Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/0c4ad1-439a-4e61-a8b6-3fdd61f6852f/1/i8CTydvAa3753Mp6-svusbVY1F0.roa
File: i8CTydvAa3753Mp6-svusbVY1F0.roa (raw, json)
Hash identifier: EBSFiStld+0rqstaJv3dKTWGPN6QuRzReqg091bCqTA=
Subject key identifier: 8B:C0:93:C9:DB:C0:6B:7E:F9:DC:CA:7A:FA:CB:EE:B1:B5:58:D4:5D
Certificate issuer: /CN=00105478defd513b7d8822a7d9204f875ed547d8
Certificate serial: 09F66241
Authority key identifier: 00:10:54:78:DE:FD:51:3B:7D:88:22:A7:D9:20:4F:87:5E:D5:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABBUeN79UTt9iCKn2SBPh17VR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/0c4ad1-439a-4e61-a8b6-3fdd61f6852f/1/i8CTydvAa3753Mp6-svusbVY1F0.roa
Signing time: Sat 01 Jan 2022 11:58:42 +0000
ROA not before: Sat 01 Jan 2022 11:58:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34909
IP address blocks: 185.190.98.0/24 maxlen: 24
185.190.96.0/23 maxlen: 23
185.190.96.0/22 maxlen: 22
185.190.99.0/24 maxlen: 24
91.238.106.0/24 maxlen: 24
2a0a:7c0::/29 maxlen: 29
2a0a:7c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167141953 (0x9f66241)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00105478defd513b7d8822a7d9204f875ed547d8
Validity
Not Before: Jan 1 11:58:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bc093c9dbc06b7ef9dcca7afacbeeb1b558d45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:06:c0:7d:b9:ce:24:8d:31:91:c4:b8:78:be:
38:ec:81:0c:54:7f:b7:e8:c3:61:9a:9d:3f:3a:9c:
78:be:d8:82:81:45:b6:97:b4:df:0d:41:be:b7:f7:
22:a7:df:53:f6:b3:24:e5:e3:7d:c4:b1:d7:f6:5f:
59:c7:3a:4b:32:50:33:78:30:8b:04:99:b6:81:f9:
d2:a6:65:49:29:c6:25:f0:93:9f:8e:2c:b5:e2:79:
58:92:a4:ca:87:2b:e2:64:66:53:36:6f:11:b9:86:
f6:f6:ff:0d:f0:9b:d2:65:82:90:05:64:92:5b:f6:
ee:94:e6:6d:c8:cc:1b:8e:17:f7:c0:fa:89:8f:d3:
0a:58:e4:9b:07:ef:9d:e3:7f:d5:12:8a:74:a4:24:
2c:45:9e:01:e3:ae:cb:bb:f2:40:73:73:60:bd:61:
21:18:c0:4e:b7:2d:66:19:78:e5:02:43:36:ab:02:
46:dd:ae:91:68:28:3a:c4:74:80:fa:52:b9:12:0e:
0f:66:64:97:ce:67:c5:c7:81:cf:07:67:5c:52:4a:
f1:44:98:41:8f:a8:bf:ac:f4:65:e5:9e:37:3c:b6:
db:cf:12:13:a3:14:da:74:f8:8c:f5:ac:7d:46:1c:
23:b9:42:68:c9:95:c7:14:a8:82:69:b7:22:d0:7a:
8d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:C0:93:C9:DB:C0:6B:7E:F9:DC:CA:7A:FA:CB:EE:B1:B5:58:D4:5D
X509v3 Authority Key Identifier:
keyid:00:10:54:78:DE:FD:51:3B:7D:88:22:A7:D9:20:4F:87:5E:D5:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABBUeN79UTt9iCKn2SBPh17VR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/0c4ad1-439a-4e61-a8b6-3fdd61f6852f/1/i8CTydvAa3753Mp6-svusbVY1F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/0c4ad1-439a-4e61-a8b6-3fdd61f6852f/1/ABBUeN79UTt9iCKn2SBPh17VR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.106.0/24
185.190.96.0/22
IPv6:
2a0a:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:ef:34:63:89:f0:53:3e:04:37:9e:8f:66:16:f5:29:a7:3f:
3a:33:31:4b:10:25:e2:ba:ea:a8:c8:f0:38:f3:7b:09:58:a6:
c5:47:13:a5:93:bd:9a:08:a4:43:6b:12:1b:a4:53:65:25:2f:
60:61:f9:19:06:8b:ae:88:71:9f:af:3e:3b:f5:ff:63:83:8b:
1e:da:56:a2:f7:75:0e:4a:d0:a0:48:5b:96:e7:9a:e1:02:9c:
fd:bc:98:43:ec:84:7b:04:b2:6f:42:fd:27:77:be:85:c8:03:
0e:cf:06:40:31:40:c6:24:80:dd:23:bc:1e:19:df:84:01:43:
9f:01:4e:ef:22:7d:c2:3d:26:58:18:b7:3e:ba:55:9b:74:5f:
00:f5:b8:9c:45:b3:8a:b4:48:3f:40:33:6c:e0:bf:5c:b6:5f:
3f:23:79:e2:4e:2d:0f:cf:fb:e2:c6:8d:2a:aa:4b:b8:63:c3:
02:23:22:94:52:69:95:69:e0:9d:6a:29:f2:e4:f4:b7:e3:1f:
78:f7:d1:83:74:0c:88:9d:82:2f:81:69:5c:2c:90:92:4c:84:
d1:ed:e7:86:f2:fb:c3:e4:cd:90:55:24:24:f1:00:b7:c6:4e:
0d:c6:9a:c4:c8:9e:79:7c:0a:ad:ec:36:25:61:bb:be:19:a6:
82:08:aa:30
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECfZiQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDEwNTQ3OGRlZmQ1MTNiN2Q4ODIyYTdkOTIwNGY4NzVlZDU0N2Q4MB4XDTIyMDEw
MTExNTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJjMDkzYzlkYmMw
NmI3ZWY5ZGNjYTdhZmFjYmVlYjFiNTU4ZDQ1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQGwH25ziSNMZHEuHi+OOyBDFR/t+jDYZqdPzqceL7YgoFF
tpe03w1Bvrf3IqffU/azJOXjfcSx1/ZfWcc6SzJQM3gwiwSZtoH50qZlSSnGJfCT
n44steJ5WJKkyocr4mRmUzZvEbmG9vb/DfCb0mWCkAVkklv27pTmbcjMG44X98D6
iY/TCljkmwfvneN/1RKKdKQkLEWeAeOuy7vyQHNzYL1hIRjATrctZhl45QJDNqsC
Rt2ukWgoOsR0gPpSuRIOD2Zkl85nxceBzwdnXFJK8USYQY+ov6z0ZeWeNzy2288S
E6MU2nT4jPWsfUYcI7lCaMmVxxSogmm3ItB6jTkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSLwJPJ28Brfvncynr6y+6xtVjUXTAfBgNVHSMEGDAWgBQAEFR43v1RO32I
IqfZIE+HXtVH2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FCQlVlTjc5VVR0OWlDS24yU0JQaDE3VlI5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvMGM0YWQxLTQzOWEtNGU2MS1hOGI2LTNmZGQ2MWY2ODUyZi8x
L2k4Q1R5ZHZBYTM3NTNNcDYtc3Z1c2JWWTFGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
MGM0YWQxLTQzOWEtNGU2MS1hOGI2LTNmZGQ2MWY2ODUyZi8xL0FCQlVlTjc5VVR0
OWlDS24yU0JQaDE3VlI5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFvuagMEArm+YDANBAIAAjAHAwUD
KgoHwDANBgkqhkiG9w0BAQsFAAOCAQEAJ+80Y4nwUz4EN56PZhb1Kac/OjMxSxAl
4rrqqMjwOPN7CVimxUcTpZO9mgikQ2sSG6RTZSUvYGH5GQaLrohxn68+O/X/Y4OL
HtpWovd1DkrQoEhbluea4QKc/byYQ+yEewSyb0L9J3e+hcgDDs8GQDFAxiSA3SO8
HhnfhAFDnwFO7yJ9wj0mWBi3PrpVm3RfAPW4nEWzirRIP0AzbOC/XLZfPyN54k4t
D8/74saNKqpLuGPDAiMilFJplWngnWop8uT0t+MfePfRg3QMiJ2CL4FpXCyQkkyE
0e3nhvL7w+TNkFUkJPEAt8ZODcaaxMieeXwKrew2JWG7vhmmggiqMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:46 2023 by rpki-client on console-ams.rpki-client.org