Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/8K_YnslW6t7YDhobYHfUQvVWKUU.roa
File: 8K_YnslW6t7YDhobYHfUQvVWKUU.roa (raw, json)
Hash identifier: +rLYW/IMur16mHEjSjEwEPip2tEXzlnVFPaQD9ZXJZ8=
Subject key identifier: F0:AF:D8:9E:C9:56:EA:DE:D8:0E:1A:1B:60:77:D4:42:F5:56:29:45
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 20ADAF7A
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/8K_YnslW6t7YDhobYHfUQvVWKUU.roa
Signing time: Tue 26 Apr 2022 11:38:58 +0000
ROA not before: Tue 26 Apr 2022 11:38:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60461
IP address blocks: 94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 548253562 (0x20adaf7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Apr 26 11:38:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0afd89ec956eaded80e1a1b6077d442f5562945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:08:b2:bf:79:b5:d7:41:47:69:f8:dd:98:4a:
e8:ad:5d:02:91:31:56:4c:05:98:0e:d0:42:3d:2b:
4e:b7:c0:22:96:21:7f:66:46:75:80:e2:0e:04:b2:
a2:64:80:25:32:cb:b0:5b:9f:db:04:41:67:99:fe:
18:9e:2e:b7:01:f8:a0:88:79:53:f1:40:35:3c:bb:
53:ac:63:14:3d:c3:6a:ea:aa:20:6b:83:80:7d:c5:
1d:64:25:af:74:98:1e:f2:4b:9f:36:e3:ad:f6:04:
bc:a3:17:1f:51:41:4a:5f:13:e6:42:9a:07:35:6d:
f6:80:cf:d5:8b:9a:04:ec:15:7e:2a:00:ac:18:a0:
05:c8:01:61:bd:0f:1e:f6:39:57:4d:b0:e2:4f:b0:
4b:da:a5:c2:54:18:f6:5b:55:e8:8a:a5:3a:d9:dc:
f3:1c:4b:c7:10:83:2c:26:5e:05:52:df:97:7c:cc:
f9:68:03:fe:e5:53:33:0b:8f:56:14:b5:bb:db:86:
b8:7e:14:9f:b3:6f:f7:20:92:ac:36:dc:cf:27:47:
6a:3a:d9:b3:73:44:b8:91:a6:9f:e4:b9:22:6d:b3:
03:f1:8b:e1:59:0d:51:17:63:c8:47:f3:cf:46:52:
ad:78:89:68:62:6b:3b:d9:fe:62:e7:5a:94:94:62:
3c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:AF:D8:9E:C9:56:EA:DE:D8:0E:1A:1B:60:77:D4:42:F5:56:29:45
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/8K_YnslW6t7YDhobYHfUQvVWKUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.39.0/24
37.114.43.0-37.114.46.255
37.114.48.0/24
37.114.50.0-37.114.52.255
37.114.54.0/24
37.114.58.0/24
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
bf:15:82:55:7c:c7:e9:cc:d5:7d:aa:2c:89:27:96:4a:2f:9b:
ce:c9:32:3e:75:4b:96:43:2d:7a:15:76:5c:c7:e5:18:05:28:
73:87:85:28:ad:e9:e4:c7:72:d9:c9:70:49:25:9f:74:b1:41:
ba:ed:58:11:9f:72:ed:b1:4e:a4:74:4b:1f:35:c5:ae:2a:50:
9a:33:d7:62:67:2f:36:39:57:45:54:c0:97:85:d0:9e:53:0d:
bf:e0:0d:3b:f8:4d:c2:76:32:33:b6:21:9c:43:97:ff:74:e6:
2b:77:22:69:3c:74:c1:1f:83:5e:e5:01:4e:e9:03:a8:c0:56:
1d:82:bd:f5:d4:1f:84:b4:dc:16:b5:9f:c1:8a:b3:3d:71:0c:
89:c7:9d:83:f4:59:2f:e6:8f:66:56:a1:11:6e:3a:bb:48:8a:
94:84:23:7a:32:4f:fe:c0:79:8a:22:5c:57:e4:be:92:55:0d:
2e:e2:a5:52:33:ef:6d:5b:ff:77:7d:ce:37:84:c5:ff:50:97:
dc:1e:8b:04:52:86:6d:b4:98:b3:5f:98:5f:5e:99:12:48:89:
6e:5f:a8:20:f3:30:6f:28:57:5f:8b:57:9d:6e:31:d6:ca:7b:
ac:13:c1:61:be:a8:78:2d:ab:9b:52:ad:f9:7d:d9:24:bc:85:
6c:bd:83:2b
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIEIK2vejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDQy
NjExMzg1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBhZmQ4OWVjOTU2
ZWFkZWQ4MGUxYTFiNjA3N2Q0NDJmNTU2Mjk0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsIsr95tddBR2n43ZhK6K1dApExVkwFmA7QQj0rTrfAIpYh
f2ZGdYDiDgSyomSAJTLLsFuf2wRBZ5n+GJ4utwH4oIh5U/FANTy7U6xjFD3Dauqq
IGuDgH3FHWQlr3SYHvJLnzbjrfYEvKMXH1FBSl8T5kKaBzVt9oDP1YuaBOwVfioA
rBigBcgBYb0PHvY5V02w4k+wS9qlwlQY9ltV6IqlOtnc8xxLxxCDLCZeBVLfl3zM
+WgD/uVTMwuPVhS1u9uGuH4Un7Nv9yCSrDbczydHajrZs3NEuJGmn+S5Im2zA/GL
4VkNURdjyEfzz0ZSrXiJaGJrO9n+YudalJRiPHECAwEAAaOCAmQwggJgMB0GA1Ud
DgQWBBTwr9ieyVbq3tgOGhtgd9RC9VYpRTAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
LzhLX1luc2xXNnQ3WURob2JZSGZVUXZWV0tVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6
BggrBgEFBQcBBwEB/wRrMGkwWAQCAAEwUgMEACVyIQMEACVyJzAMAwQAJXIrAwQA
JXIuAwQAJXIwMAwDBAElcjIDBAAlcjQDBAAlcjYDBAAlcjoDBAEr+6ADBABemjID
BABemjcDBAKwZCQwDQQCAAIwBwMFACoAzMMwDQYJKoZIhvcNAQELBQADggEBAL8V
glV8x+nM1X2qLIknlkovm87JMj51S5ZDLXoVdlzH5RgFKHOHhSit6eTHctnJcEkl
n3SxQbrtWBGfcu2xTqR0Sx81xa4qUJoz12JnLzY5V0VUwJeF0J5TDb/gDTv4TcJ2
MjO2IZxDl/905it3Imk8dMEfg17lAU7pA6jAVh2CvfXUH4S03Ba1n8GKsz1xDInH
nYP0WS/mj2ZWoRFuOrtIipSEI3oyT/7AeYoiXFfkvpJVDS7ipVIz721b/3d9zjeE
xf9Ql9weiwRShm20mLNfmF9emRJIiW5fqCDzMG8oV1+LV51uMdbKe6wTwWG+qHgt
q5tSrfl92SS8hWy9gys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org