Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/otgXX8-8grasmSkTcv3tzGkEKqc.roa
File: otgXX8-8grasmSkTcv3tzGkEKqc.roa (raw, json)
Hash identifier: cACPTR7C8G0IVEOyNAZZRm5aqGo1xCrETMoY9KrlpaM=
Subject key identifier: A2:D8:17:5F:CF:BC:82:B6:AC:99:29:13:72:FD:ED:CC:69:04:2A:A7
Certificate issuer: /CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Certificate serial: 372AF894
Authority key identifier: 8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/otgXX8-8grasmSkTcv3tzGkEKqc.roa
Signing time: Sun 22 May 2022 12:55:30 +0000
ROA not before: Sun 22 May 2022 12:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57356
IP address blocks: 194.140.215.0/24 maxlen: 24
194.140.216.0/22 maxlen: 22
194.140.214.0/24 maxlen: 24
194.140.222.0/23 maxlen: 23
194.140.223.0/24 maxlen: 24
194.140.220.0/23 maxlen: 23
87.117.84.0/23 maxlen: 23
87.117.80.0/22 maxlen: 22
87.117.80.0/20 maxlen: 20
87.117.88.0/22 maxlen: 22
87.117.86.0/23 maxlen: 23
87.117.92.0/22 maxlen: 22
194.140.212.0/22 maxlen: 22
194.140.212.0/24 maxlen: 24
194.140.210.0/23 maxlen: 23
194.140.208.0/22 maxlen: 22
194.140.208.0/20 maxlen: 20
194.140.213.0/24 maxlen: 24
91.185.176.0/21 maxlen: 21
31.216.0.0/20 maxlen: 20
91.185.176.0/22 maxlen: 22
185.20.164.0/23 maxlen: 23
185.20.164.0/22 maxlen: 22
31.216.0.0/21 maxlen: 21
185.20.166.0/23 maxlen: 23
91.185.180.0/22 maxlen: 22
31.216.8.0/21 maxlen: 21
86.111.160.0/21 maxlen: 21
86.111.160.0/20 maxlen: 20
86.111.172.0/23 maxlen: 23
86.111.168.0/22 maxlen: 22
86.111.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925563028 (0x372af894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d5f066af80d0e9f07ea87b24bdafa59d1f5f26f
Validity
Not Before: May 22 12:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2d8175fcfbc82b6ac99291372fdedcc69042aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:35:b2:95:05:5f:c6:47:7f:ae:58:d0:8c:
db:8c:d0:b6:fd:77:21:a9:32:d1:46:30:4d:ef:d8:
13:15:8c:38:e2:f6:25:b9:ba:9d:a1:f6:ef:25:32:
c2:9e:1f:bd:92:e3:49:e7:53:0f:ab:63:d5:44:48:
b0:86:89:52:11:91:8b:99:1e:ce:09:38:cd:53:d4:
03:59:35:b3:57:09:b7:a9:3b:f0:a9:01:3f:9a:f5:
d5:1a:e0:87:36:d9:2f:62:65:56:d3:3f:ea:b8:7d:
6c:c7:a2:ed:60:02:7c:99:c6:8f:62:b5:8a:1b:97:
cf:91:c8:dc:ac:95:32:a1:d3:46:54:da:6d:1d:d5:
19:c0:4d:02:3a:95:67:eb:bc:df:ed:e4:b1:2b:1c:
09:94:14:54:c2:49:18:b6:02:ba:28:ce:ab:29:07:
0a:e3:e9:ee:fc:d5:d0:6c:f9:63:97:e9:fc:30:08:
8f:f3:92:86:d8:65:0f:dd:a7:ff:16:1a:e0:4d:66:
8b:3d:cd:77:4d:3f:d1:d2:d7:fe:3d:28:84:d2:89:
9b:84:81:79:40:28:01:23:69:bf:9c:91:fc:03:5d:
85:b6:a0:51:6c:1d:ce:74:47:86:1e:4a:3f:4b:3b:
3f:36:ff:3e:f2:ca:bd:78:5a:e5:8e:63:6a:2c:71:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D8:17:5F:CF:BC:82:B6:AC:99:29:13:72:FD:ED:CC:69:04:2A:A7
X509v3 Authority Key Identifier:
keyid:8D:5F:06:6A:F8:0D:0E:9F:07:EA:87:B2:4B:DA:FA:59:D1:F5:F2:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jV8GavgNDp8H6oeyS9r6WdH18m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/otgXX8-8grasmSkTcv3tzGkEKqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/330e4d-a9d9-4b7e-863c-6f3aa8943e68/1/jV8GavgNDp8H6oeyS9r6WdH18m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.0.0/20
86.111.160.0/20
87.117.80.0/20
91.185.176.0/21
185.20.164.0/22
194.140.208.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:8c:43:a2:a1:c8:ac:22:37:09:28:8e:c7:14:7f:a9:f6:6a:
6e:1e:45:34:4c:b4:7b:15:9c:20:ff:02:4a:5f:ec:5f:01:6d:
1f:da:64:0d:74:83:81:b7:d5:f7:83:14:0b:8e:18:2c:c0:cf:
bb:be:f8:8c:d4:20:c1:da:11:0c:07:94:9e:4c:5c:02:82:d9:
14:c1:fc:7e:ae:8a:7d:33:4a:81:51:15:55:eb:c7:af:52:be:
23:84:e3:6c:f9:d9:c4:c7:5c:da:f6:be:38:fa:62:4e:a1:1f:
74:a4:12:bc:1d:97:85:5b:d5:50:1a:56:20:6f:57:2b:ba:bc:
ff:52:fc:64:d1:6c:8f:15:d4:87:e4:82:51:dd:93:2d:34:ed:
0d:c9:32:e0:43:63:68:c7:e3:d1:11:f2:21:30:00:79:bb:7c:
ae:aa:98:a1:95:0a:08:4d:82:ea:c9:a6:cc:6c:14:68:4b:29:
8a:2d:4b:2c:f3:00:81:02:ad:b4:8d:30:43:e0:bd:8b:48:c2:
13:2e:30:27:25:98:02:94:9b:8f:42:24:46:15:d3:8c:fe:3b:
50:71:ca:0c:77:bd:a6:d6:e2:dc:ee:51:e8:f1:9e:19:56:39:
e8:92:72:80:d2:3a:4a:1e:33:cd:f9:7b:cb:36:eb:2c:ec:35:
e7:aa:f3:10
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIENyr4lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDVmMDY2YWY4MGQwZTlmMDdlYTg3YjI0YmRhZmE1OWQxZjVmMjZmMB4XDTIyMDUy
MjEyNTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJkODE3NWZjZmJj
ODJiNmFjOTkyOTEzNzJmZGVkY2M2OTA0MmFhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2+NbKVBV/GR3+uWNCM24zQtv13Iaky0UYwTe/YExWMOOL2
Jbm6naH27yUywp4fvZLjSedTD6tj1URIsIaJUhGRi5kezgk4zVPUA1k1s1cJt6k7
8KkBP5r11RrghzbZL2JlVtM/6rh9bMei7WACfJnGj2K1ihuXz5HI3KyVMqHTRlTa
bR3VGcBNAjqVZ+u83+3ksSscCZQUVMJJGLYCuijOqykHCuPp7vzV0Gz5Y5fp/DAI
j/OShthlD92n/xYa4E1miz3Nd00/0dLX/j0ohNKJm4SBeUAoASNpv5yR/ANdhbag
UWwdznRHhh5KP0s7Pzb/PvLKvXha5Y5jaixxx88CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSi2Bdfz7yCtqyZKRNy/e3MaQQqpzAfBgNVHSMEGDAWgBSNXwZq+A0Onwfq
h7JL2vpZ0fXybzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWOEdhdmdORHA4SDZvZXlTOXI2V2RIMThtOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvMzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8x
L290Z1hYOC04Z3Jhc21Ta1RjdjN0ekdrRUtxYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
MzMwZTRkLWE5ZDktNGI3ZS04NjNjLTZmM2FhODk0M2U2OC8xL2pWOEdhdmdORHA4
SDZvZXlTOXI2V2RIMThtOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBB/YAAMEBFZvoAMEBFd1UAMEA1u5
sAMEArkUpAMEBMKM0DANBgkqhkiG9w0BAQsFAAOCAQEAXoxDoqHIrCI3CSiOxxR/
qfZqbh5FNEy0exWcIP8CSl/sXwFtH9pkDXSDgbfV94MUC44YLMDPu774jNQgwdoR
DAeUnkxcAoLZFMH8fq6KfTNKgVEVVevHr1K+I4TjbPnZxMdc2va+OPpiTqEfdKQS
vB2XhVvVUBpWIG9XK7q8/1L8ZNFsjxXUh+SCUd2TLTTtDcky4ENjaMfj0RHyITAA
ebt8rqqYoZUKCE2C6smmzGwUaEspii1LLPMAgQKttI0wQ+C9i0jCEy4wJyWYApSb
j0IkRhXTjP47UHHKDHe9ptbi3O5R6PGeGVY56JJygNI6Sh4zzfl7yzbrLOw156rz
EA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org