Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/8F0QVZurjoxCHv0XUI4nf-qz1xQ.roa
File: 8F0QVZurjoxCHv0XUI4nf-qz1xQ.roa (raw, json)
Hash identifier: 2CvzTRbndKEiPZBKwV0KKmIok7UbDZHydMbV815xTtE=
Subject key identifier: F0:5D:10:55:9B:AB:8E:8C:42:1E:FD:17:50:8E:27:7F:EA:B3:D7:14
Certificate issuer: /CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Certificate serial: 0182C4FCCFDCE227494E577DB98520097E0E
Authority key identifier: B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/8F0QVZurjoxCHv0XUI4nf-qz1xQ.roa
Signing time: Mon 22 Aug 2022 09:57:58 +0000
ROA not before: Mon 22 Aug 2022 09:57:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39775
IP address blocks: 91.204.16.0/22 maxlen: 24
81.90.208.0/20 maxlen: 24
185.149.124.0/22 maxlen: 24
185.149.126.0/24 maxlen: 28
185.190.0.0/22 maxlen: 24
62.192.32.0/19 maxlen: 24
2a02:1378::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:fc:cf:dc:e2:27:49:4e:57:7d:b9:85:20:09:7e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b98d1f6e336a7c81351941bc0b9dea39d7d764db
Validity
Not Before: Aug 22 09:57:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f05d10559bab8e8c421efd17508e277feab3d714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:d0:76:86:02:af:3c:aa:77:61:64:84:aa:
cb:79:f0:0d:78:c2:b6:c0:9e:ba:85:c5:9e:4e:82:
0f:bb:61:56:51:18:c7:2c:6d:07:de:3f:0d:bd:2a:
12:5b:c2:35:d6:be:3a:34:46:e7:14:67:23:9e:8d:
1e:8f:13:90:1d:98:3e:f8:1a:7c:d7:c8:cc:d9:1f:
60:bb:38:26:27:81:fe:e5:4f:a3:c9:a7:e2:13:c9:
aa:0d:0e:7c:a0:34:bd:54:7b:01:b7:cf:ea:bc:da:
fe:31:5a:1f:71:c0:46:f1:ce:86:ee:db:2d:82:04:
33:ae:27:7c:58:d8:50:a9:1a:34:88:ad:33:54:38:
64:a0:3c:e9:83:fd:dc:40:31:3e:b9:9c:3b:77:c9:
27:9a:b7:34:38:cb:b1:79:68:d4:ea:f3:02:42:35:
6f:f0:b4:cc:e6:39:0f:df:50:e7:67:b9:de:54:a9:
f2:72:9a:e0:d4:99:fc:2e:78:c4:6a:cb:fd:ba:20:
92:0e:46:6c:cd:f3:65:fd:f1:70:85:2d:9a:66:4d:
5c:36:a2:0e:02:12:60:d9:d2:87:90:73:c4:57:fd:
44:26:2b:e7:45:69:f6:52:5c:b5:e2:bb:c4:5b:fc:
a1:87:3e:d8:64:3d:c3:0d:15:59:95:44:fe:97:56:
39:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5D:10:55:9B:AB:8E:8C:42:1E:FD:17:50:8E:27:7F:EA:B3:D7:14
X509v3 Authority Key Identifier:
keyid:B9:8D:1F:6E:33:6A:7C:81:35:19:41:BC:0B:9D:EA:39:D7:D7:64:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uY0fbjNqfIE1GUG8C53qOdfXZNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/8F0QVZurjoxCHv0XUI4nf-qz1xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/9dac2f-301e-406d-b8d0-03857ef5b387/1/uY0fbjNqfIE1GUG8C53qOdfXZNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.32.0/19
81.90.208.0/20
91.204.16.0/22
185.149.124.0/22
185.190.0.0/22
IPv6:
2a02:1378::/32
Signature Algorithm: sha256WithRSAEncryption
3c:9a:67:5c:24:ce:e8:8e:4b:7d:32:b9:1a:93:73:66:39:34:
f6:b8:d4:da:9e:b0:f9:fd:cf:ce:43:1b:91:53:cc:0b:a5:9c:
9c:df:55:11:95:eb:5a:56:2c:2e:ed:10:f3:09:93:81:41:15:
c7:1f:fc:a7:16:c2:7c:f9:dc:f1:02:c7:ba:e6:26:1c:20:e1:
7e:db:92:4f:a8:89:6a:0b:53:ed:f7:f7:07:11:be:2d:8f:1c:
0c:fd:b8:13:ef:75:23:db:96:6f:7d:e6:f0:1c:31:40:2f:23:
a6:d9:0f:05:cd:9a:51:09:0a:9a:e3:04:c9:8d:25:b4:24:ff:
a5:b6:19:0d:90:35:f7:c0:1f:9d:4e:da:9f:bf:3a:fe:42:51:
f5:3f:98:02:db:d9:bc:30:e4:19:01:e1:41:a3:83:ed:ce:7e:
9a:36:9c:fa:30:b1:3a:1c:e0:15:8d:1d:d0:4c:27:df:04:1a:
48:24:53:7c:4a:e7:38:a5:0d:62:bc:c0:91:89:d5:c8:9d:cb:
c5:e6:88:cf:a3:26:32:1e:fd:ad:53:0e:99:a9:00:79:c0:fb:
e5:dd:1e:cd:be:1d:6e:cd:12:68:9f:fc:4a:d6:53:ef:dc:37:
0c:18:7d:95:84:62:11:4c:a6:18:c9:f5:c3:ea:6f:af:61:ab:
03:96:20:ac
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYLE/M/c4idJTld9uYUgCX4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OGQxZjZlMzM2YTdjODEzNTE5NDFiYzBiOWRlYTM5ZDdk
NzY0ZGIwHhcNMjIwODIyMDk1NzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVkMTA1NTliYWI4ZThjNDIxZWZkMTc1MDhlMjc3ZmVhYjNkNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJDQdoYCrzyqd2FkhKrLefANeMK2
wJ66hcWeToIPu2FWURjHLG0H3j8NvSoSW8I11r46NEbnFGcjno0ejxOQHZg++Bp8
18jM2R9guzgmJ4H+5U+jyafiE8mqDQ58oDS9VHsBt8/qvNr+MVofccBG8c6G7tst
ggQzrid8WNhQqRo0iK0zVDhkoDzpg/3cQDE+uZw7d8knmrc0OMuxeWjU6vMCQjVv
8LTM5jkP31DnZ7neVKnycprg1Jn8LnjEasv9uiCSDkZszfNl/fFwhS2aZk1cNqIO
AhJg2dKHkHPEV/1EJivnRWn2Uly14rvEW/yhhz7YZD3DDRVZlUT+l1Y5QwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPBdEFWbq46MQh79F1COJ3/qs9cUMB8GA1UdIwQY
MBaAFLmNH24zanyBNRlBvAud6jnX12TbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAt
MDM4NTdlZjViMzg3LzEvOEYwUVZadXJqb3hDSHYwWFVJNG5mLXF6MXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi85ZGFjMmYtMzAxZS00MDZkLWI4ZDAtMDM4NTdlZjViMzg3
LzEvdVkwZmJqTnFmSUUxR1VHOEM1M3FPZGZYWk5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFPsAgAwQE
UVrQAwQCW8wQAwQCuZV8AwQCub4AMA0EAgACMAcDBQAqAhN4MA0GCSqGSIb3DQEB
CwUAA4IBAQA8mmdcJM7ojkt9Mrkak3NmOTT2uNTanrD5/c/OQxuRU8wLpZyc31UR
letaViwu7RDzCZOBQRXHH/ynFsJ8+dzxAse65iYcIOF+25JPqIlqC1Pt9/cHEb4t
jxwM/bgT73Uj25ZvfebwHDFALyOm2Q8FzZpRCQqa4wTJjSW0JP+lthkNkDX3wB+d
Ttqfvzr+QlH1P5gC29m8MOQZAeFBo4Ptzn6aNpz6MLE6HOAVjR3QTCffBBpIJFN8
Suc4pQ1ivMCRidXIncvF5ojPoyYyHv2tUw6ZqQB5wPvl3R7Nvh1uzRJon/xK1lPv
3DcMGH2VhGIRTKYYyfXD6m+vYasDliCs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:50 2025 by rpki-client