Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/8h0fc68bHQUH_gSAMqTFgzTR5WM.roa
File: 8h0fc68bHQUH_gSAMqTFgzTR5WM.roa (raw, json)
Hash identifier: KokN87QUMyCKKiZ0PgF9Zg7VVWC5WDvBr8HFFkfyBPM=
Subject key identifier: F2:1D:1F:73:AF:1B:1D:05:07:FE:04:80:32:A4:C5:83:34:D1:E5:63
Certificate issuer: /CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Certificate serial: 066F6076
Authority key identifier: D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/8h0fc68bHQUH_gSAMqTFgzTR5WM.roa
Signing time: Tue 15 Feb 2022 07:40:42 +0000
ROA not before: Tue 15 Feb 2022 07:40:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206757
IP address blocks: 195.10.218.0/24 maxlen: 24
203.78.160.0/24 maxlen: 24
185.218.236.0/22 maxlen: 24
45.147.16.0/22 maxlen: 24
193.16.151.0/24 maxlen: 24
193.16.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107962486 (0x66f6076)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Validity
Not Before: Feb 15 07:40:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f21d1f73af1b1d0507fe048032a4c58334d1e563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:18:5f:de:a3:ea:54:ef:02:89:73:50:c4:5a:
ce:9c:f5:cc:d6:8f:89:a9:70:82:2a:36:59:2a:14:
6d:43:18:2e:e2:5a:92:49:d3:5c:e8:b6:c3:d1:b6:
f3:d9:cc:4f:51:ec:0e:12:44:20:7d:fc:9f:df:3c:
a7:51:a1:ad:ed:8e:9d:70:56:26:43:82:08:5d:73:
0c:1f:66:de:8e:d4:80:c9:8c:5e:40:e5:75:a1:55:
67:4e:97:2c:13:6e:af:b5:c9:e0:0d:8b:1b:74:11:
16:f4:eb:e5:cc:7a:05:dd:55:65:74:cc:a6:53:a7:
cb:8a:cf:8e:47:b7:6f:08:96:84:c7:6a:9c:c3:7d:
bc:13:b5:ff:46:c6:a9:fd:e8:66:6c:50:63:2c:3c:
38:af:8d:48:29:31:51:ac:12:d6:26:4c:06:82:dd:
0c:ac:71:9c:57:b4:97:8d:c8:0a:ad:d0:1e:19:a6:
16:3c:32:ff:30:d7:b1:c3:da:51:92:06:24:91:f6:
28:5e:2a:3e:4a:79:3b:44:9e:0a:fe:b9:b7:ef:ed:
82:d3:81:a7:5f:c2:74:b3:1f:73:1e:80:7f:0e:b8:
cf:15:35:b2:76:4d:b1:81:b7:c5:60:0f:9e:25:f6:
8c:28:4d:a2:7d:05:7b:f3:e4:b7:e7:ec:15:87:c9:
aa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1D:1F:73:AF:1B:1D:05:07:FE:04:80:32:A4:C5:83:34:D1:E5:63
X509v3 Authority Key Identifier:
keyid:D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/8h0fc68bHQUH_gSAMqTFgzTR5WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.16.0/22
185.218.236.0/22
193.16.151.0/24
193.16.156.0/24
195.10.218.0/24
203.78.160.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:26:db:70:bb:c0:12:96:72:d8:5f:23:d9:af:36:fa:57:e8:
f6:af:2b:7c:15:f0:5f:49:c5:0f:7b:d1:9e:1f:d1:24:fd:33:
40:13:73:4f:3c:91:f8:fe:63:85:a1:d1:53:a3:3b:fe:a1:b2:
93:67:80:05:81:c6:e5:f7:ff:cd:34:43:51:6b:d7:f4:cd:a5:
c9:33:15:fc:02:e3:c5:ea:96:78:11:66:f5:2a:af:07:13:9b:
1b:f2:9b:a1:18:36:87:7d:48:f7:9b:2a:46:ec:0e:75:2a:21:
a6:be:4f:8f:87:47:cf:b3:f7:ba:c8:9b:8a:c1:17:37:48:97:
f2:ca:fb:21:91:b2:01:94:88:4b:ff:44:d3:81:c2:61:67:86:
86:4a:e9:50:bb:6e:94:5d:01:1e:42:bc:42:07:42:86:b3:e0:
7a:80:7d:cd:ab:e7:73:00:21:e8:cb:f5:57:6d:26:c3:5b:16:
52:cf:1f:2c:79:8b:df:48:83:e6:e4:19:81:6a:4a:05:14:bd:
31:db:d3:d6:a5:43:3d:40:20:30:e0:fb:72:ef:89:de:53:41:
11:75:57:e0:5f:c5:b9:da:c2:e6:10:43:fe:03:3f:f4:da:7f:
8a:fc:48:9a:db:b2:28:f7:73:97:b3:e6:37:46:6f:c2:7c:1c:
76:bb:3a:f9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBm9gdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjI5MDEwY2RiMGIzMTJjMzJlMDdhYWY5YjcyMGQ3M2QzYmNkM2FiMB4XDTIyMDIx
NTA3NDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIxZDFmNzNhZjFi
MWQwNTA3ZmUwNDgwMzJhNGM1ODMzNGQxZTU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIYX96j6lTvAolzUMRazpz1zNaPialwgio2WSoUbUMYLuJa
kknTXOi2w9G289nMT1HsDhJEIH38n988p1Ghre2OnXBWJkOCCF1zDB9m3o7UgMmM
XkDldaFVZ06XLBNur7XJ4A2LG3QRFvTr5cx6Bd1VZXTMplOny4rPjke3bwiWhMdq
nMN9vBO1/0bGqf3oZmxQYyw8OK+NSCkxUawS1iZMBoLdDKxxnFe0l43ICq3QHhmm
Fjwy/zDXscPaUZIGJJH2KF4qPkp5O0SeCv65t+/tgtOBp1/CdLMfcx6Afw64zxU1
snZNsYG3xWAPniX2jChNon0Fe/Pkt+fsFYfJqn0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTyHR9zrxsdBQf+BIAypMWDNNHlYzAfBgNVHSMEGDAWgBTWKQEM2wsxLDLg
eq+bcg1z07zTqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFpa0JETnNMTVN3eTRIcXZtM0lOYzlPODA2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMTk0YzFlLTk3MTAtNGQzNS04MjNiLTVkZDMzOTk0YTI0MS8x
LzhoMGZjNjhiSFFVSF9nU0FNcVRGZ3pUUjVXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MTk0YzFlLTk3MTAtNGQzNS04MjNiLTVkZDMzOTk0YTI0MS8xLzFpa0JETnNMTVN3
eTRIcXZtM0lOYzlPODA2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAi2TEAMEArna7AMEAMEQlwMEAMEQ
nAMEAMMK2gMEAMtOoDANBgkqhkiG9w0BAQsFAAOCAQEAGibbcLvAEpZy2F8j2a82
+lfo9q8rfBXwX0nFD3vRnh/RJP0zQBNzTzyR+P5jhaHRU6M7/qGyk2eABYHG5ff/
zTRDUWvX9M2lyTMV/ALjxeqWeBFm9SqvBxObG/KboRg2h31I95sqRuwOdSohpr5P
j4dHz7P3usibisEXN0iX8sr7IZGyAZSIS/9E04HCYWeGhkrpULtulF0BHkK8QgdC
hrPgeoB9zavncwAh6Mv1V20mw1sWUs8fLHmL30iD5uQZgWpKBRS9MdvT1qVDPUAg
MOD7cu+J3lNBEXVX4F/FudrC5hBD/gM/9Np/ivxImtuyKPdzl7PmN0Zvwnwcdrs6
+Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:31 2025 by rpki-client