Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/akdVtXQ98isoZo0liitC7KsbS1o.roa
File: akdVtXQ98isoZo0liitC7KsbS1o.roa (raw, json)
Hash identifier: xaoglrKAJMdq6vutFD2kZer0cxlhnlIov/BuHv7pToM=
Subject key identifier: 6A:47:55:B5:74:3D:F2:2B:28:66:8D:25:8A:2B:42:EC:AB:1B:4B:5A
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 01845BF9AB49E0B0EE0CAD2C53672F832F83
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/akdVtXQ98isoZo0liitC7KsbS1o.roa
Signing time: Wed 09 Nov 2022 10:39:59 +0000
ROA not before: Wed 09 Nov 2022 10:39:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
2001:7f8:10a::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:3f::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:f9:ab:49:e0:b0:ee:0c:ad:2c:53:67:2f:83:2f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Nov 9 10:39:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a4755b5743df22b28668d258a2b42ecab1b4b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:46:ed:3b:53:b3:71:82:a8:03:32:7b:f5:
ab:61:f1:74:ef:53:32:c3:fb:5f:e4:3e:01:ed:ed:
11:d8:a8:1c:e2:8e:5b:40:7f:27:73:e9:d0:a9:2f:
fa:fd:64:3e:37:c5:e4:37:a3:1e:54:5c:9b:4a:8d:
26:45:01:16:f2:aa:e9:4a:6c:2e:ca:ed:82:1d:47:
af:78:91:78:60:cb:3b:87:0d:aa:a9:3c:84:5b:22:
5d:f9:2a:7c:ea:6a:4f:ee:d6:e0:a9:ca:1b:a8:53:
e5:c7:b2:ea:20:8d:29:60:b6:cb:22:de:2f:ab:57:
00:15:99:00:f6:2f:1b:ba:23:16:4e:84:52:aa:fe:
a2:86:5e:5e:b9:61:7d:f1:8b:fc:7a:1b:ce:67:c9:
68:73:84:a7:63:c6:92:1a:95:c0:37:ea:35:1f:47:
0a:14:ea:52:39:17:00:fb:63:22:3b:62:21:08:3f:
01:8d:c6:10:b8:15:9b:72:10:9f:11:4c:47:d1:08:
bd:93:48:dd:69:f2:35:e7:c9:e6:6d:cb:b9:18:27:
98:6b:ac:a3:c1:70:ca:53:72:77:98:60:94:e3:2b:
f3:23:a4:2a:72:78:fc:af:2e:b4:e0:7c:33:6f:86:
2a:89:43:80:9d:f4:e6:ae:16:4b:98:a5:7f:2b:c0:
c4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:47:55:B5:74:3D:F2:2B:28:66:8D:25:8A:2B:42:EC:AB:1B:4B:5A
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/akdVtXQ98isoZo0liitC7KsbS1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0/22
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0/24
185.1.246.0/24
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:69:c3:2a:4c:1d:63:cf:f2:67:85:79:7d:84:73:2d:db:5c:
a3:39:e7:92:7c:29:ae:d9:75:37:5c:af:e9:99:94:fb:87:10:
bb:12:e1:2f:02:24:63:79:8f:1c:b0:13:08:2c:ac:8d:ca:fe:
af:4b:ce:8e:8a:59:9b:1c:62:e7:6c:90:0b:02:6f:1e:b0:a7:
d1:40:51:bf:4b:e9:bf:d4:e4:40:a3:58:54:05:9e:f7:bb:df:
9d:94:83:1a:f0:f4:fd:e2:1a:f6:72:e7:76:f9:42:9a:61:3a:
4f:92:be:c1:9b:6d:b2:c1:00:6a:7d:62:4a:71:65:f6:fe:ba:
cb:d4:70:ce:01:34:53:94:7b:43:43:d5:ed:34:12:ee:f5:8d:
37:1a:a6:09:57:58:9d:b4:2b:d6:e5:d1:5b:3a:7a:49:96:e1:
46:ed:ce:e8:5d:9c:1f:ec:e8:90:84:ca:a4:c9:18:a2:29:29:
6b:96:f7:31:0f:9f:2c:ae:08:d3:1a:29:87:56:6c:8f:b9:75:
ea:5a:2c:4e:ab:31:4f:76:3b:a7:aa:45:df:b0:a9:0f:08:fe:
5b:1e:74:f3:ad:a7:09:b7:39:98:3e:10:9f:be:a8:22:d1:56:
c8:ca:a4:13:11:9e:8c:e3:9d:67:d2:b1:99:67:15:db:64:94:
5f:92:ed:67
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgISAYRb+atJ4LDuDK0sU2cvgy+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjIxMTA5MTAzOTU5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ3NTViNTc0M2RmMjJiMjg2NjhkMjU4YTJiNDJlY2FiMWI0YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY5G7TtTs3GCqAMye/WrYfF071My
w/tf5D4B7e0R2Kgc4o5bQH8nc+nQqS/6/WQ+N8XkN6MeVFybSo0mRQEW8qrpSmwu
yu2CHUeveJF4YMs7hw2qqTyEWyJd+Sp86mpP7tbgqcobqFPlx7LqII0pYLbLIt4v
q1cAFZkA9i8buiMWToRSqv6ihl5euWF98Yv8ehvOZ8loc4SnY8aSGpXAN+o1H0cK
FOpSORcA+2MiO2IhCD8BjcYQuBWbchCfEUxH0Qi9k0jdafI158nmbcu5GCeYa6yj
wXDKU3J3mGCU4yvzI6Qqcnj8ry604Hwzb4YqiUOAnfTmrhZLmKV/K8DEvwIDAQAB
o4IDBzCCAwMwHQYDVR0OBBYEFGpHVbV0PfIrKGaNJYorQuyrG0taMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvYWtkVnRYUTk4aXNvWm8wbGlpdEM3S3NiUzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGwYIKwYBBQUHAQcBAf8EggEKMIIBBjB6BAIAATB0AwQD
UFHAAwQBUFHKAwQCuQAEAwQAuQEIMAwDBAG5AS4DBAC5ATADBAC5AXcDBAC5AYMD
BAG5AaoDBAG5AbYDBAC5AbsDBAG5AcADBAC5AcUDBAK5AdADBAC5AdwDBAC5AfQD
BAC5AfYDBAC5AfgDBAG5AfwwgYcEAgACMIGAAwcAIAEH+AAAAwcAIAEH+AAyAwcA
IAEH+AA2AwcAIAEH+AA9AwcAIAEH+AA/AwcAIAEH+ABEAwcAIAEH+ABzAwcAIAEH
+ACeAwcAIAEH+ACgAwcAIAEH+ADVAwcAIAEH+AEGAwcAIAEH+AEKMBIDBwAgAQf4
ATkDBwAgAQf4ATwwDQYJKoZIhvcNAQELBQADggEBAGNpwypMHWPP8meFeX2Ecy3b
XKM555J8Ka7ZdTdcr+mZlPuHELsS4S8CJGN5jxywEwgsrI3K/q9Lzo6KWZscYuds
kAsCbx6wp9FAUb9L6b/U5ECjWFQFnve7352Ugxrw9P3iGvZy53b5QpphOk+SvsGb
bbLBAGp9YkpxZfb+usvUcM4BNFOUe0ND1e00Eu71jTcapglXWJ20K9bl0Vs6ekmW
4UbtzuhdnB/s6JCEyqTJGKIpKWuW9zEPnyyuCNMaKYdWbI+5depaLE6rMU92O6eq
Rd+wqQ8I/lsedPOtpwm3OZg+EJ++qCLRVsjKpBMRnozjnWfSsZlnFdtklF+S7Wc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:01 2023 by rpki-client on console-fra.rpki-client.org