Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_8pHN3I4GuDqXknbBcyiRJ-mFhY.roa
File: _8pHN3I4GuDqXknbBcyiRJ-mFhY.roa (raw, json)
Hash identifier: sk+hNJLx/VXzQCoAJr9uCPz3DfZzWgUAl4DLHzCP+QI=
Subject key identifier: FF:CA:47:37:72:38:1A:E0:EA:5E:49:DB:05:CC:A2:44:9F:A6:16:16
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018449CA105372C91883A83B4E2913911F60
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_8pHN3I4GuDqXknbBcyiRJ-mFhY.roa
Signing time: Sat 05 Nov 2022 21:54:49 +0000
ROA not before: Sat 05 Nov 2022 21:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42708
IP address blocks: 194.76.224.0/24 maxlen: 24
91.242.219.0/24 maxlen: 24
109.230.199.0/24 maxlen: 24
2a0b:7140:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:49:ca:10:53:72:c9:18:83:a8:3b:4e:29:13:91:1f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Nov 5 21:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffca473772381ae0ea5e49db05cca2449fa61616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:7d:ad:f0:70:b8:a9:09:d1:3e:36:1a:ef:
e1:51:89:63:29:65:24:f9:c5:3c:55:83:0d:b0:bc:
dc:35:a2:ad:cb:a6:6d:7f:84:cf:ff:1d:f0:5e:bf:
30:6e:20:c8:a1:e6:ba:74:4e:82:28:d7:2d:ae:5a:
0a:a6:44:fd:ae:26:75:c2:49:6e:1a:9f:13:01:a3:
58:d0:be:c5:5c:8e:35:d7:90:dc:62:3b:49:f4:7f:
e6:63:7b:41:c1:6e:0b:ce:3d:9c:dc:9f:4c:4f:fb:
15:1b:2b:26:46:ea:0d:90:63:bd:95:4b:a2:53:5c:
08:1f:66:8c:c3:c0:87:27:91:27:65:17:62:43:f8:
e9:e3:ee:49:84:66:d4:b6:8c:e9:9a:bc:21:fb:b3:
f6:f5:6a:f6:99:9b:74:74:d2:59:ac:7d:17:50:3e:
77:92:1d:67:68:18:47:d5:f8:b1:0a:9c:e7:f7:78:
17:35:35:fe:7b:59:07:8a:cd:dd:06:77:9b:a1:96:
f3:fa:98:c6:07:c0:73:21:7c:a7:fa:e9:e6:aa:55:
24:c5:3c:f5:81:82:29:22:e2:90:4e:bb:e8:78:f0:
fa:c6:6a:2d:92:c2:97:d2:fa:dd:fc:2b:ff:7e:d9:
9a:bb:9a:28:a9:1b:4a:12:93:a0:c0:3c:54:28:6f:
bb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:47:37:72:38:1A:E0:EA:5E:49:DB:05:CC:A2:44:9F:A6:16:16
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/_8pHN3I4GuDqXknbBcyiRJ-mFhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.219.0/24
109.230.199.0/24
194.76.224.0/24
IPv6:
2a0b:7140:3::/48
Signature Algorithm: sha256WithRSAEncryption
a3:c6:73:30:6f:ec:25:18:b4:3d:66:b8:0f:c0:7d:73:02:a1:
35:6d:80:b6:68:d2:7c:35:7f:36:9c:8d:34:74:f0:a6:37:df:
ed:72:d9:9e:ba:6b:1c:c3:4e:bb:53:fb:cf:c5:13:43:af:b7:
9f:0d:ce:46:8c:4e:08:e9:41:7f:51:ae:70:1a:45:93:3c:fc:
93:5d:eb:19:0f:ff:ad:7f:ff:b7:d7:fb:75:5f:40:8f:97:eb:
95:67:e8:1d:53:9e:35:39:f8:62:51:47:25:21:1e:81:12:f4:
48:71:98:89:55:83:ef:2d:d6:39:54:3b:ab:c6:ac:53:81:64:
3d:dd:62:2f:dd:0d:8a:17:8a:b8:6a:36:90:a5:cd:90:45:e2:
dd:8f:c3:0a:51:c1:5c:3d:49:1b:cd:94:4b:19:a2:99:5e:4a:
6a:75:da:3e:0b:7e:41:d3:01:51:9b:14:d1:ca:72:b8:84:dd:
06:be:89:8a:69:cf:a4:c0:99:57:84:c7:47:c5:69:bb:62:97:
7d:0a:5f:96:b0:87:4f:84:fd:64:e9:58:d4:fb:da:6b:a5:e0:
a2:9a:e0:32:c0:97:0b:87:bf:6f:5b:2c:f0:db:31:28:00:e7:
01:10:d7:ce:d3:e7:3a:4a:c5:d4:aa:7b:e0:17:c6:ad:37:83:
57:ed:87:5c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYRJyhBTcskYg6g7TikTkR9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjIxMTA1MjE1NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNhNDczNzcyMzgxYWUwZWE1ZTQ5ZGIwNWNjYTI0NDlmYTYxNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNd9rfBwuKkJ0T42Gu/hUYljKWUk
+cU8VYMNsLzcNaKty6Ztf4TP/x3wXr8wbiDIoea6dE6CKNctrloKpkT9riZ1wklu
Gp8TAaNY0L7FXI4115DcYjtJ9H/mY3tBwW4Lzj2c3J9MT/sVGysmRuoNkGO9lUui
U1wIH2aMw8CHJ5EnZRdiQ/jp4+5JhGbUtozpmrwh+7P29Wr2mZt0dNJZrH0XUD53
kh1naBhH1fixCpzn93gXNTX+e1kHis3dBneboZbz+pjGB8BzIXyn+unmqlUkxTz1
gYIpIuKQTrvoePD6xmotksKX0vrd/Cv/ftmau5ooqRtKEpOgwDxUKG+7vQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFP/KRzdyOBrg6l5J2wXMokSfphYWMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvXzhwSE4zSTRHdURxWGtuYkJjeWlSSi1tRmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW/LbAwQA
bebHAwQAwkzgMA8EAgACMAkDBwAqC3FAAAMwDQYJKoZIhvcNAQELBQADggEBAKPG
czBv7CUYtD1muA/AfXMCoTVtgLZo0nw1fzacjTR08KY33+1y2Z66axzDTrtT+8/F
E0Ovt58NzkaMTgjpQX9RrnAaRZM8/JNd6xkP/61//7fX+3VfQI+X65Vn6B1TnjU5
+GJRRyUhHoES9EhxmIlVg+8t1jlUO6vGrFOBZD3dYi/dDYoXirhqNpClzZBF4t2P
wwpRwVw9SRvNlEsZopleSmp12j4LfkHTAVGbFNHKcriE3Qa+iYppz6TAmVeEx0fF
abtil30KX5awh0+E/WTpWNT72mul4KKa4DLAlwuHv29bLPDbMSgA5wEQ187T5zpK
xdSqe+AXxq03g1fth1w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:47 2023 by rpki-client on console-fra.rpki-client.org