Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/CO81mKLMY-r9hYPqz5v8nR6Oj-I.roa
File: CO81mKLMY-r9hYPqz5v8nR6Oj-I.roa (raw, json)
Hash identifier: VZ7zZWQ3Fs5OqVf98iP27UATwev9kX6HkCJkztAg9yQ=
Subject key identifier: 08:EF:35:98:A2:CC:63:EA:FD:85:83:EA:CF:9B:FC:9D:1E:8E:8F:E2
Certificate issuer: /CN=cfa968319d72a98a759400338b70fdc678912de6
Certificate serial: 0A9FC6EE
Authority key identifier: CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/CO81mKLMY-r9hYPqz5v8nR6Oj-I.roa
Signing time: Fri 15 Apr 2022 12:25:40 +0000
ROA not before: Fri 15 Apr 2022 12:25:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41887
IP address blocks: 94.228.128.0/20 maxlen: 24
94.228.133.226/32 maxlen: 32
195.144.2.0/24 maxlen: 24
94.228.129.181/32 maxlen: 32
178.22.80.0/21 maxlen: 24
62.204.64.0/20 maxlen: 24
62.204.64.0/19 maxlen: 19
62.204.64.0/24 maxlen: 24
185.63.164.0/22 maxlen: 24
62.204.67.0/24 maxlen: 24
62.204.66.0/24 maxlen: 24
62.204.65.0/24 maxlen: 24
62.204.80.0/20 maxlen: 20
62.204.94.0/23 maxlen: 24
62.204.92.0/22 maxlen: 22
62.204.92.0/23 maxlen: 24
2a00:d00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178243310 (0xa9fc6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfa968319d72a98a759400338b70fdc678912de6
Validity
Not Before: Apr 15 12:25:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08ef3598a2cc63eafd8583eacf9bfc9d1e8e8fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:40:33:cf:17:9d:96:dd:fa:a0:b3:6c:72:39:
ee:e8:49:c1:5d:ea:ab:3f:9e:47:11:46:35:4a:a8:
bf:54:bd:ec:b2:35:ad:c4:7f:ab:d9:db:67:d2:91:
3f:73:86:0c:43:6d:dc:b8:5b:73:c6:6a:f6:e5:9b:
6f:59:0a:7b:31:37:71:38:96:16:ba:74:82:19:99:
12:61:56:1b:e7:43:5c:e1:64:72:10:86:2b:a3:f6:
eb:56:58:a3:ea:1d:b0:ab:c1:37:cc:f5:2b:93:13:
47:0a:f7:fe:0d:98:9d:e2:90:1d:b5:b2:03:0a:dd:
95:c6:99:96:f1:f3:32:6d:59:c7:d6:10:f9:72:7f:
fa:7f:d1:15:1f:60:a3:21:00:ba:7b:27:b9:f8:e2:
87:58:b7:13:39:19:c4:51:81:59:48:4b:36:d2:72:
3d:4d:ee:7c:b1:ff:0e:da:fc:7b:64:0c:ec:72:b0:
c0:ba:6f:f7:14:fc:91:7a:9c:22:83:61:a0:ca:73:
38:f8:2a:15:67:84:07:0f:90:1a:e7:90:29:0d:2a:
1c:31:46:4c:9e:07:dd:f5:9b:ca:a4:3d:47:a7:4a:
6c:d0:88:72:bc:3b:01:f0:c0:73:ed:b5:4d:0b:8c:
e7:b9:f8:6e:24:dc:fa:42:ba:34:1b:5e:77:15:28:
38:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:EF:35:98:A2:CC:63:EA:FD:85:83:EA:CF:9B:FC:9D:1E:8E:8F:E2
X509v3 Authority Key Identifier:
keyid:CF:A9:68:31:9D:72:A9:8A:75:94:00:33:8B:70:FD:C6:78:91:2D:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6loMZ1yqYp1lAAzi3D9xniRLeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/CO81mKLMY-r9hYPqz5v8nR6Oj-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dc616f-de9b-478e-8539-8ce51018e2e6/1/z6loMZ1yqYp1lAAzi3D9xniRLeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.64.0/19
94.228.128.0/20
178.22.80.0/21
185.63.164.0/22
195.144.2.0/24
IPv6:
2a00:d00::/29
Signature Algorithm: sha256WithRSAEncryption
04:58:45:72:66:a1:a6:24:a3:51:06:d8:09:6d:cf:e8:63:6a:
96:40:30:6a:51:9c:f7:f1:47:cf:2f:a1:74:e3:f1:c4:47:af:
45:25:29:2d:9e:f2:f3:d1:e6:a2:29:88:76:71:c8:ac:1d:bd:
f1:e6:e5:e5:29:26:b4:a9:7e:98:a1:51:2c:92:39:6c:52:52:
a3:fe:a3:73:ac:a4:57:53:87:68:cb:ff:5c:96:e3:92:7d:dc:
ea:ad:dd:8b:bb:27:89:34:22:7b:12:1b:24:b2:93:fe:2d:d5:
ab:b8:2c:a2:72:51:dd:7a:a2:51:e8:6e:a5:36:52:35:d4:9c:
1e:b7:4f:b7:c2:a4:80:fe:f2:f6:07:19:83:c0:a7:02:37:88:
8f:f7:cf:88:56:52:d2:8d:15:0e:de:e9:bf:6d:bb:fd:05:85:
8e:d3:d7:61:1b:b3:44:4b:36:b4:a7:a4:c2:14:6e:b6:30:e0:
4c:06:85:c0:bd:60:c1:4d:88:93:56:a0:2a:f4:fd:08:45:94:
0b:de:5f:c1:b6:e0:17:9b:b0:ba:fa:ef:16:81:9a:72:76:d9:
67:3b:07:54:88:62:06:a0:8f:c4:56:57:c9:50:a3:ea:08:69:
f4:9c:f7:11:33:57:af:09:27:07:43:21:a2:e6:03:42:50:cd:
9d:16:ff:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECp/G7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZmE5NjgzMTlkNzJhOThhNzU5NDAwMzM4YjcwZmRjNjc4OTEyZGU2MB4XDTIyMDQx
NTEyMjU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhlZjM1OThhMmNj
NjNlYWZkODU4M2VhY2Y5YmZjOWQxZThlOGZlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZAM88XnZbd+qCzbHI57uhJwV3qqz+eRxFGNUqov1S97LI1
rcR/q9nbZ9KRP3OGDENt3Lhbc8Zq9uWbb1kKezE3cTiWFrp0ghmZEmFWG+dDXOFk
chCGK6P261ZYo+odsKvBN8z1K5MTRwr3/g2YneKQHbWyAwrdlcaZlvHzMm1Zx9YQ
+XJ/+n/RFR9goyEAunsnufjih1i3EzkZxFGBWUhLNtJyPU3ufLH/Dtr8e2QM7HKw
wLpv9xT8kXqcIoNhoMpzOPgqFWeEBw+QGueQKQ0qHDFGTJ4H3fWbyqQ9R6dKbNCI
crw7AfDAc+21TQuM57n4biTc+kK6NBtedxUoOMcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQI7zWYosxj6v2Fg+rPm/ydHo6P4jAfBgNVHSMEGDAWgBTPqWgxnXKpinWU
ADOLcP3GeJEt5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3o2bG9NWjF5cVlwMWxBQXppM0Q5eG5pUkxlWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvZGM2MTZmLWRlOWItNDc4ZS04NTM5LThjZTUxMDE4ZTJlNi8x
L0NPODFtS0xNWS1yOWhZUHF6NXY4blI2T2otSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ZGM2MTZmLWRlOWItNDc4ZS04NTM5LThjZTUxMDE4ZTJlNi8xL3o2bG9NWjF5cVlw
MWxBQXppM0Q5eG5pUkxlWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBT7MQAMEBF7kgAMEA7IWUAMEArk/
pAMEAMOQAjANBAIAAjAHAwUDKgANADANBgkqhkiG9w0BAQsFAAOCAQEABFhFcmah
piSjUQbYCW3P6GNqlkAwalGc9/FHzy+hdOPxxEevRSUpLZ7y89HmoimIdnHIrB29
8ebl5SkmtKl+mKFRLJI5bFJSo/6jc6ykV1OHaMv/XJbjkn3c6q3di7sniTQiexIb
JLKT/i3Vq7gsonJR3XqiUehupTZSNdScHrdPt8KkgP7y9gcZg8CnAjeIj/fPiFZS
0o0VDt7pv227/QWFjtPXYRuzREs2tKekwhRutjDgTAaFwL1gwU2Ik1agKvT9CEWU
C95fwbbgF5uwuvrvFoGacnbZZzsHVIhiBqCPxFZXyVCj6ghp9Jz3ETNXrwknB0Mh
ouYDQlDNnRb/Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:02 2024 by rpki-client on console-ams.rpki-client.org