Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8OnufJ3pDMlTFcMvOi1O3uXCrWk.roa
File: 8OnufJ3pDMlTFcMvOi1O3uXCrWk.roa (raw, json)
Hash identifier: LGbpfI1usUTGJY4E7n+DxVhwlzzqJw3h61lUueirC3Q=
Subject key identifier: F0:E9:EE:7C:9D:E9:0C:C9:53:15:C3:2F:3A:2D:4E:DE:E5:C2:AD:69
Certificate issuer: /CN=e4c86da3f483246518d368034bc86113906a55a3
Certificate serial: 339D5E85
Authority key identifier: E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8OnufJ3pDMlTFcMvOi1O3uXCrWk.roa
Signing time: Sat 01 Jan 2022 05:00:02 +0000
ROA not before: Sat 01 Jan 2022 05:00:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29512
IP address blocks: 195.140.236.0/22 maxlen: 24
94.231.224.0/20 maxlen: 24
185.10.120.0/22 maxlen: 22
79.110.0.0/20 maxlen: 24
5.39.192.0/21 maxlen: 21
2a00:fbc0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865951365 (0x339d5e85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4c86da3f483246518d368034bc86113906a55a3
Validity
Not Before: Jan 1 05:00:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0e9ee7c9de90cc95315c32f3a2d4edee5c2ad69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:68:94:d3:55:24:10:b0:f7:36:7e:45:4b:59:
09:06:92:b2:45:20:57:ad:0c:06:b3:94:2a:2f:3b:
98:08:1a:1d:a4:60:ce:55:2e:f0:8c:1e:d6:ad:52:
b5:87:97:3f:49:64:d8:98:d0:94:4a:97:df:1e:7c:
4d:ab:25:d1:de:51:f2:23:d9:b9:80:44:53:b6:46:
e8:bd:4c:3e:f9:26:2c:fc:8b:ad:06:93:bb:27:d5:
0d:1c:e3:f4:96:98:ba:a2:7b:4c:73:c9:78:17:9f:
19:d4:09:e7:90:b0:c9:94:f3:36:d6:57:9f:94:63:
82:3d:4e:3d:bc:1c:2a:59:77:8f:4a:85:49:df:34:
5a:21:00:7a:97:27:89:b1:66:21:cf:55:0b:68:6c:
90:6f:0c:45:2e:4d:80:5f:89:81:e1:fb:af:cb:63:
ce:1c:14:41:6e:d9:9e:79:7d:4c:a5:c1:20:62:f4:
b4:13:b5:04:75:72:6c:04:17:ce:ee:26:71:08:f2:
3f:24:66:68:3d:fe:95:13:4f:58:13:ea:3c:72:12:
c8:81:9c:c7:81:05:ae:f9:00:54:50:4c:27:59:e3:
23:0a:c6:59:1a:13:62:54:e1:18:28:9f:b5:cf:b6:
a5:1c:4c:73:d5:17:5a:2b:8a:f4:a4:73:ae:35:d9:
a3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E9:EE:7C:9D:E9:0C:C9:53:15:C3:2F:3A:2D:4E:DE:E5:C2:AD:69
X509v3 Authority Key Identifier:
keyid:E4:C8:6D:A3:F4:83:24:65:18:D3:68:03:4B:C8:61:13:90:6A:55:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mhto_SDJGUY02gDS8hhE5BqVaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/8OnufJ3pDMlTFcMvOi1O3uXCrWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b4e503-574b-4565-9217-c511a3e912b6/1/5Mhto_SDJGUY02gDS8hhE5BqVaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.192.0/21
79.110.0.0/20
94.231.224.0/20
185.10.120.0/22
195.140.236.0/22
IPv6:
2a00:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:5e:6a:84:18:0f:6f:e6:6f:15:d1:f2:9e:01:00:15:c3:bb:
23:80:50:6b:e1:3f:f3:4b:c3:4b:bd:2b:37:07:d8:09:ef:0b:
d6:9b:f5:26:e5:39:85:20:6e:d2:93:3d:d7:09:ac:c5:34:7d:
cd:73:bc:a2:5c:d8:a6:06:c8:80:6c:7f:b9:1d:f1:75:4e:e8:
9a:45:54:d5:39:43:b4:df:dd:f2:d3:7c:30:0e:ec:23:0f:5e:
8c:dd:fb:b3:24:50:ea:5b:a6:a5:1e:42:45:d9:41:f4:1a:fb:
e7:b7:34:0e:09:06:ff:23:68:d1:e6:03:77:de:62:81:66:87:
16:fb:a6:49:35:c8:a3:1f:c1:07:11:d7:bd:ac:31:22:5b:a1:
cb:c1:83:1b:ed:a6:6b:55:6a:da:5c:59:eb:58:a6:0a:a0:45:
e4:ad:e3:a3:6d:ef:ed:f0:7d:c4:47:fb:df:bd:15:11:e4:59:
ba:0c:3f:33:e5:9b:fe:35:16:15:15:be:9f:34:b0:65:a7:79:
d0:2f:00:95:2f:af:8d:53:32:67:df:43:61:5b:4f:c2:f2:f1:
c2:5a:49:5e:b1:f5:30:16:0b:03:f8:69:74:7c:25:bc:23:1e:
a7:95:79:28:f2:50:ef:c4:f6:7f:d8:21:38:ef:3f:8d:cb:6e:
35:97:1e:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEM51ehTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NGM4NmRhM2Y0ODMyNDY1MThkMzY4MDM0YmM4NjExMzkwNmE1NWEzMB4XDTIyMDEw
MTA1MDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjBlOWVlN2M5ZGU5
MGNjOTUzMTVjMzJmM2EyZDRlZGVlNWMyYWQ2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5olNNVJBCw9zZ+RUtZCQaSskUgV60MBrOUKi87mAgaHaRg
zlUu8Iwe1q1StYeXP0lk2JjQlEqX3x58Tasl0d5R8iPZuYBEU7ZG6L1MPvkmLPyL
rQaTuyfVDRzj9JaYuqJ7THPJeBefGdQJ55CwyZTzNtZXn5Rjgj1OPbwcKll3j0qF
Sd80WiEAepcnibFmIc9VC2hskG8MRS5NgF+JgeH7r8tjzhwUQW7Znnl9TKXBIGL0
tBO1BHVybAQXzu4mcQjyPyRmaD3+lRNPWBPqPHISyIGcx4EFrvkAVFBMJ1njIwrG
WRoTYlThGCiftc+2pRxMc9UXWiuK9KRzrjXZo/kCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTw6e58nekMyVMVwy86LU7e5cKtaTAfBgNVHSMEGDAWgBTkyG2j9IMkZRjT
aANLyGETkGpVozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVNaHRvX1NESkdVWTAyZ0RTOGhoRTVCcVZhTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvYjRlNTAzLTU3NGItNDU2NS05MjE3LWM1MTFhM2U5MTJiNi8x
LzhPbnVmSjNwRE1sVEZjTXZPaTFPM3VYQ3JXay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
YjRlNTAzLTU3NGItNDU2NS05MjE3LWM1MTFhM2U5MTJiNi8xLzVNaHRvX1NESkdV
WTAyZ0RTOGhoRTVCcVZhTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUnwAMEBE9uAAMEBF7n4AMEArkK
eAMEAsOM7DANBAIAAjAHAwUAKgD7wDANBgkqhkiG9w0BAQsFAAOCAQEAw15qhBgP
b+ZvFdHyngEAFcO7I4BQa+E/80vDS70rNwfYCe8L1pv1JuU5hSBu0pM91wmsxTR9
zXO8olzYpgbIgGx/uR3xdU7omkVU1TlDtN/d8tN8MA7sIw9ejN37syRQ6lumpR5C
RdlB9Br757c0DgkG/yNo0eYDd95igWaHFvumSTXIox/BBxHXvawxIluhy8GDG+2m
a1Vq2lxZ61imCqBF5K3jo23v7fB9xEf7370VEeRZugw/M+Wb/jUWFRW+nzSwZad5
0C8AlS+vjVMyZ99DYVtPwvLxwlpJXrH1MBYLA/hpdHwlvCMep5V5KPJQ78T2f9gh
OO8/jctuNZcecg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:04 2024 by rpki-client on console-ams.rpki-client.org