Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/S8SDwbh9OumA__sOKamw08AFhWk.roa
File: S8SDwbh9OumA__sOKamw08AFhWk.roa (raw, json)
Hash identifier: f5j7iZua90HQxVRLqxv4tGC0tsbp5cbRYEw7HVm5jtY=
Subject key identifier: 4B:C4:83:C1:B8:7D:3A:E9:80:FF:FB:0E:29:A9:B0:D3:C0:05:85:69
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0184C744243A852F6E3E6B746EA3A10CF842
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/S8SDwbh9OumA__sOKamw08AFhWk.roa
Signing time: Wed 30 Nov 2022 06:40:42 +0000
ROA not before: Wed 30 Nov 2022 06:40:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52145
IP address blocks: 185.21.120.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.21.120.0/22 maxlen: 22
46.253.82.0/24 maxlen: 24
46.253.84.0/23 maxlen: 23
46.253.85.0/24 maxlen: 24
46.253.84.0/24 maxlen: 24
46.253.82.0/23 maxlen: 23
46.253.83.0/24 maxlen: 24
46.253.80.0/20 maxlen: 20
46.253.80.0/23 maxlen: 23
46.253.80.0/21 maxlen: 21
46.253.80.0/24 maxlen: 24
46.253.81.0/24 maxlen: 24
46.253.86.0/24 maxlen: 24
46.253.87.0/24 maxlen: 24
46.253.88.0/24 maxlen: 24
46.253.89.0/24 maxlen: 24
46.253.90.0/24 maxlen: 24
46.253.91.0/24 maxlen: 24
46.253.88.0/21 maxlen: 21
46.253.86.0/23 maxlen: 23
46.253.92.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
185.71.140.0/24 maxlen: 24
185.71.141.0/24 maxlen: 24
185.71.142.0/24 maxlen: 24
185.71.143.0/24 maxlen: 24
185.71.140.0/22 maxlen: 22
2a04:19c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:44:24:3a:85:2f:6e:3e:6b:74:6e:a3:a1:0c:f8:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Nov 30 06:40:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bc483c1b87d3ae980fffb0e29a9b0d3c0058569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bd:cd:08:9a:8d:2f:e4:a7:0a:1c:38:56:30:
9d:16:d2:a1:27:ad:82:84:6d:b1:91:d6:37:15:ce:
bf:85:7f:b0:bc:2e:ba:1d:51:bf:98:a0:81:2a:50:
8a:14:53:6d:31:4d:75:31:d1:37:92:12:ed:1b:41:
80:4f:a2:2a:32:fa:bd:54:2b:b8:a6:e8:2c:66:3a:
36:db:fa:64:d4:7f:f4:17:da:79:52:9a:45:a9:f0:
a5:da:54:61:be:43:45:1a:4b:42:ff:de:31:a1:1b:
cb:39:93:ec:b8:12:f6:5a:3f:b1:bf:78:e5:90:04:
b9:f8:67:89:43:2a:ef:28:4d:93:a7:70:3d:c9:e5:
e2:ba:92:3d:0f:54:f7:bc:cb:c4:e2:1d:bb:7c:ee:
55:13:70:be:25:05:92:53:04:c5:b7:a8:e5:c8:a1:
95:72:00:28:0f:f0:87:38:23:26:90:50:63:80:e9:
cc:b1:42:8a:66:3d:80:59:08:83:8d:c5:40:7d:b4:
b7:5a:d1:51:24:04:00:c3:ae:a9:a1:48:e3:cd:4f:
90:cb:cc:59:e1:71:da:56:93:f3:6e:a6:5e:7c:aa:
51:e9:35:87:73:e0:f6:80:c2:4c:e8:69:ec:92:42:
5f:e9:32:99:e6:59:16:c5:46:b2:ac:7e:0f:f2:e9:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C4:83:C1:B8:7D:3A:E9:80:FF:FB:0E:29:A9:B0:D3:C0:05:85:69
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/S8SDwbh9OumA__sOKamw08AFhWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/20
185.21.120.0/22
185.71.140.0/22
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:c7:97:b0:6f:a3:75:0e:e2:54:a8:48:3e:28:06:01:6f:5c:
ad:ca:b1:0c:4c:e1:cd:48:3b:4d:23:3e:b3:89:e8:10:e1:70:
de:7b:ee:13:1e:8e:c3:4a:c2:15:68:a0:73:66:1d:cb:db:c3:
1a:d1:b1:71:a1:c8:47:92:f1:29:dd:96:d1:2d:5b:25:2d:88:
78:37:3a:b4:9f:d5:f6:9a:a9:00:7f:61:26:3c:74:55:7b:d9:
25:5e:b1:cc:ed:a1:c7:e0:e5:5c:86:6d:08:fb:bc:70:40:ca:
ed:7b:24:0c:c1:15:de:82:e8:7b:fb:1d:78:94:98:b5:45:99:
ed:e1:d1:d8:23:0a:71:7c:d6:2a:c3:45:31:fb:aa:19:9c:dd:
c8:6d:70:6e:dd:83:72:22:b9:f3:4e:29:bc:37:53:8f:37:c8:
df:88:e6:2b:b3:00:5f:e8:99:ab:8d:fd:ee:7e:28:dc:8b:c0:
6c:33:ad:58:f6:e2:ed:6b:df:58:48:8b:13:65:94:7e:cc:b2:
11:2d:88:6e:7c:c3:55:f0:09:5d:f5:54:bd:bd:2b:96:9c:8a:
c2:82:a9:f0:43:d8:b2:c6:43:71:17:61:11:f2:4c:71:99:e2:
c9:80:e0:d3:4d:32:bc:5e:59:84:80:91:93:2a:39:8e:a2:84:
10:95:3d:1a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYTHRCQ6hS9uPmt0bqOhDPhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjIxMTMwMDY0MDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmM0ODNjMWI4N2QzYWU5ODBmZmZiMGUyOWE5YjBkM2MwMDU4NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL3NCJqNL+SnChw4VjCdFtKhJ62C
hG2xkdY3Fc6/hX+wvC66HVG/mKCBKlCKFFNtMU11MdE3khLtG0GAT6IqMvq9VCu4
pugsZjo22/pk1H/0F9p5UppFqfCl2lRhvkNFGktC/94xoRvLOZPsuBL2Wj+xv3jl
kAS5+GeJQyrvKE2Tp3A9yeXiupI9D1T3vMvE4h27fO5VE3C+JQWSUwTFt6jlyKGV
cgAoD/CHOCMmkFBjgOnMsUKKZj2AWQiDjcVAfbS3WtFRJAQAw66poUjjzU+Qy8xZ
4XHaVpPzbqZefKpR6TWHc+D2gMJM6GnskkJf6TKZ5lkWxUayrH4P8ukuCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEvEg8G4fTrpgP/7DimpsNPABYVpMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvUzhTRHdiaDlPdW1BX19zT0thbXcwOEFGaFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQELv1QAwQC
uRV4AwQCuUeMMA0EAgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQC/x5ew
b6N1DuJUqEg+KAYBb1ytyrEMTOHNSDtNIz6ziegQ4XDee+4THo7DSsIVaKBzZh3L
28Ma0bFxochHkvEp3ZbRLVslLYh4Nzq0n9X2mqkAf2EmPHRVe9klXrHM7aHH4OVc
hm0I+7xwQMrteyQMwRXeguh7+x14lJi1RZnt4dHYIwpxfNYqw0Ux+6oZnN3IbXBu
3YNyIrnzTim8N1OPN8jfiOYrswBf6Jmrjf3ufijci8BsM61Y9uLta99YSIsTZZR+
zLIRLYhufMNV8Ald9VS9vSuWnIrCgqnwQ9iyxkNxF2ER8kxxmeLJgODTTTK8XlmE
gJGTKjmOooQQlT0a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:40 2023 by rpki-client on console-ams.rpki-client.org