Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/DIW51lLFpThaQ666UDPp4KB3u9A.roa
File: DIW51lLFpThaQ666UDPp4KB3u9A.roa (raw, json)
Hash identifier: dXrfg6zt7B3CMHnn/yTjV08/s2we3A823i2fQS8TZGw=
Subject key identifier: 0C:85:B9:D6:52:C5:A5:38:5A:43:AE:BA:50:33:E9:E0:A0:77:BB:D0
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 3711528E
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/DIW51lLFpThaQ666UDPp4KB3u9A.roa
Signing time: Thu 10 Mar 2022 09:33:11 +0000
ROA not before: Thu 10 Mar 2022 09:33:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30818
IP address blocks: 82.221.80.0/20 maxlen: 20
82.221.96.0/20 maxlen: 20
82.221.0.0/20 maxlen: 20
82.221.112.0/20 maxlen: 20
82.221.16.0/20 maxlen: 20
82.221.32.0/20 maxlen: 20
82.221.48.0/20 maxlen: 20
82.221.164.0/24 maxlen: 24
82.221.57.0/24 maxlen: 24
82.221.64.0/20 maxlen: 20
82.221.168.0/24 maxlen: 24
82.221.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923882126 (0x3711528e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Mar 10 09:33:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c85b9d652c5a5385a43aeba5033e9e0a077bbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:80:94:38:d5:76:be:b0:d4:e7:d1:38:73:ee:
06:9d:4d:81:95:ce:90:54:d8:d5:e5:de:44:9f:c2:
d9:b9:0b:61:b7:ff:e9:28:12:74:5d:63:9f:43:c6:
6e:b8:dd:86:ee:a5:4f:0e:26:9e:0a:7c:c4:6d:d5:
33:b8:07:a5:75:79:47:26:8b:03:d3:f4:47:25:64:
00:db:02:22:bd:21:ae:72:31:c1:3e:6e:b9:fb:1c:
72:21:7d:99:40:e3:63:e1:e7:c6:20:ae:2c:92:88:
db:dc:df:b1:f0:64:ac:40:75:de:06:f8:db:4c:0d:
42:84:09:48:25:a4:35:55:c3:54:e8:51:24:11:3a:
3d:0e:88:56:26:fe:16:23:38:8d:49:a8:53:56:79:
98:56:a1:ca:e5:e6:c4:98:8d:5c:78:61:2d:83:0f:
80:2f:92:b9:b4:3d:6e:ef:77:a1:01:3c:41:4d:c2:
3a:06:6a:0a:db:b7:2b:5d:eb:f2:f1:9f:21:08:d7:
6e:9b:de:d2:56:38:67:9e:82:74:7e:e2:99:65:39:
72:23:20:40:bf:c0:59:84:99:5b:8d:3c:b6:d8:12:
cb:6a:97:10:5a:71:c8:7d:75:7b:a4:48:ae:86:b5:
d6:7d:65:ed:8e:07:e8:6d:ca:b7:ab:fc:66:8d:8e:
f0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:85:B9:D6:52:C5:A5:38:5A:43:AE:BA:50:33:E9:E0:A0:77:BB:D0
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/DIW51lLFpThaQ666UDPp4KB3u9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.164.0/24
82.221.168.0/24
82.221.170.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:66:fd:fd:23:77:5d:12:b0:17:d4:f4:58:a8:97:4d:46:8a:
db:2e:42:74:d6:51:b0:98:30:f9:3d:15:42:48:95:0e:9a:29:
51:f1:52:20:19:1d:be:6c:48:51:01:2a:da:32:5d:9c:26:eb:
6e:af:0a:f3:6b:29:97:4b:ab:e7:8c:33:9d:da:38:9b:fe:17:
fe:b9:80:67:4b:67:da:a4:67:ee:54:36:38:04:c1:78:4e:e7:
de:08:e5:a1:ae:2f:15:eb:38:4c:2c:cf:f6:3b:7e:d5:5e:e7:
13:a9:67:ae:b4:e2:49:aa:5a:09:15:85:29:d0:f8:bc:42:c2:
2b:c3:cb:92:18:67:a5:57:1b:57:77:a9:8f:08:e2:90:4f:5d:
3a:c7:69:99:cc:c6:d7:3e:50:00:63:a3:8a:43:c2:2c:6e:a3:
5e:8e:8d:ad:5f:07:d4:18:cb:4b:4e:e8:20:ef:c3:fa:54:33:
d4:4c:35:7d:f9:58:9c:3c:9e:20:37:09:c5:79:45:86:28:dc:
3e:05:f0:74:a7:15:f7:2c:e2:c9:4d:ff:ae:7c:48:ac:fe:47:
c9:02:43:0f:a1:d3:86:cb:de:31:8f:cb:91:38:f1:af:21:30:
05:cc:39:fa:87:b0:6c:ee:23:fa:44:0e:f9:b7:51:26:62:1d:
c4:f7:18:2f
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIENxFSjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDgwMjVjN2RlMDQwMGUwZjNjODhkNGExMjJhMzE3ZTMyYzVlMjFjMB4XDTIyMDMx
MDA5MzMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM4NWI5ZDY1MmM1
YTUzODVhNDNhZWJhNTAzM2U5ZTBhMDc3YmJkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqAlDjVdr6w1OfROHPuBp1NgZXOkFTY1eXeRJ/C2bkLYbf/
6SgSdF1jn0PGbrjdhu6lTw4mngp8xG3VM7gHpXV5RyaLA9P0RyVkANsCIr0hrnIx
wT5uufscciF9mUDjY+HnxiCuLJKI29zfsfBkrEB13gb420wNQoQJSCWkNVXDVOhR
JBE6PQ6IVib+FiM4jUmoU1Z5mFahyuXmxJiNXHhhLYMPgC+SubQ9bu93oQE8QU3C
OgZqCtu3K13r8vGfIQjXbpve0lY4Z56CdH7imWU5ciMgQL/AWYSZW408ttgSy2qX
EFpxyH11e6RIroa11n1l7Y4H6G3Kt6v8Zo2O8FsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQMhbnWUsWlOFpDrrpQM+ngoHe70DAfBgNVHSMEGDAWgBRAgCXH3gQA4PPI
jUoSKjF+MsXiHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FJQWx4OTRFQU9EenlJMUtFaW94ZmpMRjRody5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvNTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8x
L0RJVzUxbExGcFRoYVE2NjZVRFBwNEtCM3U5QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
NTkzMDNkLTc0OGEtNDc5Ny04MTFlLWZlZTJlOGQ0MDg0Zi8xL1FJQWx4OTRFQU9E
enlJMUtFaW94ZmpMRjRody5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEB1LdAAMEAFLdpAMEAFLdqAMEAFLd
qjANBgkqhkiG9w0BAQsFAAOCAQEAO2b9/SN3XRKwF9T0WKiXTUaK2y5CdNZRsJgw
+T0VQkiVDpopUfFSIBkdvmxIUQEq2jJdnCbrbq8K82spl0ur54wzndo4m/4X/rmA
Z0tn2qRn7lQ2OATBeE7n3gjloa4vFes4TCzP9jt+1V7nE6lnrrTiSapaCRWFKdD4
vELCK8PLkhhnpVcbV3epjwjikE9dOsdpmczG1z5QAGOjikPCLG6jXo6NrV8H1BjL
S07oIO/D+lQz1Ew1fflYnDyeIDcJxXlFhijcPgXwdKcV9yziyU3/rnxIrP5HyQJD
D6HThsveMY/LkTjxryEwBcw5+oewbO4j+kQO+bdRJmIdxPcYLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:57 2024 by rpki-client on console-ams.rpki-client.org