Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/8CwfyKRtJq4za1DRjPjSWo_l5P0.roa
File: 8CwfyKRtJq4za1DRjPjSWo_l5P0.roa (raw, json)
Hash identifier: mJO45ocGIyCYiRgFSgMDbFk+mQwqcWftH1uLZ/OuTGE=
Subject key identifier: F0:2C:1F:C8:A4:6D:26:AE:33:6B:50:D1:8C:F8:D2:5A:8F:E5:E4:FD
Certificate issuer: /CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Certificate serial: 01845B68C4A3C69D9841DE5CB15B64E12BFD
Authority key identifier: C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/8CwfyKRtJq4za1DRjPjSWo_l5P0.roa
Signing time: Wed 09 Nov 2022 08:01:43 +0000
ROA not before: Wed 09 Nov 2022 08:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198187
IP address blocks: 193.42.241.0/24 maxlen: 24
193.42.242.0/24 maxlen: 24
193.42.242.0/23 maxlen: 23
193.42.243.0/24 maxlen: 24
185.174.112.0/23 maxlen: 23
185.174.112.0/22 maxlen: 22
185.174.112.0/24 maxlen: 24
185.174.115.0/24 maxlen: 24
185.174.113.0/24 maxlen: 24
185.174.114.0/24 maxlen: 24
185.174.114.0/23 maxlen: 23
91.232.62.0/24 maxlen: 24
91.232.62.0/23 maxlen: 23
91.232.63.0/24 maxlen: 24
176.100.192.0/21 maxlen: 21
176.100.192.0/23 maxlen: 23
176.100.192.0/22 maxlen: 22
176.100.198.0/23 maxlen: 23
176.100.196.0/23 maxlen: 23
176.100.196.0/22 maxlen: 22
176.100.194.0/23 maxlen: 23
91.231.23.0/24 maxlen: 24
195.170.190.0/24 maxlen: 24
193.42.240.0/24 maxlen: 24
193.42.240.0/22 maxlen: 22
193.42.240.0/23 maxlen: 23
195.182.10.0/24 maxlen: 24
195.182.15.0/24 maxlen: 24
195.182.19.0/24 maxlen: 24
2a0b:9d02:c000::/34 maxlen: 34
2a0b:9d02:8000::/34 maxlen: 34
2a0b:9d02:4000::/34 maxlen: 34
2a0b:9d02::/34 maxlen: 34
2a0b:9d02::/32 maxlen: 32
2a0b:9d02:8000::/33 maxlen: 33
2a0b:9d02::/33 maxlen: 33
2a0b:9d03:8000::/33 maxlen: 33
2a0b:9d03::/33 maxlen: 33
2a0b:9d03::/32 maxlen: 32
2a0b:9d03:c000::/34 maxlen: 34
2a0b:9d03:8000::/34 maxlen: 34
2a0b:9d03:4000::/34 maxlen: 34
2a0b:9d03::/34 maxlen: 34
2a0b:9d01:c000::/34 maxlen: 34
2a0b:9d01:8000::/34 maxlen: 34
2a0b:9d01:4000::/34 maxlen: 34
2a0b:9d01::/34 maxlen: 34
2a0b:9d01::/32 maxlen: 32
2a0b:9d01:8000::/33 maxlen: 33
2a0b:9d01::/33 maxlen: 33
2a0b:9d00:c000::/34 maxlen: 34
2a0b:9d00:8000::/34 maxlen: 34
2a0b:9d00:4000::/34 maxlen: 34
2a0b:9d00::/34 maxlen: 34
2a0b:9d00:8000::/33 maxlen: 33
2a0b:9d00::/33 maxlen: 33
2a0b:9d00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:68:c4:a3:c6:9d:98:41:de:5c:b1:5b:64:e1:2b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Validity
Not Before: Nov 9 08:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f02c1fc8a46d26ae336b50d18cf8d25a8fe5e4fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:43:d1:cc:a5:75:cd:ad:f8:20:34:c2:4e:b3:
32:a3:87:7b:aa:59:b8:d9:3b:3a:b7:2c:ef:3f:05:
8d:e6:d3:9e:3d:65:0b:f7:1c:c0:d8:fa:79:2a:97:
a2:0e:9c:16:94:43:e7:98:8b:92:38:c8:06:4f:a6:
e1:23:5f:1a:e4:06:28:7b:e7:fb:02:9c:e4:9a:0f:
6d:13:90:c4:d1:1d:0d:d1:fd:db:dc:cc:25:7e:17:
23:56:d9:bd:de:9a:96:6f:ed:22:52:73:fe:94:ed:
3b:24:3c:be:7a:bc:0e:2f:15:f1:f8:fe:e5:d4:8a:
b0:79:eb:65:4a:de:e6:42:85:12:ef:4c:5c:94:b1:
d7:cc:f5:64:69:9a:62:2e:94:64:fc:7f:d8:fd:0f:
d6:96:72:70:86:07:a1:7a:20:69:ee:0e:55:2c:2f:
bc:51:2f:80:54:23:c1:03:09:5c:e8:bf:96:e4:dc:
de:f1:15:19:07:9d:5c:cf:53:fc:68:9c:e2:30:42:
1b:52:76:3e:39:82:0a:11:b7:14:c4:b5:cc:30:e2:
90:d6:ba:7e:ff:3e:ac:24:1b:a7:2e:27:41:34:b9:
18:d6:a1:49:99:1a:a6:32:9b:06:94:56:be:91:36:
85:3f:89:35:4d:33:09:4c:6a:82:ae:9b:ad:52:62:
f6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:2C:1F:C8:A4:6D:26:AE:33:6B:50:D1:8C:F8:D2:5A:8F:E5:E4:FD
X509v3 Authority Key Identifier:
keyid:C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/8CwfyKRtJq4za1DRjPjSWo_l5P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/w98u83AH1U-Gu6J1c9M61pXJ7lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.23.0/24
91.232.62.0/23
176.100.192.0/21
185.174.112.0/22
193.42.240.0/22
195.170.190.0/24
195.182.10.0/24
195.182.15.0/24
195.182.19.0/24
IPv6:
2a0b:9d00::/30
Signature Algorithm: sha256WithRSAEncryption
20:df:4d:89:52:cb:0b:0a:4f:88:2b:96:94:78:8f:e7:c0:dd:
b7:6e:c2:fb:17:ba:c4:71:80:42:89:24:4c:cc:4b:7a:b7:0b:
a8:b6:97:ac:1b:6d:12:bf:92:fb:3c:86:a7:a3:a9:c9:9e:72:
2f:f1:1a:c5:7b:be:5b:2b:8a:43:25:c7:ab:11:45:a4:bc:72:
a6:b1:04:b1:a8:80:c8:94:73:7c:d9:61:da:49:f3:09:66:01:
53:4b:69:6d:f3:1b:e9:89:7a:18:d6:15:b3:c8:94:8b:6b:b3:
3b:e8:3d:d1:62:a9:c7:7b:ad:c2:5a:ef:d8:78:54:ad:ba:34:
e1:38:6e:36:f1:23:ab:d6:55:94:47:70:f3:ce:ee:a1:b9:44:
ab:93:d2:3c:4f:e2:9d:60:f5:4a:f8:68:ab:4b:41:cc:ea:26:
d2:59:b4:d1:26:fd:be:8e:d1:9a:07:ec:7e:c4:6b:3c:c0:65:
7b:77:81:c0:22:37:99:5d:17:79:98:6a:a6:cd:3c:01:b3:0d:
c5:57:a5:38:e4:7a:90:33:5a:41:80:c5:05:54:82:f9:2b:10:
03:ca:b7:70:5e:88:ad:f3:4f:1f:27:58:2e:40:4b:cd:2a:36:
d0:68:6d:86:73:39:79:2b:fa:81:fb:69:b8:3d:5c:a4:dc:15:
da:87:e8:51
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYRbaMSjxp2YQd5csVtk4Sv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZGYyZWYzNzAwN2Q1NGY4NmJiYTI3NTczZDMzYWQ2OTVj
OWVlNWMwHhcNMjIxMTA5MDgwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDJjMWZjOGE0NmQyNmFlMzM2YjUwZDE4Y2Y4ZDI1YThmZTVlNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEPRzKV1za34IDTCTrMyo4d7qlm4
2Ts6tyzvPwWN5tOePWUL9xzA2Pp5KpeiDpwWlEPnmIuSOMgGT6bhI18a5AYoe+f7
Apzkmg9tE5DE0R0N0f3b3MwlfhcjVtm93pqWb+0iUnP+lO07JDy+erwOLxXx+P7l
1IqweetlSt7mQoUS70xclLHXzPVkaZpiLpRk/H/Y/Q/WlnJwhgeheiBp7g5VLC+8
US+AVCPBAwlc6L+W5Nze8RUZB51cz1P8aJziMEIbUnY+OYIKEbcUxLXMMOKQ1rp+
/z6sJBunLidBNLkY1qFJmRqmMpsGlFa+kTaFP4k1TTMJTGqCrputUmL2VwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPAsH8ikbSauM2tQ0Yz40lqP5eT9MB8GA1UdIwQY
MBaAFMPfLvNwB9VPhruidXPTOtaVye5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQt
MjNhMjc2YTQyOGFiLzEvOEN3ZnlLUnRKcTR6YTFEUmpQalNXb19sNVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQtMjNhMjc2YTQyOGFi
LzEvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAW+cXAwQB
W+g+AwQDsGTAAwQCua5wAwQCwSrwAwQAw6q+AwQAw7YKAwQAw7YPAwQAw7YTMA0E
AgACMAcDBQIqC50AMA0GCSqGSIb3DQEBCwUAA4IBAQAg302JUssLCk+IK5aUeI/n
wN23bsL7F7rEcYBCiSRMzEt6twuotpesG20Sv5L7PIano6nJnnIv8RrFe75bK4pD
JcerEUWkvHKmsQSxqIDIlHN82WHaSfMJZgFTS2lt8xvpiXoY1hWzyJSLa7M76D3R
YqnHe63CWu/YeFStujThOG428SOr1lWUR3Dzzu6huUSrk9I8T+KdYPVK+GirS0HM
6ibSWbTRJv2+jtGaB+x+xGs8wGV7d4HAIjeZXRd5mGqmzTwBsw3FV6U45HqQM1pB
gMUFVIL5KxADyrdwXoit808fJ1guQEvNKjbQaG2Gczl5K/qB+2m4PVyk3BXah+hR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:09 2023 by rpki-client on console-ams.rpki-client.org