Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/sp8Oj9i8ONjteBqQzKHfImiR4k0.roa
File: sp8Oj9i8ONjteBqQzKHfImiR4k0.roa (raw, json)
Hash identifier: Wfkd9ekgx4EyWbGHEIKWvLz4T51eadKxuzTdg3bcNAs=
Subject key identifier: B2:9F:0E:8F:D8:BC:38:D8:ED:78:1A:90:CC:A1:DF:22:68:91:E2:4D
Certificate issuer: /CN=1dc7522321c23d169ed332ff49879ccc245172db
Certificate serial: 3316BF15
Authority key identifier: 1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/sp8Oj9i8ONjteBqQzKHfImiR4k0.roa
Signing time: Fri 07 Jan 2022 10:01:03 +0000
ROA not before: Fri 07 Jan 2022 10:01:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41008
IP address blocks: 109.233.24.0/21 maxlen: 24
193.58.8.0/21 maxlen: 24
193.201.162.0/24 maxlen: 24
212.113.64.0/19 maxlen: 24
2a02:239c:0:24::/64 maxlen: 64
2a02:2398::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 857128725 (0x3316bf15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dc7522321c23d169ed332ff49879ccc245172db
Validity
Not Before: Jan 7 10:01:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b29f0e8fd8bc38d8ed781a90cca1df226891e24d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:4f:ad:f0:25:9f:0d:97:48:38:d1:aa:fa:
05:93:7a:6f:4c:e8:26:08:6f:8b:6f:5e:34:4d:2b:
5d:df:92:77:66:24:c1:63:43:20:d4:68:fc:e8:19:
07:33:28:5c:88:f1:58:b7:48:a8:c8:85:87:8e:ce:
4e:d6:4e:73:aa:b9:6c:11:da:0f:13:f8:79:a9:c2:
6b:6f:26:e0:2f:11:e6:9f:1d:52:c6:18:25:47:c0:
e4:13:5e:f5:dc:c8:ff:8d:34:eb:a7:c3:03:8e:49:
4a:cc:6e:6b:3b:79:f1:32:d1:e4:c2:9d:64:f8:82:
85:64:ac:30:6c:b5:70:c0:36:6e:f9:c0:f8:7e:96:
f0:eb:3b:21:0d:e7:3d:23:61:5a:07:9b:5e:4e:78:
25:34:3e:fe:25:e2:6a:32:1b:28:d7:f2:5d:70:e6:
65:7a:67:0c:de:e2:30:89:13:72:ac:9a:1a:ea:ea:
33:42:1a:36:96:9f:1c:7e:59:20:56:71:b1:ec:42:
54:89:86:2a:8c:fd:05:fc:4c:f7:c5:61:5b:4e:ea:
74:69:fa:7b:08:32:ea:c9:26:6d:72:1b:db:08:e0:
f4:ee:f6:50:61:08:14:ed:c3:c1:e1:32:61:0a:3e:
62:1f:ee:42:2c:fe:af:b3:c8:cb:d5:df:1a:db:4a:
16:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9F:0E:8F:D8:BC:38:D8:ED:78:1A:90:CC:A1:DF:22:68:91:E2:4D
X509v3 Authority Key Identifier:
keyid:1D:C7:52:23:21:C2:3D:16:9E:D3:32:FF:49:87:9C:CC:24:51:72:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcdSIyHCPRae0zL_SYeczCRRcts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/sp8Oj9i8ONjteBqQzKHfImiR4k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/520d04-e912-4f46-a9e6-7055393f75fe/1/HcdSIyHCPRae0zL_SYeczCRRcts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.24.0/21
193.58.8.0/21
193.201.162.0/24
212.113.64.0/19
IPv6:
2a02:2398::/29
Signature Algorithm: sha256WithRSAEncryption
ae:25:ef:2a:01:d4:6a:ae:1a:df:1c:bc:da:35:4e:97:a1:ce:
06:9a:53:80:89:4f:09:17:a0:0e:92:3d:a3:e3:20:38:d1:6b:
ab:a2:ae:07:b4:15:38:e5:74:0a:c8:65:e4:81:b8:7d:bd:02:
9a:35:85:cb:1f:52:bc:88:0c:9e:88:9b:a6:fa:d1:2a:15:ac:
13:5b:72:42:15:68:6b:94:3d:97:a8:e3:7f:a6:58:4c:3c:66:
cc:13:e3:db:61:15:01:ae:bb:45:cb:53:7a:83:a2:ab:7d:6c:
98:cb:44:ec:f0:c3:15:ea:bc:a7:10:3e:3e:60:2e:7e:9f:a8:
73:02:e4:75:84:e6:1a:60:48:eb:ea:07:b1:9a:44:38:a1:8f:
a6:84:b1:cf:08:5f:5b:7e:95:f8:60:f0:54:e8:13:4e:ef:57:
d9:07:de:d5:88:8b:62:70:7e:78:95:0b:78:f8:d2:7e:68:d5:
6d:c9:5e:58:99:53:80:08:d3:69:b8:a4:17:9a:67:49:4a:f6:
58:8e:fa:25:89:ea:d3:7d:ef:de:41:79:65:60:d6:74:fa:b3:
e8:d9:30:fa:89:86:c1:f4:b4:44:62:a5:b1:00:70:30:0e:ea:
d1:3f:2f:4b:18:13:99:f6:3e:0a:3b:98:cd:fe:7b:28:1b:c9:
f7:c0:bc:8f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEMxa/FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGM3NTIyMzIxYzIzZDE2OWVkMzMyZmY0OTg3OWNjYzI0NTE3MmRiMB4XDTIyMDEw
NzEwMDEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI5ZjBlOGZkOGJj
MzhkOGVkNzgxYTkwY2NhMWRmMjI2ODkxZTI0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo9T63wJZ8Nl0g40ar6BZN6b0zoJghvi29eNE0rXd+Sd2Yk
wWNDINRo/OgZBzMoXIjxWLdIqMiFh47OTtZOc6q5bBHaDxP4eanCa28m4C8R5p8d
UsYYJUfA5BNe9dzI/40066fDA45JSsxuazt58TLR5MKdZPiChWSsMGy1cMA2bvnA
+H6W8Os7IQ3nPSNhWgebXk54JTQ+/iXiajIbKNfyXXDmZXpnDN7iMIkTcqyaGurq
M0IaNpafHH5ZIFZxsexCVImGKoz9BfxM98VhW07qdGn6ewgy6skmbXIb2wjg9O72
UGEIFO3DweEyYQo+Yh/uQiz+r7PIy9XfGttKFq8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSynw6P2Lw42O14GpDMod8iaJHiTTAfBgNVHSMEGDAWgBQdx1IjIcI9Fp7T
Mv9Jh5zMJFFy2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hjZFNJeUhDUFJhZTB6TF9TWWVjekNSUmN0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNTIwZDA0LWU5MTItNGY0Ni1hOWU2LTcwNTUzOTNmNzVmZS8x
L3NwOE9qOWk4T05qdGVCcVF6S0hmSW1pUjRrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NTIwZDA0LWU5MTItNGY0Ni1hOWU2LTcwNTUzOTNmNzVmZS8xL0hjZFNJeUhDUFJh
ZTB6TF9TWWVjekNSUmN0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA23pGAMEA8E6CAMEAMHJogMEBdRx
QDANBAIAAjAHAwUDKgIjmDANBgkqhkiG9w0BAQsFAAOCAQEAriXvKgHUaq4a3xy8
2jVOl6HOBppTgIlPCRegDpI9o+MgONFrq6KuB7QVOOV0Cshl5IG4fb0CmjWFyx9S
vIgMnoibpvrRKhWsE1tyQhVoa5Q9l6jjf6ZYTDxmzBPj22EVAa67RctTeoOiq31s
mMtE7PDDFeq8pxA+PmAufp+ocwLkdYTmGmBI6+oHsZpEOKGPpoSxzwhfW36V+GDw
VOgTTu9X2Qfe1YiLYnB+eJULePjSfmjVbcleWJlTgAjTabikF5pnSUr2WI76JYnq
033v3kF5ZWDWdPqz6Nkw+omGwfS0RGKlsQBwMA7q0T8vSxgTmfY+CjuYzf57KBvJ
98C8jw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org