Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/i-Ue8CFMbgXgIAVKTiuzHd0p860.roa
File: i-Ue8CFMbgXgIAVKTiuzHd0p860.roa (raw, json)
Hash identifier: abrAh8w/avTJ3rKqf5bsv57n83Z+lxP/DoYvknCZ77A=
Subject key identifier: 8B:E5:1E:F0:21:4C:6E:05:E0:20:05:4A:4E:2B:B3:1D:DD:29:F3:AD
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 3832C49E
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/i-Ue8CFMbgXgIAVKTiuzHd0p860.roa
Signing time: Thu 05 May 2022 09:42:50 +0000
ROA not before: Thu 05 May 2022 09:42:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213220
IP address blocks: 109.248.168.0/23 maxlen: 24
188.130.209.0/24 maxlen: 24
109.248.6.0/23 maxlen: 24
95.182.110.0/24 maxlen: 24
95.182.108.0/24 maxlen: 24
109.248.33.0/24 maxlen: 24
109.248.42.0/24 maxlen: 24
109.248.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 942851230 (0x3832c49e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 5 09:42:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8be51ef0214c6e05e020054a4e2bb31ddd29f3ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cb:56:3c:eb:d9:6a:e3:d2:f0:23:88:34:fa:
5f:67:31:8b:81:84:09:e8:d3:d0:a7:ed:8a:45:1b:
80:4e:58:73:14:8e:e4:18:e7:06:fc:e4:c4:cb:c3:
b5:17:4d:1a:e6:fe:83:d3:09:dc:ab:c3:b1:9f:b3:
29:c1:84:fa:f2:96:ac:cf:33:d2:62:ad:83:ac:b2:
71:fb:7e:bc:20:5a:e9:ec:0a:94:14:3a:e8:0d:71:
ff:7d:9c:e5:71:ed:1a:fb:f3:5d:f6:9a:ab:d7:be:
75:92:10:4a:7c:ac:58:6e:68:4d:5d:2a:7d:85:3a:
b3:45:2d:11:4a:53:01:3d:b2:d0:b3:b9:07:d2:d1:
46:41:89:f2:cf:86:e7:90:85:44:7d:c1:ea:c5:02:
81:33:9f:6b:42:88:e2:25:4c:17:d2:96:39:aa:80:
2a:05:5f:69:3a:29:d7:16:27:ca:da:0b:82:cf:f0:
34:98:26:ec:ed:48:6f:78:07:ae:8c:d2:c1:76:58:
3d:12:27:fa:a7:fc:24:17:f3:f7:23:8f:cf:1e:af:
e9:ea:f3:8f:b1:35:3a:a8:d8:8f:a2:48:a9:b7:ed:
2f:09:e9:67:85:87:87:a4:47:2a:49:34:16:ba:a2:
1e:cd:0a:68:31:09:00:d1:16:3d:e4:c2:8b:07:f6:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:E5:1E:F0:21:4C:6E:05:E0:20:05:4A:4E:2B:B3:1D:DD:29:F3:AD
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/i-Ue8CFMbgXgIAVKTiuzHd0p860.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.108.0/24
95.182.110.0/24
109.248.6.0/23
109.248.33.0/24
109.248.42.0/24
109.248.45.0/24
109.248.168.0/23
188.130.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:c7:ee:fa:4c:f6:38:b4:48:bd:8e:89:59:56:96:19:77:1b:
da:2e:28:24:e8:a7:d3:1f:35:78:e5:eb:20:1a:f7:3e:7b:0a:
d4:df:6a:58:d5:9a:da:7a:be:f8:54:06:d3:05:f2:df:67:2d:
52:92:24:f5:d9:c6:52:c3:1d:3d:ac:d1:cf:13:fa:05:a2:8b:
6b:bc:6a:b6:f3:93:ed:88:25:19:13:73:4f:3c:82:a4:75:cf:
2c:1d:5a:9b:1c:76:50:bf:01:27:3f:bc:c7:44:d1:fd:ed:51:
7f:f4:1f:e4:81:ce:f2:ab:24:c9:0e:83:b4:11:99:25:76:7f:
37:7a:24:27:b1:24:73:63:22:e7:3b:be:62:ad:c2:7c:6c:5f:
9b:17:a6:6d:49:61:ff:ee:a7:3e:6b:d2:62:31:00:75:08:9c:
69:39:23:d6:e4:39:42:7b:a8:db:78:17:42:4a:cb:f1:57:c7:
ae:b6:1c:cd:39:75:e2:ed:7d:be:2e:17:18:b5:61:1d:2a:07:
c4:29:3f:d8:ea:84:84:ee:fe:e8:9f:19:60:63:09:21:bb:83:
5a:a2:f8:59:1e:84:c8:d9:6e:3d:87:43:af:3e:95:83:1b:8a:
38:f6:2f:9c:22:87:65:93:70:dc:0d:da:82:20:c5:9c:8d:77:
c8:c7:cc:55
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEODLEnjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODViODU3NzA2ZGFjNTRlMjBjYTBkMTFiZDY0MTZjYjYzNDIwM2I0MB4XDTIyMDUw
NTA5NDI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJlNTFlZjAyMTRj
NmUwNWUwMjAwNTRhNGUyYmIzMWRkZDI5ZjNhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPLVjzr2Wrj0vAjiDT6X2cxi4GECejT0KftikUbgE5YcxSO
5BjnBvzkxMvDtRdNGub+g9MJ3KvDsZ+zKcGE+vKWrM8z0mKtg6yycft+vCBa6ewK
lBQ66A1x/32c5XHtGvvzXfaaq9e+dZIQSnysWG5oTV0qfYU6s0UtEUpTAT2y0LO5
B9LRRkGJ8s+G55CFRH3B6sUCgTOfa0KI4iVMF9KWOaqAKgVfaTop1xYnytoLgs/w
NJgm7O1Ib3gHrozSwXZYPRIn+qf8JBfz9yOPzx6v6erzj7E1OqjYj6JIqbftLwnp
Z4WHh6RHKkk0FrqiHs0KaDEJANEWPeTCiwf2t6MCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSL5R7wIUxuBeAgBUpOK7Md3SnzrTAfBgNVHSMEGDAWgBSIW4V3BtrFTiDK
DRG9ZBbLY0IDtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lGdUZkd2JheFU0Z3lnMFJ2V1FXeTJOQ0E3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvMzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8x
L2ktVWU4Q0ZNYmdYZ0lBVktUaXV6SGQwcDg2MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
MzIxY2RjLTIxNDMtNGI1Yy05NzMzLTE2Njk5Yzk2ZGQ1ZS8xL2lGdUZkd2JheFU0
Z3lnMFJ2V1FXeTJOQ0E3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAF+2bAMEAF+2bgMEAW34BgMEAG34
IQMEAG34KgMEAG34LQMEAW34qAMEALyC0TANBgkqhkiG9w0BAQsFAAOCAQEAa8fu
+kz2OLRIvY6JWVaWGXcb2i4oJOin0x81eOXrIBr3PnsK1N9qWNWa2nq++FQG0wXy
32ctUpIk9dnGUsMdPazRzxP6BaKLa7xqtvOT7YglGRNzTzyCpHXPLB1amxx2UL8B
Jz+8x0TR/e1Rf/Qf5IHO8qskyQ6DtBGZJXZ/N3okJ7Ekc2Mi5zu+Yq3CfGxfmxem
bUlh/+6nPmvSYjEAdQicaTkj1uQ5Qnuo23gXQkrL8VfHrrYczTl14u19vi4XGLVh
HSoHxCk/2OqEhO7+6J8ZYGMJIbuDWqL4WR6EyNluPYdDrz6VgxuKOPYvnCKHZZNw
3A3agiDFnI13yMfMVQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org