Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/2Iay-DJwMjA7qkQZ0imsjy-zuuM.roa
File: 2Iay-DJwMjA7qkQZ0imsjy-zuuM.roa (raw, json)
Hash identifier: MwdsbMrk6eMD5AmSm4ZKkn1jjNj0L31HF0mOvmAQRYs=
Subject key identifier: D8:86:B2:F8:32:70:32:30:3B:AA:44:19:D2:29:AC:8F:2F:B3:BA:E3
Certificate issuer: /CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Certificate serial: 35DBC138
Authority key identifier: 8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/2Iay-DJwMjA7qkQZ0imsjy-zuuM.roa
Signing time: Sat 01 Jan 2022 08:06:16 +0000
ROA not before: Sat 01 Jan 2022 08:06:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57356
IP address blocks: 194.140.216.0/22 maxlen: 22
194.140.222.0/23 maxlen: 23
194.140.220.0/23 maxlen: 23
87.117.84.0/23 maxlen: 23
87.117.80.0/22 maxlen: 22
87.117.80.0/20 maxlen: 20
87.117.88.0/22 maxlen: 22
87.117.86.0/23 maxlen: 23
87.117.92.0/22 maxlen: 22
194.140.212.0/22 maxlen: 22
194.140.208.0/22 maxlen: 22
194.140.208.0/20 maxlen: 20
91.185.176.0/21 maxlen: 21
31.216.0.0/20 maxlen: 20
91.185.176.0/22 maxlen: 22
185.20.164.0/23 maxlen: 23
185.20.164.0/22 maxlen: 22
31.216.0.0/21 maxlen: 21
185.20.166.0/23 maxlen: 23
91.185.180.0/22 maxlen: 22
31.216.8.0/21 maxlen: 21
86.111.160.0/21 maxlen: 21
86.111.160.0/20 maxlen: 20
86.111.172.0/23 maxlen: 23
86.111.168.0/22 maxlen: 22
86.111.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903594296 (0x35dbc138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Validity
Not Before: Jan 1 08:06:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d886b2f8327032303baa4419d229ac8f2fb3bae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:28:69:12:9f:6e:e9:57:3b:b9:1a:61:8b:b3:
3c:d5:8d:6d:7f:de:95:db:e6:7a:8b:56:f5:a4:3d:
7b:79:68:66:22:21:8d:db:d4:1a:35:1e:ef:65:4c:
c4:d5:0f:ba:95:11:20:be:77:6b:ed:8f:4f:f6:d4:
83:95:23:5d:9f:19:15:21:47:25:03:b9:fa:99:0e:
82:aa:33:43:c1:e1:b0:79:99:ae:cb:70:54:94:f5:
a6:5e:92:35:b5:dc:41:da:0e:d5:d8:8a:aa:87:de:
30:95:52:a2:82:f6:8f:b6:2e:7f:c6:25:a3:86:19:
89:71:d8:59:d0:e7:73:ce:e8:f5:ac:9c:43:64:db:
70:ab:9f:f1:07:cf:96:22:89:69:52:5d:01:f2:aa:
e6:d8:2c:41:48:22:5b:1d:7b:37:35:2c:20:84:05:
c7:6e:4f:02:f2:1a:51:6a:73:21:59:76:d0:bd:d1:
3b:d5:a3:10:98:21:90:60:df:14:7d:92:5f:7f:9d:
a0:80:cc:43:0a:1f:45:34:1d:68:6f:7c:70:7c:48:
fb:7d:db:dd:2e:e4:ef:04:77:7b:54:55:4a:1c:4e:
db:d9:19:df:7e:aa:3c:71:1e:d9:c2:a8:7c:b9:ae:
b5:fa:ad:a3:b8:87:d7:ff:4e:e8:d9:62:5b:1d:76:
ec:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:86:B2:F8:32:70:32:30:3B:AA:44:19:D2:29:AC:8F:2F:B3:BA:E3
X509v3 Authority Key Identifier:
keyid:8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/2Iay-DJwMjA7qkQZ0imsjy-zuuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/jV8GavgNDp8H6oeyS9r6WdH18m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.0.0/20
86.111.160.0/20
87.117.80.0/20
91.185.176.0/21
185.20.164.0/22
194.140.208.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:fd:02:84:fb:2c:cf:dc:39:ed:e3:98:64:1a:d9:db:cd:96:
e3:45:38:de:81:55:ed:8b:35:a8:9a:ba:5f:3a:4e:b4:df:ca:
6d:8d:f3:3f:2c:46:59:71:3d:53:b9:46:f7:37:3a:a5:fd:cd:
1d:b2:9b:47:50:fc:d7:5a:d4:95:7a:bd:8f:ce:f9:a9:be:63:
03:d4:c8:26:f5:73:28:03:e8:0f:07:2c:99:00:51:0b:a3:60:
bb:25:ad:28:5e:db:83:ad:ac:32:01:84:da:79:c6:f9:bf:79:
4b:86:bc:f2:16:4c:77:9f:c7:d5:bc:d3:1d:bb:5d:b4:08:ee:
40:83:d3:3e:e4:13:7a:55:dd:d7:50:a5:32:b4:68:4c:46:e3:
70:f1:a4:63:f7:07:71:0e:72:54:94:61:0b:5e:e8:14:f6:c0:
d7:67:4d:f4:75:c0:57:bf:20:1e:df:d1:f0:40:b7:7b:4d:5f:
3f:25:87:d6:e4:e4:6e:0b:69:a1:e2:4c:02:32:09:b0:d1:73:
7d:f9:09:3d:b7:5c:01:9e:9b:23:df:58:a5:df:ad:55:34:a8:
11:a5:31:74:87:b5:af:aa:3d:39:ac:4e:f7:55:13:37:40:08:
3f:74:57:7f:d1:c4:51:4d:f7:6d:c4:84:3b:2b:37:24:9c:68:
31:36:be:84
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENdvBODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDVmMDY2YWY4MGQwZTlmMDdlYTg3YjI0YmRhZmE1OWQxZjVmMjZmMB4XDTIyMDEw
MTA4MDYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg4NmIyZjgzMjcw
MzIzMDNiYWE0NDE5ZDIyOWFjOGYyZmIzYmFlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYoaRKfbulXO7kaYYuzPNWNbX/eldvmeotW9aQ9e3loZiIh
jdvUGjUe72VMxNUPupURIL53a+2PT/bUg5UjXZ8ZFSFHJQO5+pkOgqozQ8HhsHmZ
rstwVJT1pl6SNbXcQdoO1diKqofeMJVSooL2j7Yuf8Ylo4YZiXHYWdDnc87o9ayc
Q2TbcKuf8QfPliKJaVJdAfKq5tgsQUgiWx17NzUsIIQFx25PAvIaUWpzIVl20L3R
O9WjEJghkGDfFH2SX3+doIDMQwofRTQdaG98cHxI+33b3S7k7wR3e1RVShxO29kZ
336qPHEe2cKofLmutfqto7iH1/9O6NliWx127HcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTYhrL4MnAyMDuqRBnSKayPL7O64zAfBgNVHSMEGDAWgBSNXwZq+A0Onwfq
h7JL2vpZ0fXybzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWOEdhdmdORHA4SDZvZXlTOXI2V2RIMThtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8x
LzJJYXktREp3TWpBN3FrUVowaW1zanktenV1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8xL2pWOEdhdmdORHA4
SDZvZXlTOXI2V2RIMThtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBB/YAAMEBFZvoAMEBFd1UAMEA1u5
sAMEArkUpAMEBMKM0DANBgkqhkiG9w0BAQsFAAOCAQEAKv0ChPssz9w57eOYZBrZ
282W40U43oFV7Ys1qJq6XzpOtN/KbY3zPyxGWXE9U7lG9zc6pf3NHbKbR1D811rU
lXq9j875qb5jA9TIJvVzKAPoDwcsmQBRC6NguyWtKF7bg62sMgGE2nnG+b95S4a8
8hZMd5/H1bzTHbtdtAjuQIPTPuQTelXd11ClMrRoTEbjcPGkY/cHcQ5yVJRhC17o
FPbA12dN9HXAV78gHt/R8EC3e01fPyWH1uTkbgtpoeJMAjIJsNFzffkJPbdcAZ6b
I99Ypd+tVTSoEaUxdIe1r6o9OaxO91UTN0AIP3RXf9HEUU33bcSEOys3JJxoMTa+
hA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org