Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/8oJk_mvbR91hgh6ig8FoR7tT1-w.roa
File: 8oJk_mvbR91hgh6ig8FoR7tT1-w.roa (raw, json)
Hash identifier: qqJv3WXY9mlV3fgojkxoWnyzBvnW+HJgndZDA/HG5do=
Subject key identifier: F2:82:64:FE:6B:DB:47:DD:61:82:1E:A2:83:C1:68:47:BB:53:D7:EC
Certificate issuer: /CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Certificate serial: 08FCF9DB
Authority key identifier: D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/8oJk_mvbR91hgh6ig8FoR7tT1-w.roa
Signing time: Sat 01 Jan 2022 06:55:25 +0000
ROA not before: Sat 01 Jan 2022 06:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49724
IP address blocks: 91.215.220.0/24 maxlen: 24
91.215.220.0/22 maxlen: 22
91.215.222.0/23 maxlen: 23
91.215.221.0/24 maxlen: 24
188.0.160.0/20 maxlen: 20
188.0.162.0/24 maxlen: 24
188.0.160.0/19 maxlen: 19
188.0.169.0/24 maxlen: 24
188.0.166.0/23 maxlen: 23
188.0.175.0/24 maxlen: 24
188.0.176.0/21 maxlen: 21
188.0.183.0/24 maxlen: 24
188.0.186.0/24 maxlen: 24
188.0.184.0/22 maxlen: 22
188.0.189.0/24 maxlen: 24
188.0.190.0/23 maxlen: 23
188.0.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150796763 (0x8fcf9db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2d38f4597051b6c0ddf1bb866ae4e94703e155e
Validity
Not Before: Jan 1 06:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f28264fe6bdb47dd61821ea283c16847bb53d7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f9:bb:15:cd:76:7b:be:a5:54:1c:6c:b1:71:
79:a1:20:68:18:c1:ff:f3:82:0d:6b:c6:8c:5d:f4:
aa:02:4d:ae:af:63:ff:d2:7c:37:0a:97:59:ef:55:
35:b2:1a:dc:35:69:b5:35:24:d1:b1:6d:07:34:d7:
fe:4b:03:7e:dd:fe:b4:c7:6d:8d:d8:26:da:1c:6b:
46:b9:e2:ec:5d:ab:d3:d8:56:e0:a8:66:0b:3d:43:
d3:00:cc:90:0d:90:c2:d3:be:28:6a:3a:b4:7f:67:
7d:08:99:cb:ff:16:5d:d7:22:71:2b:d9:da:52:4a:
74:d7:58:5b:a9:7c:ac:81:47:f6:2f:96:49:68:a4:
04:b1:09:5c:59:f5:04:7d:82:68:0b:2b:77:c1:ed:
09:72:b4:0f:0e:7a:00:9c:0b:06:f6:92:65:38:ad:
0d:52:fb:ba:7b:e1:33:d1:9d:59:9d:a9:c7:0a:ba:
b1:b0:92:a5:bf:de:58:d1:d9:53:b4:63:1d:7c:3a:
61:04:eb:74:9a:d3:00:7e:a7:ee:6a:50:e0:57:fe:
21:7e:2d:d1:41:3b:ce:4b:f0:98:03:d3:0f:17:4e:
c3:b2:04:9e:84:c5:8d:f4:5e:84:a3:80:87:c9:6c:
e2:f3:dc:5b:78:66:e3:a0:e6:8c:c0:d3:31:cf:40:
00:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:82:64:FE:6B:DB:47:DD:61:82:1E:A2:83:C1:68:47:BB:53:D7:EC
X509v3 Authority Key Identifier:
keyid:D2:D3:8F:45:97:05:1B:6C:0D:DF:1B:B8:66:AE:4E:94:70:3E:15:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/8oJk_mvbR91hgh6ig8FoR7tT1-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/8e7d77-89c8-452c-a9bf-bc5f897c724a/1/0tOPRZcFG2wN3xu4Zq5OlHA-FV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.220.0/22
188.0.160.0/19
Signature Algorithm: sha256WithRSAEncryption
9e:2e:0d:e3:d0:27:0d:9b:18:10:aa:55:78:24:52:1e:b9:56:
57:bb:80:3d:82:8b:ba:8b:25:5d:f9:92:69:4f:85:7a:45:ae:
48:14:76:73:c6:da:09:20:0a:05:f1:ed:c6:3f:65:58:58:b7:
a8:b6:97:3a:d7:dc:d5:84:76:21:7c:eb:21:8c:b4:54:43:81:
a1:bc:10:ec:60:00:2f:ff:de:39:56:6f:12:fc:77:bc:bc:e2:
81:d6:c6:af:39:2a:7a:5f:38:53:ed:da:9b:ce:ef:ae:24:64:
bc:c2:64:55:70:ad:10:c4:6b:42:45:08:f3:85:d0:24:15:44:
77:42:77:ef:c9:58:e7:32:6b:ba:83:ab:d8:34:d5:6a:71:b8:
34:d5:b7:54:95:d2:33:35:47:fc:75:46:05:1d:61:c4:b0:b1:
c6:00:2f:e6:64:1e:3a:b3:12:c4:cc:66:99:8d:81:81:12:d5:
a8:cc:41:81:db:17:20:c8:8d:ae:a9:18:dd:41:61:4d:10:06:
67:1d:cc:38:26:a2:9a:b2:3f:e1:4e:f7:d5:e1:47:c9:66:1d:
23:09:2a:d4:06:e1:dd:3d:c0:83:3d:02:76:77:58:11:1b:53:
57:26:49:d6:43:e6:55:60:33:8f:85:a1:7f:c8:ce:45:8e:4f:
e8:7b:fa:f6
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECPz52zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmQzOGY0NTk3MDUxYjZjMGRkZjFiYjg2NmFlNGU5NDcwM2UxNTVlMB4XDTIyMDEw
MTA2NTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjI4MjY0ZmU2YmRi
NDdkZDYxODIxZWEyODNjMTY4NDdiYjUzZDdlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/5uxXNdnu+pVQcbLFxeaEgaBjB//OCDWvGjF30qgJNrq9j
/9J8NwqXWe9VNbIa3DVptTUk0bFtBzTX/ksDft3+tMdtjdgm2hxrRrni7F2r09hW
4KhmCz1D0wDMkA2QwtO+KGo6tH9nfQiZy/8WXdcicSvZ2lJKdNdYW6l8rIFH9i+W
SWikBLEJXFn1BH2CaAsrd8HtCXK0Dw56AJwLBvaSZTitDVL7unvhM9GdWZ2pxwq6
sbCSpb/eWNHZU7RjHXw6YQTrdJrTAH6n7mpQ4Ff+IX4t0UE7zkvwmAPTDxdOw7IE
noTFjfRehKOAh8ls4vPcW3hm46DmjMDTMc9AADECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTygmT+a9tH3WGCHqKDwWhHu1PX7DAfBgNVHSMEGDAWgBTS049FlwUbbA3f
G7hmrk6UcD4VXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB0T1BSWmNGRzJ3TjN4dTRacTVPbEhBLUZWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvOGU3ZDc3LTg5YzgtNDUyYy1hOWJmLWJjNWY4OTdjNzI0YS8x
LzhvSmtfbXZiUjkxaGdoNmlnOEZvUjd0VDEtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
OGU3ZDc3LTg5YzgtNDUyYy1hOWJmLWJjNWY4OTdjNzI0YS8xLzB0T1BSWmNGRzJ3
TjN4dTRacTVPbEhBLUZWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlvX3AMEBbwAoDANBgkqhkiG9w0B
AQsFAAOCAQEAni4N49AnDZsYEKpVeCRSHrlWV7uAPYKLuoslXfmSaU+FekWuSBR2
c8baCSAKBfHtxj9lWFi3qLaXOtfc1YR2IXzrIYy0VEOBobwQ7GAAL//eOVZvEvx3
vLzigdbGrzkqel84U+3am87vriRkvMJkVXCtEMRrQkUI84XQJBVEd0J378lY5zJr
uoOr2DTVanG4NNW3VJXSMzVH/HVGBR1hxLCxxgAv5mQeOrMSxMxmmY2BgRLVqMxB
gdsXIMiNrqkY3UFhTRAGZx3MOCaimrI/4U731eFHyWYdIwkq1Abh3T3Agz0CdndY
ERtTVyZJ1kPmVWAzj4Whf8jORY5P6Hv69g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:21 2023 by rpki-client on console-ams.rpki-client.org