Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8Wxs2G8sX9vjk_hU8pJG-y7rLo8.roa
File: 8Wxs2G8sX9vjk_hU8pJG-y7rLo8.roa (raw, json)
Hash identifier: pwjaefGqrhxqsOWDpOOH5SHnsPQzUvhzGva3eiYbWus=
Subject key identifier: F1:6C:6C:D8:6F:2C:5F:DB:E3:93:F8:54:F2:92:46:FB:2E:EB:2E:8F
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 07FFCE17
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8Wxs2G8sX9vjk_hU8pJG-y7rLo8.roa
Signing time: Wed 02 Feb 2022 05:06:49 +0000
ROA not before: Wed 02 Feb 2022 05:06:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23959
IP address blocks: 45.66.216.0/22 maxlen: 24
213.232.112.0/22 maxlen: 24
176.119.148.0/22 maxlen: 24
45.159.48.0/22 maxlen: 24
88.214.20.0/22 maxlen: 24
147.78.240.0/21 maxlen: 24
193.111.30.0/23 maxlen: 24
45.66.128.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.213.151.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
78.142.228.0/22 maxlen: 24
2a09:7::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134204951 (0x7ffce17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 2 05:06:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f16c6cd86f2c5fdbe393f854f29246fb2eeb2e8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6a:6e:39:6d:de:0c:d1:90:40:f1:d4:32:ab:
7a:c7:4f:39:2c:c6:cc:8d:28:3f:2a:07:49:b7:b7:
df:c4:e9:d6:a3:9e:0b:a5:cc:d0:29:78:71:a4:7f:
5a:cc:ea:3a:54:f0:e9:2d:d3:55:f0:8f:d0:f8:ae:
ed:ce:10:81:af:16:ec:f4:73:09:1d:af:ac:0b:bf:
c5:fe:2e:31:c7:14:63:5c:a2:11:c4:7f:26:18:85:
da:8e:9b:e7:f0:64:43:00:30:69:19:aa:83:36:07:
5e:4e:b9:cb:6b:7e:8a:99:ae:c5:ae:15:78:a4:b4:
bf:dd:03:e6:71:54:2e:83:bc:9b:66:5e:27:11:9b:
66:31:2b:dc:fe:cb:a1:a3:57:71:ba:c6:1b:83:aa:
64:df:ee:1a:dc:cc:92:05:7a:ed:f6:3f:fa:7b:78:
5c:95:ba:65:80:95:06:b0:93:14:ca:40:62:fa:ba:
f5:8b:85:a2:5a:c8:4d:3b:31:60:a7:3b:78:92:a4:
ec:8d:75:c9:57:49:6e:f9:c0:39:a0:9f:69:8d:57:
89:45:4a:a8:71:84:73:0d:b9:07:8a:0e:b1:d1:df:
7d:02:c7:ca:31:41:8a:89:5f:a4:c8:96:d8:6e:11:
7b:e3:4a:80:72:66:39:91:ec:7e:97:0d:78:0c:55:
7a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6C:6C:D8:6F:2C:5F:DB:E3:93:F8:54:F2:92:46:FB:2E:EB:2E:8F
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/8Wxs2G8sX9vjk_hU8pJG-y7rLo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.128.0/22
45.66.216.0/22
45.149.156.0/22
45.159.48.0/22
78.142.228.0/22
88.214.20.0/22
91.200.240.0/24
91.200.242.0/24
147.78.240.0/21
176.119.148.0/22
185.213.151.0/24
193.111.30.0/23
213.232.112.0/22
IPv6:
2a09:7::/36
Signature Algorithm: sha256WithRSAEncryption
2e:1b:a5:0a:ef:b2:ba:be:aa:23:33:31:f9:58:b9:00:2c:19:
c5:0a:ee:7a:e4:59:8f:d7:21:fa:fa:d7:7b:66:3b:21:b3:4e:
00:90:40:20:0b:92:d1:61:33:ce:cc:90:44:1a:72:f7:79:c3:
c2:61:ae:02:fe:5a:f2:3f:1d:78:ac:cb:d2:3c:b6:25:c4:97:
db:0d:8e:43:51:e8:bf:60:7e:23:03:c5:41:b5:19:51:89:81:
ec:4e:db:28:e4:15:54:cd:5c:ce:2b:5a:7a:6d:b5:56:56:3e:
82:67:d7:81:55:fb:7e:4c:bc:9b:9a:24:1b:df:20:44:26:cf:
db:32:63:39:36:8a:b3:06:58:6f:00:e9:5c:55:6c:02:fa:2a:
59:25:24:45:65:bc:21:c2:00:a3:29:7a:20:09:67:24:5a:2f:
ee:1f:54:87:27:22:c4:53:a4:a1:0b:d8:7d:eb:ee:67:00:71:
a0:71:f7:2f:77:b4:72:b7:e2:ce:25:da:1f:97:4c:c0:bd:c9:
2a:6a:04:ec:7d:65:1b:ad:d4:cb:1d:03:dd:de:ed:bd:4e:4b:
d9:66:3c:2b:3c:11:00:a9:f8:6a:1b:e3:53:24:69:e6:8f:7d:
a8:e0:78:d8:5b:e0:04:0d:f3:61:46:59:0c:46:2e:67:70:26:
ab:1d:2f:d1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIEB//OFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDIw
MjA1MDY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjE2YzZjZDg2ZjJj
NWZkYmUzOTNmODU0ZjI5MjQ2ZmIyZWViMmU4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFqbjlt3gzRkEDx1DKresdPOSzGzI0oPyoHSbe338Tp1qOe
C6XM0Cl4caR/WszqOlTw6S3TVfCP0Piu7c4Qga8W7PRzCR2vrAu/xf4uMccUY1yi
EcR/JhiF2o6b5/BkQwAwaRmqgzYHXk65y2t+ipmuxa4VeKS0v90D5nFULoO8m2Ze
JxGbZjEr3P7LoaNXcbrGG4OqZN/uGtzMkgV67fY/+nt4XJW6ZYCVBrCTFMpAYvq6
9YuFolrITTsxYKc7eJKk7I11yVdJbvnAOaCfaY1XiUVKqHGEcw25B4oOsdHffQLH
yjFBiolfpMiW2G4Re+NKgHJmOZHsfpcNeAxVeh8CAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBTxbGzYbyxf2+OT+FTykkb7LusujzAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
LzhXeHMyRzhzWDl2amtfaFU4cEpHLXk3ckxvOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwVAQCAAEwTgMEAi1CgAMEAi1C2AMEAi2VnAMEAi2f
MAMEAk6O5AMEAljWFAMEAFvI8AMEAFvI8gMEA5NO8AMEArB3lAMEALnVlwMEAcFv
HgMEAtXocDAOBAIAAjAIAwYEKgkABwAwDQYJKoZIhvcNAQELBQADggEBAC4bpQrv
srq+qiMzMflYuQAsGcUK7nrkWY/XIfr613tmOyGzTgCQQCALktFhM87MkEQacvd5
w8JhrgL+WvI/HXisy9I8tiXEl9sNjkNR6L9gfiMDxUG1GVGJgexO2yjkFVTNXM4r
WnpttVZWPoJn14FV+35MvJuaJBvfIEQmz9syYzk2irMGWG8A6VxVbAL6KlklJEVl
vCHCAKMpeiAJZyRaL+4fVIcnIsRTpKEL2H3r7mcAcaBx9y93tHK34s4l2h+XTMC9
ySpqBOx9ZRut1MsdA93e7b1OS9lmPCs8EQCp+Gob41MkaeaPfajgeNhb4AQN82FG
WQxGLmdwJqsdL9E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org