Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/8J8usZNlQuMwZfDYUgxIrDBsRmM.roa
File: 8J8usZNlQuMwZfDYUgxIrDBsRmM.roa (raw, json)
Hash identifier: z3GDFtNIGSDtZFUeWxdQfspLdEzflAza+9u4yLyVKu4=
Subject key identifier: F0:9F:2E:B1:93:65:42:E3:30:65:F0:D8:52:0C:48:AC:30:6C:46:63
Certificate issuer: /CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Certificate serial: 0182F9907128E0F155A39F83392118BE9C9E
Authority key identifier: B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/8J8usZNlQuMwZfDYUgxIrDBsRmM.roa
Signing time: Thu 01 Sep 2022 14:59:29 +0000
ROA not before: Thu 01 Sep 2022 14:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44567
IP address blocks: 93.92.152.0/21 maxlen: 21
91.240.214.0/23 maxlen: 23
2a01:9c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f9:90:71:28:e0:f1:55:a3:9f:83:39:21:18:be:9c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Validity
Not Before: Sep 1 14:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f09f2eb1936542e33065f0d8520c48ac306c4663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b1:e5:41:be:60:60:0e:18:59:98:a2:97:88:
06:29:f7:ed:65:e7:3f:e0:c1:a1:8c:7c:57:88:60:
bd:a4:1d:6d:91:d3:c9:f4:3c:dd:7a:3a:34:58:09:
88:1b:12:e5:19:b5:c1:cb:fe:0c:14:87:b2:99:4b:
35:ea:a9:fb:e8:64:aa:5e:47:2c:a3:c5:3c:bb:df:
9b:56:c3:62:6f:4c:de:84:70:60:6a:7f:18:7a:07:
22:b0:96:b5:24:db:da:3f:00:53:8e:30:c0:c3:b0:
96:da:5b:90:3b:4b:58:a7:35:15:aa:35:1d:56:ec:
ee:d5:c2:c1:4e:09:07:6f:66:18:58:0e:44:11:29:
5a:7b:1d:12:cf:8c:14:a2:30:ce:96:8e:02:8e:19:
b2:43:af:80:1d:8f:37:2d:6b:db:26:fb:2c:33:b7:
9b:54:a7:f0:96:e7:aa:23:10:0f:2b:d0:76:9f:72:
b7:9f:35:22:74:25:87:f5:06:1b:7e:76:05:c0:11:
74:3e:fc:71:b8:77:9a:02:4a:92:79:06:c4:26:52:
38:58:f9:fe:f0:a6:df:b4:b3:d6:52:62:95:3a:0f:
d4:cf:f9:27:df:18:df:23:40:2b:1e:92:47:07:fd:
df:df:47:c8:18:4c:27:f2:4d:92:62:3b:5a:c1:a4:
3f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9F:2E:B1:93:65:42:E3:30:65:F0:D8:52:0C:48:AC:30:6C:46:63
X509v3 Authority Key Identifier:
keyid:B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/8J8usZNlQuMwZfDYUgxIrDBsRmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/s9Zil8XNvTbYaEnd6ueYWXn0UMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.214.0/23
93.92.152.0/21
IPv6:
2a01:9c00::/32
Signature Algorithm: sha256WithRSAEncryption
15:8d:4c:af:f2:5d:82:b4:3d:70:4c:41:61:47:7f:7b:ad:10:
12:ea:3a:60:0d:44:e2:e6:43:b0:03:d8:28:e1:19:6d:84:15:
01:14:38:b0:a7:a3:4a:37:cf:2b:c1:22:c7:f8:ec:ec:0c:df:
30:47:b1:50:97:59:21:09:4b:88:f2:b1:06:4d:7c:9c:9c:c9:
52:6c:90:87:77:3a:a3:de:af:98:a3:ff:8d:3a:5a:26:46:3f:
cc:9e:9c:eb:d4:75:7b:8c:4c:fb:bd:31:47:26:4b:0c:64:7b:
50:31:72:43:cb:49:31:45:5c:40:89:6d:45:76:5d:64:ef:a8:
18:6f:8c:a0:53:1a:62:df:a3:7b:c3:a9:e2:cf:a5:17:f2:37:
fa:8a:86:a0:7d:50:3d:58:9f:34:fe:ab:2d:f1:5e:94:e6:3f:
05:d2:f1:3f:e4:5c:e5:fb:35:87:a9:78:2a:a9:0e:80:f7:51:
3d:fa:05:13:56:29:2f:48:d5:6b:be:71:24:24:93:bc:7c:23:
bf:22:e1:d6:ee:c0:b1:46:cc:2a:dd:00:35:cd:25:d3:06:0e:
b1:59:92:cf:0c:c6:bc:1f:cb:be:82:a4:61:55:ca:08:67:82:
07:61:ed:c8:0c:5a:f7:6f:ef:dc:20:4a:73:29:fa:cb:11:55:
8a:b4:8d:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYL5kHEo4PFVo5+DOSEYvpyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDY2Mjk3YzVjZGJkMzZkODY4NDlkZGVhZTc5ODU5Nzlm
NDUwY2EwHhcNMjIwOTAxMTQ1OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDlmMmViMTkzNjU0MmUzMzA2NWYwZDg1MjBjNDhhYzMwNmM0NjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLHlQb5gYA4YWZiil4gGKfftZec/
4MGhjHxXiGC9pB1tkdPJ9Dzdejo0WAmIGxLlGbXBy/4MFIeymUs16qn76GSqXkcs
o8U8u9+bVsNib0zehHBgan8YegcisJa1JNvaPwBTjjDAw7CW2luQO0tYpzUVqjUd
Vuzu1cLBTgkHb2YYWA5EESlaex0Sz4wUojDOlo4CjhmyQ6+AHY83LWvbJvssM7eb
VKfwlueqIxAPK9B2n3K3nzUidCWH9QYbfnYFwBF0PvxxuHeaAkqSeQbEJlI4WPn+
8KbftLPWUmKVOg/Uz/kn3xjfI0ArHpJHB/3f30fIGEwn8k2SYjtawaQ/VQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPCfLrGTZULjMGXw2FIMSKwwbEZjMB8GA1UdIwQY
MBaAFLPWYpfFzb022GhJ3ernmFl59FDKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2Yt
ZWIxZjg3MTVlZWMwLzEvOEo4dXNaTmxRdU13WmZEWVVneElyREJzUm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2YtZWIxZjg3MTVlZWMw
LzEvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW/DWAwQD
XVyYMA0EAgACMAcDBQAqAZwAMA0GCSqGSIb3DQEBCwUAA4IBAQAVjUyv8l2CtD1w
TEFhR397rRAS6jpgDUTi5kOwA9go4RlthBUBFDiwp6NKN88rwSLH+OzsDN8wR7FQ
l1khCUuI8rEGTXycnMlSbJCHdzqj3q+Yo/+NOlomRj/Mnpzr1HV7jEz7vTFHJksM
ZHtQMXJDy0kxRVxAiW1Fdl1k76gYb4ygUxpi36N7w6niz6UX8jf6ioagfVA9WJ80
/qst8V6U5j8F0vE/5Fzl+zWHqXgqqQ6A91E9+gUTVikvSNVrvnEkJJO8fCO/IuHW
7sCxRswq3QA1zSXTBg6xWZLPDMa8H8u+gqRhVcoIZ4IHYe3IDFr3b+/cIEpzKfrL
EVWKtI2Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org