Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/weTLx8PClWjqvcDZOrq5xgbSNLI.roa
File: weTLx8PClWjqvcDZOrq5xgbSNLI.roa (raw, json)
Hash identifier: G3flBVIx5SikWpbP3+Ks/XlNrNbZ8xd5KEITDckTiDc=
Subject key identifier: C1:E4:CB:C7:C3:C2:95:68:EA:BD:C0:D9:3A:BA:B9:C6:06:D2:34:B2
Certificate issuer: /CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Certificate serial: 0184B9FC5039345638457E8EE5F56AD68937
Authority key identifier: 8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/weTLx8PClWjqvcDZOrq5xgbSNLI.roa
Signing time: Sun 27 Nov 2022 16:47:11 +0000
ROA not before: Sun 27 Nov 2022 16:47:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.48.0/24 maxlen: 24
185.1.47.0/24 maxlen: 24
185.1.46.0/24 maxlen: 24
80.81.192.0/21 maxlen: 21
80.81.203.0/24 maxlen: 24
80.81.202.0/24 maxlen: 24
185.1.8.0/24 maxlen: 24
185.1.119.0/24 maxlen: 24
185.1.131.0/24 maxlen: 24
185.1.170.0/23 maxlen: 23
185.1.245.0/24 maxlen: 24
185.1.244.0/24 maxlen: 24
185.1.246.0/24 maxlen: 24
185.1.248.0/24 maxlen: 24
185.1.252.0/24 maxlen: 24
185.1.253.0/24 maxlen: 24
185.0.4.0/24 maxlen: 24
185.0.7.0/24 maxlen: 24
185.0.6.0/24 maxlen: 24
185.0.5.0/24 maxlen: 24
185.0.8.0/24 maxlen: 24
185.1.183.0/24 maxlen: 24
185.1.182.0/24 maxlen: 24
185.1.187.0/24 maxlen: 24
185.1.192.0/23 maxlen: 23
185.1.197.0/24 maxlen: 24
185.1.210.0/23 maxlen: 23
185.1.208.0/23 maxlen: 23
185.1.220.0/24 maxlen: 24
2001:7f8:10a::/48 maxlen: 48
2001:7f8:9e::/48 maxlen: 48
2001:7f8:13e::/48 maxlen: 48
2001:7f8:139::/48 maxlen: 48
2001:7f8:13c::/48 maxlen: 48
2001:7f8:32::/48 maxlen: 48
2001:7f8:106::/48 maxlen: 48
2001:7f8:44::/48 maxlen: 48
2001:7f8:df::/64 maxlen: 64
2001:7f8:3f::/48 maxlen: 48
2001:7f8:13a::/48 maxlen: 48
2001:7f8:d5::/48 maxlen: 48
2001:7f8:73::/48 maxlen: 48
2001:7f8:3d::/48 maxlen: 48
2001:7f8:a0::/48 maxlen: 48
2001:7f8::/48 maxlen: 48
2001:7f8:13b::/48 maxlen: 48
2001:7f8:36::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b9:fc:50:39:34:56:38:45:7e:8e:e5:f5:6a:d6:89:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b69fc6128be591401acf82bc2461af636ebe8e6
Validity
Not Before: Nov 27 16:47:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1e4cbc7c3c29568eabdc0d93abab9c606d234b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:27:7e:12:fb:a8:23:c2:a9:a4:2b:ad:3a:41:
43:5b:83:d4:f2:11:75:88:7f:0a:99:a1:fe:37:df:
be:66:22:f7:48:2d:1e:d3:3f:e9:1d:9e:c9:9f:a4:
6d:2c:fc:0b:c6:f6:6b:ea:0e:14:e0:ca:3d:1e:77:
32:b4:b4:c3:45:da:1c:bd:98:0b:61:19:e4:12:0b:
96:c4:13:1e:f0:a1:65:1b:98:a2:39:eb:85:cf:0d:
fe:cb:09:d7:cd:ac:ad:7e:7c:48:e9:04:70:b0:97:
f0:8d:5a:bd:0f:85:2b:09:e7:ef:c9:30:66:18:33:
a3:c5:9e:db:35:7f:97:58:30:9d:a9:86:36:59:86:
d2:77:8d:56:b1:9b:e1:db:86:94:34:b6:e7:ae:7d:
3a:ae:c4:ca:ce:e3:4d:a2:5f:0f:25:13:6d:15:49:
57:30:d3:e4:0b:7a:60:e5:30:96:d8:48:1a:c0:4a:
4d:4c:c1:ba:48:22:46:71:e9:fc:86:2c:e7:77:31:
2a:84:d0:9b:10:aa:4b:10:1e:a8:4c:e9:ed:f0:72:
3e:77:0b:51:ac:42:fb:5e:a9:90:c5:e8:06:57:d4:
34:84:96:c3:9a:2e:15:6f:e7:bb:7a:cf:d3:89:42:
87:2e:71:46:35:d2:b2:e6:d4:18:f9:2c:80:f3:24:
0d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E4:CB:C7:C3:C2:95:68:EA:BD:C0:D9:3A:BA:B9:C6:06:D2:34:B2
X509v3 Authority Key Identifier:
keyid:8B:69:FC:61:28:BE:59:14:01:AC:F8:2B:C2:46:1A:F6:36:EB:E8:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2n8YSi-WRQBrPgrwkYa9jbr6OY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/weTLx8PClWjqvcDZOrq5xgbSNLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0aa6e6-3054-4888-865e-265f2bd0f8f3/1/i2n8YSi-WRQBrPgrwkYa9jbr6OY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.192.0/21
80.81.202.0/23
185.0.4.0-185.0.8.255
185.1.8.0/24
185.1.46.0-185.1.48.255
185.1.119.0/24
185.1.131.0/24
185.1.170.0/23
185.1.182.0/23
185.1.187.0/24
185.1.192.0/23
185.1.197.0/24
185.1.208.0/22
185.1.220.0/24
185.1.244.0-185.1.246.255
185.1.248.0/24
185.1.252.0/23
IPv6:
2001:7f8::/48
2001:7f8:32::/48
2001:7f8:36::/48
2001:7f8:3d::/48
2001:7f8:3f::/48
2001:7f8:44::/48
2001:7f8:73::/48
2001:7f8:9e::/48
2001:7f8:a0::/48
2001:7f8:d5::/48
2001:7f8:df::/64
2001:7f8:106::/48
2001:7f8:10a::/48
2001:7f8:139::-2001:7f8:13c:ffff:ffff:ffff:ffff:ffff
2001:7f8:13e::/48
Signature Algorithm: sha256WithRSAEncryption
54:6d:90:fa:24:42:8b:7f:59:a1:23:91:4d:c7:99:48:93:c6:
cd:bb:50:2c:4e:2e:0a:23:73:60:c4:07:a3:06:33:f2:f2:49:
6d:f5:81:8f:9b:22:76:b9:6f:ae:dd:12:fb:86:e5:02:1c:db:
d9:01:1a:03:de:f4:34:4e:d8:d8:92:54:3d:0c:81:7a:63:97:
86:35:14:4c:3c:70:ea:b4:12:6c:f9:8f:b7:ea:d6:81:bf:dc:
f9:b3:d5:d3:4c:8f:02:2c:ff:f4:df:de:dd:b9:a4:a3:79:15:
30:c5:56:03:7c:22:bf:12:73:34:a9:31:e7:de:63:8b:4a:f6:
3f:4f:ae:c7:ea:6b:37:23:a2:c9:30:ef:28:0d:a8:fe:65:5a:
98:85:16:f8:09:f4:3f:18:57:ec:7d:26:10:c2:a4:e7:9f:fa:
ad:e4:68:ae:fb:39:4d:f9:89:a1:dd:92:34:a2:1c:90:97:35:
77:67:6d:a4:8d:bc:d6:a5:29:e1:b2:4e:31:ce:a9:8b:cc:b1:
29:ba:9c:15:4f:94:e0:eb:4d:b8:3e:60:44:df:e9:fd:fd:6b:
36:7d:97:59:18:cf:70:e2:90:02:dc:45:3b:1f:82:ae:3e:dc:
4c:92:33:ec:1d:b8:26:f2:86:eb:54:fc:36:d9:26:ba:ab:b2:
ec:20:41:a5
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgISAYS5/FA5NFY4RX6O5fVq1ok3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNjlmYzYxMjhiZTU5MTQwMWFjZjgyYmMyNDYxYWY2MzZl
YmU4ZTYwHhcNMjIxMTI3MTY0NzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU0Y2JjN2MzYzI5NTY4ZWFiZGMwZDkzYWJhYjljNjA2ZDIzNGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSd+EvuoI8KppCutOkFDW4PU8hF1
iH8KmaH+N9++ZiL3SC0e0z/pHZ7Jn6RtLPwLxvZr6g4U4Mo9HncytLTDRdocvZgL
YRnkEguWxBMe8KFlG5iiOeuFzw3+ywnXzaytfnxI6QRwsJfwjVq9D4UrCefvyTBm
GDOjxZ7bNX+XWDCdqYY2WYbSd41WsZvh24aUNLbnrn06rsTKzuNNol8PJRNtFUlX
MNPkC3pg5TCW2EgawEpNTMG6SCJGcen8hizndzEqhNCbEKpLEB6oTOnt8HI+dwtR
rEL7XqmQxegGV9Q0hJbDmi4Vb+e7es/TiUKHLnFGNdKy5tQY+SyA8yQN+wIDAQAB
o4IDJjCCAyIwHQYDVR0OBBYEFMHky8fDwpVo6r3A2Tq6ucYG0jSyMB8GA1UdIwQY
MBaAFItp/GEovlkUAaz4K8JGGvY26+jmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUt
MjY1ZjJiZDBmOGYzLzEvd2VUTHg4UENsV2pxdmNEWk9ycTV4Z2JTTkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYWE2ZTYtMzA1NC00ODg4LTg2NWUtMjY1ZjJiZDBmOGYz
LzEvaTJuOFlTaS1XUlFCclBncndrWWE5amJyNk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOgYIKwYBBQUHAQcBAf8EggEpMIIBJTCBhAQCAAEwfgME
A1BRwAMEAVBRyjAMAwQCuQAEAwQAuQAIAwQAuQEIMAwDBAG5AS4DBAC5ATADBAC5
AXcDBAC5AYMDBAG5AaoDBAG5AbYDBAC5AbsDBAG5AcADBAC5AcUDBAK5AdADBAC5
AdwwDAMEArkB9AMEALkB9gMEALkB+AMEAbkB/DCBmwQCAAIwgZQDBwAgAQf4AAAD
BwAgAQf4ADIDBwAgAQf4ADYDBwAgAQf4AD0DBwAgAQf4AD8DBwAgAQf4AEQDBwAg
AQf4AHMDBwAgAQf4AJ4DBwAgAQf4AKADBwAgAQf4ANUDCQAgAQf4AN8AAAMHACAB
B/gBBgMHACABB/gBCjASAwcAIAEH+AE5AwcAIAEH+AE8AwcAIAEH+AE+MA0GCSqG
SIb3DQEBCwUAA4IBAQBUbZD6JEKLf1mhI5FNx5lIk8bNu1AsTi4KI3NgxAejBjPy
8klt9YGPmyJ2uW+u3RL7huUCHNvZARoD3vQ0TtjYklQ9DIF6Y5eGNRRMPHDqtBJs
+Y+36taBv9z5s9XTTI8CLP/0397duaSjeRUwxVYDfCK/EnM0qTHn3mOLSvY/T67H
6ms3I6LJMO8oDaj+ZVqYhRb4CfQ/GFfsfSYQwqTnn/qt5Giu+zlN+Ymh3ZI0ohyQ
lzV3Z22kjbzWpSnhsk4xzqmLzLEpupwVT5Tg6024PmBE3+n9/Ws2fZdZGM9w4pAC
3EU7H4KuPtxMkjPsHbgm8obrVPw22Sa6q7LsIEGl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:01 2023 by rpki-client on console-fra.rpki-client.org