Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/1kS4kpDMIasyEhT2s0eYSirmy5g.roa
File: 1kS4kpDMIasyEhT2s0eYSirmy5g.roa (raw, json)
Hash identifier: EGAHrYZKcSpDPG2gYIwXv4qCPwAzICIhVr1pC6WBKdc=
Subject key identifier: D6:44:B8:92:90:CC:21:AB:32:12:14:F6:B3:47:98:4A:2A:E6:CB:98
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0182A6574BB55613EFC6F814B269A468262F
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/1kS4kpDMIasyEhT2s0eYSirmy5g.roa
Signing time: Tue 16 Aug 2022 11:08:35 +0000
ROA not before: Tue 16 Aug 2022 11:08:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
2001:7f8:10a::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a6:57:4b:b5:56:13:ef:c6:f8:14:b2:69:a4:68:26:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Aug 16 11:08:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d644b89290cc21ab321214f6b347984a2ae6cb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:71:cb:3a:b1:39:f9:b0:a8:06:3b:ac:51:82:
9c:0b:b0:16:8d:63:9d:8b:7c:ea:09:c2:86:6e:bd:
cf:75:67:c5:ea:0b:02:d7:db:bc:e9:6c:9e:ea:8a:
98:ca:92:df:c6:84:91:16:77:e4:11:ef:52:b6:81:
1e:e0:b9:d4:50:81:6d:4b:2c:95:5d:f8:0e:d7:40:
af:89:18:c6:c9:75:46:fb:8b:48:37:18:ee:40:84:
da:9d:3f:00:9e:20:99:24:99:c6:18:a1:4a:3a:c7:
75:81:22:1e:d5:0e:ba:bf:39:66:02:cc:b8:d2:05:
fb:d0:fb:de:94:cf:1c:29:70:75:56:42:2d:bb:ce:
34:e6:85:21:4f:d8:5b:e9:44:fa:ae:08:5f:26:09:
f9:1a:60:ca:cf:12:d4:3c:b9:a4:ac:56:e9:83:8f:
ea:bb:55:fd:5f:53:b2:da:10:52:de:4a:33:8d:d8:
1a:26:b1:83:b2:64:c3:a9:25:4a:8d:88:01:36:dc:
0d:e3:c1:a4:58:6b:a2:3d:a8:38:01:b4:c8:b7:ea:
17:b1:a8:60:07:ff:8e:4c:01:93:4a:b6:2f:b9:3d:
a8:d8:b8:7e:20:9b:86:84:20:fe:7e:18:9d:35:27:
32:4d:70:03:1c:44:82:03:20:fd:c1:fa:7a:9e:63:
34:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:44:B8:92:90:CC:21:AB:32:12:14:F6:B3:47:98:4A:2A:E6:CB:98
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/1kS4kpDMIasyEhT2s0eYSirmy5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0/24
185.1.246.0/24
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:106::/48
2001:7f8:10a::/48
Signature Algorithm: sha256WithRSAEncryption
01:9e:d9:e1:93:fd:93:f9:fb:da:93:e1:62:2c:84:54:b4:5b:
af:d1:83:0c:ab:1c:1c:33:53:c9:47:00:25:ef:9d:86:45:81:
25:84:12:98:06:22:0e:3c:dc:18:91:8c:cd:3e:f0:6e:77:90:
10:d4:37:67:3f:d7:78:90:01:09:e9:58:df:ed:8a:4c:7a:7d:
1c:13:7f:24:25:2c:f5:88:ee:08:02:5a:2d:8f:95:62:80:1c:
85:9d:bc:9c:11:84:06:d3:f7:cf:00:1f:4e:c8:45:61:14:7a:
d7:95:ca:da:5b:3c:07:bf:5c:06:71:7c:42:05:78:81:b9:d1:
61:59:2f:44:b8:d7:49:a5:d5:1c:e2:f9:6d:4f:8b:75:ad:e5:
91:5d:29:1a:a7:9d:a7:01:45:20:94:df:79:ac:d9:7b:15:8e:
ff:fa:32:83:56:4b:ef:fc:79:c4:fa:3d:f2:37:37:06:04:ca:
c5:f5:aa:a6:04:ac:64:f5:0b:d3:08:4d:04:65:bf:04:a8:59:
45:e3:d3:65:25:ac:ef:55:be:34:40:85:ae:1e:fe:fc:2a:6e:
c2:d8:b6:3b:ab:a8:db:ca:29:a3:4a:8c:0d:1d:6f:eb:26:4f:
2a:ab:ad:f5:21:41:43:a4:45:4d:7f:81:47:a7:46:40:08:da:
d9:76:ad:0a
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYKmV0u1VhPvxvgUsmmkaCYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjIwODE2MTEwODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ0Yjg5MjkwY2MyMWFiMzIxMjE0ZjZiMzQ3OTg0YTJhZTZjYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnHLOrE5+bCoBjusUYKcC7AWjWOd
i3zqCcKGbr3PdWfF6gsC19u86Wye6oqYypLfxoSRFnfkEe9StoEe4LnUUIFtSyyV
XfgO10CviRjGyXVG+4tINxjuQITanT8AniCZJJnGGKFKOsd1gSIe1Q66vzlmAsy4
0gX70PvelM8cKXB1VkItu8405oUhT9hb6UT6rghfJgn5GmDKzxLUPLmkrFbpg4/q
u1X9X1Oy2hBS3kozjdgaJrGDsmTDqSVKjYgBNtwN48GkWGuiPag4AbTIt+oXsahg
B/+OTAGTSrYvuT2o2Lh+IJuGhCD+fhidNScyTXADHESCAyD9wfp6nmM0YwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFNZEuJKQzCGrMhIU9rNHmEoq5suYMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvMWtTNGtwRE1JYXN5RWhUMnMwZVlTaXJteTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jB0BAIAATBuAwQDUFHA
AwQBUFHKAwQAuQEIMAwDBAG5AS4DBAC5ATADBAC5AXcDBAC5AYMDBAG5AaoDBAG5
AbYDBAC5AbsDBAG5AcADBAC5AcUDBAK5AdADBAC5AdwDBAC5AfQDBAC5AfYDBAC5
AfgDBAG5AfwwcgQCAAIwbAMHACABB/gAAAMHACABB/gAMgMHACABB/gANgMHACAB
B/gAPQMHACABB/gAPwMHACABB/gARAMHACABB/gAcwMHACABB/gAngMHACABB/gA
oAMHACABB/gA1QMHACABB/gBBgMHACABB/gBCjANBgkqhkiG9w0BAQsFAAOCAQEA
AZ7Z4ZP9k/n72pPhYiyEVLRbr9GDDKscHDNTyUcAJe+dhkWBJYQSmAYiDjzcGJGM
zT7wbneQENQ3Zz/XeJABCelY3+2KTHp9HBN/JCUs9YjuCAJaLY+VYoAchZ28nBGE
BtP3zwAfTshFYRR615XK2ls8B79cBnF8QgV4gbnRYVkvRLjXSaXVHOL5bU+Lda3l
kV0pGqedpwFFIJTfeazZexWO//oyg1ZL7/x5xPo98jc3BgTKxfWqpgSsZPUL0whN
BGW/BKhZRePTZSWs71W+NECFrh7+/Cpuwti2O6uo28opo0qMDR1v6yZPKqut9SFB
Q6RFTX+BR6dGQAja2XatCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:50 2024 by rpki-client on console-ams.rpki-client.org