrHxvql1ZVLD1P88CYSXq8JKyJgUrTLixITM
bzjOKquuwUU9TIifq21xS0mdhCecHdCLtyQ9uC9TQEzWz1ES0cHgom1soV1DPlKI
Ftet+NR6kGv5lMw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org