Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/8zK0j9w053dYcKDFYGNWzIegxAQ.roa
File: 8zK0j9w053dYcKDFYGNWzIegxAQ.roa (raw, json)
Hash identifier: 4vK1uf7WRnvdIjWY5yw08zvLnqZCj7ccg4m1dKq03us=
Subject key identifier: F3:32:B4:8F:DC:34:E7:77:58:70:A0:C5:60:63:56:CC:87:A0:C4:04
Certificate issuer: /CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Certificate serial: 0D111F5F
Authority key identifier: E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/8zK0j9w053dYcKDFYGNWzIegxAQ.roa
Signing time: Sat 01 Jan 2022 03:53:50 +0000
ROA not before: Sat 01 Jan 2022 03:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8326
IP address blocks: 212.122.192.0/20 maxlen: 20
212.122.208.0/21 maxlen: 21
46.239.128.0/20 maxlen: 20
89.191.128.0/20 maxlen: 20
82.146.224.0/19 maxlen: 19
2001:908::/30 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 219225951 (0xd111f5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2e8f56bc1f5010291681bc2d8c02f9acbf714a0
Validity
Not Before: Jan 1 03:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f332b48fdc34e7775870a0c5606356cc87a0c404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f5:86:01:27:ea:0b:a0:d7:8b:3d:37:bf:2b:
6a:5d:7e:90:cd:de:34:66:30:52:be:9a:83:e0:ae:
17:0a:f3:8c:7a:84:81:b7:25:aa:49:d1:da:65:a6:
46:ce:69:73:1b:5a:ca:42:28:59:f5:4e:dd:b9:eb:
d8:74:7f:d3:16:56:a7:00:be:30:92:be:39:e3:b0:
64:54:87:22:2e:ee:28:ac:19:bb:d2:e5:18:bf:f6:
23:89:87:e9:d9:4b:0d:ef:49:04:35:d9:35:3b:2e:
c4:aa:7b:c4:6a:2b:3d:2c:61:17:45:7d:e6:75:2b:
21:7f:75:f1:30:de:d6:94:95:a4:7c:8c:f4:18:0b:
8d:82:c1:71:8c:55:39:f4:be:2d:9a:62:d8:ab:6f:
f6:19:ca:70:da:32:2d:4f:d4:f1:f7:e9:bb:d8:96:
96:e1:22:5b:a0:65:79:b8:ff:c3:f1:39:af:06:ad:
55:87:88:84:2b:98:2e:c3:9d:90:41:3a:16:ef:9c:
b7:84:5e:b0:7e:2a:ff:63:87:80:55:3e:3c:47:1f:
16:aa:5e:1f:dc:92:e5:67:9d:ec:cf:d5:0d:50:c5:
f4:97:b6:be:a3:c0:cb:2b:34:83:41:8b:e8:3f:3d:
eb:67:1d:97:cf:f1:6a:09:ac:8c:45:85:87:ea:73:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:32:B4:8F:DC:34:E7:77:58:70:A0:C5:60:63:56:CC:87:A0:C4:04
X509v3 Authority Key Identifier:
keyid:E2:E8:F5:6B:C1:F5:01:02:91:68:1B:C2:D8:C0:2F:9A:CB:F7:14:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4uj1a8H1AQKRaBvC2MAvmsv3FKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/8zK0j9w053dYcKDFYGNWzIegxAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8042bf-71ba-4fbd-9e17-447edc4f9af6/1/4uj1a8H1AQKRaBvC2MAvmsv3FKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.239.128.0/20
82.146.224.0/19
89.191.128.0/20
212.122.192.0-212.122.215.255
IPv6:
2001:908::/30
Signature Algorithm: sha256WithRSAEncryption
41:f0:7a:19:12:12:78:8c:14:5c:16:b6:7f:42:73:c6:e8:0e:
d7:25:55:f6:38:95:cb:89:69:a3:5d:2e:4d:77:a8:2f:c5:73:
bd:4e:db:5a:56:7b:72:5a:38:13:d0:02:b1:19:f6:3f:f4:bf:
0a:a3:2a:2f:2d:35:3b:fb:c7:4d:23:77:bb:c7:15:b7:a1:ee:
50:47:4d:5a:34:a7:b8:f6:1d:75:57:66:84:e8:75:b4:77:c3:
76:04:47:16:f5:e0:a7:2f:97:ec:c6:77:fd:3f:61:94:9a:e3:
88:b7:c8:69:43:4f:03:07:6d:b8:2d:58:e6:68:b4:6b:1f:eb:
3a:aa:ab:42:5b:cf:ba:d8:78:44:aa:e5:25:47:55:0e:dc:5b:
4e:9a:07:db:9b:d5:a5:6c:14:0b:36:ec:46:ac:12:b6:58:71:
8e:f8:6f:a6:c4:df:db:11:01:b7:d5:1c:73:48:08:02:a7:44:
e3:6b:8c:d8:3d:78:84:10:ae:e9:b1:7d:86:60:d8:d9:e5:ec:
d5:56:90:56:38:43:3c:12:46:de:77:eb:06:3b:de:4f:65:ad:
68:42:21:b4:c3:6b:4c:57:a9:71:f7:95:47:38:38:a9:5f:72:
1b:de:8b:b8:68:a2:58:39:59:5a:ae:ea:6c:a3:6b:6b:d9:cf:
e9:b5:a9:42
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEDREfXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MmU4ZjU2YmMxZjUwMTAyOTE2ODFiYzJkOGMwMmY5YWNiZjcxNGEwMB4XDTIyMDEw
MTAzNTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjMzMmI0OGZkYzM0
ZTc3NzU4NzBhMGM1NjA2MzU2Y2M4N2EwYzQwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/1hgEn6gug14s9N78ral1+kM3eNGYwUr6ag+CuFwrzjHqE
gbclqknR2mWmRs5pcxtaykIoWfVO3bnr2HR/0xZWpwC+MJK+OeOwZFSHIi7uKKwZ
u9LlGL/2I4mH6dlLDe9JBDXZNTsuxKp7xGorPSxhF0V95nUrIX918TDe1pSVpHyM
9BgLjYLBcYxVOfS+LZpi2Ktv9hnKcNoyLU/U8ffpu9iWluEiW6Blebj/w/E5rwat
VYeIhCuYLsOdkEE6Fu+ct4ResH4q/2OHgFU+PEcfFqpeH9yS5Wed7M/VDVDF9Je2
vqPAyys0g0GL6D8962cdl8/xagmsjEWFh+pzYHsCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBTzMrSP3DTnd1hwoMVgY1bMh6DEBDAfBgNVHSMEGDAWgBTi6PVrwfUBApFo
G8LYwC+ay/cUoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzR1ajFhOEgxQVFLUmFCdkMyTUF2bXN2M0ZLQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8x
Lzh6SzBqOXcwNTNkWWNLREZZR05XekllZ3hBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
ODA0MmJmLTcxYmEtNGZiZC05ZTE3LTQ0N2VkYzRmOWFmNi8xLzR1ajFhOEgxQVFL
UmFCdkMyTUF2bXN2M0ZLQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJgQCAAEwIAMEBC7vgAMEBVKS4AMEBFm/gDAMAwQG
1HrAAwQD1HrQMA0EAgACMAcDBQIgAQkIMA0GCSqGSIb3DQEBCwUAA4IBAQBB8HoZ
EhJ4jBRcFrZ/QnPG6A7XJVX2OJXLiWmjXS5Nd6gvxXO9TttaVntyWjgT0AKxGfY/
9L8KoyovLTU7+8dNI3e7xxW3oe5QR01aNKe49h11V2aE6HW0d8N2BEcW9eCnL5fs
xnf9P2GUmuOIt8hpQ08DB224LVjmaLRrH+s6qqtCW8+62HhEquUlR1UO3FtOmgfb
m9WlbBQLNuxGrBK2WHGO+G+mxN/bEQG31RxzSAgCp0Tja4zYPXiEEK7psX2GYNjZ
5ezVVpBWOEM8Ekbed+sGO95PZa1oQiG0w2tMV6lx95VHODipX3Ib3ou4aKJYOVla
rupso2tr2c/ptalC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:53 2023 by rpki-client on console-ams.rpki-client.org