Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/0KmblP8a3e-qia8GGrIXWO2rl28.roa
File: 0KmblP8a3e-qia8GGrIXWO2rl28.roa (raw, json)
Hash identifier: 6cej9cCHZUVFYTiAwC/Te/CxPuBgSsQdspUoY+MA07E=
Subject key identifier: D0:A9:9B:94:FF:1A:DD:EF:AA:89:AF:06:1A:B2:17:58:ED:AB:97:6F
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 1BB01137
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/0KmblP8a3e-qia8GGrIXWO2rl28.roa
Signing time: Sat 01 Jan 2022 05:57:25 +0000
ROA not before: Sat 01 Jan 2022 05:57:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203501
IP address blocks: 194.113.27.0/24 maxlen: 24
194.113.26.0/24 maxlen: 24
89.37.88.0/22 maxlen: 24
45.86.116.0/22 maxlen: 24
45.87.196.0/24 maxlen: 24
2a02:7040:ff00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464523575 (0x1bb01137)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Jan 1 05:57:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0a99b94ff1addefaa89af061ab21758edab976f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:2e:c4:9d:17:cd:0a:81:3b:f8:05:de:fb:
a1:3d:79:91:ae:22:d2:dc:ad:ec:2c:62:83:8c:06:
c5:72:f4:79:16:ce:aa:16:36:60:98:c4:56:c3:05:
f9:eb:98:5b:dc:f4:5c:3b:23:ac:01:e3:70:e2:bf:
7b:0c:9a:28:99:7c:ab:bc:72:33:a6:54:4f:29:13:
d4:45:b7:b7:a2:27:ee:a6:ea:e0:bc:f7:34:ef:5f:
1a:f0:80:bd:a7:9a:88:ae:aa:79:53:7f:35:45:ba:
00:38:a0:2f:c9:ce:9a:44:f4:af:8e:2a:8a:dc:93:
b3:4b:31:f6:e9:cd:79:36:50:f8:92:70:62:d6:ab:
91:01:3b:44:d8:ae:bd:24:d1:c7:15:45:61:41:08:
4e:30:d4:d2:0d:a3:c7:7e:c7:72:d4:9d:ed:9c:f8:
b7:cf:43:62:10:33:ab:d3:21:d1:74:a7:7d:40:f7:
5f:1b:b6:c3:67:0e:48:55:40:06:dc:e1:9f:88:22:
56:f6:28:f4:28:f8:af:ee:89:67:db:d0:c3:f3:71:
3c:db:9b:b4:48:4f:a9:61:7b:c8:46:d9:fb:c7:b2:
c9:75:f9:5e:63:21:b6:f8:03:77:85:e2:38:f7:42:
b8:ec:37:16:6e:fa:38:3c:0a:59:8f:91:17:5e:15:
1f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A9:9B:94:FF:1A:DD:EF:AA:89:AF:06:1A:B2:17:58:ED:AB:97:6F
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/0KmblP8a3e-qia8GGrIXWO2rl28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.116.0/22
45.87.196.0/24
89.37.88.0/22
194.113.26.0/23
IPv6:
2a02:7040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
63:a5:04:50:60:ba:89:b9:32:e6:61:37:34:e4:bc:7c:1e:b4:
29:12:0d:88:72:14:56:e7:03:38:29:8f:a4:57:df:75:ab:b6:
ff:fe:59:9a:43:e9:fb:90:fe:ac:33:c4:a0:93:0b:7a:0e:3e:
87:c5:57:2f:8d:df:56:1a:3a:6e:14:cf:69:00:f8:7d:8b:a5:
91:28:4a:7c:7e:c6:99:c1:87:5b:ca:ac:fc:76:78:03:0a:c6:
89:0c:da:37:9f:2e:0b:0c:f0:22:0d:31:15:fb:fe:16:43:9a:
ff:36:ad:38:d2:97:ad:9a:00:63:d8:35:fd:d6:0e:bc:9a:28:
48:6c:de:08:26:55:60:a5:b9:cf:e3:49:70:ee:3c:ee:47:61:
db:25:67:6e:9a:14:4e:39:bc:35:7a:29:73:78:df:3a:f7:fd:
66:63:8c:5b:e7:dd:0e:23:a1:6a:19:00:20:99:6d:b4:41:5f:
45:02:21:74:22:9c:cf:c1:89:91:68:67:c7:37:ad:ae:82:95:
dd:1a:08:3c:a4:9c:83:9e:12:d9:a9:5f:27:f4:30:83:03:a6:
12:1e:24:71:4d:16:8e:d8:7d:1a:b0:ce:95:31:f8:af:fa:c7:
de:94:61:9f:ad:b8:04:fb:42:db:0f:9d:b7:32:f2:b6:9d:41:
20:90:f1:ce
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEG7ARNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjdmODFhNmU3ODJlMjExMTg5YzRmMzRlNDU5YjQyMjZjNzVmNGE2MB4XDTIyMDEw
MTA1NTcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBhOTliOTRmZjFh
ZGRlZmFhODlhZjA2MWFiMjE3NThlZGFiOTc2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPkLsSdF80KgTv4Bd77oT15ka4i0tyt7Cxig4wGxXL0eRbO
qhY2YJjEVsMF+euYW9z0XDsjrAHjcOK/ewyaKJl8q7xyM6ZUTykT1EW3t6In7qbq
4Lz3NO9fGvCAvaeaiK6qeVN/NUW6ADigL8nOmkT0r44qityTs0sx9unNeTZQ+JJw
YtarkQE7RNiuvSTRxxVFYUEITjDU0g2jx37HctSd7Zz4t89DYhAzq9Mh0XSnfUD3
Xxu2w2cOSFVABtzhn4giVvYo9Cj4r+6JZ9vQw/NxPNubtEhPqWF7yEbZ+8eyyXX5
XmMhtvgDd4XiOPdCuOw3Fm76ODwKWY+RF14VH8kCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTQqZuU/xrd76qJrwYashdY7auXbzAfBgNVHSMEGDAWgBSLf4Gm54LiERic
TzTkWbQibHX0pjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2kzLUJwdWVDNGhFWW5FODA1Rm0wSW14MTlLWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvOWI2MGU1LWY5OGYtNGFjNi05OGE1LWYyZjQyNmVmZTAzOS8x
LzBLbWJsUDhhM2UtcWlhOEdHcklYV08ycmwyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
OWI2MGU1LWY5OGYtNGFjNi05OGE1LWYyZjQyNmVmZTAzOS8xL2kzLUJwdWVDNGhF
WW5FODA1Rm0wSW14MTlLWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwHgQCAAEwGAMEAi1WdAMEAC1XxAMEAlklWAMEAcJx
GjAOBAIAAjAIAwYAKgJwQP8wDQYJKoZIhvcNAQELBQADggEBAGOlBFBguom5MuZh
NzTkvHwetCkSDYhyFFbnAzgpj6RX33Wrtv/+WZpD6fuQ/qwzxKCTC3oOPofFVy+N
31YaOm4Uz2kA+H2LpZEoSnx+xpnBh1vKrPx2eAMKxokM2jefLgsM8CINMRX7/hZD
mv82rTjSl62aAGPYNf3WDryaKEhs3ggmVWCluc/jSXDuPO5HYdslZ26aFE45vDV6
KXN43zr3/WZjjFvn3Q4joWoZACCZbbRBX0UCIXQinM/BiZFoZ8c3ra6Cld0aCDyk
nIOeEtmpXyf0MIMDphIeJHFNFo7YfRqwzpUx+K/6x96UYZ+tuAT7QtsPnbcy8rad
QSCQ8c4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:53 2024 by rpki-client on console-ams.rpki-client.org