Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa
File: hSbr5yWZKFBjE_xWqSR_y4pKads.roa (raw, json)
Hash identifier: izT42JT8qGmQJiYAZ4rPUrkAPSKQnf1LuHA2vvZZyxs=
Subject key identifier: 85:26:EB:E7:25:99:28:50:63:13:FC:56:A9:24:7F:CB:8A:4A:69:DB
Certificate issuer: /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial: 088D3D81
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa
Signing time: Thu 05 May 2022 19:05:40 +0000
ROA not before: Thu 05 May 2022 19:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24663
IP address blocks: 94.127.216.0/21 maxlen: 24
178.23.224.0/21 maxlen: 24
80.250.224.0/20 maxlen: 24
37.200.120.0/21 maxlen: 24
45.150.204.0/23 maxlen: 24
45.150.207.0/24 maxlen: 24
185.30.228.0/22 maxlen: 24
2a03:8080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143474049 (0x88d3d81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
Validity
Not Before: May 5 19:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8526ebe7259928506313fc56a9247fcb8a4a69db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:d2:d1:c2:9d:eb:e2:be:ea:a9:bd:23:68:
65:6a:26:10:28:8e:93:3f:8f:c6:8d:5b:46:37:75:
f5:db:e3:99:37:60:14:3e:91:39:a9:27:b1:b2:cd:
2d:4a:c2:25:38:df:ae:ff:e2:88:b8:d2:ab:97:aa:
f1:80:ee:64:17:07:43:52:e8:ae:9c:97:d0:79:a3:
90:68:08:db:cf:c5:32:25:b1:42:2e:ed:41:99:51:
ce:81:a2:8e:20:75:66:54:6b:00:dc:6f:0b:fc:df:
47:00:f9:e4:99:ef:0b:22:49:82:9f:96:a3:d3:7c:
1d:61:f1:68:37:13:53:69:fe:4f:dc:8f:63:db:09:
3d:17:f0:a9:62:a2:94:76:1e:60:c4:aa:60:0a:6b:
e7:d3:b6:90:c8:f9:1f:5d:e6:87:26:18:09:b6:af:
6f:1a:93:cf:dd:f2:16:2f:58:bc:83:87:96:9e:24:
5b:41:a4:0d:b0:e9:f5:ee:e0:d3:f2:6b:72:f5:6f:
ed:80:4f:19:ac:0e:6d:47:e4:74:e6:17:1f:d8:57:
37:33:00:25:bd:b8:ca:60:17:4a:42:d6:56:05:7a:
f6:cb:e8:85:e0:b6:73:4e:c0:4a:05:3b:65:54:5c:
43:de:30:e9:38:15:79:c3:5a:d1:0e:ae:64:c3:4a:
ea:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:26:EB:E7:25:99:28:50:63:13:FC:56:A9:24:7F:CB:8A:4A:69:DB
X509v3 Authority Key Identifier:
keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/hSbr5yWZKFBjE_xWqSR_y4pKads.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.120.0/21
45.150.204.0/23
45.150.207.0/24
80.250.224.0/20
94.127.216.0/21
178.23.224.0/21
185.30.228.0/22
IPv6:
2a03:8080::/32
Signature Algorithm: sha256WithRSAEncryption
19:ac:8c:72:cf:45:c0:4e:79:d8:7d:21:81:d5:4f:aa:08:c7:
7c:4d:e9:f1:3b:3c:cb:a2:f6:0a:ef:dd:fc:59:39:ee:69:57:
82:d2:6f:65:10:c0:d6:51:31:6e:a5:8c:09:e8:ab:b0:f1:a9:
01:18:2a:46:22:22:12:ce:43:0f:06:32:56:3f:34:19:d7:42:
18:5f:9a:2b:3f:87:22:c4:c5:17:07:0a:44:b2:37:2c:22:5c:
a2:11:4a:5d:6e:03:4f:43:ca:6a:51:ea:9c:38:95:13:46:3c:
ed:dc:48:ad:79:5b:1c:01:bf:12:dd:cc:57:c7:9c:bb:15:f1:
5f:f9:9e:67:0c:77:c8:12:62:fe:84:a9:da:6b:84:38:d3:2f:
4e:76:d1:36:a7:83:c5:ae:e7:40:47:91:9c:7b:70:7f:c4:14:
07:5d:fa:51:d2:22:e1:5d:9c:d1:23:1e:95:4b:70:79:68:83:
9a:4e:fa:27:08:00:8e:53:84:15:5e:fe:d2:a5:e8:d5:94:78:
47:80:c7:04:ca:78:22:a3:a8:22:2f:70:9f:37:f5:6d:81:4b:
9b:5c:40:11:69:dd:6f:74:ff:f9:b4:6e:66:f9:7e:6e:85:94:
1e:4a:0f:92:aa:21:c2:42:2f:c6:31:dd:79:99:bd:28:c1:08:
f8:ef:91:bc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECI09gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDUw
NTE5MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUyNmViZTcyNTk5
Mjg1MDYzMTNmYzU2YTkyNDdmY2I4YTRhNjlkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkX0tHCnevivuqpvSNoZWomECiOkz+Pxo1bRjd19dvjmTdg
FD6ROaknsbLNLUrCJTjfrv/iiLjSq5eq8YDuZBcHQ1LorpyX0HmjkGgI28/FMiWx
Qi7tQZlRzoGijiB1ZlRrANxvC/zfRwD55JnvCyJJgp+Wo9N8HWHxaDcTU2n+T9yP
Y9sJPRfwqWKilHYeYMSqYApr59O2kMj5H13mhyYYCbavbxqTz93yFi9YvIOHlp4k
W0GkDbDp9e7g0/JrcvVv7YBPGawObUfkdOYXH9hXNzMAJb24ymAXSkLWVgV69svo
heC2c07ASgU7ZVRcQ94w6TgVecNa0Q6uZMNK6g0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSFJuvnJZkoUGMT/FapJH/Likpp2zAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L2hTYnI1eVdaS0ZCakVfeFdxU1JfeTRwS2Fkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyXIeAMEAS2WzAMEAC2WzwMEBFD6
4AMEA15/2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsF
AAOCAQEAGayMcs9FwE552H0hgdVPqgjHfE3p8Ts8y6L2Cu/d/Fk57mlXgtJvZRDA
1lExbqWMCeirsPGpARgqRiIiEs5DDwYyVj80GddCGF+aKz+HIsTFFwcKRLI3LCJc
ohFKXW4DT0PKalHqnDiVE0Y87dxIrXlbHAG/Et3MV8ecuxXxX/meZwx3yBJi/oSp
2muEONMvTnbRNqeDxa7nQEeRnHtwf8QUB136UdIi4V2c0SMelUtweWiDmk76JwgA
jlOEFV7+0qXo1ZR4R4DHBMp4IqOoIi9wnzf1bYFLm1xAEWndb3T/+bRuZvl+boWU
HkoPkqohwkIvxjHdeZm9KMEI+O+RvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:08 2024 by rpki-client on console-ams.rpki-client.org