Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/8-4Zxra3qhSZ2nrIbyU3rgncqB4.roa
File: 8-4Zxra3qhSZ2nrIbyU3rgncqB4.roa (raw, json)
Hash identifier: Ua6ax7M1ZEc7a3ap8H+TlpVCNUmJ1m2615bO3kTVtX4=
Subject key identifier: F3:EE:19:C6:B6:B7:AA:14:99:DA:7A:C8:6F:25:37:AE:09:DC:A8:1E
Certificate issuer: /CN=3a34889251e7cb133e906c70891ba1a0495ed860
Certificate serial: 0184CF0C4EB0655B0189CDC54FB6046F1634
Authority key identifier: 3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/8-4Zxra3qhSZ2nrIbyU3rgncqB4.roa
Signing time: Thu 01 Dec 2022 18:56:41 +0000
ROA not before: Thu 01 Dec 2022 18:56:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 185.240.78.0/24 maxlen: 24
185.240.77.0/24 maxlen: 24
185.240.76.0/24 maxlen: 24
185.185.209.0/24 maxlen: 24
185.185.211.0/24 maxlen: 24
185.185.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cf:0c:4e:b0:65:5b:01:89:cd:c5:4f:b6:04:6f:16:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a34889251e7cb133e906c70891ba1a0495ed860
Validity
Not Before: Dec 1 18:56:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3ee19c6b6b7aa1499da7ac86f2537ae09dca81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d4:ff:82:97:3d:ab:66:99:a3:e5:e6:04:7b:
b0:3f:4d:0e:a7:db:6f:2f:53:04:b1:66:70:73:41:
72:f1:b3:94:a7:a5:7f:02:3c:4f:4b:8f:b1:aa:ce:
52:01:57:42:bf:61:21:d3:c8:c1:e5:72:36:e7:55:
aa:5a:86:dd:83:48:30:d0:41:ca:65:17:fe:e1:05:
d6:6f:25:c4:0a:5a:de:e6:47:cf:c3:53:99:6c:05:
ec:0a:78:72:ca:54:cc:ef:04:0d:1b:8f:4a:05:bf:
0c:c9:55:72:df:82:ff:69:58:b8:a9:80:38:40:74:
a7:d1:a2:f6:f2:c6:02:1f:78:d1:f5:ce:20:5d:28:
a4:37:26:8f:44:61:0e:4e:1b:74:ed:33:27:42:99:
e0:4c:6f:11:86:15:35:4b:74:05:93:c7:7d:da:12:
6f:05:ad:97:dc:15:26:3d:46:e2:66:9e:b1:ca:17:
01:85:74:4b:dc:9c:4d:d4:cf:e2:0a:4b:7c:72:72:
54:ca:80:01:25:ea:b9:5b:2a:f0:fe:96:40:9d:2c:
a1:a1:65:78:64:46:5f:f1:0f:e6:55:ad:2e:53:c8:
1b:b4:a7:bc:12:97:29:c6:40:2c:84:dd:7c:88:ef:
76:af:cf:53:79:6f:13:84:d1:be:17:69:b8:f2:a3:
64:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:EE:19:C6:B6:B7:AA:14:99:DA:7A:C8:6F:25:37:AE:09:DC:A8:1E
X509v3 Authority Key Identifier:
keyid:3A:34:88:92:51:E7:CB:13:3E:90:6C:70:89:1B:A1:A0:49:5E:D8:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjSIklHnyxM-kGxwiRuhoEle2GA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/8-4Zxra3qhSZ2nrIbyU3rgncqB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/91182a-f34b-4a15-b363-84f9ed87ac31/1/OjSIklHnyxM-kGxwiRuhoEle2GA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.209.0-185.185.211.255
185.240.76.0-185.240.78.255
Signature Algorithm: sha256WithRSAEncryption
1f:53:76:b9:8c:71:72:94:d9:75:1d:24:c4:65:1a:b2:ec:d7:
61:cb:a4:d2:76:27:1b:1a:82:f5:9c:1b:f6:ef:30:8c:aa:33:
bf:56:ed:55:2a:da:b5:f7:50:53:ce:d1:a4:61:61:e7:fc:e3:
aa:f3:7d:55:0b:68:70:7c:b7:86:c8:12:58:f0:81:dc:6b:fa:
fd:2a:dd:d2:4d:4c:20:9f:2e:47:b6:c2:70:a2:f7:ee:d9:55:
ac:12:5d:75:5a:92:6a:7b:cc:fc:cc:9b:89:66:04:47:06:77:
b6:c8:c7:93:20:ce:be:f2:ac:0c:7f:a8:0f:e9:17:6d:77:5c:
8b:93:25:fe:4c:9e:52:79:1b:38:2d:a1:31:e8:c3:b4:4a:c7:
65:b2:0b:cc:2b:2c:13:88:1d:e3:fb:39:50:8a:1c:0b:72:b1:
87:a3:32:47:04:50:af:4b:b8:3e:8b:9f:86:7d:21:68:37:f8:
cb:c9:ff:09:0c:0f:41:10:15:ec:d0:6d:5c:be:de:15:a9:01:
e5:4b:f9:f8:8c:d5:19:7b:1f:68:86:12:24:a3:64:54:53:df:
b6:80:56:5e:ab:06:6e:a8:5c:27:e8:75:2b:82:1d:c8:63:49:
7a:53:63:92:29:73:e3:af:e5:05:bd:8d:d5:5e:e2:b2:4c:42:
01:e0:91:f8
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYTPDE6wZVsBic3FT7YEbxY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMzQ4ODkyNTFlN2NiMTMzZTkwNmM3MDg5MWJhMWEwNDk1
ZWQ4NjAwHhcNMjIxMjAxMTg1NjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2VlMTljNmI2YjdhYTE0OTlkYTdhYzg2ZjI1MzdhZTA5ZGNhODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9T/gpc9q2aZo+XmBHuwP00Op9tv
L1MEsWZwc0Fy8bOUp6V/AjxPS4+xqs5SAVdCv2Eh08jB5XI251WqWobdg0gw0EHK
ZRf+4QXWbyXEClre5kfPw1OZbAXsCnhyylTM7wQNG49KBb8MyVVy34L/aVi4qYA4
QHSn0aL28sYCH3jR9c4gXSikNyaPRGEOTht07TMnQpngTG8RhhU1S3QFk8d92hJv
Ba2X3BUmPUbiZp6xyhcBhXRL3JxN1M/iCkt8cnJUyoABJeq5Wyrw/pZAnSyhoWV4
ZEZf8Q/mVa0uU8gbtKe8EpcpxkAshN18iO92r89TeW8ThNG+F2m48qNk+wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPPuGca2t6oUmdp6yG8lN64J3KgeMB8GA1UdIwQY
MBaAFDo0iJJR58sTPpBscIkboaBJXthgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMt
ODRmOWVkODdhYzMxLzEvOC00WnhyYTNxaFNaMm5ySWJ5VTNyZ25jcUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85MTE4MmEtZjM0Yi00YTE1LWIzNjMtODRmOWVkODdhYzMx
LzEvT2pTSWtsSG55eE0ta0d4d2lSdWhvRWxlMkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAC5udED
BAK5udAwDAMEArnwTAMEALnwTjANBgkqhkiG9w0BAQsFAAOCAQEAH1N2uYxxcpTZ
dR0kxGUasuzXYcuk0nYnGxqC9Zwb9u8wjKozv1btVSratfdQU87RpGFh5/zjqvN9
VQtocHy3hsgSWPCB3Gv6/Srd0k1MIJ8uR7bCcKL37tlVrBJddVqSanvM/MybiWYE
RwZ3tsjHkyDOvvKsDH+oD+kXbXdci5Ml/kyeUnkbOC2hMejDtErHZbILzCssE4gd
4/s5UIocC3Kxh6MyRwRQr0u4Poufhn0haDf4y8n/CQwPQRAV7NBtXL7eFakB5Uv5
+IzVGXsfaIYSJKNkVFPftoBWXqsGbqhcJ+h1K4IdyGNJelNjkilz46/lBb2N1V7i
skxCAeCR+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:43 2024 by rpki-client on console-fra.rpki-client.org