Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/H6ASQBBQskOLoVNrUbbB8HSeUfE.roa
File: H6ASQBBQskOLoVNrUbbB8HSeUfE.roa (raw, json)
Hash identifier: H40j3GqJKMznZu6GMhzcNrQXYQ2yWPweEJF8GdYD4FQ=
Subject key identifier: 1F:A0:12:40:10:50:B2:43:8B:A1:53:6B:51:B6:C1:F0:74:9E:51:F1
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A17E394BEB0C395B5B77DA4F10A550907
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/H6ASQBBQskOLoVNrUbbB8HSeUfE.roa
Signing time: Mon 21 Aug 2023 11:38:25 +0000
ROA not before: Mon 21 Aug 2023 11:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 195.78.37.0/24 maxlen: 24
185.114.104.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
45.137.208.0/22 maxlen: 24
2a00:e900::/29 maxlen: 48
2a0b:fd80::/32 maxlen: 48
2a01:4400::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:e3:94:be:b0:c3:95:b5:b7:7d:a4:f1:0a:55:09:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 21 11:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fa012401050b2438ba1536b51b6c1f0749e51f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:20:c4:2a:06:64:dc:01:45:5b:a2:2d:42:24:
30:b3:7f:ba:aa:3f:50:b4:8b:4d:fd:ba:e6:d8:97:
f5:09:6d:56:1c:9b:43:09:4d:3b:af:2b:6f:43:6e:
18:3c:96:30:5b:3c:76:7b:1a:c1:0d:c9:ec:10:1a:
0f:cb:10:a2:5d:41:8c:33:5d:38:cf:60:08:b8:8c:
8f:4a:bb:48:48:13:da:e8:c0:25:2a:cd:24:c6:bf:
6c:c6:12:90:96:e1:b6:ad:e1:75:69:50:2f:9b:8a:
09:96:ad:1b:d9:31:f5:fa:e1:ee:c6:c7:4e:44:3d:
6e:34:48:e3:0b:7e:c4:cb:a3:8d:ea:ca:5d:a7:ba:
51:fc:14:b4:e7:d2:94:d1:6d:7d:83:58:49:23:e8:
9a:a9:fb:b2:b9:a7:16:cf:c2:95:29:61:fd:05:bb:
7d:1c:88:02:40:29:88:14:6f:55:a6:13:de:ed:7d:
b0:cf:8b:61:6e:e0:86:63:df:ec:c3:17:0d:c3:b9:
3a:56:e6:54:3b:6a:f7:17:77:40:70:3a:f4:2c:fc:
c6:d0:da:6a:a4:f6:30:78:77:f1:ca:0f:c8:4b:91:
10:48:38:97:50:6c:2e:33:a0:5f:e4:fd:a7:69:ba:
53:16:f8:92:3d:e1:18:e3:c6:f2:2f:92:5a:f7:89:
62:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A0:12:40:10:50:B2:43:8B:A1:53:6B:51:B6:C1:F0:74:9E:51:F1
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/H6ASQBBQskOLoVNrUbbB8HSeUfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
185.56.212.0/22
185.114.104.0/22
195.78.37.0/24
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:b4:85:76:a6:81:e5:7d:7f:88:07:dd:76:61:e7:d7:5c:84:
a7:c6:60:6f:25:bf:76:10:c2:39:82:ce:33:15:a0:e7:59:73:
1a:84:ba:d4:18:e6:bf:5a:b3:cd:36:e9:fb:06:2f:34:26:66:
9b:44:5b:d5:ee:56:fd:3f:30:a2:8e:d6:fe:07:a5:76:2b:31:
ea:19:d5:f6:4c:1c:9e:76:5b:40:51:52:06:c4:94:dd:1c:df:
2b:e6:ae:b8:82:f6:88:23:fe:34:48:1e:7f:fb:06:eb:78:c0:
12:33:b2:49:d2:f3:98:95:a6:ce:87:e4:45:61:d7:85:4e:4b:
04:a8:87:37:30:3a:7d:c1:7f:b7:7e:6c:48:83:52:34:cf:7e:
97:03:9d:93:2e:09:79:a6:3c:a5:f6:57:01:4f:8e:6b:18:32:
60:aa:86:95:b0:8a:3e:94:ba:cd:52:7d:bb:d6:42:14:18:5e:
5f:7b:72:43:a1:cd:1d:44:fb:08:2c:79:81:cc:0a:03:23:ae:
8b:7d:0a:a8:05:f3:38:4e:a4:bf:41:b0:e4:22:88:f6:84:2e:
ff:bf:97:8d:b6:60:df:2e:3e:04:bc:7b:11:e7:46:ee:be:52:
7d:02:90:4a:83:fc:3d:ea:b4:85:5d:48:cd:c4:9f:f1:27:e7:
2f:bd:c2:e9
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYoX45S+sMOVtbd9pPEKVQkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODIxMTEzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmEwMTI0MDEwNTBiMjQzOGJhMTUzNmI1MWI2YzFmMDc0OWU1MWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCDEKgZk3AFFW6ItQiQws3+6qj9Q
tItN/brm2Jf1CW1WHJtDCU07rytvQ24YPJYwWzx2exrBDcnsEBoPyxCiXUGMM104
z2AIuIyPSrtISBPa6MAlKs0kxr9sxhKQluG2reF1aVAvm4oJlq0b2TH1+uHuxsdO
RD1uNEjjC37Ey6ON6spdp7pR/BS059KU0W19g1hJI+iaqfuyuacWz8KVKWH9Bbt9
HIgCQCmIFG9VphPe7X2wz4thbuCGY9/swxcNw7k6VuZUO2r3F3dAcDr0LPzG0Npq
pPYweHfxyg/IS5EQSDiXUGwuM6Bf5P2nabpTFviSPeEY48byL5Ja94liSQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFB+gEkAQULJDi6FTa1G2wfB0nlHxMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvSDZBU1FCQlFza09Mb1ZOclViYkI4SFNlVWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAkBAIAATAeAwQCLYnQAwQE
UcnQAwQCuTjUAwQCuXJoAwQAw04lMCsEAgACMCUDBQMqAOkAAwUAKgFEAAMFACoC
USAwDgMFByoL/YADBQAqC/2CMA0GCSqGSIb3DQEBCwUAA4IBAQBdtIV2poHlfX+I
B912YefXXISnxmBvJb92EMI5gs4zFaDnWXMahLrUGOa/WrPNNun7Bi80JmabRFvV
7lb9PzCijtb+B6V2KzHqGdX2TByedltAUVIGxJTdHN8r5q64gvaII/40SB5/+wbr
eMASM7JJ0vOYlabOh+RFYdeFTksEqIc3MDp9wX+3fmxIg1I0z36XA52TLgl5pjyl
9lcBT45rGDJgqoaVsIo+lLrNUn271kIUGF5fe3JDoc0dRPsILHmBzAoDI66LfQqo
BfM4TqS/QbDkIoj2hC7/v5eNtmDfLj4EvHsR50buvlJ9ApBKg/w96rSFXUjNxJ/x
J+cvvcLp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:06 2025 by rpki-client