Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/1-8j42PU6q3m3NdVRzxX5WYnn8Mg.roa
File: 1-8j42PU6q3m3NdVRzxX5WYnn8Mg.roa (raw, json)
Hash identifier: 2A8IH5OCYtAj4Karo2+vef6b30eAsK2Par4wTmPGTVY=
Subject key identifier: FB:C8:F8:D8:F5:3A:AB:79:B7:35:D5:51:CF:15:F9:59:89:E7:F0:C8
Certificate issuer: /CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Certificate serial: 0AC19E77
Authority key identifier: 27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/1-8j42PU6q3m3NdVRzxX5WYnn8Mg.roa
Signing time: Sat 01 Jan 2022 14:57:27 +0000
ROA not before: Sat 01 Jan 2022 14:57:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2852
IP address blocks: 185.8.160.0/22 maxlen: 24
78.128.128.0/17 maxlen: 24
193.84.80.0/22 maxlen: 24
195.178.64.0/19 maxlen: 24
195.113.0.0/16 maxlen: 24
2001:718::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180461175 (0xac19e77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27df042824273fcff3f093d0f9b1dec6960bae6a
Validity
Not Before: Jan 1 14:57:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbc8f8d8f53aab79b735d551cf15f95989e7f0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:d4:b3:76:7d:8b:98:39:8e:a1:4b:c5:36:
46:35:c1:b8:73:8c:6a:30:eb:f1:aa:70:f2:8b:1f:
13:1a:f9:d9:f7:e9:0c:4f:3b:9a:3f:21:32:6b:b0:
24:f1:85:98:c6:e6:1a:12:ed:18:85:3b:ea:9c:a1:
64:a2:05:0e:94:3e:4f:cb:c2:5b:f9:7f:25:d1:36:
aa:96:62:87:86:41:a1:e0:19:db:33:0c:1e:da:a3:
8e:78:00:21:41:9b:62:92:d9:57:59:72:ad:b9:85:
38:90:43:45:01:92:27:c1:e1:92:08:83:cd:e4:94:
de:ed:f8:b8:b1:56:c7:ca:3c:88:84:bf:12:8b:9a:
31:0a:15:da:bf:9f:36:01:f1:cc:dc:7c:d3:78:06:
3f:6a:a7:69:da:34:8c:2d:2e:ea:07:53:ce:f3:9c:
29:cb:aa:03:8d:c0:b3:45:e1:fb:c1:b7:cf:cf:da:
ad:bd:43:5f:09:41:51:fe:3e:80:35:4f:f1:86:b1:
23:6c:cd:e8:f4:ab:bc:0a:9e:9f:9f:03:fd:54:b0:
9f:ab:68:57:91:48:0c:e6:9d:b5:52:b2:f3:c8:47:
7b:fb:14:a2:69:46:6e:45:94:d0:17:09:26:40:74:
24:8d:80:3b:07:f5:5b:b7:7b:8f:28:1f:b4:7a:9c:
8b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C8:F8:D8:F5:3A:AB:79:B7:35:D5:51:CF:15:F9:59:89:E7:F0:C8
X509v3 Authority Key Identifier:
keyid:27:DF:04:28:24:27:3F:CF:F3:F0:93:D0:F9:B1:DE:C6:96:0B:AE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J98EKCQnP8_z8JPQ-bHexpYLrmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/1-8j42PU6q3m3NdVRzxX5WYnn8Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/acffd6-dc1e-4e0d-8d25-ce22d5eab82f/1/J98EKCQnP8_z8JPQ-bHexpYLrmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.128.128.0/17
185.8.160.0/22
193.84.80.0/22
195.113.0.0/16
195.178.64.0/19
IPv6:
2001:718::/32
Signature Algorithm: sha256WithRSAEncryption
ad:45:48:d7:de:ae:c7:58:d4:d2:8c:cf:c4:49:fe:d1:16:78:
1e:37:6b:4c:50:70:4d:3b:50:9b:02:8e:48:0e:86:fc:19:f1:
da:29:17:d7:e4:74:d0:66:6e:3e:5f:ef:fe:a9:55:24:04:f5:
3a:b8:c4:b0:79:7f:40:de:13:62:1e:88:89:2e:17:ca:72:47:
d0:7f:8f:e4:62:10:6d:59:94:68:ab:e5:16:d5:42:57:ba:1c:
3d:25:e7:f5:d0:7f:f5:f6:8e:63:b8:65:84:49:48:ce:d3:7f:
43:42:bb:26:83:20:cc:36:83:b7:ee:e6:ba:40:d5:d3:cf:66:
67:cb:3d:c2:c0:68:fd:d7:c4:81:ce:a4:0a:b0:d7:6b:95:98:
bc:84:f2:1d:c7:42:df:cb:c7:6a:bf:1a:22:f8:18:0f:15:d1:
a4:7a:79:95:0d:00:23:e1:db:1d:c5:9d:af:f9:37:2f:c4:0c:
71:e4:d6:a6:07:cc:ae:b3:ae:91:0f:f1:e2:0f:0c:ae:6d:9b:
93:09:6d:9e:9c:e7:04:b3:93:10:03:f5:8b:21:9e:b9:cd:e1:
75:fe:36:81:b6:c6:a1:ec:a2:86:20:bd:70:e0:76:26:ed:5a:
d6:dc:77:de:61:35:9a:82:ab:78:1e:57:9c:fb:23:ea:9b:e2:
a1:8a:ff:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECsGedzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
N2RmMDQyODI0MjczZmNmZjNmMDkzZDBmOWIxZGVjNjk2MGJhZTZhMB4XDTIyMDEw
MTE0NTcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJjOGY4ZDhmNTNh
YWI3OWI3MzVkNTUxY2YxNWY5NTk4OWU3ZjBjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhy1LN2fYuYOY6hS8U2RjXBuHOMajDr8apw8osfExr52ffp
DE87mj8hMmuwJPGFmMbmGhLtGIU76pyhZKIFDpQ+T8vCW/l/JdE2qpZih4ZBoeAZ
2zMMHtqjjngAIUGbYpLZV1lyrbmFOJBDRQGSJ8HhkgiDzeSU3u34uLFWx8o8iIS/
EouaMQoV2r+fNgHxzNx803gGP2qnado0jC0u6gdTzvOcKcuqA43As0Xh+8G3z8/a
rb1DXwlBUf4+gDVP8YaxI2zN6PSrvAqen58D/VSwn6toV5FIDOadtVKy88hHe/sU
omlGbkWU0BcJJkB0JI2AOwf1W7d7jygftHqci6kCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBT7yPjY9Tqrebc11VHPFflZiefwyDAfBgNVHSMEGDAWgBQn3wQoJCc/z/Pw
k9D5sd7GlguuajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0o5OEVLQ1FuUDhfejhKUFEtYkhleHBZTHJtby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvYWNmZmQ2LWRjMWUtNGUwZC04ZDI1LWNlMjJkNWVhYjgyZi8x
LzEtOGo0MlBVNnEzbTNOZFZSenhYNVdZbm44TWcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRk
L2FjZmZkNi1kYzFlLTRlMGQtOGQyNS1jZTIyZDVlYWI4MmYvMS9KOThFS0NRblA4
X3o4SlBRLWJIZXhwWUxybW8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
RQYIKwYBBQUHAQcBAf8ENjA0MCMEAgABMB0DBAdOgIADBAK5CKADBALBVFADAwDD
cQMEBcOyQDANBAIAAjAHAwUAIAEHGDANBgkqhkiG9w0BAQsFAAOCAQEArUVI196u
x1jU0ozPxEn+0RZ4HjdrTFBwTTtQmwKOSA6G/Bnx2ikX1+R00GZuPl/v/qlVJAT1
OrjEsHl/QN4TYh6IiS4XynJH0H+P5GIQbVmUaKvlFtVCV7ocPSXn9dB/9faOY7hl
hElIztN/Q0K7JoMgzDaDt+7mukDV089mZ8s9wsBo/dfEgc6kCrDXa5WYvITyHcdC
38vHar8aIvgYDxXRpHp5lQ0AI+HbHcWdr/k3L8QMceTWpgfMrrOukQ/x4g8Mrm2b
kwltnpznBLOTEAP1iyGeuc3hdf42gbbGoeyihiC9cOB2Ju1a1tx33mE1moKreB5X
nPsj6pvioYr/Xg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:45 2025 by rpki-client