Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/8FOkA65IcucaF3X0wNRSI99l6fc.roa
File: 8FOkA65IcucaF3X0wNRSI99l6fc.roa (raw, json)
Hash identifier: DE5YkSqrygJSX/cvnyihv0h4m/NGm4gTD7E89rTKxfA=
Subject key identifier: F0:53:A4:03:AE:48:72:E7:1A:17:75:F4:C0:D4:52:23:DF:65:E9:F7
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 1A1AB436
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/8FOkA65IcucaF3X0wNRSI99l6fc.roa
Signing time: Wed 23 Mar 2022 10:08:00 +0000
ROA not before: Wed 23 Mar 2022 10:08:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16839
IP address blocks: 138.12.128.0/17 maxlen: 24
37.98.232.0/21 maxlen: 24
163.120.128.0/17 maxlen: 24
148.139.0.0/16 maxlen: 24
2a04:37c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 437957686 (0x1a1ab436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Mar 23 10:08:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f053a403ae4872e71a1775f4c0d45223df65e9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:86:05:e0:65:83:34:45:02:17:21:63:4e:64:
82:d5:3d:8b:f0:c5:a8:c7:65:32:4c:88:47:bd:85:
c9:fa:eb:7a:00:f7:b2:1f:2b:3e:a8:89:78:13:d6:
9f:7f:77:ac:1d:c6:27:c3:90:d1:36:bd:67:d0:cf:
e1:44:3f:e2:e6:5e:e8:cb:60:1a:fe:98:92:54:35:
77:69:cf:0d:08:7a:c3:d6:11:66:14:c5:6e:f6:b6:
6d:4b:a4:2f:c8:f2:97:6a:e9:ce:38:3f:35:87:55:
03:b5:da:3f:f4:04:50:e9:d8:92:8c:6b:22:f4:2d:
41:b7:e6:40:e9:60:4c:3d:cf:b9:ce:8c:d5:98:eb:
3f:fa:a8:4b:c4:9f:3c:96:18:d7:b7:df:61:83:ae:
75:0d:af:d9:fd:77:5d:e5:26:f1:99:d8:31:96:a5:
db:5f:72:c8:6c:28:a4:4d:4b:c4:47:27:ab:31:74:
6a:16:81:4f:d2:bb:7f:44:46:a9:86:cf:19:c1:e1:
9c:9a:ec:c5:b1:92:5c:47:4d:4c:76:d5:46:5b:60:
a2:44:29:52:5c:c8:59:5b:0a:de:d2:a7:60:e0:b9:
4d:d1:ed:9c:e4:8e:db:e9:6d:50:3b:70:06:61:b5:
99:25:23:a2:f8:88:ae:07:34:9a:bd:e2:12:fd:46:
4f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:53:A4:03:AE:48:72:E7:1A:17:75:F4:C0:D4:52:23:DF:65:E9:F7
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/8FOkA65IcucaF3X0wNRSI99l6fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
138.12.128.0/17
148.139.0.0/16
163.120.128.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
ad:43:32:ce:7e:44:47:3a:ff:db:9b:8c:fa:ad:23:22:42:36:
9f:d9:ca:20:e2:88:14:93:6d:55:c9:c9:77:78:c4:46:34:2e:
93:bf:02:12:ba:60:e3:62:30:12:fc:63:12:cb:dd:72:db:9c:
a2:e5:c6:81:60:2d:81:90:95:9b:f7:cd:37:52:4d:63:53:63:
10:1e:1e:2b:5e:02:1d:59:3e:1b:0a:10:73:5f:11:c3:b6:04:
b9:24:38:c8:69:1f:14:3b:57:62:ab:3d:49:a1:c2:b0:2a:ee:
1b:27:50:f9:da:17:4d:f5:17:c2:c0:d9:52:bf:db:5c:f7:e8:
4a:a2:67:46:4a:03:25:fe:56:3b:e5:74:f1:97:bb:b0:f2:10:
cb:d5:c6:63:2d:6f:b4:ee:51:48:b0:63:a3:58:be:32:9b:97:
b5:d2:f6:c9:29:74:1a:ab:ad:74:36:84:fd:f4:d0:33:36:0d:
cb:b8:91:ce:3a:55:fc:4a:d0:ed:61:17:73:76:ba:4e:1b:b0:
93:d1:db:04:fd:c6:3f:b4:1d:ce:44:82:c2:e2:6c:42:03:5f:
52:00:57:ee:3b:9c:41:54:c7:33:75:cf:df:83:85:dd:e2:36:
3e:2a:8d:ee:40:28:9a:7d:6f:f5:43:9c:77:97:de:d1:ff:a6:
3e:7a:7b:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEGhq0NjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWMzOGEwNmEzOWIyMGI4ZGE0MDAwOTIzN2Q3NmFjZGQyOGU3MWE1MB4XDTIyMDMy
MzEwMDgwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA1M2E0MDNhZTQ4
NzJlNzFhMTc3NWY0YzBkNDUyMjNkZjY1ZTlmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMaGBeBlgzRFAhchY05kgtU9i/DFqMdlMkyIR72FyfrregD3
sh8rPqiJeBPWn393rB3GJ8OQ0Ta9Z9DP4UQ/4uZe6MtgGv6YklQ1d2nPDQh6w9YR
ZhTFbva2bUukL8jyl2rpzjg/NYdVA7XaP/QEUOnYkoxrIvQtQbfmQOlgTD3Puc6M
1ZjrP/qoS8SfPJYY17ffYYOudQ2v2f13XeUm8ZnYMZal219yyGwopE1LxEcnqzF0
ahaBT9K7f0RGqYbPGcHhnJrsxbGSXEdNTHbVRltgokQpUlzIWVsK3tKnYOC5TdHt
nOSO2+ltUDtwBmG1mSUjoviIrgc0mr3iEv1GT/sCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTwU6QDrkhy5xoXdfTA1FIj32Xp9zAfBgNVHSMEGDAWgBQBw4oGo5sguNpA
AJI312rN0o5xpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8x
LzhGT2tBNjVJY3VjYUYzWDB3TlJTSTk5bDZmYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMyOC8xL0FjT0tCcU9iSUxq
YVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEAyVi6AMEB4oMgAMDAJSLAwQHo3iA
MA0EAgACMAcDBQMqBDfAMA0GCSqGSIb3DQEBCwUAA4IBAQCtQzLOfkRHOv/bm4z6
rSMiQjaf2cog4ogUk21Vycl3eMRGNC6TvwISumDjYjAS/GMSy91y25yi5caBYC2B
kJWb9803Uk1jU2MQHh4rXgIdWT4bChBzXxHDtgS5JDjIaR8UO1diqz1JocKwKu4b
J1D52hdN9RfCwNlSv9tc9+hKomdGSgMl/lY75XTxl7uw8hDL1cZjLW+07lFIsGOj
WL4ym5e10vbJKXQaq610NoT99NAzNg3LuJHOOlX8StDtYRdzdrpOG7CT0dsE/cY/
tB3ORILC4mxCA19SAFfuO5xBVMczdc/fg4Xd4jY+Ko3uQCiafW/1Q5x3l97R/6Y+
enuz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:25 2023 by rpki-client on console-fra.rpki-client.org