Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/04DrccjQHAPEKP0BN4KxCOCUL-8.roa
File: 04DrccjQHAPEKP0BN4KxCOCUL-8.roa (raw, json)
Hash identifier: /CacZYl+iSWR+dJaEm0tMnA7t7ppWDgSvA5VVPsezqQ=
Subject key identifier: D3:80:EB:71:C8:D0:1C:03:C4:28:FD:01:37:82:B1:08:E0:94:2F:EF
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 450905BC
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/04DrccjQHAPEKP0BN4KxCOCUL-8.roa
Signing time: Sat 12 Feb 2022 00:02:15 +0000
ROA not before: Sat 12 Feb 2022 00:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39288
IP address blocks: 158.255.92.0/22 maxlen: 24
193.138.118.0/24 maxlen: 24
46.21.208.0/21 maxlen: 21
46.21.208.0/20 maxlen: 20
46.21.216.0/21 maxlen: 21
94.232.152.0/22 maxlen: 22
94.232.152.0/21 maxlen: 21
158.255.88.0/22 maxlen: 22
158.255.88.0/21 maxlen: 21
94.232.156.0/22 maxlen: 22
2a02:2928::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1158219196 (0x450905bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Feb 12 00:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d380eb71c8d01c03c428fd013782b108e0942fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b0:9e:23:ba:b9:6a:3e:c3:7b:c1:c9:b6:6f:
ff:06:d1:73:d4:f0:d6:ce:56:89:12:03:08:38:5b:
c5:70:1e:fd:72:f6:fb:4b:9c:e4:ba:7d:87:54:71:
67:ca:44:68:91:a2:e8:1c:d5:2d:c5:e6:be:c0:22:
55:19:4f:6a:f8:bb:3c:da:97:1a:2e:98:5b:55:8d:
d7:48:54:a9:f8:d8:9b:ac:57:3c:1e:ba:36:af:33:
cb:3a:d8:42:68:85:31:c9:c7:4f:4d:b7:91:cb:28:
76:27:d8:15:96:af:b5:60:2c:c0:5e:9d:b3:d3:8b:
cc:51:1d:04:79:41:3e:bf:cf:0b:3d:c8:bf:94:7d:
3c:d2:3c:26:12:3a:a0:d3:b5:94:99:b6:5f:72:db:
45:fe:ef:60:d3:54:e7:c2:94:b8:86:84:d9:23:1d:
5b:2f:21:90:38:47:56:71:2f:a2:42:af:38:b5:68:
45:48:15:5d:5d:bf:d0:9c:4a:ca:b3:c5:04:c8:11:
f4:42:0f:3c:ff:1e:45:28:0a:7d:07:2a:92:03:cb:
32:31:ea:70:ec:aa:3e:fd:25:98:33:d1:4a:cb:db:
40:42:57:47:fe:e7:d6:5f:a2:a1:9b:6b:c3:57:a7:
3e:b8:16:97:6c:ad:f7:17:20:08:c8:22:9d:cc:be:
6e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:80:EB:71:C8:D0:1C:03:C4:28:FD:01:37:82:B1:08:E0:94:2F:EF
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/04DrccjQHAPEKP0BN4KxCOCUL-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
8f:e8:0f:b3:a9:80:86:b7:6c:4a:5d:ef:7a:c7:bf:9a:4f:85:
e9:16:cd:3b:6b:49:8c:a2:09:fb:f1:74:00:76:ec:a5:f3:9a:
c1:26:3a:2f:77:0e:23:e9:d7:e9:a6:dd:4c:f1:02:f6:3d:ec:
51:8d:d0:be:1d:4d:fb:9f:de:0a:e9:e7:44:62:02:c7:4a:02:
72:03:bd:b3:fe:ca:65:4c:a9:8f:cd:11:6c:d9:69:88:c4:b3:
b6:44:df:73:54:ef:50:db:0e:ff:1c:eb:fe:48:ad:1e:22:d5:
32:33:ed:e2:41:df:09:79:0d:81:a0:61:14:d9:6e:e5:9c:5f:
a8:39:2e:ec:65:f4:c6:0a:bb:1d:1a:be:e5:38:08:eb:a7:5e:
7b:f7:0a:92:ec:09:10:27:0d:1a:57:d0:21:74:0c:40:d3:72:
cd:7e:db:d8:a0:c8:63:fa:eb:23:7b:8a:95:01:57:d5:65:84:
66:05:0e:51:d1:a1:f7:eb:d0:9b:d9:06:58:61:90:6e:1a:84:
5e:b6:e7:d0:d9:34:78:88:36:9e:cd:20:0a:c5:c9:00:01:3f:
d8:59:ce:0d:ce:6a:5e:dd:9f:b2:c0:a9:f6:d7:53:b8:73:0c:
1d:9e:e5:64:8f:22:51:65:de:bc:0e:85:8a:e0:b4:e3:8c:4a:
ac:1d:4a:5f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIERQkFvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWY4NjZmMzJiNDdjNjlkNDc4YWQ5NTM1NGUyNTdlNTFhMjM2YTU3MB4XDTIyMDIx
MjAwMDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM4MGViNzFjOGQw
MWMwM2M0MjhmZDAxMzc4MmIxMDhlMDk0MmZlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALewniO6uWo+w3vBybZv/wbRc9Tw1s5WiRIDCDhbxXAe/XL2
+0uc5Lp9h1RxZ8pEaJGi6BzVLcXmvsAiVRlPavi7PNqXGi6YW1WN10hUqfjYm6xX
PB66Nq8zyzrYQmiFMcnHT023kcsodifYFZavtWAswF6ds9OLzFEdBHlBPr/PCz3I
v5R9PNI8JhI6oNO1lJm2X3LbRf7vYNNU58KUuIaE2SMdWy8hkDhHVnEvokKvOLVo
RUgVXV2/0JxKyrPFBMgR9EIPPP8eRSgKfQcqkgPLMjHqcOyqPv0lmDPRSsvbQEJX
R/7n1l+ioZtrw1enPrgWl2yt9xcgCMgincy+bpcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTTgOtxyNAcA8Qo/QE3grEI4JQv7zAfBgNVHSMEGDAWgBRR+GbzK0fGnUeK
2VNU4lflGiNqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VmaG04eXRIeHAxSGl0bFRWT0pYNVJvamFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8x
LzA0RHJjY2pRSEFQRUtQMEJONEt4Q09DVUwtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8xL1VmaG04eXRIeHAx
SGl0bFRWT0pYNVJvamFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBC4V0AMEA17omAMEA57/WAMEAMGK
djANBAIAAjAHAwUAKgIpKDANBgkqhkiG9w0BAQsFAAOCAQEAj+gPs6mAhrdsSl3v
ese/mk+F6RbNO2tJjKIJ+/F0AHbspfOawSY6L3cOI+nX6abdTPEC9j3sUY3Qvh1N
+5/eCunnRGICx0oCcgO9s/7KZUypj80RbNlpiMSztkTfc1TvUNsO/xzr/kitHiLV
MjPt4kHfCXkNgaBhFNlu5ZxfqDku7GX0xgq7HRq+5TgI66dee/cKkuwJECcNGlfQ
IXQMQNNyzX7b2KDIY/rrI3uKlQFX1WWEZgUOUdGh9+vQm9kGWGGQbhqEXrbn0Nk0
eIg2ns0gCsXJAAE/2FnODc5qXt2fssCp9tdTuHMMHZ7lZI8iUWXevA6FiuC044xK
rB1KXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:47 2023 by rpki-client on console-ams.rpki-client.org