Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/8d8_4iKV2t9rRzsMQBOvqe5WVkg.roa
File: 8d8_4iKV2t9rRzsMQBOvqe5WVkg.roa (raw, json)
Hash identifier: 1SPjwCROd5KXGsv0DnYoFSXfTqdprd40v7AdOJOPHA4=
Subject key identifier: F1:DF:3F:E2:22:95:DA:DF:6B:47:3B:0C:40:13:AF:A9:EE:56:56:48
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 338583D5
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/8d8_4iKV2t9rRzsMQBOvqe5WVkg.roa
Signing time: Fri 18 Feb 2022 15:16:59 +0000
ROA not before: Fri 18 Feb 2022 15:16:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21219
IP address blocks: 176.102.32.0/19 maxlen: 24
46.164.128.0/18 maxlen: 24
77.88.200.0/21 maxlen: 24
77.88.208.0/20 maxlen: 24
5.1.0.0/19 maxlen: 24
88.81.224.0/19 maxlen: 24
94.232.72.0/21 maxlen: 24
91.193.68.0/22 maxlen: 24
77.88.214.0/23 maxlen: 23
80.77.32.0/20 maxlen: 24
77.88.240.0/20 maxlen: 24
31.128.64.0/23 maxlen: 24
31.128.68.0/22 maxlen: 24
31.128.72.0/21 maxlen: 24
31.128.80.0/20 maxlen: 24
31.3.192.0/20 maxlen: 24
195.114.133.0/24 maxlen: 24
91.237.152.0/24 maxlen: 24
93.183.192.0/18 maxlen: 24
77.222.128.0/19 maxlen: 24
109.206.32.0/19 maxlen: 24
80.91.160.0/20 maxlen: 24
85.159.0.0/21 maxlen: 24
80.91.176.0/20 maxlen: 24
91.197.220.0/22 maxlen: 24
91.204.92.0/22 maxlen: 24
80.249.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 864388053 (0x338583d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Feb 18 15:16:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1df3fe22295dadf6b473b0c4013afa9ee565648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9f:07:35:67:9e:25:1a:89:b7:16:50:1a:c4:
30:91:c5:c3:5b:00:0b:6d:8f:5e:53:97:36:c9:6b:
57:32:dd:3f:3c:40:c5:b7:5c:8f:8b:0f:f2:4f:18:
bd:ae:1c:1b:64:c2:e4:ca:96:cb:9e:c3:3f:31:e2:
6d:fa:e6:be:2a:24:44:94:63:de:ea:43:3e:6a:2d:
fc:9e:09:75:09:7e:da:14:46:f3:50:62:4c:dc:9e:
cc:7a:35:a8:b4:5c:a4:13:aa:41:50:0a:6a:f4:5e:
d3:c4:06:2c:7f:b8:6f:4c:55:35:d8:16:2e:77:d9:
46:75:4d:10:5e:e0:08:0c:7e:fb:da:31:e5:aa:fd:
9c:70:8a:ad:32:5a:12:51:a8:a5:98:fd:34:a5:dc:
32:40:30:0f:33:1a:25:56:af:aa:3b:40:4f:b4:9f:
74:30:5b:a8:28:3f:85:73:b5:7a:e0:b4:b2:91:b7:
33:5c:76:b6:e3:a0:a2:83:8f:ec:a0:96:c6:b8:53:
1e:47:4a:d6:7b:f4:45:d9:0f:52:a6:42:ff:fa:d9:
81:dc:bf:e9:b1:5d:09:f0:92:d0:63:de:8b:6d:ed:
91:1e:71:6a:0b:f9:20:a4:3a:68:56:df:d4:bd:9f:
61:ae:f6:55:20:b5:05:af:7e:db:b0:62:e7:f9:51:
c0:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DF:3F:E2:22:95:DA:DF:6B:47:3B:0C:40:13:AF:A9:EE:56:56:48
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/8d8_4iKV2t9rRzsMQBOvqe5WVkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.0.0/19
31.3.192.0/20
31.128.64.0/23
31.128.68.0-31.128.95.255
46.164.128.0/18
77.88.200.0-77.88.223.255
77.88.240.0/20
77.222.128.0/19
80.77.32.0/20
80.91.160.0/19
80.249.224.0/20
85.159.0.0/21
88.81.224.0/19
91.193.68.0/22
91.197.220.0/22
91.204.92.0/22
91.237.152.0/24
93.183.192.0/18
94.232.72.0/21
109.206.32.0/19
176.102.32.0/19
195.114.133.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:71:b8:04:45:16:f8:aa:4c:3d:de:0a:be:22:fc:53:8b:f6:
0b:dc:c7:cb:25:2f:7f:49:58:ca:cc:23:e2:af:87:be:19:56:
8e:24:19:c8:35:a9:c6:42:23:78:33:58:ca:fe:57:4d:0a:42:
8f:7e:c3:a5:f7:3e:08:2f:a8:2d:a7:03:60:ea:ee:be:88:9e:
a8:5e:aa:ed:e3:78:b6:14:9d:60:7d:d2:44:9e:ee:6b:c5:6a:
35:96:8d:dd:b7:b9:45:88:b2:14:4a:9f:dd:45:ab:18:0d:db:
41:42:9d:3e:10:23:62:f4:7f:d0:15:02:39:d7:4a:1c:87:3a:
55:db:44:a0:23:c5:3f:9c:1b:f7:de:b7:56:7d:8b:d7:ff:41:
17:fd:e1:7f:00:dc:41:ca:9a:9a:79:3b:b4:50:d3:ad:5e:56:
7a:dc:c6:70:3d:a1:5f:08:a5:54:13:07:bb:91:c7:63:28:c9:
49:71:bc:93:f9:76:09:2b:d3:40:af:33:e1:f5:41:44:cf:18:
7b:f7:39:67:62:b3:69:81:71:f7:54:33:cd:cf:ca:c2:3b:52:
f3:1a:1e:8b:b1:c5:95:51:69:56:d8:9a:f5:13:85:c1:58:4b:
5b:fe:2c:6a:52:86:f8:cc:7b:ea:d5:03:eb:fd:fa:be:d0:89:
d6:d8:2b:05
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIEM4WD1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmM4ZGJlNTIwODNhZDMzNWM5ZjFmZGU2MDE2ZWM4YjQ5MjkzMTQwMB4XDTIyMDIx
ODE1MTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFkZjNmZTIyMjk1
ZGFkZjZiNDczYjBjNDAxM2FmYTllZTU2NTY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyfBzVnniUaibcWUBrEMJHFw1sAC22PXlOXNslrVzLdPzxA
xbdcj4sP8k8Yva4cG2TC5MqWy57DPzHibfrmviokRJRj3upDPmot/J4JdQl+2hRG
81BiTNyezHo1qLRcpBOqQVAKavRe08QGLH+4b0xVNdgWLnfZRnVNEF7gCAx++9ox
5ar9nHCKrTJaElGopZj9NKXcMkAwDzMaJVavqjtAT7SfdDBbqCg/hXO1euC0spG3
M1x2tuOgooOP7KCWxrhTHkdK1nv0RdkPUqZC//rZgdy/6bFdCfCS0GPei23tkR5x
agv5IKQ6aFbf1L2fYa72VSC1Ba9+27Bi5/lRwB8CAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBTx3z/iIpXa32tHOwxAE6+p7lZWSDAfBgNVHSMEGDAWgBSryNvlIIOtM1yf
H95gFuyLSSkxQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E4amI1U0NEclROY254X2VZQmJzaTBrcE1VQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvY2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8x
LzhkOF80aUtWMnQ5clJ6c01RQk92cWU1V1ZrZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Y2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8xL3E4amI1U0NEclRO
Y254X2VZQmJzaTBrcE1VQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQFBQEAAwQEHwPAAwQBH4BA
MAwDBAIfgEQDBAUfgEADBAYupIAwDAMEA01YyAMEBU1YwAMEBE1Y8AMEBU3egAME
BFBNIAMEBVBboAMEBFD54AMEA1WfAAMEBVhR4AMEAlvBRAMEAlvF3AMEAlvMXAME
AFvtmAMEBl23wAMEA17oSAMEBW3OIAMEBbBmIAMEAMNyhTANBgkqhkiG9w0BAQsF
AAOCAQEAGnG4BEUW+KpMPd4KviL8U4v2C9zHyyUvf0lYyswj4q+HvhlWjiQZyDWp
xkIjeDNYyv5XTQpCj37Dpfc+CC+oLacDYOruvoieqF6q7eN4thSdYH3SRJ7ua8Vq
NZaN3be5RYiyFEqf3UWrGA3bQUKdPhAjYvR/0BUCOddKHIc6VdtEoCPFP5wb9963
Vn2L1/9BF/3hfwDcQcqamnk7tFDTrV5WetzGcD2hXwilVBMHu5HHYyjJSXG8k/l2
CSvTQK8z4fVBRM8Ye/c5Z2KzaYFx91Qzzc/KwjtS8xoei7HFlVFpVtia9ROFwVhL
W/4salKG+Mx76tUD6/36vtCJ1tgrBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:04 2024 by rpki-client on console-ams.rpki-client.org